gpg: New option --no-symkey-cache.

* g10/gpg.c (oNoSymkeyCache): New.
(opts): Add that option.
(main): Set var.
* g10/options.h (struct opt): New field no_symkey_cache.
* g10/passphrase.c (passphrase_to_dek): Implement that feature.

Signed-off-by: Werner Koch <wk@gnupg.org>

NEWS

@@ -1,6 +1,9 @@
 Noteworthy changes in version 2.2.7 (unreleased)
 ------------------------------------------------
 
+  * gpg: New option --no-symkey-cache to disable the passphrase cache
+    for symmetrical en- and decryption.
+
 
 Noteworthy changes in version 2.2.6 (2018-04-09)
 ------------------------------------------------

doc/gpg.texi

@@ -214,7 +214,10 @@ symmetric cipher used is @value{GPGSYMENCALGO}, but may be chosen with the
 @option{--encrypt} (for a message that may be decrypted via a secret key
 or a passphrase), or @option{--sign} and @option{--encrypt} together
 (for a signed message that may be decrypted via a secret key or a
-passphrase).
+passphrase).  @command{@gpgname} caches the passphrase used for
+symmetric encryption so that a decrypt operation may not require that
+the user needs to enter the passphrase.  The option
+@option{--no-symkey-cache} can be used to disable this feature.
 
 @item --store
 @opindex store
@@ -3140,6 +3143,12 @@ are:
   Pinentry the user is not prompted again if he enters a bad password.
 @end table
 
+@item --no-symkey-cache
+@opindex no-symkey-cache
+Disable the passphrase cache used for symmetrical en- and decryption.
+This cache is based on the message specific salt value
+(cf. @option{--s2k-mode}).
+
 @item --request-origin @var{origin}
 @opindex request-origin
 Tell gpg to assume that the operation ultimately originated at

g10/gpg.c

@@ -423,6 +423,7 @@ enum cmd_and_opt_values
     oSender,
     oKeyOrigin,
     oRequestOrigin,
+    oNoSymkeyCache,
 
     oNoop
   };
@@ -888,6 +889,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
   ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
   ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
+  ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"),
 
   /* Dummy options with warnings.  */
   ARGPARSE_s_n (oUseAgent,      "use-agent", "@"),
@@ -3556,6 +3558,7 @@ main (int argc, char **argv)
             break;
 
           case oNoAutostart: opt.autostart = 0; break;
+          case oNoSymkeyCache: opt.no_symkey_cache = 1; break;
 
 	  case oDefaultNewKeyAlgo:
             opt.def_new_key_algo = pargs.r.ret_str;

g10/options.h

@@ -242,7 +242,7 @@ struct
     unsigned int allow_weak_digest_algos:1;
     unsigned int large_rsa:1;
     unsigned int disable_signer_uid:1;
-    /* Flag to enbale experimental features from RFC4880bis.  */
+    /* Flag to enable experimental features from RFC4880bis.  */
     unsigned int rfc4880bis:1;
   } flags;
 
@@ -275,6 +275,8 @@ struct
 
   int unwrap_encryption;
   int only_sign_text_ids;
+
+  int no_symkey_cache;   /* Disable the cache used for --symmetric.  */
 } opt;
 
 /* CTRL is used to keep some global variables we currently can't

g10/passphrase.c

@@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
     canceled = &dummy_canceled;
   *canceled = 0;
 
+  if (opt.no_symkey_cache)
+    nocache = 1;  /* Force no symmtric key caching.  */
+
   if ( !s2k )
     {
       log_assert (create && !nocache);