1 files changed, 26 insertions, 15 deletions

diff --git a/g10/mainproc.c b/g10/mainproc.c
index e722618ca..91ababbb6 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -81,7 +81,7 @@ struct mainproc_context
   struct
   {
     /* A file descriptor of the signed data.  Only used if not -1. */
-    int data_fd;
+    gnupg_fd_t data_fd;
     /* A list of filenames with the data files or NULL. This is only
        used if DATA_FD is -1. */
     strlist_t data_names;
@@ -143,6 +143,8 @@ release_list( CTX c )
 
       mpi_release (c->pkenc_list->data[0]);
       mpi_release (c->pkenc_list->data[1]);
+      mpi_release (c->pkenc_list->data[2]);
+      mpi_release (c->pkenc_list->data[3]);
       xfree (c->pkenc_list);
       c->pkenc_list = tmp;
     }
@@ -527,11 +529,14 @@ proc_pubkey_enc (CTX c, PACKET *pkt)
       x->keyid[1] = enc->keyid[1];
       x->pubkey_algo = enc->pubkey_algo;
       x->result = -1;
-      x->data[0] = x->data[1] = NULL;
+      x->seskey_algo = enc->seskey_algo;
+      x->data[0] = x->data[1] = x->data[2] = x->data[3] = NULL;
       if (enc->data[0])
         {
           x->data[0] = mpi_copy (enc->data[0]);
           x->data[1] = mpi_copy (enc->data[1]);
+          x->data[2] = mpi_copy (enc->data[2]);
+          x->data[3] = mpi_copy (enc->data[3]);
         }
       x->next = c->pkenc_list;
       c->pkenc_list = x;
@@ -573,6 +578,10 @@ print_pkenc_list (ctrl_t ctrl, struct pubkey_enc_list *list)
                   openpgp_pk_algo_name (list->pubkey_algo),
                   keystr(list->keyid));
 
+      if (opt.flags.require_pqc_encryption
+          && pk->pubkey_algo != PUBKEY_ALGO_KYBER)
+        log_info (_("WARNING: key is not quantum-resistant\n"));
+
       free_public_key (pk);
     }
 }
@@ -1097,7 +1106,7 @@ static int
 proc_compressed_cb (iobuf_t a, void *info)
 {
   if ( ((CTX)info)->signed_data.used
-       && ((CTX)info)->signed_data.data_fd != -1)
+       && ((CTX)info)->signed_data.data_fd != GNUPG_INVALID_FD)
     return proc_signature_packets_by_fd (((CTX)info)->ctrl, info, a,
                                          ((CTX)info)->signed_data.data_fd);
   else
@@ -1519,7 +1528,7 @@ proc_signature_packets (ctrl_t ctrl, void *anchor, iobuf_t a,
   c->anchor = anchor;
   c->sigs_only = 1;
 
-  c->signed_data.data_fd = -1;
+  c->signed_data.data_fd = GNUPG_INVALID_FD;
   c->signed_data.data_names = signedfiles;
   c->signed_data.used = !!signedfiles;
 
@@ -1549,8 +1558,8 @@ proc_signature_packets (ctrl_t ctrl, void *anchor, iobuf_t a,
 
 
 int
-proc_signature_packets_by_fd (ctrl_t ctrl,
-                              void *anchor, iobuf_t a, int signed_data_fd )
+proc_signature_packets_by_fd (ctrl_t ctrl, void *anchor, iobuf_t a,
+                              gnupg_fd_t signed_data_fd)
 {
   int rc;
   CTX c;
@@ -1565,7 +1574,7 @@ proc_signature_packets_by_fd (ctrl_t ctrl,
 
   c->signed_data.data_fd = signed_data_fd;
   c->signed_data.data_names = NULL;
-  c->signed_data.used = (signed_data_fd != -1);
+  c->signed_data.used = (signed_data_fd != GNUPG_INVALID_FD);
 
   rc = do_proc_packets (c, a);
 
@@ -2549,8 +2558,6 @@ check_sig_and_print (CTX c, kbnode_t node)
       release_kbnode( keyblock );
       if (rc)
         g10_errors_seen = 1;
-      if (opt.batch && rc)
-        g10_exit (1);
     }
   else  /* Error checking the signature. (neither Good nor Bad).  */
     {
@@ -2636,7 +2643,8 @@ proc_tree (CTX c, kbnode_t node)
           /* Ask for file and hash it. */
           if (c->sigs_only)
             {
-              if (c->signed_data.used && c->signed_data.data_fd != -1)
+              if (c->signed_data.used
+                  && c->signed_data.data_fd != GNUPG_INVALID_FD)
                 rc = hash_datafile_by_fd (c->mfx.md, NULL,
                                           c->signed_data.data_fd,
                                           use_textmode);
@@ -2667,7 +2675,8 @@ proc_tree (CTX c, kbnode_t node)
         }
 
       for (n1 = node; (n1 = find_next_kbnode (n1, PKT_SIGNATURE));)
-        check_sig_and_print (c, n1);
+        if (check_sig_and_print (c, n1) && opt.batch)
+          break;
 
     }
   else if (node->pkt->pkttype == PKT_GPG_CONTROL
@@ -2686,8 +2695,8 @@ proc_tree (CTX c, kbnode_t node)
         }
 
       for (n1 = node; (n1 = find_next_kbnode (n1, PKT_SIGNATURE));)
-        check_sig_and_print (c, n1);
-
+        if (check_sig_and_print (c, n1) && opt.batch)
+          break;
     }
   else if (node->pkt->pkttype == PKT_SIGNATURE)
     {
@@ -2779,7 +2788,8 @@ proc_tree (CTX c, kbnode_t node)
 
           if (c->sigs_only)
             {
-              if (c->signed_data.used && c->signed_data.data_fd != -1)
+              if (c->signed_data.used
+                  && c->signed_data.data_fd != GNUPG_INVALID_FD)
                 rc = hash_datafile_by_fd (c->mfx.md, c->mfx.md2,
                                           c->signed_data.data_fd,
                                           (sig->sig_class == 0x01));
@@ -2814,7 +2824,8 @@ proc_tree (CTX c, kbnode_t node)
       if (multiple_ok)
         {
           for (n1 = node; n1; (n1 = find_next_kbnode(n1, PKT_SIGNATURE)))
-	    check_sig_and_print (c, n1);
+	    if (check_sig_and_print (c, n1) && opt.batch)
+              break;
         }
       else
         check_sig_and_print (c, node);