core: Support usage of gpgtar for decrypting an encrypted archive

* src/gpgme.h.in (GPGME_DECRYPT_ARCHIVE): New decryption flag. * src/engine-gpg.c (gpg_decrypt): Set use_gpgtar engine flag if GPGME_DECRYPT_ARCHIVE flag is set. Check for new enough gpg and incompatible flags. Use add_gpg_arg_with_value for gpg-only options with a value and add_gpg_arg for gpg-only options without a value. Set extra options for gpgtar and pass input data to stdin when using gpgtar. * tests/run-decrypt.c (show_usage): New options --archive and --directory. (main): Parse new options. Decrypt with gpgtar if --archive is given. Set file name of output data to value of --directory option. -- GnuPG-bug-id: 6342
author: Ingo Klöcker <[email protected]> 2023-01-24 10:05:52 +0000
committer: Ingo Klöcker <[email protected]> 2023-01-24 11:32:23 +0000
commit: 95ea3bf831aeac201108876e73750692aa1ba3f5 (patch)
tree: bff29ce413cb9ee4d55b5a3aa6f4c16888163e8a /src
parent: core: Allow setting the base directory when creating an archive (diff)
download: gpgme-95ea3bf831aeac201108876e73750692aa1ba3f5.tar.gz
gpgme-95ea3bf831aeac201108876e73750692aa1ba3f5.zip
2 files changed, 48 insertions, 20 deletions
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 06eb3e18..86422112 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -310,7 +310,8 @@ add_gpg_arg (engine_gpg_t gpg, const char *arg)
 }
 
 static gpgme_error_t
-add_gpg_arg_with_value (engine_gpg_t gpg, const char *arg, const char *value, int front)
+add_gpg_arg_with_value (engine_gpg_t gpg, const char *arg, const char *value,
+                        int front)
 {
   return _add_arg (gpg, arg, value, strlen (value), front, NULL, 1);
 }
@@ -1829,6 +1830,14 @@ gpg_decrypt (void *engine,
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
 
+  gpg->flags.use_gpgtar = !!(flags & GPGME_DECRYPT_ARCHIVE);
+
+  if (gpg->flags.use_gpgtar && !have_gpg_version (gpg, "2.3.5"))
+    return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
+  if (gpg->flags.use_gpgtar && (flags & GPGME_DECRYPT_UNWRAP))
+    return gpg_error (GPG_ERR_INV_VALUE);
+
   err = add_arg (gpg, "--decrypt");
 
   if (!err && (flags & GPGME_DECRYPT_UNWRAP))
@@ -1840,17 +1849,17 @@ gpg_decrypt (void *engine,
     }
 
   if (!err && export_session_key)
-    err = add_arg (gpg, "--show-session-key");
+    err = add_gpg_arg (gpg, "--show-session-key");
 
   if (!err && auto_key_retrieve)
-    err = add_arg (gpg, "--auto-key-retrieve");
+    err = add_gpg_arg (gpg, "--auto-key-retrieve");
 
   if (!err && gpg->flags.auto_key_import)
-    err = add_arg (gpg, "--auto-key-import");
+    err = add_gpg_arg (gpg, "--auto-key-import");
 
   if (!err && override_session_key && *override_session_key)
     {
-      if (have_gpg_version (gpg, "2.1.16"))
+      if (have_gpg_version (gpg, "2.1.16") && !gpg->flags.use_gpgtar)
         {
           gpgme_data_release (gpg->override_session_key);
           TRACE (DEBUG_ENGINE, "override", gpg, "seskey='%s' len=%zu\n",
@@ -1880,25 +1889,43 @@ gpg_decrypt (void *engine,
       else
         {
           /* Using that option may leak the session key via ps(1).  */
-          err = add_arg (gpg, "--override-session-key");
-          if (!err)
-            err = add_arg (gpg, override_session_key);
+          err = add_gpg_arg_with_value (gpg, "--override-session-key=",
+                                        override_session_key, 0);
         }
     }
 
   /* Tell the gpg object about the data.  */
-  if (!err)
-    err = add_arg (gpg, "--output");
-  if (!err)
-    err = add_arg (gpg, "-");
-  if (!err)
-    err = add_data (gpg, plain, 1, 1);
-  if (!err)
-    err = add_input_size_hint (gpg, ciph);
-  if (!err)
-    err = add_arg (gpg, "--");
-  if (!err)
-    err = add_data (gpg, ciph, -1, 0);
+  if (gpg->flags.use_gpgtar)
+    {
+      const char *file_name = gpgme_data_get_file_name (plain);
+      if (!err && file_name)
+        {
+          err = add_arg (gpg, "--directory");
+          if (!err)
+            err = add_arg (gpg, file_name);
+        }
+      if (!err)
+        err = add_input_size_hint (gpg, ciph);
+      if (!err)
+        err = add_arg (gpg, "--");
+      if (!err)
+        err = add_data (gpg, ciph, 0, 0);
+    }
+  else
+    {
+      if (!err)
+        err = add_arg (gpg, "--output");
+      if (!err)
+        err = add_arg (gpg, "-");
+      if (!err)
+        err = add_data (gpg, plain, 1, 1);
+      if (!err)
+        err = add_input_size_hint (gpg, ciph);
+      if (!err)
+        err = add_arg (gpg, "--");
+      if (!err)
+        err = add_data (gpg, ciph, -1, 0);
+    }
 
   if (!err)
     err = start (gpg);
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index fabba257..b498cd3b 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -1426,6 +1426,7 @@ gpgme_decrypt_result_t gpgme_op_decrypt_result (gpgme_ctx_t ctx);
 typedef enum
   {
     GPGME_DECRYPT_VERIFY = 1,
+    GPGME_DECRYPT_ARCHIVE = 2,
     GPGME_DECRYPT_UNWRAP = 128
   }
 gpgme_decrypt_flags_t;
author	Ingo Klöcker <[email protected]>	2023-01-24 10:05:52 +0000
committer	Ingo Klöcker <[email protected]>	2023-01-24 11:32:23 +0000
commit	95ea3bf831aeac201108876e73750692aa1ba3f5 (patch)
tree	bff29ce413cb9ee4d55b5a3aa6f4c16888163e8a /src
parent	core: Allow setting the base directory when creating an archive (diff)
download	gpgme-95ea3bf831aeac201108876e73750692aa1ba3f5.tar.gz gpgme-95ea3bf831aeac201108876e73750692aa1ba3f5.zip