* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a

passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.

g10/ChangeLog

@@ -1,3 +1,17 @@
+2006-01-17  David Shaw  <dshaw@jabberwocky.com>
+
+	* keydb.h, passphrase.c (next_to_last_passphrase): New.  "Touch" a
+	passphrase as if it was used (move from next_pw to last_pw).
+
+	* pubkey-enc.c (get_session_key): Use it here to handle the case
+	where a passphrase happens to be correct for a secret key, but yet
+	that key isn't the anonymous recipient (i.e. the secret key could
+	be decrypted, but not the session key).  This also handles the
+	case where a secret key is located on a card and a secret key with
+	no passphrase.  Note this does not fix bug 594 (anonymous
+	recipients on smartcard do not work) - it just prevents the
+	anonymous search from stopping when the card is encountered.
+
 2006-01-07  David Shaw  <dshaw@jabberwocky.com>
 
 	* keyserver.c (keyserver_refresh): Fix problem when more than one

g10/keydb.h

@@ -211,6 +211,7 @@ DEK *passphrase_to_dek( u32 *keyid, int pubkey_algo,
                         const char *tryagain_text, int *canceled);
 void set_next_passphrase( const char *s );
 char *get_last_passphrase(void);
+void next_to_last_passphrase(void);
 
 /*-- getkey.c --*/
 int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);

g10/passphrase.c

@@ -55,24 +55,6 @@
 #include "assuan.h"
 #endif /*ENABLE_AGENT_SUPPORT*/
 
-
-#define buftou32( p )  ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
-		       (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
-#define u32tobuf( p, a ) do { 			                \
-			    ((byte*)p)[0] = (byte)((a) >> 24);	\
-			    ((byte*)p)[1] = (byte)((a) >> 16);	\
-			    ((byte*)p)[2] = (byte)((a) >>  8);	\
-			    ((byte*)p)[3] = (byte)((a) 	    );	\
-			} while(0)
-
-#define digitp(p)   (*(p) >= '0' && *(p) <= '9')
-#define hexdigitp(a) (digitp (a)                     \
-                      || (*(a) >= 'A' && *(a) <= 'F')  \
-                      || (*(a) >= 'a' && *(a) <= 'f'))
-#define xtoi_1(p)   (*(p) <= '9'? (*(p)- '0'): \
-                     *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
-#define xtoi_2(p)   ((xtoi_1(p) * 16) + xtoi_1((p)+1))
-
 static char *fd_passwd = NULL;
 static char *next_pw = NULL;
 static char *last_pw = NULL;
@@ -115,6 +97,17 @@ get_last_passphrase()
     return p;
 }
 
+/* As if we had used the passphrase - make it the last_pw. */
+void
+next_to_last_passphrase(void)
+{
+  if(next_pw)
+    {
+      last_pw=next_pw;
+      next_pw=NULL;
+    }
+}
+
 /* Here's an interesting question: since this passphrase was passed in
    on the command line, is there really any point in using secure
    memory for it?  I'm going with 'yes', since it doesn't hurt, and

g10/pubkey-enc.c

@@ -115,11 +115,26 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
 								      only
 								      once */
 	    if( !rc )
+	      {
 		rc = get_it( k, dek, sk, keyid );
-	    if( !rc ) {
+		/* Successfully checked the secret key (either it was
+		   a card, had no passphrase, or had the right
+		   passphrase) but couldn't decrypt the session key,
+		   so thus that key is not the anonymous recipient.
+		   Move the next passphrase into last for the next
+		   round.  We only do this if the secret key was
+		   successfully checked as in the normal case,
+		   check_secret_key handles this for us via
+		   passphrase_to_dek */
+		if(rc)
+		  next_to_last_passphrase();
+	      }
+
+	    if( !rc )
+	      {
 		log_info(_("okay, we are the anonymous recipient.\n") );
 		break;
-	    }
+	      }
 	}
 	enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */
     }