From 6dfae2f402a702ccd7f2c585b28cb356e9f26a26 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 17 May 2021 19:27:54 +0200 Subject: [PATCH] gpg: Use a more descriptive prompt for symmetric decryption. * g10/keydb.h (GETPASSWORD_FLAG_SYMDECRYPT): New. (passphrase_to_dek_ext): Remove this obsolete prototype. * g10/passphrase.c (passphrase_get): Add arg flags. Use new flag value. (passphrase_to_dek): Add arg flags and pass it on. * g10/mainproc.c (proc_symkey_enc): Use new flag. * sm/decrypt.c (pwri_decrypt): Use "passphrase". -- Signed-off-by: Werner Koch (cherry picked from commit 03f83bcda5d1f8d8246bcc1afc603b7f74d0626b) Note that we keep on using the term "passphrase" although "password" would be better. There are however so many occurance of this and given it is a bike shedding topic we fix that in the PO files. Signed-off-by: Werner Koch --- g10/encrypt.c | 2 +- g10/gpgv.c | 3 ++- g10/keydb.h | 12 ++++++------ g10/mainproc.c | 6 ++++-- g10/passphrase.c | 22 +++++++++++++++++----- g10/sign.c | 2 +- g10/test-stubs.c | 3 ++- sm/decrypt.c | 2 +- 8 files changed, 34 insertions(+), 18 deletions(-) diff --git a/g10/encrypt.c b/g10/encrypt.c index 388c3db74..d9af54ae6 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -572,7 +572,7 @@ setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek) (*symkey_s2k)->hash_algo = s2kdigest; *symkey_dek = passphrase_to_dek (defcipher, - *symkey_s2k, 1, 0, NULL, &canceled); + *symkey_s2k, 1, 0, NULL, 0, &canceled); if (!*symkey_dek || !(*symkey_dek)->keylen) { xfree(*symkey_dek); diff --git a/g10/gpgv.c b/g10/gpgv.c index 03551e7db..d1e6da956 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -579,13 +579,14 @@ check_secret_key (PKT_public_key *pk, int n) */ DEK * passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache, - const char *tmp, int *canceled) + const char *tmp, unsigned int flags, int *canceled) { (void)cipher_algo; (void)s2k; (void)create; (void)nocache; (void)tmp; + (void)flags; if (canceled) *canceled = 0; diff --git a/g10/keydb.h b/g10/keydb.h index 4703294f4..806b9303b 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -292,19 +292,19 @@ gpg_error_t build_sk_list (ctrl_t ctrl, strlist_t locusr, SK_LIST *ret_sk_list, unsigned use); /*-- passphrase.h --*/ + +/* Flags for passphrase_to_dek */ +#define GETPASSWORD_FLAG_SYMDECRYPT 1 + int have_static_passphrase(void); const char *get_static_passphrase (void); void set_passphrase_from_string(const char *pass); void read_passphrase_from_fd( int fd ); void passphrase_clear_cache (const char *cacheid); -DEK *passphrase_to_dek_ext(u32 *keyid, int pubkey_algo, - int cipher_algo, STRING2KEY *s2k, int mode, - const char *tryagain_text, - const char *custdesc, const char *custprompt, - int *canceled); DEK *passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache, - const char *tryagain_text, int *canceled); + const char *tryagain_text, unsigned int flags, + int *canceled); void set_next_passphrase( const char *s ); char *get_last_passphrase(void); void next_to_last_passphrase(void); diff --git a/g10/mainproc.c b/g10/mainproc.c index 10cc69758..821378ee6 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -408,7 +408,8 @@ proc_symkey_enc (CTX c, PACKET *pkt) } else { - c->dek = passphrase_to_dek (algo, &enc->s2k, 0, 0, NULL, NULL); + c->dek = passphrase_to_dek (algo, &enc->s2k, 0, 0, NULL, + GETPASSWORD_FLAG_SYMDECRYPT, NULL); if (c->dek) { c->dek->symmetric = 1; @@ -663,7 +664,8 @@ proc_encrypted (CTX c, PACKET *pkt) log_info (_("assuming %s encrypted data\n"), "IDEA"); } - c->dek = passphrase_to_dek (algo, s2k, 0, 0, NULL, &canceled); + c->dek = passphrase_to_dek (algo, s2k, 0, 0, NULL, + GETPASSWORD_FLAG_SYMDECRYPT, &canceled); if (c->dek) c->dek->algo_info_printed = 1; else if (canceled) diff --git a/g10/passphrase.c b/g10/passphrase.c index 50bb0e18d..1793efc9d 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -171,15 +171,18 @@ read_passphrase_from_fd( int fd ) * operation. If CACHEID is not NULL, it will be used as the cacheID * for the gpg-agent; if is NULL and a key fingerprint can be * computed, this will be used as the cacheid. + * + * For FLAGS see passphrase_to_dek; */ static char * passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat, - const char *tryagain_text, int *canceled) + const char *tryagain_text, unsigned int flags, int *canceled) { int rc; char *pw = NULL; char *orig_codeset; const char *my_cacheid; + const char *desc; if (canceled) *canceled = 0; @@ -194,6 +197,11 @@ passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat, if (tryagain_text) tryagain_text = _(tryagain_text); + if ((flags & GETPASSWORD_FLAG_SYMDECRYPT)) + desc = _("Please enter the passphrase for decryption."); + else + desc = _("Enter passphrase\n"); + /* Here we have: * REPEAT is set in create mode and if opt.passphrase_repeat is set. * (Thus it is not a clean indication that we want a new passphrase). @@ -205,7 +213,7 @@ passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat, * for a full state analysis and thus this new parameter. */ rc = agent_get_passphrase (my_cacheid, tryagain_text, NULL, - _("Enter passphrase\n"), + desc, newsymkey, repeat, nocache, &pw); i18n_switchback (orig_codeset); @@ -264,11 +272,15 @@ passphrase_clear_cache (const char *cacheid) * CANCELED is not NULL, sets it to true. * * If CREATE is true a new passphrase will be created. If NOCACHE is - * true the symmetric key caching will not be used. */ + * true the symmetric key caching will not be used. + * FLAG bits are: + * GETPASSWORD_FLAG_SYMDECRYPT := for symmetric decryption + */ DEK * passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache, - const char *tryagain_text, int *canceled) + const char *tryagain_text, unsigned int flags, + int *canceled) { char *pw = NULL; DEK *dek; @@ -355,7 +367,7 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, /* Divert to the gpg-agent. */ pw = passphrase_get (create, create && nocache, s2k_cacheid, create? opt.passphrase_repeat : 0, - tryagain_text, canceled); + tryagain_text, flags, canceled); if (*canceled) { xfree (pw); diff --git a/g10/sign.c b/g10/sign.c index c50b6b4a7..ea3de620b 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -1605,7 +1605,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr) s2k->hash_algo = S2K_DIGEST_ALGO; algo = default_cipher_algo (); - cfx.dek = passphrase_to_dek (algo, s2k, 1, 1, NULL, &canceled); + cfx.dek = passphrase_to_dek (algo, s2k, 1, 1, NULL, 0, &canceled); if (!cfx.dek || !cfx.dek->keylen) { diff --git a/g10/test-stubs.c b/g10/test-stubs.c index 07dd19d26..4838d20dd 100644 --- a/g10/test-stubs.c +++ b/g10/test-stubs.c @@ -336,13 +336,14 @@ check_secret_key (PKT_public_key *pk, int n) */ DEK * passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache, - const char *tmp, int *canceled) + const char *tmp, unsigned int flags, int *canceled) { (void)cipher_algo; (void)s2k; (void)create; (void)nocache; (void)tmp; + (void)flags; if (canceled) *canceled = 0; diff --git a/sm/decrypt.c b/sm/decrypt.c index bac63e1bc..d720913dc 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -657,7 +657,7 @@ pwri_decrypt (ctrl_t ctrl, gcry_sexp_t enc_val, err = gpgsm_agent_ask_passphrase (ctrl, - i18n_utf8 (N_("Please enter the password for decryption.")), + i18n_utf8 (N_("Please enter the passphrase for decryption.")), 0, &passphrase); if (err) goto leave;