diff options
| -rw-r--r-- | doc/gpgme.texi | 2 | ||||
| -rw-r--r-- | src/decrypt.c | 13 |
2 files changed, 12 insertions, 3 deletions
diff --git a/doc/gpgme.texi b/doc/gpgme.texi index bc40430a..31929d34 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -4893,7 +4893,7 @@ if @var{ctx}, @var{cipher} or @var{plain} is not a valid pointer, @code{GPG_ERR_NO_DATA} if @var{cipher} does not contain any data to decrypt, @code{GPG_ERR_DECRYPT_FAILED} if @var{cipher} is not a valid cipher text, @code{GPG_ERR_BAD_PASSPHRASE} if the passphrase for the -secret key could not be retrieved, and passes through any errors that +secret key could not be retrieved, and passes through some errors that are reported by the crypto engine support routines. @end deftypefun diff --git a/src/decrypt.c b/src/decrypt.c index 1d8412a0..aa17771d 100644 --- a/src/decrypt.c +++ b/src/decrypt.c @@ -1,6 +1,6 @@ /* decrypt.c - Decrypt function. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002, 2003, 2004 g10 Code GmbH + Copyright (C) 2001, 2002, 2003, 2004, 2017 g10 Code GmbH This file is part of GPGME. @@ -49,6 +49,13 @@ typedef struct int failed; gpg_error_t pkdecrypt_failed; + /* At least one secret key is not available. gpg issues NO_SECKEY + * status lines for each key the message has been encrypted to but + * that secret key is not available. This can't be done for hidden + * recipients, though. We track it here to allow for a better error + * message that the general DECRYPTION_FAILED. */ + int any_no_seckey; + /* A pointer to the next pointer of the last recipient in the list. This makes appending new invalid signers painless while preserving the order. */ @@ -273,6 +280,8 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, the underlying crypto engine (as error source). */ if (opd->failed && opd->pkdecrypt_failed) return opd->pkdecrypt_failed; + else if (opd->failed && opd->any_no_seckey) + return gpg_error (GPG_ERR_NO_SECKEY); else if (opd->failed) return gpg_error (GPG_ERR_DECRYPT_FAILED); else if (!opd->okay) @@ -319,7 +328,6 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, case GPGME_STATUS_NO_SECKEY: { gpgme_recipient_t rec = opd->result.recipients; - while (rec) { if (!strcmp (rec->keyid, args)) @@ -332,6 +340,7 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, /* FIXME: Is this ok? */ if (!rec) return trace_gpg_error (GPG_ERR_INV_ENGINE); + opd->any_no_seckey = 1; } break; |