8 files changed, 34 insertions, 18 deletions

diff --git a/g10/encrypt.c b/g10/encrypt.c
index 388c3db74..d9af54ae6 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -572,7 +572,7 @@ setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek)
   (*symkey_s2k)->hash_algo = s2kdigest;
 
   *symkey_dek = passphrase_to_dek (defcipher,
-                                   *symkey_s2k, 1, 0, NULL, &canceled);
+                                   *symkey_s2k, 1, 0, NULL, 0, &canceled);
   if (!*symkey_dek || !(*symkey_dek)->keylen)
     {
       xfree(*symkey_dek);
diff --git a/g10/gpgv.c b/g10/gpgv.c
index 03551e7db..d1e6da956 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -579,13 +579,14 @@ check_secret_key (PKT_public_key *pk, int n)
  */
 DEK *
 passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache,
-                   const char *tmp, int *canceled)
+                   const char *tmp, unsigned int flags, int *canceled)
 {
   (void)cipher_algo;
   (void)s2k;
   (void)create;
   (void)nocache;
   (void)tmp;
+  (void)flags;
 
   if (canceled)
     *canceled = 0;
diff --git a/g10/keydb.h b/g10/keydb.h
index 4703294f4..806b9303b 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -292,19 +292,19 @@ gpg_error_t build_sk_list (ctrl_t ctrl, strlist_t locusr,
                            SK_LIST *ret_sk_list, unsigned use);
 
 /*-- passphrase.h --*/
+
+/* Flags for passphrase_to_dek */
+#define GETPASSWORD_FLAG_SYMDECRYPT  1
+
 int  have_static_passphrase(void);
 const char *get_static_passphrase (void);
 void set_passphrase_from_string(const char *pass);
 void read_passphrase_from_fd( int fd );
 void passphrase_clear_cache (const char *cacheid);
-DEK *passphrase_to_dek_ext(u32 *keyid, int pubkey_algo,
-                           int cipher_algo, STRING2KEY *s2k, int mode,
-                           const char *tryagain_text,
-                           const char *custdesc, const char *custprompt,
-                           int *canceled);
 DEK *passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
                         int create, int nocache,
-                        const char *tryagain_text, int *canceled);
+                        const char *tryagain_text, unsigned int flags,
+                        int *canceled);
 void set_next_passphrase( const char *s );
 char *get_last_passphrase(void);
 void next_to_last_passphrase(void);
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 10cc69758..821378ee6 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -408,7 +408,8 @@ proc_symkey_enc (CTX c, PACKET *pkt)
         }
       else
         {
-          c->dek = passphrase_to_dek (algo, &enc->s2k, 0, 0, NULL, NULL);
+          c->dek = passphrase_to_dek (algo, &enc->s2k, 0, 0, NULL,
+                                      GETPASSWORD_FLAG_SYMDECRYPT, NULL);
           if (c->dek)
             {
               c->dek->symmetric = 1;
@@ -663,7 +664,8 @@ proc_encrypted (CTX c, PACKET *pkt)
               log_info (_("assuming %s encrypted data\n"), "IDEA");
             }
 
-          c->dek = passphrase_to_dek (algo, s2k, 0, 0, NULL, &canceled);
+          c->dek = passphrase_to_dek (algo, s2k, 0, 0, NULL,
+                                      GETPASSWORD_FLAG_SYMDECRYPT, &canceled);
           if (c->dek)
             c->dek->algo_info_printed = 1;
           else if (canceled)
diff --git a/g10/passphrase.c b/g10/passphrase.c
index 50bb0e18d..1793efc9d 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -171,15 +171,18 @@ read_passphrase_from_fd( int fd )
  * operation.  If CACHEID is not NULL, it will be used as the cacheID
  * for the gpg-agent; if is NULL and a key fingerprint can be
  * computed, this will be used as the cacheid.
+ *
+ * For FLAGS see passphrase_to_dek;
  */
 static char *
 passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
-                const char *tryagain_text, int *canceled)
+                const char *tryagain_text, unsigned int flags, int *canceled)
 {
   int rc;
   char *pw = NULL;
   char *orig_codeset;
   const char *my_cacheid;
+  const char *desc;
 
   if (canceled)
     *canceled = 0;
@@ -194,6 +197,11 @@ passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
   if (tryagain_text)
     tryagain_text = _(tryagain_text);
 
+  if ((flags & GETPASSWORD_FLAG_SYMDECRYPT))
+    desc = _("Please enter the passphrase for decryption.");
+  else
+    desc = _("Enter passphrase\n");
+
   /* Here we have:
    * REPEAT is set in create mode and if opt.passphrase_repeat is set.
    * (Thus it is not a clean indication that we want a new passphrase).
@@ -205,7 +213,7 @@ passphrase_get (int newsymkey, int nocache, const char *cacheid, int repeat,
    * for a full state analysis and thus this new parameter.
    */
   rc = agent_get_passphrase (my_cacheid, tryagain_text, NULL,
-                             _("Enter passphrase\n"),
+                             desc,
                              newsymkey, repeat, nocache, &pw);
 
   i18n_switchback (orig_codeset);
@@ -264,11 +272,15 @@ passphrase_clear_cache (const char *cacheid)
  * CANCELED is not NULL, sets it to true.
  *
  * If CREATE is true a new passphrase will be created.  If NOCACHE is
- * true the symmetric key caching will not be used.  */
+ * true the symmetric key caching will not be used.
+ * FLAG bits are:
+ *   GETPASSWORD_FLAG_SYMDECRYPT := for symmetric decryption
+ */
 DEK *
 passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
                    int create, int nocache,
-                   const char *tryagain_text, int *canceled)
+                   const char *tryagain_text, unsigned int flags,
+                   int *canceled)
 {
   char *pw = NULL;
   DEK *dek;
@@ -355,7 +367,7 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
       /* Divert to the gpg-agent. */
       pw = passphrase_get (create, create && nocache, s2k_cacheid,
                            create? opt.passphrase_repeat : 0,
-                           tryagain_text, canceled);
+                           tryagain_text, flags, canceled);
       if (*canceled)
         {
           xfree (pw);
diff --git a/g10/sign.c b/g10/sign.c
index c50b6b4a7..ea3de620b 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1605,7 +1605,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
   s2k->hash_algo = S2K_DIGEST_ALGO;
 
   algo = default_cipher_algo ();
-  cfx.dek = passphrase_to_dek (algo, s2k, 1, 1, NULL, &canceled);
+  cfx.dek = passphrase_to_dek (algo, s2k, 1, 1, NULL, 0, &canceled);
 
   if (!cfx.dek || !cfx.dek->keylen)
     {
diff --git a/g10/test-stubs.c b/g10/test-stubs.c
index 07dd19d26..4838d20dd 100644
--- a/g10/test-stubs.c
+++ b/g10/test-stubs.c
@@ -336,13 +336,14 @@ check_secret_key (PKT_public_key *pk, int n)
  */
 DEK *
 passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, int create, int nocache,
-                   const char *tmp, int *canceled)
+                   const char *tmp, unsigned int flags, int *canceled)
 {
   (void)cipher_algo;
   (void)s2k;
   (void)create;
   (void)nocache;
   (void)tmp;
+  (void)flags;
 
   if (canceled)
     *canceled = 0;
diff --git a/sm/decrypt.c b/sm/decrypt.c
index bac63e1bc..d720913dc 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -657,7 +657,7 @@ pwri_decrypt (ctrl_t ctrl, gcry_sexp_t enc_val,
 
   err = gpgsm_agent_ask_passphrase
     (ctrl,
-     i18n_utf8 (N_("Please enter the password for decryption.")),
+     i18n_utf8 (N_("Please enter the passphrase for decryption.")),
      0, &passphrase);
   if (err)
     goto leave;