mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Use integrated passphrase repeat entry also for -c.
* g10/call-agent.c (agent_get_passphrase): Add arg newsymkey. * g10/passphrase.c (passphrase_get): Add arg newsymkey. (passphrase_to_dek): Pass it on. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
d9e2dfa4c5
commit
ae8b88c635
@ -1530,13 +1530,15 @@ agent_scd_checkpin (const char *serialno)
|
||||
|
||||
/* Note: All strings shall be UTF-8. On success the caller needs to
|
||||
free the string stored at R_PASSPHRASE. On error NULL will be
|
||||
stored at R_PASSPHRASE and an appropriate fpf error code
|
||||
returned. */
|
||||
stored at R_PASSPHRASE and an appropriate error code returned.
|
||||
Only called from passphrase.c:passphrase_get - see there for more
|
||||
comments on this ugly API. */
|
||||
gpg_error_t
|
||||
agent_get_passphrase (const char *cache_id,
|
||||
const char *err_msg,
|
||||
const char *prompt,
|
||||
const char *desc_msg,
|
||||
int newsymkey,
|
||||
int repeat,
|
||||
int check,
|
||||
char **r_passphrase)
|
||||
@ -1549,6 +1551,7 @@ agent_get_passphrase (const char *cache_id,
|
||||
char *arg4 = NULL;
|
||||
membuf_t data;
|
||||
struct default_inq_parm_s dfltparm;
|
||||
int have_newsymkey;
|
||||
|
||||
memset (&dfltparm, 0, sizeof dfltparm);
|
||||
|
||||
@ -1564,6 +1567,10 @@ agent_get_passphrase (const char *cache_id,
|
||||
"GETINFO cmd_has_option GET_PASSPHRASE repeat",
|
||||
NULL, NULL, NULL, NULL, NULL, NULL))
|
||||
return gpg_error (GPG_ERR_NOT_SUPPORTED);
|
||||
have_newsymkey = !(assuan_transact
|
||||
(agent_ctx,
|
||||
"GETINFO cmd_has_option GET_PASSPHRASE newsymkey",
|
||||
NULL, NULL, NULL, NULL, NULL, NULL));
|
||||
|
||||
if (cache_id && *cache_id)
|
||||
if (!(arg1 = percent_plus_escape (cache_id)))
|
||||
@ -1578,10 +1585,14 @@ agent_get_passphrase (const char *cache_id,
|
||||
if (!(arg4 = percent_plus_escape (desc_msg)))
|
||||
goto no_mem;
|
||||
|
||||
/* CHECK && REPEAT or NEWSYMKEY is here an indication that a new
|
||||
* passphrase for symmetric encryption is requested; if the agent
|
||||
* supports this we enable the modern API by also passing --newsymkey. */
|
||||
snprintf (line, DIM(line),
|
||||
"GET_PASSPHRASE --data --repeat=%d%s -- %s %s %s %s",
|
||||
"GET_PASSPHRASE --data --repeat=%d%s%s -- %s %s %s %s",
|
||||
repeat,
|
||||
check? " --check --qualitybar":"",
|
||||
((repeat && check) || newsymkey)? " --check --qualitybar":"",
|
||||
(have_newsymkey && newsymkey)? " --newsymkey":"",
|
||||
arg1? arg1:"X",
|
||||
arg2? arg2:"X",
|
||||
arg3? arg3:"X",
|
||||
|
@ -135,6 +135,7 @@ gpg_error_t agent_get_passphrase (const char *cache_id,
|
||||
const char *err_msg,
|
||||
const char *prompt,
|
||||
const char *desc_msg,
|
||||
int newsymkey,
|
||||
int repeat,
|
||||
int check,
|
||||
char **r_passphrase);
|
||||
|
@ -212,6 +212,10 @@ read_passphrase_from_fd( int fd )
|
||||
* Ask the GPG Agent for the passphrase.
|
||||
* If NOCACHE is set the symmetric passpharse caching will not be used.
|
||||
*
|
||||
* If REPEAT is positive, a new passphrase is requested and the agent
|
||||
* shall require REPEAT times repetitions of the entered passphrase.
|
||||
* This is used for symmetric encryption.
|
||||
*
|
||||
* Note that TRYAGAIN_TEXT must not be translated. If CANCELED is not
|
||||
* NULL, the function does set it to 1 if the user canceled the
|
||||
* operation. If CACHEID is not NULL, it will be used as the cacheID
|
||||
@ -219,7 +223,7 @@ read_passphrase_from_fd( int fd )
|
||||
* computed, this will be used as the cacheid.
|
||||
*/
|
||||
static char *
|
||||
passphrase_get (int nocache, const char *cacheid, int repeat,
|
||||
passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
|
||||
const char *tryagain_text, int *canceled)
|
||||
{
|
||||
int rc;
|
||||
@ -240,9 +244,19 @@ passphrase_get (int nocache, const char *cacheid, int repeat,
|
||||
if (tryagain_text)
|
||||
tryagain_text = _(tryagain_text);
|
||||
|
||||
/* Here we have:
|
||||
* REPEAT is set in create mode and if opt.passphrase_repeat is set.
|
||||
* (Thus it is not a clean indication that we want a new passphrase).
|
||||
* NOCACHE is set in create mode or if --no-symkey-cache is used.
|
||||
* CACHEID is only set if caching shall be used.
|
||||
* NEWSYMKEY has been added latter to make it clear that a new key
|
||||
* is requested. The whole chain of API is a bit too complex since
|
||||
* we we stripped things out over time; however, there is no time
|
||||
* for a full state analysis and thus this new parameter.
|
||||
*/
|
||||
rc = agent_get_passphrase (my_cacheid, tryagain_text, NULL,
|
||||
_("Enter passphrase\n"),
|
||||
repeat, nocache, &pw);
|
||||
newsymkey, repeat, nocache, &pw);
|
||||
|
||||
i18n_switchback (orig_codeset);
|
||||
|
||||
@ -389,7 +403,7 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
|
||||
}
|
||||
|
||||
/* Divert to the gpg-agent. */
|
||||
pw = passphrase_get (create && nocache, s2k_cacheid,
|
||||
pw = passphrase_get (create, create && nocache, s2k_cacheid,
|
||||
create? opt.passphrase_repeat : 0,
|
||||
tryagain_text, canceled);
|
||||
if (*canceled)
|
||||
|
Loading…
x
Reference in New Issue
Block a user