core: Return CANCELED and BAD_PASSPHRASE error code on decryption.

* src/decrypt.c (op_data_t): Add field pkdecrypt_failed.
(_gpgme_decrypt_status_handler): Consult new field.
(parse_status_error): Handle some error codes.
--

The idea is to return only a limited set of error codes because a user
won't be able to understand the more esoteric codes.

GnuPG-bug-id: 3270
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-07-12 17:55:43 +02:00
parent 87703dbb86
commit d37bc7e025
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -43,7 +43,11 @@ typedef struct
gpg_error_t failure_code; gpg_error_t failure_code;
int okay; int okay;
/* A flag telling that the a decryption failed and an optional error
* code to further specify the failure. */
int failed; int failed;
gpg_error_t pkdecrypt_failed;
/* A pointer to the next pointer of the last recipient in the list. /* A pointer to the next pointer of the last recipient in the list.
This makes appending new invalid signers painless while This makes appending new invalid signers painless while
@ -156,6 +160,31 @@ parse_status_error (char *args, op_data_t opd)
if (gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE) if (gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE)
opd->result.wrong_key_usage = 1; opd->result.wrong_key_usage = 1;
} }
else if (!strcmp (field[0], "pkdecrypt_failed"))
{
switch (gpg_err_code (err))
{
case GPG_ERR_CANCELED:
case GPG_ERR_FULLY_CANCELED:
/* It is better to return with a cancel error code than the
* general decryption failed error code. */
opd->pkdecrypt_failed = gpg_err_make (gpg_err_source (err),
GPG_ERR_CANCELED);
break;
case GPG_ERR_BAD_PASSPHRASE:
/* A bad passphrase is severe enough that we return this
* error code. */
opd->pkdecrypt_failed = err;
break;
default:
/* For now all other error codes are ignored and the
* standard DECRYPT_FAILED is returned. */
break;
}
}
return 0; return 0;
} }
@ -242,7 +271,9 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
case GPGME_STATUS_EOF: case GPGME_STATUS_EOF:
/* FIXME: These error values should probably be attributed to /* FIXME: These error values should probably be attributed to
the underlying crypto engine (as error source). */ the underlying crypto engine (as error source). */
if (opd->failed) if (opd->failed && opd->pkdecrypt_failed)
return opd->pkdecrypt_failed;
else if (opd->failed)
return gpg_error (GPG_ERR_DECRYPT_FAILED); return gpg_error (GPG_ERR_DECRYPT_FAILED);
else if (!opd->okay) else if (!opd->okay)
return gpg_error (GPG_ERR_NO_DATA); return gpg_error (GPG_ERR_NO_DATA);