From d528d0b065334b4c8c52e66441160e308b51d24f Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 9 Sep 2024 16:41:35 +0200
Subject: gpg: New commands --add-recipients and --change-recipients.

* g10/gpg.c (aAddRecipients, aChangeRecipients): New consts.
(opts): Add --add-recipients and --change-recipients.
(main): Handle them.
* g10/gpg.h (struct server_control_s): Add fields modify_recipients,
clear_recipients, and last_read_ctb.
* g10/armor.c (was_armored): New.
* g10/decrypt.c (decrypt_message): Add optional arg 'remusr'.  Handle
re-encryption if desired.
* g10/encrypt.c (write_pubkey_enc): Factor info printing out to ...
(show_encrypted_for_user_info): new.
(reencrypt_to_new_recipients): New.
* g10/packet.h (struct parse_packet_ctx_s): Add fields only_fookey_enc
and last_ctb.
(init_parse_packet): Clear them.
* g10/parse-packet.c (parse): Store CTB in the context.  Early return
on pubkey_enc and symkey_enc packets if requested.
* g10/mainproc.c (proc_encrypted): Allow for PKT being NULL.  Return
early in modify-recipients mode.
(proc_encryption_packets): Add two optional args 'r_dek' and 'r_list'.
Adjust callers.  Call do_proc_packets in modify-recipients mode
depending on the optional args.
(do_proc_packets): Add arg 'keep_dek_and_list'.  Adjust callers.  Save
the last read CTB in CTRL and return after the last fooenc_enc
packets.
--

This basically works but does not yet handle symmetric encrypted
packets (symkey_enc).

GnuPG-bug-id: 1825
(Yes, this is an at least 9 year old feature request)
---
 g10/gpg.c | 38 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 36 insertions(+), 2 deletions(-)

(limited to 'g10/gpg.c')

diff --git a/g10/gpg.c b/g10/gpg.c
index e61b6879a..6068eefd3 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -115,6 +115,8 @@ enum cmd_and_opt_values
     oKnownNotation,
     aEncrFiles,
     aEncrSym,
+    aAddRecipients,
+    aChangeRecipients,
     aDecryptFiles,
     aClearsign,
     aStore,
@@ -481,6 +483,8 @@ static gpgrt_opt_t opts[] = {
   ARGPARSE_c (aDecryptFiles, "decrypt-files", "@"),
   ARGPARSE_c (aVerify, "verify"   , N_("verify a signature")),
   ARGPARSE_c (aVerifyFiles, "verify-files" , "@" ),
+  ARGPARSE_c (aAddRecipients, "add-recipients", "@" ),
+  ARGPARSE_c (aChangeRecipients, "change-recipients", "@" ),
   ARGPARSE_c (aListKeys, "list-keys", N_("list keys")),
   ARGPARSE_c (aListKeys, "list-public-keys", "@" ),
   ARGPARSE_c (aListSigs, "list-signatures", N_("list keys and signatures")),
@@ -2739,6 +2743,8 @@ main (int argc, char **argv)
 	  case aExportOwnerTrust:
 	  case aImportOwnerTrust:
           case aRebuildKeydbCaches:
+          case aAddRecipients:
+          case aChangeRecipients:
             set_cmd (&cmd, pargs.r_opt);
             break;
 
@@ -4168,6 +4174,12 @@ main (int argc, char **argv)
 	  case aStore:
 	    cmdname="--store";
 	    break;
+          case aAddRecipients:
+            cmdname="--add-recipients";
+            break;
+          case aChangeRecipients:
+            cmdname="--change-recipients";
+            break;
 	  default:
 	    cmdname=NULL;
 	    break;
@@ -4262,7 +4274,9 @@ main (int argc, char **argv)
 				      || cmd == aEncrSym
 				      || cmd == aSym
 				      || cmd == aSignSym
-				      || cmd == aSignEncrSym,
+				      || cmd == aSignEncrSym
+				      || cmd == aAddRecipients
+				      || cmd == aChangeRecipients,
 				      opt.def_cipher_algo,
 				      GCRY_CIPHER_MODE_NONE))
       log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
@@ -4509,6 +4523,26 @@ main (int argc, char **argv)
 	  }
 	break;
 
+      case aChangeRecipients: /* Change recipients of the encrypted file. */
+        ctrl->clear_recipients = 1;
+        /* fallthru */
+      case aAddRecipients:    /* Add recipients to the encrypted file.    */
+        ctrl->modify_recipients = 1;
+        if (argc > 1)
+          {
+            if (cmd == aAddRecipients)
+              wrong_args("--add-recipients [filename]");
+            else
+              wrong_args("--change-recipients [filename]");
+          }
+        if ((rc = decrypt_message (ctrl, fname, remusr)))
+          {
+            write_status_failure ("modify-recipients", rc);
+            log_error ("%s: modify recipients failed: %s\n",
+                       print_fname_stdin (fname), gpg_strerror (rc));
+          }
+	break;
+
       case aEncrSym:
 	/* This works with PGP 8 in the sense that it acts just like a
 	   symmetric message.  It doesn't work at all with 2 or 6.  It
@@ -4650,7 +4684,7 @@ main (int argc, char **argv)
 	  {
 	    if( argc > 1 )
 	      wrong_args("--decrypt [filename]");
-	    if( (rc = decrypt_message (ctrl, fname) ))
+	    if( (rc = decrypt_message (ctrl, fname, NULL) ))
               {
                 write_status_failure ("decrypt", rc);
                 log_error("decrypt_message failed: %s\n", gpg_strerror (rc) );
-- 
cgit v1.2.3