mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-17 14:07:03 +01:00
sm: Ask for the password for password based decryption (pwri)
* sm/decrypt.c (pwri_decrypt): Add arg ctrl. Ask for passphrase. * sm/export.c (export_p12): Mark string as translatable. * sm/import.c (parse_p12): Ditto. -- This is finishes the support for PWRI. The N_() marks are added so that we don't rely of the side-effect of having the same strings in protect-tool.c Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
02029f9eab
commit
eeb65d3bbd
25
sm/decrypt.c
25
sm/decrypt.c
@ -515,7 +515,7 @@ pwri_parse_pbkdf2 (const unsigned char *der, size_t derlen,
|
||||
*
|
||||
*/
|
||||
static gpg_error_t
|
||||
pwri_decrypt (gcry_sexp_t enc_val,
|
||||
pwri_decrypt (ctrl_t ctrl, gcry_sexp_t enc_val,
|
||||
unsigned char **r_result, unsigned int *r_resultlen,
|
||||
struct decrypt_filter_parm_s *parm)
|
||||
{
|
||||
@ -541,6 +541,7 @@ pwri_decrypt (gcry_sexp_t enc_val,
|
||||
unsigned int saltlen;
|
||||
unsigned long iterations;
|
||||
enum gcry_md_algos digest_algo;
|
||||
char *passphrase = NULL;
|
||||
|
||||
|
||||
*r_resultlen = 0;
|
||||
@ -654,10 +655,23 @@ pwri_decrypt (gcry_sexp_t enc_val,
|
||||
goto leave;
|
||||
}
|
||||
|
||||
err = gcry_kdf_derive ("abc", 3,
|
||||
err = gpgsm_agent_ask_passphrase
|
||||
(ctrl,
|
||||
i18n_utf8 (N_("Please enter the password for decryption.")),
|
||||
0, &passphrase);
|
||||
if (err)
|
||||
goto leave;
|
||||
|
||||
err = gcry_kdf_derive (passphrase, strlen (passphrase),
|
||||
GCRY_KDF_PBKDF2, digest_algo,
|
||||
salt, saltlen, iterations,
|
||||
keklen, kek);
|
||||
if (passphrase)
|
||||
{
|
||||
wipememory (passphrase, strlen (passphrase));
|
||||
xfree (passphrase);
|
||||
passphrase = NULL;
|
||||
}
|
||||
if (err)
|
||||
{
|
||||
log_error ("deriving key from passphrase failed: %s\n",
|
||||
@ -732,6 +746,11 @@ pwri_decrypt (gcry_sexp_t enc_val,
|
||||
wipememory (result, resultlen);
|
||||
xfree (result);
|
||||
}
|
||||
if (passphrase)
|
||||
{
|
||||
wipememory (passphrase, strlen (passphrase));
|
||||
xfree (passphrase);
|
||||
}
|
||||
gcry_cipher_close (encr_hd);
|
||||
xfree (derive_algo_str);
|
||||
xfree (encr_algo_str);
|
||||
@ -786,7 +805,7 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip,
|
||||
if (rc)
|
||||
goto leave;
|
||||
|
||||
rc = pwri_decrypt (s_enc_val, &decrypted, &decryptedlen, parm);
|
||||
rc = pwri_decrypt (ctrl, s_enc_val, &decrypted, &decryptedlen, parm);
|
||||
gcry_sexp_release (s_enc_val);
|
||||
if (rc)
|
||||
goto leave;
|
||||
|
@ -724,8 +724,8 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
|
||||
{
|
||||
err = gpgsm_agent_ask_passphrase
|
||||
(ctrl,
|
||||
i18n_utf8 ("Please enter the passphrase to protect the "
|
||||
"new PKCS#12 object."),
|
||||
i18n_utf8 (N_("Please enter the passphrase to protect the "
|
||||
"new PKCS#12 object.")),
|
||||
1, &passphrase);
|
||||
if (err)
|
||||
goto leave;
|
||||
|
@ -771,7 +771,7 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader, struct stats_s *stats)
|
||||
|
||||
err = gpgsm_agent_ask_passphrase
|
||||
(ctrl,
|
||||
i18n_utf8 ("Please enter the passphrase to unprotect the PKCS#12 object."),
|
||||
i18n_utf8 (N_("Please enter the passphrase to unprotect the PKCS#12 object.")),
|
||||
0, &passphrase);
|
||||
if (err)
|
||||
goto leave;
|
||||
|
Loading…
x
Reference in New Issue
Block a user