From effa80e0b5fd8cf9e31a984afe391c2406edee8b Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 23 Feb 2017 19:59:21 +0100 Subject: [PATCH] gpg: Emit new status DECRYPTION_KEY * common/status.h (STATUS_DECRYPTION_KEY): New. * g10/pubkey-enc.c (get_it): Emit that status. Signed-off-by: Werner Koch --- common/status.h | 1 + doc/DETAILS | 6 ++++++ g10/pubkey-enc.c | 29 ++++++++++++++++++++++++++--- 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/common/status.h b/common/status.h index 3de4aa524..8831a0f5f 100644 --- a/common/status.h +++ b/common/status.h @@ -57,6 +57,7 @@ enum STATUS_NO_PUBKEY, STATUS_NO_SECKEY, STATUS_NEED_PASSPHRASE_SYM, + STATUS_DECRYPTION_KEY, STATUS_DECRYPTION_INFO, STATUS_DECRYPTION_FAILED, STATUS_DECRYPTION_OKAY, diff --git a/doc/DETAILS b/doc/DETAILS index d9b1fa673..8c1187287 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -486,6 +486,12 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: *** END_DECRYPTION Mark the end of the actual decryption process. This are also emitted when in --list-only mode. +*** DECRYPTION_KEY + This line is emitted when a public key decryption succeeded in + providing a session key. is the hexified fingerprint of the + actual key used for descryption. is the fingerprint of the + primary key. is the letter with the ownertrust; this is + in general a 'u' which stands for ultimately trusted. *** DECRYPTION_INFO Print information about the symmetric encryption algorithm and the MDC method. This will be emitted even if the decryption fails. diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index de98d99c9..177293619 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -335,9 +335,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) if (DBG_CRYPTO) log_printhex ("DEK is:", dek->key, dek->keylen); - /* Check that the algo is in the preferences and whether it has expired. */ + /* Check that the algo is in the preferences and whether it has + * expired. Also print a status line with the key's fingerprint. */ { PKT_public_key *pk = NULL; + PKT_public_key *mainpk = NULL; KBNODE pkb = get_pubkeyblock (keyid); if (!pkb) @@ -351,9 +353,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) && !is_algo_in_prefs (pkb, PREFTYPE_SYM, dek->algo)) log_info (_("WARNING: cipher algorithm %s not found in recipient" " preferences\n"), openpgp_cipher_algo_name (dek->algo)); + if (!err) { - KBNODE k; + kbnode_t k; + int first = 1; for (k = pkb; k; k = k->next) { @@ -361,8 +365,14 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) || k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { u32 aki[2]; - keyid_from_pk (k->pkt->pkt.public_key, aki); + if (first) + { + first = 0; + mainpk = k->pkt->pkt.public_key; + } + + keyid_from_pk (k->pkt->pkt.public_key, aki); if (aki[0] == keyid[0] && aki[1] == keyid[1]) { pk = k->pkt->pkt.public_key; @@ -386,6 +396,19 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) show_revocation_reason (pk, 1); } + if (is_status_enabled () && pk && mainpk) + { + char pkhex[MAX_FINGERPRINT_LEN*2+1]; + char mainpkhex[MAX_FINGERPRINT_LEN*2+1]; + + hexfingerprint (pk, pkhex, sizeof pkhex); + hexfingerprint (mainpk, mainpkhex, sizeof mainpkhex); + + write_status_printf (STATUS_DECRYPTION_KEY, "%s %s %c", + pkhex, mainpkhex, get_ownertrust_info (mainpk)); + + } + release_kbnode (pkb); err = 0; }