diff options
| author | Werner Koch <[email protected]> | 2024-06-24 14:31:24 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2024-06-24 14:31:40 +0000 |
| commit | 1695cf267edf85bc451b59bf012083feb250bf59 (patch) | |
| tree | cbd9cddb3b17e25106143ec02aaa3bf7ec705ceb /g10/mainproc.c | |
| parent | gpg: Rename recently added import option no-seckeys to only-pubkeys. (diff) | |
| download | gnupg-1695cf267edf85bc451b59bf012083feb250bf59.tar.gz gnupg-1695cf267edf85bc451b59bf012083feb250bf59.zip | |
gpg: New option --show-only-session-key
* g10/options.h (opt): Add show_only_session_key and turn
show_session_key into a bit flag.
* g10/gpg.c (oShowOnlySessionKey): New.
(opts): Add "show-only-session-key".
(main): Set flag.
* g10/mainproc.c (proc_encrypted): Handle the new option.
* g10/decrypt-data.c (decrypt_data): Ditto. Add compliance error flag
to the DECRYPTION_INFO status line.
--
This new option is somehow related to
GnuPG-bug-id: 1825
Diffstat (limited to '')
| -rw-r--r-- | g10/mainproc.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/g10/mainproc.c b/g10/mainproc.c index 0fd32aead..29e5188f5 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -664,7 +664,8 @@ proc_encrypted (CTX c, PACKET *pkt) if (c->dek && opt.verbose > 1) log_info (_("public key encrypted data: good DEK\n")); - write_status (STATUS_BEGIN_DECRYPTION); + if (!opt.show_only_session_key) + write_status (STATUS_BEGIN_DECRYPTION); /*log_debug("dat: %sencrypted data\n", c->dek?"":"conventional ");*/ if (opt.list_only) @@ -794,6 +795,8 @@ proc_encrypted (CTX c, PACKET *pkt) * log_error printed in the cry_cipher_checktag never gets ignored. */ if (!result && early_plaintext) result = gpg_error (GPG_ERR_BAD_DATA); + else if (!result && opt.show_only_session_key) + result = -1; else if (!result && pkt->pkt.encrypted->aead_algo && log_get_errorcount (0)) result = gpg_error (GPG_ERR_BAD_SIGNATURE); @@ -903,7 +906,9 @@ proc_encrypted (CTX c, PACKET *pkt) c->dek = NULL; free_packet (pkt, NULL); c->last_was_session_key = 0; - write_status (STATUS_END_DECRYPTION); + + if (!opt.show_only_session_key) + write_status (STATUS_END_DECRYPTION); /* Bump the counter even if we have not seen a literal data packet * inside an encryption container. This acts as a sentinel in case @@ -915,7 +920,8 @@ proc_encrypted (CTX c, PACKET *pkt) * de-vs compliance mode by just looking at the exit status. */ if (opt.flags.require_compliance && opt.compliance == CO_DE_VS - && compliance_de_vs != (4|2|1)) + && compliance_de_vs != (4|2|1) + && !opt.show_only_session_key) { log_error (_("operation forced to fail due to" " unfulfilled compliance rules\n")); @@ -2203,7 +2209,7 @@ check_sig_and_print (CTX c, kbnode_t node) } } - /* Do do something with the result of the signature checking. */ + /* Do something with the result of the signature checking. */ if (!rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE) { /* We have checked the signature and the result is either a good |