diff options
| author | Werner Koch <[email protected]> | 2017-03-21 09:39:33 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2017-03-21 09:39:33 +0000 |
| commit | fab8b1a166fff7265d8a7a7acbbf5f30d26cc93c (patch) | |
| tree | e2f8f3f20fb025737cf7e43740d30db77604e0a0 | |
| parent | core: New public API gpgme_op_keylist_from_data_start. (diff) | |
| download | gpgme-fab8b1a166fff7265d8a7a7acbbf5f30d26cc93c.tar.gz gpgme-fab8b1a166fff7265d8a7a7acbbf5f30d26cc93c.zip | |
core: New encryption flag GPGME_ENCRYPT_THROW_KEYIDS.
* src/gpgme.h.in (GPGME_ENCRYPT_THROW_KEYIDS): New flag.
* src/engine-gpg.c (gpg_encrypt): Implement flag
(gpg_encrypt_sign): Implement flag.
* tests/run-encrypt.c (main): New option --throw-keyids.
--
It would be nice to also selectively hide recipients (that is gpg
--hidden-recipient) but our API does not ye allow this because it is
based on key objects. A possible way to implement that would be a API
to set processing flags into a key but this is complicated due to the
reference counting and thus the possibility that a key object is used
by different context.
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | doc/gpgme.texi | 9 | ||||
| -rw-r--r-- | src/engine-gpg.c | 6 | ||||
| -rw-r--r-- | src/gpgme.h.in | 3 | ||||
| -rw-r--r-- | tests/run-encrypt.c | 6 |
5 files changed, 24 insertions, 3 deletions
@@ -12,7 +12,8 @@ Noteworthy changes in version 1.8.1 (unreleased) GPGME_CREATE_NOEXPIRE NEW. gpgme_subkey_t EXTENDED: New field is_de_vs. gpgme_op_keylist_from_data_start NEW. - gpgme_data_rewind UN-DEPRECATE. + GPGME_ENCRYPT_THROW_KEYIDS NEW. + gpgme_data_rewind UN-DEPRECATE cpp: Context::revUid(const Key&, const char*) NEW. cpp: Context::startRevUid(const Key&, const char*) NEW. cpp: Context::addUid(const Key&, const char*) NEW. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index edcbb98c..a4ab5c4f 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -5565,10 +5565,17 @@ also expect a sign command. @item GPGME_ENCRYPT_SYMMETRIC The @code{GPGME_ENCRYPT_SYMMETRIC} symbol specifies that the -output should be additionally encrypted symmetically even +output should be additionally encrypted symmetrically even if recipients are provided. This feature is only supported for for the OpenPGP crypto engine. +@item GPGME_ENCRYPT_THROW_KEYIDS +The @code{GPGME_ENCRYPT_THROW_KEYIDS} symbols requests that the +identifiers for the decrption keys are not included in the ciphertext. +On the receiving side, the use of this flag may slow down the +decryption process because all available secret keys must be tried. +This flag is only honored for OpenPGP encryption. + @end table If @code{GPG_ERR_UNUSABLE_PUBKEY} is returned, some recipients in diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 4b87a8a0..6024529b 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1860,6 +1860,9 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, if (!err && (flags & GPGME_ENCRYPT_NO_COMPRESS)) err = add_arg (gpg, "--compress-algo=none"); + if (!err && (flags & GPGME_ENCRYPT_THROW_KEYIDS)) + err = add_arg (gpg, "--throw-keyids"); + if (gpgme_data_get_encoding (plain) == GPGME_DATA_ENCODING_MIME && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); @@ -1929,6 +1932,9 @@ gpg_encrypt_sign (void *engine, gpgme_key_t recp[], if (!err && (flags & GPGME_ENCRYPT_NO_COMPRESS)) err = add_arg (gpg, "--compress-algo=none"); + if (!err && (flags & GPGME_ENCRYPT_THROW_KEYIDS)) + err = add_arg (gpg, "--throw-keyids"); + if (gpgme_data_get_encoding (plain) == GPGME_DATA_ENCODING_MIME && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 2cf096b6..16191ebc 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1237,7 +1237,8 @@ typedef enum GPGME_ENCRYPT_PREPARE = 4, GPGME_ENCRYPT_EXPECT_SIGN = 8, GPGME_ENCRYPT_NO_COMPRESS = 16, - GPGME_ENCRYPT_SYMMETRIC = 32 + GPGME_ENCRYPT_SYMMETRIC = 32, + GPGME_ENCRYPT_THROW_KEYIDS = 64 } gpgme_encrypt_flags_t; diff --git a/tests/run-encrypt.c b/tests/run-encrypt.c index fd868368..c148e931 100644 --- a/tests/run-encrypt.c +++ b/tests/run-encrypt.c @@ -88,6 +88,7 @@ show_usage (int ex) " --uiserver use the UI server\n" " --loopback use a loopback pinentry\n" " --key NAME encrypt to key NAME\n" + " --throw-keyids use this option\n" " --symmetric encrypt symmetric (OpenPGP only)\n" , stderr); exit (ex); @@ -170,6 +171,11 @@ main (int argc, char **argv) keyargs[keycount++] = *argv; argc--; argv++; } + else if (!strcmp (*argv, "--throw-keyids")) + { + flags |= GPGME_ENCRYPT_THROW_KEYIDS; + argc--; argv++; + } else if (!strcmp (*argv, "--loopback")) { use_loopback = 1; |