From 789d240cb40ab36406a7c57ad49897e0bafbb41e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 11 Apr 2018 20:35:40 +0200 Subject: [PATCH] gpg: New option --no-symkey-cache. * g10/gpg.c (oNoSymkeyCache): New. (opts): Add that option. (main): Set var. * g10/options.h (struct opt): New field no_symkey_cache. * g10/passphrase.c (passphrase_to_dek): Implement that feature. Signed-off-by: Werner Koch --- NEWS | 3 +++ doc/gpg.texi | 11 ++++++++++- g10/gpg.c | 3 +++ g10/options.h | 4 +++- g10/passphrase.c | 3 +++ 5 files changed, 22 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 8b9d2bcf8..403c2a05f 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ Noteworthy changes in version 2.2.7 (unreleased) ------------------------------------------------ + * gpg: New option --no-symkey-cache to disable the passphrase cache + for symmetrical en- and decryption. + Noteworthy changes in version 2.2.6 (2018-04-09) ------------------------------------------------ diff --git a/doc/gpg.texi b/doc/gpg.texi index 086b4fce5..908af7b03 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -214,7 +214,10 @@ symmetric cipher used is @value{GPGSYMENCALGO}, but may be chosen with the @option{--encrypt} (for a message that may be decrypted via a secret key or a passphrase), or @option{--sign} and @option{--encrypt} together (for a signed message that may be decrypted via a secret key or a -passphrase). +passphrase). @command{@gpgname} caches the passphrase used for +symmetric encryption so that a decrypt operation may not require that +the user needs to enter the passphrase. The option +@option{--no-symkey-cache} can be used to disable this feature. @item --store @opindex store @@ -3140,6 +3143,12 @@ are: Pinentry the user is not prompted again if he enters a bad password. @end table +@item --no-symkey-cache +@opindex no-symkey-cache +Disable the passphrase cache used for symmetrical en- and decryption. +This cache is based on the message specific salt value +(cf. @option{--s2k-mode}). + @item --request-origin @var{origin} @opindex request-origin Tell gpg to assume that the operation ultimately originated at diff --git a/g10/gpg.c b/g10/gpg.c index 2c93a8380..fbbdd92ba 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -423,6 +423,7 @@ enum cmd_and_opt_values oSender, oKeyOrigin, oRequestOrigin, + oNoSymkeyCache, oNoop }; @@ -888,6 +889,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), + ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"), /* Dummy options with warnings. */ ARGPARSE_s_n (oUseAgent, "use-agent", "@"), @@ -3556,6 +3558,7 @@ main (int argc, char **argv) break; case oNoAutostart: opt.autostart = 0; break; + case oNoSymkeyCache: opt.no_symkey_cache = 1; break; case oDefaultNewKeyAlgo: opt.def_new_key_algo = pargs.r.ret_str; diff --git a/g10/options.h b/g10/options.h index e1bf97fb1..96b76f8f2 100644 --- a/g10/options.h +++ b/g10/options.h @@ -242,7 +242,7 @@ struct unsigned int allow_weak_digest_algos:1; unsigned int large_rsa:1; unsigned int disable_signer_uid:1; - /* Flag to enbale experimental features from RFC4880bis. */ + /* Flag to enable experimental features from RFC4880bis. */ unsigned int rfc4880bis:1; } flags; @@ -275,6 +275,8 @@ struct int unwrap_encryption; int only_sign_text_ids; + + int no_symkey_cache; /* Disable the cache used for --symmetric. */ } opt; /* CTRL is used to keep some global variables we currently can't diff --git a/g10/passphrase.c b/g10/passphrase.c index a498f627b..ffdcdf2bd 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, canceled = &dummy_canceled; *canceled = 0; + if (opt.no_symkey_cache) + nocache = 1; /* Force no symmtric key caching. */ + if ( !s2k ) { log_assert (create && !nocache);