gpg: Emit new status DECRYPTION_KEY

* common/status.h (STATUS_DECRYPTION_KEY): New. * g10/pubkey-enc.c (get_it): Emit that status. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-23 19:59:21 +01:00 · 2017-02-23 19:59:21 +01:00 · effa80e0b5
parent c2f02ea4ff
commit effa80e0b5
3 changed files with 33 additions and 3 deletions
--- a/common/status.h
+++ b/common/status.h
@ -57,6 +57,7 @@ enum
    STATUS_NO_PUBKEY,
    STATUS_NO_SECKEY,
    STATUS_NEED_PASSPHRASE_SYM,
+    STATUS_DECRYPTION_KEY,
    STATUS_DECRYPTION_INFO,
    STATUS_DECRYPTION_FAILED,
    STATUS_DECRYPTION_OKAY,
--- a/doc/DETAILS
+++ b/doc/DETAILS
@ -486,6 +486,12 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
 *** END_DECRYPTION
    Mark the end of the actual decryption process.  This are also
    emitted when in --list-only mode.
+*** DECRYPTION_KEY <fpr> <fpr2> <otrust>
+    This line is emitted when a public key decryption succeeded in
+    providing a session key.  <fpr> is the hexified fingerprint of the
+    actual key used for descryption.  <fpr2> is the fingerprint of the
+    primary key.  <otrust> is the letter with the ownertrust; this is
+    in general a 'u' which stands for ultimately trusted.
 *** DECRYPTION_INFO <mdc_method> <sym_algo>
    Print information about the symmetric encryption algorithm and the
    MDC method.  This will be emitted even if the decryption fails.
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@ -335,9 +335,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
  if (DBG_CRYPTO)
    log_printhex ("DEK is:", dek->key, dek->keylen);

-  /* Check that the algo is in the preferences and whether it has expired.  */
+  /* Check that the algo is in the preferences and whether it has
+   * expired.  Also print a status line with the key's fingerprint.  */
  {
    PKT_public_key *pk = NULL;
+    PKT_public_key *mainpk = NULL;
    KBNODE pkb = get_pubkeyblock (keyid);

    if (!pkb)
@ -351,9 +353,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
             && !is_algo_in_prefs (pkb, PREFTYPE_SYM, dek->algo))
      log_info (_("WARNING: cipher algorithm %s not found in recipient"
                  " preferences\n"), openpgp_cipher_algo_name (dek->algo));
+
    if (!err)
      {
-        KBNODE k;
+        kbnode_t k;
+        int first = 1;

        for (k = pkb; k; k = k->next)
          {
@ -361,8 +365,14 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
                || k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
              {
                u32 aki[2];
-                keyid_from_pk (k->pkt->pkt.public_key, aki);

+                if (first)
+                  {
+                    first = 0;
+                    mainpk = k->pkt->pkt.public_key;
+                  }
+
+                keyid_from_pk (k->pkt->pkt.public_key, aki);
                if (aki[0] == keyid[0] && aki[1] == keyid[1])
                  {
                    pk = k->pkt->pkt.public_key;
@ -386,6 +396,19 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
        show_revocation_reason (pk, 1);
      }

+    if (is_status_enabled () && pk && mainpk)
+      {
+        char pkhex[MAX_FINGERPRINT_LEN*2+1];
+        char mainpkhex[MAX_FINGERPRINT_LEN*2+1];
+
+        hexfingerprint (pk, pkhex, sizeof pkhex);
+        hexfingerprint (mainpk, mainpkhex, sizeof mainpkhex);
+
+        write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c",
+                             pkhex, mainpkhex, get_ownertrust_info (mainpk));
+
+      }
+
    release_kbnode (pkb);
    err = 0;
  }