[git] GPGME - branch, master, updated. gpgme-1.7.1-43-g7659d42

by Werner Koch cvs at cvs.gnupg.org
Tue Nov 15 10:38:33 CET 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".

The branch, master has been updated
       via  7659d42468b604db2936b021425683f407eba4a7 (commit)
       via  3234b1bf1d6939772677d64f6c1e1820ec98e3cd (commit)
       via  cad1210fb8a7402cb29e607f8f9680005314120d (commit)
      from  9451faa2ee333904cff59f92ab62918e13ab4b87 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7659d42468b604db2936b021425683f407eba4a7
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Nov 15 10:29:48 2016 +0100

    core: Implement context flag "override-session-key".
    
    * src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
    "override-session-key".
    (gpgme_get_ctx_flag): Ditto.
    (gpgme_set_export_session_keys): Remove.
    (gpgme_get_export_session_keys): Remove.
    * src/gpgme.def, src/libgpgme.vers: Remove them.
    * src/context.h (struct gpgme_context): Add field
    override_session_key.
    * src/decrypt-verify.c (decrypt_verify_start): Pass
    override_session_key value to the engine.
    * src/decrypt.c (decrypt_start): Ditto.
    * src/engine.c (_gpgme_engine_op_decrypt): Ditto.
    (_gpgme_engine_op_decrypt_verify): Ditto.
    * src/engine-backend.h (struct engine_ops): Extend DECRYPT and
    DECRYPT_VERIFY_START with override_session_key.
    * src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
    override_session_key.
    (uiserver_decrypt): Ditto.
    (uiserver_decrypt_verify): Ditto.
    * src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
    * src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
    corresponding gpg option.
    
    * tests/run-decrypt.c (print_result): Print the session key if
    available.
    (main): Add options --export-session-key and --override-session-key.
    
    --
    
    To keep the number of context manipulation functions at bay, this
    patches removes the just added gpgme_set_export_session_keys and
    gpgme_get_export_session_keys by flags for the generic context
    function.
    
    The patch also implements the --override-session-key feature.
    
    GnuPG-bug-id: 2754
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index e47979c..eb06c20 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -191,7 +191,6 @@ Context Attributes
 * Text Mode::                     Choosing canonical text mode.
 * Offline Mode::                  Choosing offline mode.
 * Included Certificates::         Including a number of certificates.
-* Exporting Session Keys::        Requesting session keys upon decryption.
 * Key Listing Mode::              Selecting key listing mode.
 * Passphrase Callback::           Getting the passphrase from the user.
 * Progress Meter Callback::       Being informed about the progress.
@@ -2314,10 +2313,12 @@ The function @code{gpgme_release} destroys the context with the handle
 The detailed result of an operation is returned in operation-specific
 structures such as @code{gpgme_decrypt_result_t}.  The corresponding
 retrieval functions such as @code{gpgme_op_decrypt_result} provide
-static access to the results after an operation completes.  The
-following interfaces make it possible to detach a result structure
-from its associated context and give it a lifetime beyond that of the
-current operation or context.
+static access to the results after an operation completes.  Those
+structures shall be considered read-only and an application must not
+allocated such a strucure on its own.  The following interfaces make
+it possible to detach a result structure from its associated context
+and give it a lifetime beyond that of the current operation or
+context.
 
 @deftypefun void gpgme_result_ref (@w{void *@var{result}})
 The function @code{gpgme_result_ref} acquires an additional reference
@@ -2352,7 +2353,6 @@ started.  In fact, these references are accessed through the
 * Offline Mode::                  Choosing offline mode.
 * Pinentry Mode::                 Choosing the pinentry mode.
 * Included Certificates::         Including a number of certificates.
-* Exporting Session Keys::        Requesting session keys upon decryption.
 * Key Listing Mode::              Selecting key listing mode.
 * Passphrase Callback::           Getting the passphrase from the user.
 * Progress Meter Callback::       Being informed about the progress.
@@ -2643,29 +2643,6 @@ certificates to include into an S/MIME signed message.
 @end deftypefun
 
 
- at node Exporting Session Keys
- at subsection Exporting Session Keys
- at cindex context, exporting session keys
- at cindex Exporting Session Keys
- at cindex exporting session keys
-
- at deftypefun void gpgme_set_export_session_keys (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{yes}})
-The function @code{gpgme_set_export_session_keys} specifies whether
-the context should try to export the symmetric session key when
-decrypting data.  By default, session keys are not exported.
-
-Session keys are not exported if @var{yes} is zero, and
-enabled otherwise.
- at end deftypefun
-
- at deftypefun int gpgme_get_export_session_keys (@w{gpgme_ctx_t @var{ctx}})
-The function @code{gpgme_get_export_session_keys} returns @code{1} if
-the context will try to export the symmetric session key when
-decrypting, and @code{0} if not, or if @var{ctx} is not a valid
-pointer.
- at end deftypefun
-
-
 @node Key Listing Mode
 @subsection Key Listing Mode
 @cindex key listing mode
@@ -2923,6 +2900,18 @@ format.  For example the non breaking space characters ("~") will not
 be removed from the @code{description} field of the
 @code{gpgme_tofu_info_t} object.
 
+ at item "export-session-key"
+Using a @var{value} of "1" specifies that the context should try to
+export the symmetric session key when decrypting data.  By default, or
+when using an empty string or "0" for @var{value}, session keys are
+not exported.
+
+ at item "override-session-key"
+The string given in @var{value} is passed to the GnuPG engine to override
+the session key for decryption.  The format of that session key is
+specific to GnuPG and can be retrieved during a decrypt operation when
+the context flag "export-session-key" is enabled.
+
 @end table
 
 This function returns @code{0} on success.
@@ -4798,8 +4787,10 @@ secret key for this recipient is not available, and 0 otherwise.
 This is a pointer to a structure used to store the result of a
 @code{gpgme_op_decrypt} operation.  After successfully decrypting
 data, you can retrieve the pointer to the result with
- at code{gpgme_op_decrypt_result}.  The structure contains the following
-members:
+ at code{gpgme_op_decrypt_result}.  As with all result structures, it
+this structure shall be considered read-only and an application must
+not allocated such a strucure on its own.  The structure contains the
+following members:
 
 @table @code
 @item char *unsupported_algorithm
@@ -4817,17 +4808,12 @@ This is the filename of the original plaintext message file if it is
 known, otherwise this is a null pointer.
 
 @item char *session_key
-A textual representation (null-terminated string) of the session key
+A textual representation (nul-terminated string) of the session key
 used in symmetric encryption of the message, if the context has been
-set to export session keys (see @code{gpgme_get_export_session_keys}
-and @code{gpgme_set_export_session_keys}), and a session key was
-available for the most recent decryption operation.  Otherwise, this
-is a null pointer.
-
-You should never access this member of a
- at code{gpgme_op_decrypt_result_t} without first ensuring that
- at code{gpgme_get_export_session_keys} returns non-zero for the
-reporting context.
+set to export session keys (see @code{gpgme_set_ctx_flag,
+"export-session-key"}), and a session key was available for the most
+recent decryption operation.  Otherwise, this is a null pointer.
+
 @end table
 @end deftp
 
diff --git a/src/context.h b/src/context.h
index 94935c8..d915b99 100644
--- a/src/context.h
+++ b/src/context.h
@@ -135,6 +135,9 @@ struct gpgme_context
   /* The sender's addr-spec or NULL.  */
   char *sender;
 
+  /* The gpg specific override session key or NULL. */
+  char *override_session_key;
+
   /* The locale for the pinentry.  */
   char *lc_ctype;
   char *lc_messages;
diff --git a/src/decrypt-verify.c b/src/decrypt-verify.c
index 00d256a..e0aa8ea 100644
--- a/src/decrypt-verify.c
+++ b/src/decrypt-verify.c
@@ -77,7 +77,9 @@ decrypt_verify_start (gpgme_ctx_t ctx, int synchronous,
   _gpgme_engine_set_status_handler (ctx->engine,
 				    decrypt_verify_status_handler, ctx);
 
-  return _gpgme_engine_op_decrypt_verify (ctx->engine, cipher, plain, ctx->export_session_keys);
+  return _gpgme_engine_op_decrypt_verify (ctx->engine, cipher, plain,
+                                          ctx->export_session_keys,
+                                          ctx->override_session_key);
 }
 
 
diff --git a/src/decrypt.c b/src/decrypt.c
index 49c735c..43717c0 100644
--- a/src/decrypt.c
+++ b/src/decrypt.c
@@ -360,7 +360,7 @@ _gpgme_op_decrypt_init_result (gpgme_ctx_t ctx)
 
 static gpgme_error_t
 decrypt_start (gpgme_ctx_t ctx, int synchronous,
-		      gpgme_data_t cipher, gpgme_data_t plain)
+               gpgme_data_t cipher, gpgme_data_t plain)
 {
   gpgme_error_t err;
 
@@ -390,7 +390,9 @@ decrypt_start (gpgme_ctx_t ctx, int synchronous,
 
   _gpgme_engine_set_status_handler (ctx->engine, decrypt_status_handler, ctx);
 
-  return _gpgme_engine_op_decrypt (ctx->engine, cipher, plain, ctx->export_session_keys);
+  return _gpgme_engine_op_decrypt (ctx->engine, cipher, plain,
+                                   ctx->export_session_keys,
+                                   ctx->override_session_key);
 }
 
 
diff --git a/src/engine-backend.h b/src/engine-backend.h
index 144b156..cfc624d 100644
--- a/src/engine-backend.h
+++ b/src/engine-backend.h
@@ -62,9 +62,11 @@ struct engine_ops
   gpgme_error_t (*set_locale) (void *engine, int category, const char *value);
   gpgme_error_t (*set_protocol) (void *engine, gpgme_protocol_t protocol);
   gpgme_error_t (*decrypt) (void *engine, gpgme_data_t ciph,
-			    gpgme_data_t plain, int export_session_key);
+			    gpgme_data_t plain, int export_session_key,
+                            const char *override_session_key);
   gpgme_error_t (*decrypt_verify) (void *engine, gpgme_data_t ciph,
-				   gpgme_data_t plain, int export_session_key);
+				   gpgme_data_t plain, int export_session_key,
+                                   const char *override_session_key);
   gpgme_error_t (*delete) (void *engine, gpgme_key_t key, int allow_secret);
   gpgme_error_t (*edit) (void *engine, int type, gpgme_key_t key,
 			 gpgme_data_t out, gpgme_ctx_t ctx /* FIXME */);
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 0e43c24..21ed5bc 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -1550,7 +1550,8 @@ add_input_size_hint (engine_gpg_t gpg, gpgme_data_t data)
 
 
 static gpgme_error_t
-gpg_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
+gpg_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain,
+             int export_session_key, const char *override_session_key)
 {
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
@@ -1560,6 +1561,13 @@ gpg_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_ses
   if (!err && export_session_key)
     err = add_arg (gpg, "--show-session-key");
 
+  if (!err && override_session_key && *override_session_key)
+    {
+      err = add_arg (gpg, "--override-session-key");
+      if (!err)
+        err = add_arg (gpg, override_session_key);
+    }
+
   /* Tell the gpg object about the data.  */
   if (!err)
     err = add_arg (gpg, "--output");
diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
index 2ff353b..d1be049 100644
--- a/src/engine-gpgsm.c
+++ b/src/engine-gpgsm.c
@@ -1120,13 +1120,16 @@ gpgsm_reset (void *engine)
 
 
 static gpgme_error_t
-gpgsm_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
+gpgsm_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain,
+               int export_session_key, const char *override_session_key)
 {
   engine_gpgsm_t gpgsm = engine;
   gpgme_error_t err;
+
   /* gpgsm is not capable of exporting session keys right now, so we
    * will ignore this if requested. */
   (void)export_session_key;
+  (void)override_session_key;
 
   if (!gpgsm)
     return gpg_error (GPG_ERR_INV_VALUE);
diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
index 26f0d18..ee7b1d2 100644
--- a/src/engine-uiserver.c
+++ b/src/engine-uiserver.c
@@ -961,13 +961,16 @@ uiserver_reset (void *engine)
 static gpgme_error_t
 _uiserver_decrypt (void *engine, int verify,
 		   gpgme_data_t ciph, gpgme_data_t plain,
-                   int export_session_key)
+                   int export_session_key, const char *override_session_key)
 {
   engine_uiserver_t uiserver = engine;
   gpgme_error_t err;
   const char *protocol;
   char *cmd;
 
+  (void)override_session_key; /* Fixme: We need to see now to add this
+                               * to the UI server protocol  */
+
   if (!uiserver)
     return gpg_error (GPG_ERR_INV_VALUE);
   if (uiserver->protocol == GPGME_PROTOCOL_DEFAULT)
@@ -1008,16 +1011,21 @@ _uiserver_decrypt (void *engine, int verify,
 
 
 static gpgme_error_t
-uiserver_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
+uiserver_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain,
+                  int export_session_key, const char *override_session_key)
 {
-  return _uiserver_decrypt (engine, 0, ciph, plain, export_session_key);
+  return _uiserver_decrypt (engine, 0, ciph, plain,
+                            export_session_key, override_session_key);
 }
 
 
 static gpgme_error_t
-uiserver_decrypt_verify (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
+uiserver_decrypt_verify (void *engine, gpgme_data_t ciph, gpgme_data_t plain,
+                         int export_session_key,
+                         const char *override_session_key)
 {
-  return _uiserver_decrypt (engine, 1, ciph, plain, export_session_key);
+  return _uiserver_decrypt (engine, 1, ciph, plain,
+                            export_session_key, override_session_key);
 }
 
 
diff --git a/src/engine.c b/src/engine.c
index b43f683..d542b25 100644
--- a/src/engine.c
+++ b/src/engine.c
@@ -653,7 +653,8 @@ _gpgme_engine_set_protocol (engine_t engine, gpgme_protocol_t protocol)
 
 gpgme_error_t
 _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph,
-			  gpgme_data_t plain, int export_session_key)
+			  gpgme_data_t plain, int export_session_key,
+                          const char *override_session_key)
 {
   if (!engine)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -661,13 +662,15 @@ _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph,
   if (!engine->ops->decrypt)
     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
-  return (*engine->ops->decrypt) (engine->engine, ciph, plain, export_session_key);
+  return (*engine->ops->decrypt) (engine->engine, ciph, plain,
+                                  export_session_key, override_session_key);
 }
 
 
 gpgme_error_t
 _gpgme_engine_op_decrypt_verify (engine_t engine, gpgme_data_t ciph,
-				 gpgme_data_t plain, int export_session_key)
+				 gpgme_data_t plain, int export_session_key,
+                                 const char *override_session_key)
 {
   if (!engine)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -675,7 +678,9 @@ _gpgme_engine_op_decrypt_verify (engine_t engine, gpgme_data_t ciph,
   if (!engine->ops->decrypt_verify)
     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
-  return (*engine->ops->decrypt_verify) (engine->engine, ciph, plain, export_session_key);
+  return (*engine->ops->decrypt_verify) (engine->engine, ciph, plain,
+                                         export_session_key,
+                                         override_session_key);
 }
 
 
diff --git a/src/engine.h b/src/engine.h
index 512ac19..29d2f25 100644
--- a/src/engine.h
+++ b/src/engine.h
@@ -84,11 +84,14 @@ _gpgme_engine_set_colon_line_handler (engine_t engine,
 				      void *fnc_value);
 gpgme_error_t _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph,
 					gpgme_data_t plain,
-                                        int export_session_key);
+                                        int export_session_key,
+                                        const char *override_session_key);
 gpgme_error_t _gpgme_engine_op_decrypt_verify (engine_t engine,
 					       gpgme_data_t ciph,
 					       gpgme_data_t plain,
-                                               int export_session_key);
+                                               int export_session_key,
+                                               const char *override_session_key
+                                               );
 gpgme_error_t _gpgme_engine_op_delete (engine_t engine, gpgme_key_t key,
 				       int allow_secret);
 gpgme_error_t _gpgme_engine_op_edit (engine_t engine, int type,
diff --git a/src/gpgme.c b/src/gpgme.c
index 32abc28..1a10fd9 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -247,6 +247,7 @@ gpgme_release (gpgme_ctx_t ctx)
   free (ctx->signers);
   free (ctx->lc_ctype);
   free (ctx->lc_messages);
+  free (ctx->override_session_key);
   _gpgme_engine_info_release (ctx->engine_info);
   ctx->engine_info = NULL;
   DESTROY_LOCK (ctx->lock);
@@ -515,6 +516,17 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
     {
       ctx->raw_description = abool;
     }
+  else if (!strcmp (name, "export-session-key"))
+    {
+      ctx->export_session_keys = abool;
+    }
+  else if (!strcmp (name, "override-session-key"))
+    {
+      free (ctx->override_session_key);
+      ctx->override_session_key = strdup (value);
+      if (!ctx->override_session_key)
+        err = gpg_error_from_syserror ();
+    }
   else
     err = gpg_error (GPG_ERR_UNKNOWN_NAME);
 
@@ -526,7 +538,7 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
  * of valid names.  If the NAME is unknown NULL is returned.  For a
  * boolean flag an empty string is returned for False and the string
  * "1" for True; thus either atoi or a simple string test can be
- * used. */
+ * used.  */
 const char *
 gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name)
 {
@@ -540,35 +552,19 @@ gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name)
     {
       return ctx->raw_description? "1":"";
     }
+  else if (!strcmp (name, "export-session-key"))
+    {
+      return ctx->export_session_keys? "1":"";
+    }
+  else if (!strcmp (name, "override-session-key"))
+    {
+      return ctx->override_session_key? ctx->override_session_key : "";
+    }
   else
     return NULL;
 }
 
 
-/* Enable or disable the exporting session keys upon decryption.  */
-void
-gpgme_set_export_session_keys (gpgme_ctx_t ctx, int export_session_keys)
-{
-  TRACE2 (DEBUG_CTX, "gpgme_set_export_session_keys", ctx, "export_session_keys=%i (%s)",
-	  export_session_keys, export_session_keys ? "yes" : "no");
-
-  if (!ctx)
-    return;
-
-  ctx->export_session_keys = !!export_session_keys;
-}
-
-
-/* Return whether this context will export session keys upon decryption.  */
-int
-gpgme_get_export_session_keys (gpgme_ctx_t ctx)
-{
-  TRACE2 (DEBUG_CTX, "gpgme_get_export_session_keys", ctx, "ctx->export_session_keys=%i (%s)",
-	  ctx->export_session_keys, ctx->export_session_keys ? "yes" : "no");
-  return ctx->export_session_keys;
-}
-
-
 /* Enable or disable the use of the special textmode.  Textmode is for
   example used for the RFC2015 signatures; note that the updated RFC
   3156 mandates that the MUA does some preparations so that textmode
diff --git a/src/gpgme.def b/src/gpgme.def
index cd0d084..0d3ce74 100644
--- a/src/gpgme.def
+++ b/src/gpgme.def
@@ -252,8 +252,6 @@ EXPORTS
     gpgme_op_query_swdb                   @189
     gpgme_op_query_swdb_result            @190
 
-    gpgme_set_export_session_keys         @191
-    gpgme_get_export_session_keys         @192
-    gpgme_get_ctx_flag                    @193
+    gpgme_get_ctx_flag                    @191
 ; END
 
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 43e07b0..7cfe8f6 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -1040,13 +1040,6 @@ void gpgme_set_offline (gpgme_ctx_t ctx, int yes);
 /* Return non-zero if offline mode is set in CTX.  */
 int gpgme_get_offline (gpgme_ctx_t ctx);
 
-/* If YES is non-zero, try to return session keys during decryption,
-   do not otherwise.  */
-void gpgme_set_export_session_keys (gpgme_ctx_t ctx, int yes);
-
-/* Return non-zero if export_session_keys is set in CTX.  */
-int gpgme_get_export_session_keys (gpgme_ctx_t ctx);
-
 /* Use whatever the default of the backend crypto engine is.  */
 #define GPGME_INCLUDE_CERTS_DEFAULT	-256
 
diff --git a/src/libgpgme.vers b/src/libgpgme.vers
index 362909a..a55cd10 100644
--- a/src/libgpgme.vers
+++ b/src/libgpgme.vers
@@ -126,9 +126,6 @@ GPGME_1.1 {
 
     gpgme_op_query_swdb;
     gpgme_op_query_swdb_result;
-
-    gpgme_set_export_session_keys;
-    gpgme_get_export_session_keys;
 };
 
 
diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c
index 6d38aee..65624d0 100644
--- a/tests/run-decrypt.c
+++ b/tests/run-decrypt.c
@@ -51,9 +51,13 @@ print_result (gpgme_decrypt_result_t result)
 {
   gpgme_recipient_t recp;
   int count = 0;
+
   printf ("Original file name: %s\n", nonnull(result->file_name));
   printf ("Wrong key usage: %i\n", result->wrong_key_usage);
-  printf ("Unsupported algorithm: %s\n ", nonnull(result->unsupported_algorithm));
+  printf ("Unsupported algorithm: %s\n",
+          nonnull(result->unsupported_algorithm));
+  if (result->session_key)
+    printf ("Session key: %s\n", result->session_key);
 
   for (recp = result->recipients; recp->next; recp = recp->next)
     {
@@ -74,6 +78,8 @@ show_usage (int ex)
          "  --status         print status lines from the backend\n"
          "  --openpgp        use the OpenPGP protocol (default)\n"
          "  --cms            use the CMS protocol\n"
+         "  --export-session-key            show the session key\n"
+         "  --override-session-key STRING   use STRING as session key\n"
          , stderr);
   exit (ex);
 }
@@ -91,6 +97,8 @@ main (int argc, char **argv)
   gpgme_data_t out = NULL;
   gpgme_decrypt_result_t result;
   int print_status = 0;
+  int export_session_key = 0;
+  const char *override_session_key = NULL;
 
   if (argc)
     { argc--; argv++; }
@@ -125,6 +133,19 @@ main (int argc, char **argv)
           protocol = GPGME_PROTOCOL_CMS;
           argc--; argv++;
         }
+      else if (!strcmp (*argv, "--export-session-key"))
+        {
+          export_session_key = 1;
+          argc--; argv++;
+        }
+      else if (!strcmp (*argv, "--override-session-key"))
+        {
+          argc--; argv++;
+          if (!argc)
+            show_usage (1);
+          override_session_key = *argv;
+          argc--; argv++;
+        }
       else if (!strncmp (*argv, "--", 2))
         show_usage (1);
 
@@ -152,6 +173,10 @@ main (int argc, char **argv)
       gpgme_set_status_cb (ctx, status_cb, NULL);
       gpgme_set_ctx_flag (ctx, "full-status", "1");
     }
+  if (export_session_key)
+    gpgme_set_ctx_flag (ctx, "export-session-key", "1");
+  if (override_session_key)
+    gpgme_set_ctx_flag (ctx, "override-session-key", override_session_key);
 
   err = gpgme_data_new_from_stream (&in, fp_in);
   if (err)

commit 3234b1bf1d6939772677d64f6c1e1820ec98e3cd
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Nov 15 09:24:17 2016 +0100

    core: Add public function gpgme_get_ctx_flag.
    
    * src/gpgme.h.in (gpgme_get_ctx_flag): New.
    * src/gpgme.c (gpgme_set_ctx_flag): Move down the file and add a trace
    statement.
    (gpgme_get_ctx_flag): New.
    * src/gpgme.def, src/libgpgme.vers: Add new interface.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/NEWS b/NEWS
index 4bb0cfb..c194d8f 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,7 @@ Noteworthy changes in version 1.7.2 (unreleased)
  gpgme_op_query_swdb             NEW.
  gpgme_op_query_swdb_result      NEW.
  gpgme_query_swdb_result_t       NEW.
+ gpgme_get_ctx_flag              NEW.
  qt: DN                          NEW.
  qt: DN::Attribute               NEW.
  qt: Job::context(Job*)          NEW.
diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index 7eabab4..e47979c 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -2929,6 +2929,19 @@ This function returns @code{0} on success.
 @end deftypefun
 
 
+ at deftypefun {const char *} gpgme_get_ctx_flag  @
+            (@w{gpgme_ctx_t @var{ctx}}, @
+            @w{const char *@var{name}})
+
+The value of flags settable by @code{gpgme_set_ctx_flag} can be
+retrieved by this function.  If @var{name} is unknown the function
+returns @code{NULL}.  For boolean flags an empty string is returned
+for False and the string "1" is returned for True; either atoi(3) or a
+test for an empty string can be used to get the boolean value.
+
+ at end deftypefun
+
+
 @node Locale
 @subsection Locale
 @cindex locale, default
diff --git a/src/gpgme.c b/src/gpgme.c
index 7b14b5e..32abc28 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -85,39 +85,6 @@ gpgme_set_global_flag (const char *name, const char *value)
 }
 
 
-/* Set the flag NAME for CTX to VALUE.  The supported flags are:
- *
- * - full-status :: With a value of "1" the status callback set by
- *                  gpgme_set_status_cb returns all status lines
- *                  except for PROGRESS lines.  With the default of
- *                  "0" the status callback is only called in certain
- *                  situations.
- */
-gpgme_error_t
-gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
-{
-  int abool;
-
-  if (!ctx || !name || !value)
-    return gpg_error (GPG_ERR_INV_VALUE);
-
-  abool = *value? !!atoi (value) : 0;
-
-  if (!strcmp (name, "full-status"))
-    {
-      ctx->full_status = abool;
-    }
-  else if (!strcmp (name, "raw-description"))
-    {
-      ctx->raw_description = abool;
-    }
-  else
-    return gpg_error (GPG_ERR_UNKNOWN_NAME);
-
-  return 0;
-}
-
-
 

 /* Create a new context as an environment for GPGME crypto
    operations.  */
@@ -518,6 +485,66 @@ gpgme_get_armor (gpgme_ctx_t ctx)
 }
 
 
+/* Set the flag NAME for CTX to VALUE.  The supported flags are:
+ *
+ * - full-status :: With a value of "1" the status callback set by
+ *                  gpgme_set_status_cb returns all status lines
+ *                  except for PROGRESS lines.  With the default of
+ *                  "0" the status callback is only called in certain
+ *                  situations.
+ */
+gpgme_error_t
+gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
+{
+  gpgme_error_t err = 0;
+  int abool;
+
+  TRACE2 (DEBUG_CTX, "gpgme_set_ctx_flag", ctx,
+          "name='%s' value='%s'",
+	  name? name:"(null)", value?value:"(null)");
+
+  abool = (value && *value)? !!atoi (value) : 0;
+
+  if (!ctx || !name || !value)
+    err = gpg_error (GPG_ERR_INV_VALUE);
+  else if (!strcmp (name, "full-status"))
+    {
+      ctx->full_status = abool;
+    }
+  else if (!strcmp (name, "raw-description"))
+    {
+      ctx->raw_description = abool;
+    }
+  else
+    err = gpg_error (GPG_ERR_UNKNOWN_NAME);
+
+  return err;
+}
+
+
+/* Get the context flag named NAME.  See gpgme_set_ctx_flag for a list
+ * of valid names.  If the NAME is unknown NULL is returned.  For a
+ * boolean flag an empty string is returned for False and the string
+ * "1" for True; thus either atoi or a simple string test can be
+ * used. */
+const char *
+gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name)
+{
+  if (!ctx || !name)
+    return NULL;
+  else if (!strcmp (name, "full-status"))
+    {
+      return ctx->full_status? "1":"";
+    }
+  else if (!strcmp (name, "raw-description"))
+    {
+      return ctx->raw_description? "1":"";
+    }
+  else
+    return NULL;
+}
+
+
 /* Enable or disable the exporting session keys upon decryption.  */
 void
 gpgme_set_export_session_keys (gpgme_ctx_t ctx, int export_session_keys)
diff --git a/src/gpgme.def b/src/gpgme.def
index 35f4341..cd0d084 100644
--- a/src/gpgme.def
+++ b/src/gpgme.def
@@ -254,5 +254,6 @@ EXPORTS
 
     gpgme_set_export_session_keys         @191
     gpgme_get_export_session_keys         @192
+    gpgme_get_ctx_flag                    @193
 ; END
 
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 2a0e16e..43e07b0 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -999,6 +999,9 @@ void gpgme_release (gpgme_ctx_t ctx);
 gpgme_error_t gpgme_set_ctx_flag (gpgme_ctx_t ctx,
                                   const char *name, const char *value);
 
+/* Get the value of the flag NAME from CTX.  */
+const char *gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name);
+
 /* Set the protocol to be used by CTX to PROTO.  */
 gpgme_error_t gpgme_set_protocol (gpgme_ctx_t ctx, gpgme_protocol_t proto);
 
diff --git a/src/libgpgme.vers b/src/libgpgme.vers
index 9a3ecb2..362909a 100644
--- a/src/libgpgme.vers
+++ b/src/libgpgme.vers
@@ -101,6 +101,7 @@ GPGME_1.1 {
 
     gpgme_pubkey_algo_string;
     gpgme_set_ctx_flag;
+    gpgme_get_ctx_flag;
     gpgme_data_set_flag;
 
     gpgme_op_createkey_start;
diff --git a/tests/run-tofu.c b/tests/run-tofu.c
index ff55789..9e3b117 100644
--- a/tests/run-tofu.c
+++ b/tests/run-tofu.c
@@ -99,6 +99,7 @@ main (int argc, char **argv)
   const char *fpr;
   const char *policystr = NULL;
   gpgme_tofu_policy_t policy;
+  const char *s;
 
   if (argc)
     { argc--; argv++; }
@@ -145,10 +146,31 @@ main (int argc, char **argv)
   fail_if_err (err);
   gpgme_set_protocol (ctx, protocol);
   gpgme_set_armor (ctx, 1);
+
+
+  s = gpgme_get_ctx_flag (ctx, "no_such-flag");
+  if (s)
+    {
+      fprintf (stderr, PGM ": gpgme_get_ctx_flag failed "
+               "(bad name not detected)\n");
+      exit (1);
+    }
+  s = gpgme_get_ctx_flag (ctx, "full-status");
+  if (!s || *s)
+    {
+      fprintf (stderr, PGM ": gpgme_get_ctx_flag failed (wrong false)\n");
+      exit (1);
+    }
   if (print_status)
     {
       gpgme_set_status_cb (ctx, status_cb, NULL);
       gpgme_set_ctx_flag (ctx, "full-status", "1");
+      s = gpgme_get_ctx_flag (ctx, "full-status");
+      if (!s || strcmp (s, "1"))
+        {
+          fprintf (stderr, PGM ": gpgme_get_ctx_flag fauled (wrong true)\n");
+          exit (1);
+        }
     }
 
   err = gpgme_get_key (ctx, fpr, &thekey, 0);

commit cad1210fb8a7402cb29e607f8f9680005314120d
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Fri Nov 11 16:49:28 2016 +0900

    core: Enable extraction of session keys.
    
    * src/gpgme.c (gpgme_set_export_session_keys): New function.
    (gpgme_get_export_session_keys): New function.
    * src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
    member.
    (gpgme_{set,get}_export_session_keys): Declare new functions.
    * src/libgpgme.vers, src/gpgme.def: Export new functions in shared
    object.
    * src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
    parameter.
    (_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
    * src/engine-backend.h: (struct engine_ops): Change function
    pointer declarations to match.
    * src/context.h (struct gpgme_context): Add export_session_keys member.
    * src/decrypt.c (release_op_data): Free result.session_key.
    (_gpgme_decrypt_status_handler): Store a copy of the exported session
    key.
    (decrypt_start): Pass export_session_keys from the context.
    * src/decrypt-verify.c (decrypt_verify_start): Pass
    export_session_keys from context.
    * src/engine.c (_gpgme_engine_op_decrypt): Pass through
    export_session_key flag.
    (_gpgme_engine_op_decrypt_verify): Pass through export_session_key
    flag.
    * src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
    --export-session-key to argument list.
    * src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
    now, since gpgsm offers no such mechanism.
    * src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
    set, add --export-session-key flag to cmd.
    * doc/gpgme.texi: Document new functions and session_key member of
    decrypt_result_t.
    * doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.
    
    --
    
    gpg(1) documents session key export as useful for key escrow, and is
    rightly dubious of that use case.  However, session key export is also
    useful in other use cases.  Two examples from MUA development (where
    this functionality would be specifically useful to me right now):
    
     * If the MUA stores a local copy of the session key upon decrypting
       the message, it can re-decrypt the message without expensive
       asymmetric operations.  When rendering a thread with dozens of
       encrypted messages, this can represent a significant speedup.
    
     * A user may have expired encryption-capable secret key material,
       along with many messages encrypted to that material.  If she stores
       the session keys for those messages she wants to keep, she can
       destroy her secret key material and make any messages she has
       deleted completely unrecoverable, even to an attacker who gets her
       remaining secret keys in the future.
    
    This patchset makes a two specific implementation decisions that could
    have gone in different ways.  I welcome feedback on preferred outcomes.
    
     0) session key representation: we currently represent the session key
        as an opaque textual string, rather than trying to provide any
        sort of in-memory structure.  While it wouldn't be hard to parse
        the data produced by gpg's --export-session-key, I chose to use
        the opaque string rather than lock in a particular data format.
    
     1) API/ABI: i've added a member to gpgme_op_decrypt_result_t.  This
        has the potential to cause an out-of-bound memory access if
        someone uses code compiled against the newer verision, but linked
        at runtime against an older version.  I've attempted to limit that
        risk by documenting that users must verify
        gpgme_get_export_session_keys() before accessing this new struct
        member -- this means that code expecting this capability will
        require the symbol at link-time, and will refuse to link against
        older versions.
    
        Another approach to solving this problem would be to avoid
        modifying gpgme_op_decrypt_result_t, and to introduce instead a
        new function gpgme_op_session_key(), which could be called in the
        same places as gpgme_op_decrypt_result().  Depending on the
        representation of the session key, this might introduce new
        memory-management burdens on the user of the library, and the
        session key is certainly part of a decryption result, so it seemed
        simpler to go with what i have here.
    
    If anyone has strong preferences that these choices should be solved
    in a different way, i'm happy to hear them.
    
    Additionally, I note that i'm also still pretty unclear about how the
    "UI Server" fits into this whole ecosystem. In particular, I don't
    know whether it's kosher to just add an --export-session-key flag to
    the DECRYPT operation without actually having implemented it anywhere,
    but i don't see where i would actually implement it either :/
    
    If this patch (or some variant) is adopted, i will supply another
    patch that permits offering a session key during decryption (e.g. "gpg
    --override-session-key"), but I wanted to get these implementation
    choices ironed out first.
    
    Gnupg-Bug-Id: 2754
    Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
    
    On the concern of adding a new field to a structure: It may not be
    clearly documented but we don't expect that a user ever allocates such
    a structure - those result structure may only be created bu gpgme and
    are read-only for the user.  Adding a new member constitutes a
    compatible ABI change and thus an older SO may not be used by code
    compiled with a header for the newer API.  Unless someone tinkers with
    the build system, this should never happen.  We have added new fields
    to result structure may times and I can't remember any problems.
    
     - wk

diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index 801a53f..7eabab4 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -191,6 +191,7 @@ Context Attributes
 * Text Mode::                     Choosing canonical text mode.
 * Offline Mode::                  Choosing offline mode.
 * Included Certificates::         Including a number of certificates.
+* Exporting Session Keys::        Requesting session keys upon decryption.
 * Key Listing Mode::              Selecting key listing mode.
 * Passphrase Callback::           Getting the passphrase from the user.
 * Progress Meter Callback::       Being informed about the progress.
@@ -2351,6 +2352,7 @@ started.  In fact, these references are accessed through the
 * Offline Mode::                  Choosing offline mode.
 * Pinentry Mode::                 Choosing the pinentry mode.
 * Included Certificates::         Including a number of certificates.
+* Exporting Session Keys::        Requesting session keys upon decryption.
 * Key Listing Mode::              Selecting key listing mode.
 * Passphrase Callback::           Getting the passphrase from the user.
 * Progress Meter Callback::       Being informed about the progress.
@@ -2641,6 +2643,29 @@ certificates to include into an S/MIME signed message.
 @end deftypefun
 
 
+ at node Exporting Session Keys
+ at subsection Exporting Session Keys
+ at cindex context, exporting session keys
+ at cindex Exporting Session Keys
+ at cindex exporting session keys
+
+ at deftypefun void gpgme_set_export_session_keys (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{yes}})
+The function @code{gpgme_set_export_session_keys} specifies whether
+the context should try to export the symmetric session key when
+decrypting data.  By default, session keys are not exported.
+
+Session keys are not exported if @var{yes} is zero, and
+enabled otherwise.
+ at end deftypefun
+
+ at deftypefun int gpgme_get_export_session_keys (@w{gpgme_ctx_t @var{ctx}})
+The function @code{gpgme_get_export_session_keys} returns @code{1} if
+the context will try to export the symmetric session key when
+decrypting, and @code{0} if not, or if @var{ctx} is not a valid
+pointer.
+ at end deftypefun
+
+
 @node Key Listing Mode
 @subsection Key Listing Mode
 @cindex key listing mode
@@ -4777,6 +4802,19 @@ This is a linked list of recipients to which this message was encrypted.
 @item char *file_name
 This is the filename of the original plaintext message file if it is
 known, otherwise this is a null pointer.
+
+ at item char *session_key
+A textual representation (null-terminated string) of the session key
+used in symmetric encryption of the message, if the context has been
+set to export session keys (see @code{gpgme_get_export_session_keys}
+and @code{gpgme_set_export_session_keys}), and a session key was
+available for the most recent decryption operation.  Otherwise, this
+is a null pointer.
+
+You should never access this member of a
+ at code{gpgme_op_decrypt_result_t} without first ensuring that
+ at code{gpgme_get_export_session_keys} returns non-zero for the
+reporting context.
 @end table
 @end deftp
 
diff --git a/doc/uiserver.texi b/doc/uiserver.texi
index aae3b60..f10db01 100644
--- a/doc/uiserver.texi
+++ b/doc/uiserver.texi
@@ -260,12 +260,14 @@ encoded. For details on the file descriptor, see the description of
 @noindent
 The decryption is started with the command:
 
- at deffn Command DECRYPT - at w{}-protocol=@var{name} [- at w{}-no-verify]
+ at deffn Command DECRYPT - at w{}-protocol=@var{name} [- at w{}-no-verify] [- at w{}-export-session-key]
 @var{name} is the encryption protocol used for the message. For a
 description of the allowed protocols see the @code{ENCRYPT} command.
-This argument is mandatory.  If the option @option{--no-verify} is given,
-the server should not try to verify a signature, in case the input data
-is an OpenPGP combined message.
+This argument is mandatory.  If the option @option{--no-verify} is
+given, the server should not try to verify a signature, in case the
+input data is an OpenPGP combined message. If the option
+ at option{--export-session-key} is given and the underlying engine knows
+how to export the session key, it will appear on a status line
 @end deffn
 
 
diff --git a/src/context.h b/src/context.h
index 00e2e77..94935c8 100644
--- a/src/context.h
+++ b/src/context.h
@@ -111,6 +111,9 @@ struct gpgme_context
    * unmodified string, as received form gpg, will be returned.  */
   unsigned int raw_description : 1;
 
+  /* True if session keys should be exported upon decryption.  */
+  unsigned int export_session_keys : 1;
+
   /* Flags for keylist mode.  */
   gpgme_keylist_mode_t keylist_mode;
 
diff --git a/src/decrypt-verify.c b/src/decrypt-verify.c
index a334f86..00d256a 100644
--- a/src/decrypt-verify.c
+++ b/src/decrypt-verify.c
@@ -77,7 +77,7 @@ decrypt_verify_start (gpgme_ctx_t ctx, int synchronous,
   _gpgme_engine_set_status_handler (ctx->engine,
 				    decrypt_verify_status_handler, ctx);
 
-  return _gpgme_engine_op_decrypt_verify (ctx->engine, cipher, plain);
+  return _gpgme_engine_op_decrypt_verify (ctx->engine, cipher, plain, ctx->export_session_keys);
 }
 
 
diff --git a/src/decrypt.c b/src/decrypt.c
index 51e4292..49c735c 100644
--- a/src/decrypt.c
+++ b/src/decrypt.c
@@ -63,6 +63,9 @@ release_op_data (void *hook)
   if (opd->result.file_name)
     free (opd->result.file_name);
 
+  if (opd->result.session_key)
+    free (opd->result.session_key);
+
   while (recipient)
     {
       gpgme_recipient_t next = recipient->next;
@@ -277,6 +280,12 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
       opd->last_recipient_p = &(*opd->last_recipient_p)->next;
       break;
 
+    case GPGME_STATUS_SESSION_KEY:
+      if (opd->result.session_key)
+        free (opd->result.session_key);
+      opd->result.session_key = strdup(args);
+      break;
+
     case GPGME_STATUS_NO_SECKEY:
       {
 	gpgme_recipient_t rec = opd->result.recipients;
@@ -381,7 +390,7 @@ decrypt_start (gpgme_ctx_t ctx, int synchronous,
 
   _gpgme_engine_set_status_handler (ctx->engine, decrypt_status_handler, ctx);
 
-  return _gpgme_engine_op_decrypt (ctx->engine, cipher, plain);
+  return _gpgme_engine_op_decrypt (ctx->engine, cipher, plain, ctx->export_session_keys);
 }
 
 
diff --git a/src/engine-backend.h b/src/engine-backend.h
index a8b1ac6..144b156 100644
--- a/src/engine-backend.h
+++ b/src/engine-backend.h
@@ -62,9 +62,9 @@ struct engine_ops
   gpgme_error_t (*set_locale) (void *engine, int category, const char *value);
   gpgme_error_t (*set_protocol) (void *engine, gpgme_protocol_t protocol);
   gpgme_error_t (*decrypt) (void *engine, gpgme_data_t ciph,
-			    gpgme_data_t plain);
+			    gpgme_data_t plain, int export_session_key);
   gpgme_error_t (*decrypt_verify) (void *engine, gpgme_data_t ciph,
-				   gpgme_data_t plain);
+				   gpgme_data_t plain, int export_session_key);
   gpgme_error_t (*delete) (void *engine, gpgme_key_t key, int allow_secret);
   gpgme_error_t (*edit) (void *engine, int type, gpgme_key_t key,
 			 gpgme_data_t out, gpgme_ctx_t ctx /* FIXME */);
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 7725a00..0e43c24 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -1550,13 +1550,16 @@ add_input_size_hint (engine_gpg_t gpg, gpgme_data_t data)
 
 
 static gpgme_error_t
-gpg_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain)
+gpg_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
 {
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
 
   err = add_arg (gpg, "--decrypt");
 
+  if (!err && export_session_key)
+    err = add_arg (gpg, "--show-session-key");
+
   /* Tell the gpg object about the data.  */
   if (!err)
     err = add_arg (gpg, "--output");
diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
index a815cf0..2ff353b 100644
--- a/src/engine-gpgsm.c
+++ b/src/engine-gpgsm.c
@@ -1120,10 +1120,13 @@ gpgsm_reset (void *engine)
 
 
 static gpgme_error_t
-gpgsm_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain)
+gpgsm_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
 {
   engine_gpgsm_t gpgsm = engine;
   gpgme_error_t err;
+  /* gpgsm is not capable of exporting session keys right now, so we
+   * will ignore this if requested. */
+  (void)export_session_key;
 
   if (!gpgsm)
     return gpg_error (GPG_ERR_INV_VALUE);
diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
index 47b7dc3..26f0d18 100644
--- a/src/engine-uiserver.c
+++ b/src/engine-uiserver.c
@@ -960,7 +960,8 @@ uiserver_reset (void *engine)
 
 static gpgme_error_t
 _uiserver_decrypt (void *engine, int verify,
-		   gpgme_data_t ciph, gpgme_data_t plain)
+		   gpgme_data_t ciph, gpgme_data_t plain,
+                   int export_session_key)
 {
   engine_uiserver_t uiserver = engine;
   gpgme_error_t err;
@@ -978,8 +979,9 @@ _uiserver_decrypt (void *engine, int verify,
   else
     return gpgme_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
 
-  if (asprintf (&cmd, "DECRYPT%s%s", protocol,
-		verify ? "" : " --no-verify") < 0)
+  if (asprintf (&cmd, "DECRYPT%s%s%s", protocol,
+		verify ? "" : " --no-verify",
+                export_session_key ? " --export-session-key" : "") < 0)
     return gpg_error_from_syserror ();
 
   uiserver->input_cb.data = ciph;
@@ -1006,16 +1008,16 @@ _uiserver_decrypt (void *engine, int verify,
 
 
 static gpgme_error_t
-uiserver_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain)
+uiserver_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
 {
-  return _uiserver_decrypt (engine, 0, ciph, plain);
+  return _uiserver_decrypt (engine, 0, ciph, plain, export_session_key);
 }
 
 
 static gpgme_error_t
-uiserver_decrypt_verify (void *engine, gpgme_data_t ciph, gpgme_data_t plain)
+uiserver_decrypt_verify (void *engine, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key)
 {
-  return _uiserver_decrypt (engine, 1, ciph, plain);
+  return _uiserver_decrypt (engine, 1, ciph, plain, export_session_key);
 }
 
 
diff --git a/src/engine.c b/src/engine.c
index 4e513b6..b43f683 100644
--- a/src/engine.c
+++ b/src/engine.c
@@ -653,7 +653,7 @@ _gpgme_engine_set_protocol (engine_t engine, gpgme_protocol_t protocol)
 
 gpgme_error_t
 _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph,
-			  gpgme_data_t plain)
+			  gpgme_data_t plain, int export_session_key)
 {
   if (!engine)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -661,13 +661,13 @@ _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph,
   if (!engine->ops->decrypt)
     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
-  return (*engine->ops->decrypt) (engine->engine, ciph, plain);
+  return (*engine->ops->decrypt) (engine->engine, ciph, plain, export_session_key);
 }
 
 
 gpgme_error_t
 _gpgme_engine_op_decrypt_verify (engine_t engine, gpgme_data_t ciph,
-				 gpgme_data_t plain)
+				 gpgme_data_t plain, int export_session_key)
 {
   if (!engine)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -675,7 +675,7 @@ _gpgme_engine_op_decrypt_verify (engine_t engine, gpgme_data_t ciph,
   if (!engine->ops->decrypt_verify)
     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
-  return (*engine->ops->decrypt_verify) (engine->engine, ciph, plain);
+  return (*engine->ops->decrypt_verify) (engine->engine, ciph, plain, export_session_key);
 }
 
 
diff --git a/src/engine.h b/src/engine.h
index 15b0b5d..512ac19 100644
--- a/src/engine.h
+++ b/src/engine.h
@@ -83,10 +83,12 @@ _gpgme_engine_set_colon_line_handler (engine_t engine,
 				      engine_colon_line_handler_t fnc,
 				      void *fnc_value);
 gpgme_error_t _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph,
-					gpgme_data_t plain);
+					gpgme_data_t plain,
+                                        int export_session_key);
 gpgme_error_t _gpgme_engine_op_decrypt_verify (engine_t engine,
 					       gpgme_data_t ciph,
-					       gpgme_data_t plain);
+					       gpgme_data_t plain,
+                                               int export_session_key);
 gpgme_error_t _gpgme_engine_op_delete (engine_t engine, gpgme_key_t key,
 				       int allow_secret);
 gpgme_error_t _gpgme_engine_op_edit (engine_t engine, int type,
diff --git a/src/gpgme.c b/src/gpgme.c
index 443cb76..7b14b5e 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -518,6 +518,30 @@ gpgme_get_armor (gpgme_ctx_t ctx)
 }
 
 
+/* Enable or disable the exporting session keys upon decryption.  */
+void
+gpgme_set_export_session_keys (gpgme_ctx_t ctx, int export_session_keys)
+{
+  TRACE2 (DEBUG_CTX, "gpgme_set_export_session_keys", ctx, "export_session_keys=%i (%s)",
+	  export_session_keys, export_session_keys ? "yes" : "no");
+
+  if (!ctx)
+    return;
+
+  ctx->export_session_keys = !!export_session_keys;
+}
+
+
+/* Return whether this context will export session keys upon decryption.  */
+int
+gpgme_get_export_session_keys (gpgme_ctx_t ctx)
+{
+  TRACE2 (DEBUG_CTX, "gpgme_get_export_session_keys", ctx, "ctx->export_session_keys=%i (%s)",
+	  ctx->export_session_keys, ctx->export_session_keys ? "yes" : "no");
+  return ctx->export_session_keys;
+}
+
+
 /* Enable or disable the use of the special textmode.  Textmode is for
   example used for the RFC2015 signatures; note that the updated RFC
   3156 mandates that the MUA does some preparations so that textmode
diff --git a/src/gpgme.def b/src/gpgme.def
index 2f6837d..35f4341 100644
--- a/src/gpgme.def
+++ b/src/gpgme.def
@@ -252,5 +252,7 @@ EXPORTS
     gpgme_op_query_swdb                   @189
     gpgme_op_query_swdb_result            @190
 
+    gpgme_set_export_session_keys         @191
+    gpgme_get_export_session_keys         @192
 ; END
 
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 4f470a0..2a0e16e 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -1037,6 +1037,13 @@ void gpgme_set_offline (gpgme_ctx_t ctx, int yes);
 /* Return non-zero if offline mode is set in CTX.  */
 int gpgme_get_offline (gpgme_ctx_t ctx);
 
+/* If YES is non-zero, try to return session keys during decryption,
+   do not otherwise.  */
+void gpgme_set_export_session_keys (gpgme_ctx_t ctx, int yes);
+
+/* Return non-zero if export_session_keys is set in CTX.  */
+int gpgme_get_export_session_keys (gpgme_ctx_t ctx);
+
 /* Use whatever the default of the backend crypto engine is.  */
 #define GPGME_INCLUDE_CERTS_DEFAULT	-256
 
@@ -1527,6 +1534,10 @@ struct _gpgme_op_decrypt_result
   /* The original file name of the plaintext message, if
      available.  */
   char *file_name;
+
+  /* A textual representation of the session key used to decrypt the
+   * message, if available */
+  char *session_key;
 };
 typedef struct _gpgme_op_decrypt_result *gpgme_decrypt_result_t;
 
diff --git a/src/libgpgme.vers b/src/libgpgme.vers
index 5457daa..9a3ecb2 100644
--- a/src/libgpgme.vers
+++ b/src/libgpgme.vers
@@ -125,6 +125,9 @@ GPGME_1.1 {
 
     gpgme_op_query_swdb;
     gpgme_op_query_swdb_result;
+
+    gpgme_set_export_session_keys;
+    gpgme_get_export_session_keys;
 };
 
 

-----------------------------------------------------------------------

Summary of changes:
 NEWS                  |   1 +
 doc/gpgme.texi        |  49 +++++++++++++++++++---
 doc/uiserver.texi     |  10 +++--
 src/context.h         |   6 +++
 src/decrypt-verify.c  |   4 +-
 src/decrypt.c         |  15 ++++++-
 src/engine-backend.h  |   6 ++-
 src/engine-gpg.c      |  13 +++++-
 src/engine-gpgsm.c    |   8 +++-
 src/engine-uiserver.c |  24 +++++++----
 src/engine.c          |  13 ++++--
 src/engine.h          |   9 +++-
 src/gpgme.c           | 113 +++++++++++++++++++++++++++++++++++---------------
 src/gpgme.def         |   1 +
 src/gpgme.h.in        |   7 ++++
 src/libgpgme.vers     |   1 +
 tests/run-decrypt.c   |  27 +++++++++++-
 tests/run-tofu.c      |  22 ++++++++++
 18 files changed, 265 insertions(+), 64 deletions(-)


hooks/post-receive
-- 
GnuPG Made Easy
http://git.gnupg.org




More information about the Gnupg-commits mailing list