From 3d2f027d0f40e7ec4ab48cee89ff0ee10b423566 Mon Sep 17 00:00:00 2001
From: Andre Heinecke <aheinecke@intevation.de>
Date: Tue, 9 Aug 2016 11:40:29 +0200
Subject: [PATCH] core: Add support for mixed symmetric and asym enc

* src/gpgme.h.in (gpgme_encrypt_flags_t): New flag
GPGME_ENCRYPT_SYMMETRIC.
* src/engine-gpg.c (gpg_encrypt): Also add --symmetric if the flag
is given.
* NEWS: Mention new flag.
* tests/run-encrypt.c (show_usage): Extend for --symmetric.
(main): Handle --symmetric.
(main): Set passphrase_cb in loopback mode.
(main): Fix encrypt call if no recipients are given.
* tests/gpg/t-encrypt-mixed.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
* doc/gpgme.texi: Document new flag.
---
 NEWS                        |   1 +
 doc/gpgme.texi              |   6 ++
 src/engine-gpg.c            |   9 ++-
 src/gpgme.h.in              |   3 +-
 tests/gpg/Makefile.am       |   2 +-
 tests/gpg/t-encrypt-mixed.c | 126 ++++++++++++++++++++++++++++++++++++
 tests/run-encrypt.c         |  14 +++-
 7 files changed, 154 insertions(+), 7 deletions(-)
 create mode 100644 tests/gpg/t-encrypt-mixed.c

diff --git a/NEWS b/NEWS
index 09d0a1c5..71c18a8a 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,7 @@ Noteworthy changes in version 1.7.0 (unreleased) [C25/A14/R_]
  GPGME_DATA_TYPE_PGP_ENCRYPTED  NEW.
  GPGME_DATA_TYPE_PGP_SIGNATURE  NEW.
  GPGME_DATA_ENCODING_MIME       NEW.
+ GPGME_ENCRYPT_SYMMETRIC        NEW.
 
 
 Noteworthy changes in version 1.6.0 (2015-08-26) [C25/A14/R0]
diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index 68f85ece..907099ad 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -5398,6 +5398,12 @@ protocol to prepare an encryption (i.e. sending the
 @code{GPGME_ENCRYPT_EXPECT_SIGN} symbol the UI Server is advised to
 also expect a sign command.
 
+@item GPGME_ENCRYPT_SYMMETRIC
+The @code{GPGME_ENCRYPT_SYMMETRIC} symbol specifies that the
+output should be additionally encrypted symmetically even
+if recipients are provided. This feature is only supported for
+for the OpenPGP crypto engine.
+
 @end table
 
 If @code{GPG_ERR_UNUSABLE_PUBKEY} is returned, some recipients in
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 942711f9..ae78d9d1 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -1718,9 +1718,12 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags,
 {
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
-  int symmetric = !recp;
 
-  err = add_arg (gpg, symmetric ? "--symmetric" : "--encrypt");
+  if (recp)
+    err = add_arg (gpg, "--encrypt");
+
+  if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || !recp))
+    err = add_arg (gpg, "--symmetric");
 
   if (!err && use_armor)
     err = add_arg (gpg, "--armor");
@@ -1732,7 +1735,7 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags,
       && have_gpg_version (gpg, "2.1.14"))
     err = add_arg (gpg, "--mimemode");
 
-  if (!symmetric)
+  if (recp)
     {
       /* If we know that all recipients are valid (full or ultimate trust)
 	 we can suppress further checks.  */
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index c05686d8..56d15f4f 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -1392,7 +1392,8 @@ typedef enum
     GPGME_ENCRYPT_NO_ENCRYPT_TO = 2,
     GPGME_ENCRYPT_PREPARE = 4,
     GPGME_ENCRYPT_EXPECT_SIGN = 8,
-    GPGME_ENCRYPT_NO_COMPRESS = 16
+    GPGME_ENCRYPT_NO_COMPRESS = 16,
+    GPGME_ENCRYPT_SYMMETRIC = 32
   }
 gpgme_encrypt_flags_t;
 
diff --git a/tests/gpg/Makefile.am b/tests/gpg/Makefile.am
index 107397b4..e1c033bf 100644
--- a/tests/gpg/Makefile.am
+++ b/tests/gpg/Makefile.am
@@ -38,7 +38,7 @@ c_tests = \
         t-encrypt t-encrypt-sym t-encrypt-sign t-sign t-signers		\
 	t-decrypt t-verify t-decrypt-verify t-sig-notation t-export	\
 	t-import t-trustlist t-edit t-keylist t-keylist-sig t-wait	\
-	t-encrypt-large t-file-name t-gpgconf $(tests_unix)
+	t-encrypt-large t-file-name t-gpgconf t-encrypt-mixed $(tests_unix)
 
 TESTS = initial.test $(c_tests) final.test
 
diff --git a/tests/gpg/t-encrypt-mixed.c b/tests/gpg/t-encrypt-mixed.c
new file mode 100644
index 00000000..28d8aa31
--- /dev/null
+++ b/tests/gpg/t-encrypt-mixed.c
@@ -0,0 +1,126 @@
+/* t-encrypt-mixed.c - Regression test.
+   Copyright (C) 2016 Intevation GmbH
+
+   This file is part of GPGME.
+
+   GPGME is free software; you can redistribute it and/or modify it
+   under the terms of the GNU Lesser General Public License as
+   published by the Free Software Foundation; either version 2.1 of
+   the License, or (at your option) any later version.
+
+   GPGME is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this program; if not, write to the Free Software
+   Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+   02111-1307, USA.  */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <gpgme.h>
+
+#include "t-support.h"
+
+/* Tests mixed symmetric and asymetric decryption. Verifies
+   that an encrypted message can be decrypted without the
+   secret key but that the recipient is also set correctly. */
+int
+main (int argc, char *argv[])
+{
+  gpgme_ctx_t ctx;
+  gpgme_error_t err;
+  gpgme_data_t in, out;
+  gpgme_key_t key[2] = { NULL, NULL };
+  gpgme_encrypt_result_t result;
+  gpgme_decrypt_result_t dec_result;
+  gpgme_recipient_t recipient;
+  const char *text = "Hallo Leute\n";
+  char *text2;
+  size_t len;
+
+  init_gpgme (GPGME_PROTOCOL_OpenPGP);
+
+  err = gpgme_new (&ctx);
+  fail_if_err (err);
+  gpgme_set_armor (ctx, 1);
+
+  err = gpgme_data_new_from_mem (&in, text, strlen (text), 0);
+  fail_if_err (err);
+
+  err = gpgme_data_new (&out);
+  fail_if_err (err);
+
+  /* A recipient for which we don't have a secret key */
+  err = gpgme_get_key (ctx, "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2",
+                       &key[0], 0);
+  fail_if_err (err);
+
+  err = gpgme_op_encrypt (ctx, key,
+                          GPGME_ENCRYPT_ALWAYS_TRUST | GPGME_ENCRYPT_SYMMETRIC,
+                          in, out);
+  fail_if_err (err);
+  result = gpgme_op_encrypt_result (ctx);
+  if (result->invalid_recipients)
+    {
+      fprintf (stderr, "Invalid recipient encountered: %s\n",
+               result->invalid_recipients->fpr);
+      exit (1);
+    }
+
+  print_data (out);
+
+  /* Now try to decrypt */
+  gpgme_data_seek (out, 0, SEEK_SET);
+
+  gpgme_data_release (in);
+  err = gpgme_data_new (&in);
+  fail_if_err (err);
+
+  err = gpgme_op_decrypt (ctx, out, in);
+  fail_if_err (err);
+
+  fputs ("Begin Result Decryption:\n", stdout);
+  print_data (in);
+  fputs ("End Result.\n", stdout);
+
+  dec_result = gpgme_op_decrypt_result (ctx);
+  if (dec_result->unsupported_algorithm || dec_result->wrong_key_usage)
+    {
+      fprintf (stderr, "%s:%d: Decryption failed\n", __FILE__, __LINE__);
+      exit (1);
+    }
+
+  text2 = gpgme_data_release_and_get_mem (in, &len);
+  if (strncmp (text, text2, len))
+    {
+      fprintf (stderr, "%s:%d: Wrong plaintext\n", __FILE__, __LINE__);
+      exit (1);
+    }
+
+  recipient = dec_result->recipients;
+  if (!recipient || recipient->next)
+    {
+      fprintf (stderr, "%s:%d: Invalid recipients \n", __FILE__, __LINE__);
+      exit (1);
+    }
+
+  if (strncmp (recipient->keyid, "5381EA4EE29BA37F", 16))
+    {
+      fprintf (stderr, "%s:%d: Not encrypted to recipient's subkey \n", __FILE__, __LINE__);
+      exit (1);
+    }
+
+  gpgme_key_unref (key[0]);
+  gpgme_data_release (out);
+  gpgme_release (ctx);
+  return 0;
+}
diff --git a/tests/run-encrypt.c b/tests/run-encrypt.c
index a00f0282..210f88ab 100644
--- a/tests/run-encrypt.c
+++ b/tests/run-encrypt.c
@@ -70,6 +70,7 @@ show_usage (int ex)
          "  --uiserver       use the UI server\n"
          "  --loopback       use a loopback pinentry\n"
          "  --key NAME       encrypt to key NAME\n"
+         "  --symmetric      encrypt symmetric (OpenPGP only)\n"
          , stderr);
   exit (ex);
 }
@@ -91,6 +92,7 @@ main (int argc, char **argv)
   gpgme_key_t keys[10+1];
   int keycount = 0;
   int i;
+  gpgme_encrypt_flags_t flags = GPGME_ENCRYPT_ALWAYS_TRUST;
 
   if (argc)
     { argc--; argv++; }
@@ -148,6 +150,11 @@ main (int argc, char **argv)
           use_loopback = 1;
           argc--; argv++;
         }
+      else if (!strcmp (*argv, "--symmetric"))
+        {
+          flags |= GPGME_ENCRYPT_SYMMETRIC;
+          argc--; argv++;
+        }
       else if (!strncmp (*argv, "--", 2))
         show_usage (1);
 
@@ -174,7 +181,10 @@ main (int argc, char **argv)
   if (print_status)
     gpgme_set_status_cb (ctx, status_cb, NULL);
   if (use_loopback)
-    gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK);
+    {
+      gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK);
+      gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
+    }
 
   for (i=0; i < keycount; i++)
     {
@@ -194,7 +204,7 @@ main (int argc, char **argv)
   err = gpgme_data_new (&out);
   fail_if_err (err);
 
-  err = gpgme_op_encrypt (ctx, keys, GPGME_ENCRYPT_ALWAYS_TRUST, in, out);
+  err = gpgme_op_encrypt (ctx, keycount ? keys : NULL, flags, in, out);
   result = gpgme_op_encrypt_result (ctx);
   if (result)
     print_result (result);