diff options
| author | David Shaw <[email protected]> | 2003-10-26 03:26:14 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2003-10-26 03:26:14 +0000 |
| commit | bb7986e9a6a43a8732797ecf72f6759b1c4feaa4 (patch) | |
| tree | cc638268722b231d80fa97b9d22e87778b01e5dd /g10/g10.c | |
| parent | Updated to 0.12.1 (diff) | |
| download | gnupg-bb7986e9a6a43a8732797ecf72f6759b1c4feaa4.tar.gz gnupg-bb7986e9a6a43a8732797ecf72f6759b1c4feaa4.zip | |
* g10.c (main): Add --symmetric --encrypt command. This generates a
message that can be decrypted via a passphrase or public key system.
* main.h, encode.c (encode_seskey): Allow passing in an already-created
session key dek. (encode_simple): Use the actual symmetric cipher when
encrypting a session key for a symmetric message. (encode_crypt): Add a
flag to trigger a hybrid mode that can be decrypted via a passphrase or a
pk. Change all callers.
* mainproc.c (symkey_decrypt_sesskey): There is no way to tell the
difference here between a bad passphrase and a cipher algorithm that we
don't have, so use a error message that makes that clear. Use the actual
list of ciphers when checking whether a cipher is invalid. Return error
if the decrypted cipher algorithm is invalid. (proc_symkey_enc): In a
mixed passphrase/pk message, if a valid dek already exists from decrypting
via pk, do not try to process the passphrase. (proc_symkey_enc): Indicate
when we're decrypting a session key as opposed to decrypting data. If a
passphrase is invalid, discard the dek so we'll keep trying.
Diffstat (limited to '')
| -rw-r--r-- | g10/g10.c | 34 |
1 files changed, 31 insertions, 3 deletions
@@ -80,7 +80,8 @@ enum cmd_and_opt_values oShowNotation, oNoShowNotation, aEncrFiles, - aDecryptFiles, + aEncrSym, + aDecryptFiles, aClearsign, aStore, aKeygen, @@ -866,6 +867,10 @@ set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd ) cmd = aSignSym; else if( cmd == aSym && new_cmd == aSign ) cmd = aSignSym; + else if( cmd == aSym && new_cmd == aEncr ) + cmd = aEncrSym; + else if( cmd == aEncr && new_cmd == aSym ) + cmd = aEncrSym; else if( cmd == aKMode && new_cmd == aSym ) cmd = aKModeC; else if( ( cmd == aSign && new_cmd == aClearsign ) @@ -2255,6 +2260,9 @@ main( int argc, char **argv ) case aSym: cmdname="--symmetric"; break; + case aEncrSym: + cmdname="--symmetric --encrypt"; + break; case aStore: cmdname="--store"; break; @@ -2450,12 +2458,32 @@ main( int argc, char **argv ) { if( argc > 1 ) wrong_args(_("--encrypt [filename]")); - if( (rc = encode_crypt(fname,remusr)) ) + if( (rc = encode_crypt(fname,remusr,0)) ) + log_error("%s: encryption failed: %s\n", + print_fname_stdin(fname), g10_errstr(rc) ); + } + break; + + case aEncrSym: + /* This works with PGP 8. It doesn't work with 2 or 6. It + might work with 7, but alas, I don't have a copy to test + with right now. */ + if( argc > 1 ) + wrong_args(_("--symmetric --encrypt [filename]")); + else if(opt.s2k_mode==0) + log_error(_("you cannot use --symmetric --encrypt" + " with --s2k-mode 0\n")); + else if(PGP2 || PGP6 || PGP7 || RFC1991) + log_error(_("you cannot use --symmetric --encrypt" + " while in %s mode\n"),compliance_option_string()); + else + { + if( (rc = encode_crypt(fname,remusr,1)) ) log_error("%s: encryption failed: %s\n", print_fname_stdin(fname), g10_errstr(rc) ); } break; - + case aSign: /* sign the given file */ sl = NULL; if( detached_sig ) { /* sign all files */ |