gpg: Use a more descriptive prompt for symmetric decryption.

* g10/keydb.h (GETPASSWORD_FLAG_SYMDECRYPT): New. (passphrase_to_dek_ext): Remove this obsolete prototype. * g10/passphrase.c (passphrase_get): Add arg flags. Use new flag value. (passphrase_to_dek): Add arg flags and pass it on. * g10/mainproc.c (proc_symkey_enc): Use new flag. * sm/decrypt.c (pwri_decrypt): Use "passphrase". -- Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 03f83bcda5) Note that we keep on using the term "passphrase" although "password" would be better. There are however so many occurance of this and given it is a bike shedding topic we fix that in the PO files. Signed-off-by: Werner Koch <wk@gnupg.org>
2021-05-17 19:27:54 +02:00 · 2021-05-17 19:27:54 +02:00 · 6dfae2f402
parent 1406f551f1
commit 6dfae2f402
8 changed files with 34 additions and 18 deletions
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@ -572,7 +572,7 @@ setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek)
  (*symkey_s2k)->hash_algo = s2kdigest;

  *symkey_dek = passphrase_to_dek (defcipher,
-                                   *symkey_s2k, 1, 0, NULL, &canceled);
+                                   *symkey_s2k, 1, 0, NULL, 0, &canceled);
  if (!*symkey_dek || !(*symkey_dek)->keylen)
    {
      xfree(*symkey_dek);
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@ -579,13 +579,14 @@ check_secret_key (PKT_public_key *pk, int n)
 */
 DEK *
 passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache,
-                   const char *tmp, int *canceled)
+                   const char *tmp, unsigned int flags, int *canceled)
 {
  (void)cipher_algo;
  (void)s2k;
  (void)create;
  (void)nocache;
  (void)tmp;
+  (void)flags;

  if (canceled)
    *canceled = 0;
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -292,19 +292,19 @@ gpg_error_t build_sk_list (ctrl_t ctrl, strlist_t locusr,
                           SK_LIST *ret_sk_list, unsigned use);

 /*-- passphrase.h --*/
+
+/* Flags for passphrase_to_dek */
+#define GETPASSWORD_FLAG_SYMDECRYPT  1
+
 int  have_static_passphrase(void);
 const char *get_static_passphrase (void);
 void set_passphrase_from_string(const char *pass);
 void read_passphrase_from_fd( int fd );
 void passphrase_clear_cache (const char *cacheid);
-DEK *passphrase_to_dek_ext(u32 *keyid, int pubkey_algo,
-                           int cipher_algo, STRING2KEY *s2k, int mode,
-                           const char *tryagain_text,
-                           const char *custdesc, const char *custprompt,
-                           int *canceled);
 DEK *passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
                        int create, int nocache,
-                        const char *tryagain_text, int *canceled);
+                        const char *tryagain_text, unsigned int flags,
+                        int *canceled);
 void set_next_passphrase( const char *s );
 char *get_last_passphrase(void);
 void next_to_last_passphrase(void);
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -408,7 +408,8 @@ proc_symkey_enc (CTX c, PACKET *pkt)
        }
      else
        {
-          c->dek = passphrase_to_dek (algo, &enc->s2k, 0, 0, NULL, NULL);
+          c->dek = passphrase_to_dek (algo, &enc->s2k, 0, 0, NULL,
+                                      GETPASSWORD_FLAG_SYMDECRYPT, NULL);
          if (c->dek)
            {
              c->dek->symmetric = 1;
@ -663,7 +664,8 @@ proc_encrypted (CTX c, PACKET *pkt)
              log_info (_("assuming %s encrypted data\n"), "IDEA");
            }

-          c->dek = passphrase_to_dek (algo, s2k, 0, 0, NULL, &canceled);
+          c->dek = passphrase_to_dek (algo, s2k, 0, 0, NULL,
+                                      GETPASSWORD_FLAG_SYMDECRYPT, &canceled);
          if (c->dek)
            c->dek->algo_info_printed = 1;
          else if (canceled)
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@ -171,15 +171,18 @@ read_passphrase_from_fd( int fd )
 * operation.  If CACHEID is not NULL, it will be used as the cacheID
 * for the gpg-agent; if is NULL and a key fingerprint can be
 * computed, this will be used as the cacheid.
+ *
+ * For FLAGS see passphrase_to_dek;
 */
 static char *
 passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
-                const char *tryagain_text, int *canceled)
+                const char *tryagain_text, unsigned int flags, int *canceled)
 {
  int rc;
  char *pw = NULL;
  char *orig_codeset;
  const char *my_cacheid;
+  const char *desc;

  if (canceled)
    *canceled = 0;
@ -194,6 +197,11 @@ passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
  if (tryagain_text)
    tryagain_text = _(tryagain_text);

+  if ((flags & GETPASSWORD_FLAG_SYMDECRYPT))
+    desc = _("Please enter the passphrase for decryption.");
+  else
+    desc = _("Enter passphrase\n");
+
  /* Here we have:
   * REPEAT is set in create mode and if opt.passphrase_repeat is set.
   * (Thus it is not a clean indication that we want a new passphrase).
@ -205,7 +213,7 @@ passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
   * for a full state analysis and thus this new parameter.
   */
  rc = agent_get_passphrase (my_cacheid, tryagain_text, NULL,
-                             _("Enter passphrase\n"),
+                             desc,
                             newsymkey, repeat, nocache, &pw);

  i18n_switchback (orig_codeset);
@ -264,11 +272,15 @@ passphrase_clear_cache (const char *cacheid)
 * CANCELED is not NULL, sets it to true.
 *
 * If CREATE is true a new passphrase will be created.  If NOCACHE is
- * true the symmetric key caching will not be used.  */
+ * true the symmetric key caching will not be used.
+ * FLAG bits are:
+ *   GETPASSWORD_FLAG_SYMDECRYPT := for symmetric decryption
+ */
 DEK *
 passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
                   int create, int nocache,
-                   const char *tryagain_text, int *canceled)
+                   const char *tryagain_text, unsigned int flags,
+                   int *canceled)
 {
  char *pw = NULL;
  DEK *dek;
@ -355,7 +367,7 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
      /* Divert to the gpg-agent. */
      pw = passphrase_get (create, create && nocache, s2k_cacheid,
                           create? opt.passphrase_repeat : 0,
-                           tryagain_text, canceled);
+                           tryagain_text, flags, canceled);
      if (*canceled)
        {
          xfree (pw);
--- a/g10/sign.c
+++ b/g10/sign.c
@ -1605,7 +1605,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
  s2k->hash_algo = S2K_DIGEST_ALGO;

  algo = default_cipher_algo ();
-  cfx.dek = passphrase_to_dek (algo, s2k, 1, 1, NULL, &canceled);
+  cfx.dek = passphrase_to_dek (algo, s2k, 1, 1, NULL, 0, &canceled);

  if (!cfx.dek || !cfx.dek->keylen)
    {
--- a/g10/test-stubs.c
+++ b/g10/test-stubs.c
@ -336,13 +336,14 @@ check_secret_key (PKT_public_key *pk, int n)
 */
 DEK *
 passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache,
-                   const char *tmp, int *canceled)
+                   const char *tmp, unsigned int flags, int *canceled)
 {
  (void)cipher_algo;
  (void)s2k;
  (void)create;
  (void)nocache;
  (void)tmp;
+  (void)flags;

  if (canceled)
    *canceled = 0;
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@ -657,7 +657,7 @@ pwri_decrypt (ctrl_t ctrl, gcry_sexp_t enc_val,

  err = gpgsm_agent_ask_passphrase
    (ctrl,
-     i18n_utf8 (N_("Please enter the password for decryption.")),
+     i18n_utf8 (N_("Please enter the passphrase for decryption.")),
     0, &passphrase);
  if (err)
    goto leave;