GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: Return BAD_PASSPHRASE error code on symmetric decryption.

Browse Source 
* src/decrypt.c (op_data_t): Add field symdecrypt_failed.
(parse_status_error): Handle BAD_PASSPHRASE error code.
(_gpgme_decrypt_status_handler): Consult new field.
--

Return a bad passphrase error if the failure during symmetric decryption
is likely caused by the user entering a wrong passphrase. The special
error code of a failed public key decryption takes precedence.

GnuPG-bug-id: 5939
This commit is contained in:
Ingo Klöcker 2022-04-25 12:14:42 +02:00
parent d8e5871dca
commit e21c3b559d
1 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/decrypt.c
View File

@ -44,10 +44,12 @@ typedef struct
int okay; int okay;
/* A flag telling that the a decryption failed and an optional error /* A flag telling that the a decryption failed and two optional error
* code to further specify the failure. */ * codes to further specify the failure for public key decryption and
* symmetric decryption. */
int failed; int failed;
gpg_error_t pkdecrypt_failed; gpg_error_t pkdecrypt_failed;
gpg_error_t symdecrypt_failed;
/* At least one secret key is not available. gpg issues NO_SECKEY /* At least one secret key is not available. gpg issues NO_SECKEY
* status lines for each key the message has been encrypted to but * status lines for each key the message has been encrypted to but
@ -228,7 +230,22 @@ parse_status_error (char *args, op_data_t opd)
opd->result.legacy_cipher_nomdc = 1; opd->result.legacy_cipher_nomdc = 1;
opd->not_integrity_protected = 1; opd->not_integrity_protected = 1;
} }
else if (!strcmp (field[0], "symkey_decrypt.maybe_error"))
{
switch (gpg_err_code (err))
{
case GPG_ERR_BAD_PASSPHRASE:
/* A bad passphrase is severe enough that we return this
* error code. */
opd->symdecrypt_failed = err;
break;
default:
/* For now all other error codes are ignored and the
* standard DECRYPT_FAILED is returned. */
break;
}
}
/* Record the first error code. */ /* Record the first error code. */
if (err && !opd->first_status_error) if (err && !opd->first_status_error)
opd->first_status_error = err; opd->first_status_error = err;
@ -376,6 +393,8 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
/* This comes from a specialized ERROR status line. */ /* This comes from a specialized ERROR status line. */
if (opd->pkdecrypt_failed) if (opd->pkdecrypt_failed)
return opd->pkdecrypt_failed; return opd->pkdecrypt_failed;
if (opd->symdecrypt_failed)
return opd->symdecrypt_failed;
/* For an integrity failure return just DECRYPTION_FAILED; /* For an integrity failure return just DECRYPTION_FAILED;
* the actual cause can be taken from an already set * the actual cause can be taken from an already set