gpg: New option --no-symkey-cache.

* g10/gpg.c (oNoSymkeyCache): New. (opts): Add that option. (main): Set var. * g10/options.h (struct opt): New field no_symkey_cache. * g10/passphrase.c (passphrase_to_dek): Implement that feature. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-11 20:35:40 +02:00 · 2018-04-11 20:35:40 +02:00 · 789d240cb4
parent 9f69dbeb90
commit 789d240cb4
5 changed files with 22 additions and 2 deletions
--- a/3
+++ b/3
@ -1,6 +1,9 @@
 Noteworthy changes in version 2.2.7 (unreleased)
 ------------------------------------------------

+  * gpg: New option --no-symkey-cache to disable the passphrase cache
+    for symmetrical en- and decryption.
+

 Noteworthy changes in version 2.2.6 (2018-04-09)
 ------------------------------------------------
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -214,7 +214,10 @@ symmetric cipher used is @value{GPGSYMENCALGO}, but may be chosen with the
@option{--encrypt} (for a message that may be decrypted via a secret key
 or a passphrase), or @option{--sign} and @option{--encrypt} together
 (for a signed message that may be decrypted via a secret key or a
-passphrase).
+passphrase).  @command{@gpgname} caches the passphrase used for
+symmetric encryption so that a decrypt operation may not require that
+the user needs to enter the passphrase.  The option
+@option{--no-symkey-cache} can be used to disable this feature.

@item --store
@opindex store
@ -3140,6 +3143,12 @@ are:
  Pinentry the user is not prompted again if he enters a bad password.
@end table

+@item --no-symkey-cache
+@opindex no-symkey-cache
+Disable the passphrase cache used for symmetrical en- and decryption.
+This cache is based on the message specific salt value
+(cf. @option{--s2k-mode}).
+
@item --request-origin @var{origin}
@opindex request-origin
 Tell gpg to assume that the operation ultimately originated at
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -423,6 +423,7 @@ enum cmd_and_opt_values
    oSender,
    oKeyOrigin,
    oRequestOrigin,
+    oNoSymkeyCache,

    oNoop
  };
@ -888,6 +889,7 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
  ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
  ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
+  ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"),

  /* Dummy options with warnings.  */
  ARGPARSE_s_n (oUseAgent,      "use-agent", "@"),
@ -3556,6 +3558,7 @@ main (int argc, char **argv)
            break;

          case oNoAutostart: opt.autostart = 0; break;
+          case oNoSymkeyCache: opt.no_symkey_cache = 1; break;

 	  case oDefaultNewKeyAlgo:
            opt.def_new_key_algo = pargs.r.ret_str;
--- a/g10/options.h
+++ b/g10/options.h
@ -242,7 +242,7 @@ struct
    unsigned int allow_weak_digest_algos:1;
    unsigned int large_rsa:1;
    unsigned int disable_signer_uid:1;
-    /* Flag to enbale experimental features from RFC4880bis.  */
+    /* Flag to enable experimental features from RFC4880bis.  */
    unsigned int rfc4880bis:1;
  } flags;

@ -275,6 +275,8 @@ struct

  int unwrap_encryption;
  int only_sign_text_ids;
+
+  int no_symkey_cache;   /* Disable the cache used for --symmetric.  */
 } opt;

 /* CTRL is used to keep some global variables we currently can't
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
    canceled = &dummy_canceled;
  *canceled = 0;

+  if (opt.no_symkey_cache)
+    nocache = 1;  /* Force no symmtric key caching.  */
+
  if ( !s2k )
    {
      log_assert (create && !nocache);