From a6a4bbf6debd925a23c22eea86a562f061fdfe6c Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 8 Jul 2020 14:33:09 +0200
Subject: [PATCH] gpg: Use integrated passphrase repeat entry also for -c.

* g10/call-agent.c (agent_get_passphrase): Add arg newsymkey.
* g10/passphrase.c (passphrase_get): Add arg newsymkey.
(passphrase_to_dek): Pass it on.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/call-agent.c | 19 +++++++++++++++----
 g10/call-agent.h |  1 +
 g10/passphrase.c | 20 +++++++++++++++++---
 3 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/g10/call-agent.c b/g10/call-agent.c
index 5c6a4a66d..858d81375 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -1879,13 +1879,15 @@ agent_scd_checkpin  (const char *serialno)
 
 /* Note: All strings shall be UTF-8. On success the caller needs to
    free the string stored at R_PASSPHRASE. On error NULL will be
-   stored at R_PASSPHRASE and an appropriate fpf error code
-   returned. */
+   stored at R_PASSPHRASE and an appropriate error code returned.
+   Only called from passphrase.c:passphrase_get - see there for more
+   comments on this ugly API. */
 gpg_error_t
 agent_get_passphrase (const char *cache_id,
                       const char *err_msg,
                       const char *prompt,
                       const char *desc_msg,
+                      int newsymkey,
                       int repeat,
                       int check,
                       char **r_passphrase)
@@ -1898,6 +1900,7 @@ agent_get_passphrase (const char *cache_id,
   char *arg4 = NULL;
   membuf_t data;
   struct default_inq_parm_s dfltparm;
+  int have_newsymkey;
 
   memset (&dfltparm, 0, sizeof dfltparm);
 
@@ -1913,6 +1916,10 @@ agent_get_passphrase (const char *cache_id,
                        "GETINFO cmd_has_option GET_PASSPHRASE repeat",
                        NULL, NULL, NULL, NULL, NULL, NULL))
     return gpg_error (GPG_ERR_NOT_SUPPORTED);
+  have_newsymkey = !(assuan_transact
+                     (agent_ctx,
+                      "GETINFO cmd_has_option GET_PASSPHRASE newsymkey",
+                      NULL, NULL, NULL, NULL, NULL, NULL));
 
   if (cache_id && *cache_id)
     if (!(arg1 = percent_plus_escape (cache_id)))
@@ -1927,10 +1934,14 @@ agent_get_passphrase (const char *cache_id,
     if (!(arg4 = percent_plus_escape (desc_msg)))
       goto no_mem;
 
+  /* CHECK && REPEAT or NEWSYMKEY is here an indication that a new
+   * passphrase for symmetric encryption is requested; if the agent
+   * supports this we enable the modern API by also passing --newsymkey.  */
   snprintf (line, DIM(line),
-            "GET_PASSPHRASE --data --repeat=%d%s -- %s %s %s %s",
+            "GET_PASSPHRASE --data --repeat=%d%s%s -- %s %s %s %s",
             repeat,
-            check? " --check --qualitybar":"",
+            ((repeat && check) || newsymkey)? " --check --qualitybar":"",
+            (have_newsymkey && newsymkey)? " --newsymkey":"",
             arg1? arg1:"X",
             arg2? arg2:"X",
             arg3? arg3:"X",
diff --git a/g10/call-agent.h b/g10/call-agent.h
index be5c777d4..2305f33e0 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -159,6 +159,7 @@ gpg_error_t agent_get_passphrase (const char *cache_id,
                                   const char *err_msg,
                                   const char *prompt,
                                   const char *desc_msg,
+                                  int newsymkey,
                                   int repeat,
                                   int check,
                                   char **r_passphrase);
diff --git a/g10/passphrase.c b/g10/passphrase.c
index 7c2e34cc9..fe41ae034 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -162,6 +162,10 @@ read_passphrase_from_fd( int fd )
  * Ask the GPG Agent for the passphrase.
  * If NOCACHE is set the symmetric passpharse caching will not be used.
  *
+ * If REPEAT is positive, a new passphrase is requested and the agent
+ * shall require REPEAT times repetitions of the entered passphrase.
+ * This is used for symmetric encryption.
+ *
  * Note that TRYAGAIN_TEXT must not be translated.  If CANCELED is not
  * NULL, the function does set it to 1 if the user canceled the
  * operation.  If CACHEID is not NULL, it will be used as the cacheID
@@ -169,7 +173,7 @@ read_passphrase_from_fd( int fd )
  * computed, this will be used as the cacheid.
  */
 static char *
-passphrase_get (int nocache, const char *cacheid, int repeat,
+passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
                 const char *tryagain_text, int *canceled)
 {
   int rc;
@@ -190,9 +194,19 @@ passphrase_get (int nocache, const char *cacheid, int repeat,
   if (tryagain_text)
     tryagain_text = _(tryagain_text);
 
+  /* Here we have:
+   * REPEAT is set in create mode and if opt.passphrase_repeat is set.
+   * (Thus it is not a clean indication that we want a new passphrase).
+   * NOCACHE is set in create mode or if --no-symkey-cache is used.
+   * CACHEID is only set if caching shall be used.
+   * NEWSYMKEY has been added latter to make it clear that a new key
+   * is requested.  The whole chain of API is a bit too complex since
+   * we we stripped things out over time; however, there is no time
+   * for a full state analysis and thus this new parameter.
+   */
   rc = agent_get_passphrase (my_cacheid, tryagain_text, NULL,
                              _("Enter passphrase\n"),
-                             repeat, nocache, &pw);
+                             newsymkey, repeat, nocache, &pw);
 
   i18n_switchback (orig_codeset);
 
@@ -339,7 +353,7 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
         }
 
       /* Divert to the gpg-agent. */
-      pw = passphrase_get (create && nocache, s2k_cacheid,
+      pw = passphrase_get (create, create && nocache, s2k_cacheid,
                            create? opt.passphrase_repeat : 0,
                            tryagain_text, canceled);
       if (*canceled)