2009-08-20 Daiki Ueno <ueno@unixuser.org>

* mainproc.c (proc_encrypted): Clear passphrase cached with S2K
      cache ID if decryption failed.
    * passphrase.c (passphrase_to_dek_ext): Set dek->s2k_cacheid.
    * gpgv.c (passphrase_clear_cache): New stub.

README.maint

@@ -21,7 +21,8 @@ Release process:
   * Make sure that all new PO files are checked in.
   * Decide whether you want to update the automake standard files 
     (Mainly config.guess and config.sub).
-  * [1.4 only] Update gpg.texi and gpgv.texi from the trunk.
+  * [1.4 only] Update gpg.texi and gpgv.texi from the trunk:
+       make -C doc update-source-from-gnupg-2
   * Run "make -C po update-po".
   * Write NEWS entries and set the release date in NEWS.
   * In configure.ac set "my_issvn" to "no".

g10/ChangeLog

@@ -1,3 +1,10 @@
+2009-08-20  Daiki Ueno  <ueno@unixuser.org>
+
+	* mainproc.c (proc_encrypted): Clear passphrase cached with S2K
+	cache ID if decryption failed.
+	* passphrase.c (passphrase_to_dek_ext): Set dek->s2k_cacheid.
+	* gpgv.c (passphrase_clear_cache): New stub.
+
 2009-08-11  Werner Koch  <wk@g10code.com>
 
 	* call-agent.c (get_serialno_cb): New.  From ../agent/call-scd.c.

g10/gpgv.c

@@ -426,6 +426,14 @@ passphrase_to_dek (u32 *keyid, int pubkey_algo,
   return NULL;
 }
 
+void
+passphrase_clear_cache (u32 *keyid, const char *cacheid, int algo)
+{
+  (void)keyid;
+  (void)cacheid;
+  (void)algo;
+}
+
 struct keyserver_spec *
 parse_preferred_keyserver(PKT_signature *sig) 
 {

g10/mainproc.c

@@ -586,6 +586,13 @@ proc_encrypted( CTX c, PACKET *pkt )
 	write_status( STATUS_DECRYPTION_FAILED );
     }
     else {
+        if (gpg_err_code (result) == GPG_ERR_BAD_KEY
+	    && *c->dek->s2k_cacheid != '\0')
+	  {
+	    log_debug(_("cleared passphrase cached with ID: %s\n"),
+		      c->dek->s2k_cacheid);
+	    passphrase_clear_cache (NULL, c->dek->s2k_cacheid, 0);
+	  }
 	write_status( STATUS_DECRYPTION_FAILED );
 	log_error(_("decryption failed: %s\n"), g10_errstr(result));
 	/* Hmmm: does this work when we have encrypted using multiple

g10/passphrase.c

@@ -452,6 +452,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
   DEK *dek;
   STRING2KEY help_s2k;
   int dummy_canceled;
+  char s2k_cacheidbuf[1+16+1], *s2k_cacheid = NULL;
 
   if (!canceled)
     canceled = &dummy_canceled;
@@ -573,19 +574,16 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
     }
   else 
     {
-      char *cacheid = NULL;
-      char buf[1+16+1];
-
       if ((mode == 3 || mode == 4) && (s2k->mode == 1 || s2k->mode == 3))
 	{
-	  memset (buf, 0, sizeof buf);
-	  *buf = 'S';
-	  bin2hex (s2k->salt, 8, buf + 1);
-          cacheid = buf;
+	  memset (s2k_cacheidbuf, 0, sizeof s2k_cacheidbuf);
+	  *s2k_cacheidbuf = 'S';
+	  bin2hex (s2k->salt, 8, s2k_cacheidbuf + 1);
+	  s2k_cacheid = s2k_cacheidbuf;
 	}
 
       /* Divert to the gpg-agent. */
-      pw = passphrase_get (keyid, mode == 2, cacheid,
+      pw = passphrase_get (keyid, mode == 2, s2k_cacheid,
                            (mode == 2 || mode == 4)? opt.passwd_repeat : 0,
                            tryagain_text, custdesc, custprompt, canceled);
       if (*canceled)
@@ -608,6 +606,8 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
     dek->keylen = 0;
   else
     hash_passphrase (dek, pw, s2k);
+  if (s2k_cacheid)
+    memcpy (dek->s2k_cacheid, s2k_cacheid, sizeof dek->s2k_cacheid);
   xfree(last_pw);
   last_pw = pw;
   return dek;

include/ChangeLog

@@ -1,3 +1,7 @@
+2009-08-20  Daiki Ueno  <ueno@unixuser.org>  (wk)
+
+	* cipher.h (struct DEK): Add field S2K_CACHEID.
+
 2008-04-18  Werner Koch  <wk@g10code.com>
 
 	* cipher.h (CIPHER_ALGO_CAMELLIA256): Change ID to 13.

include/cipher.h

@@ -94,6 +94,7 @@ typedef struct
   int use_mdc;
   int symmetric;
   byte key[32]; /* This is the largest used keylen (256 bit). */
+  char s2k_cacheid[1+16+1];
 } DEK;