gnupg 1.4 decryption with smartcard for anonymous recipient
Werner Koch
wk at gnupg.org
Fri May 30 19:27:22 CEST 2014
On Fri, 30 May 2014 15:21, gniibe at fsij.org said:
> Looking 2.0, here is a possible fix in 1.4. It works for me, (with
> git-remote-gcrypt).
I would suggest to make it more explicit. Best would be to detect the
try-all-secret case and suppress the error message. Something like this
(not at all tested):
diff --git a/g10/cardglue.c b/g10/cardglue.c
index 809b315..993b6c8 100644
--- a/g10/cardglue.c
+++ b/g10/cardglue.c
@@ -357,15 +357,21 @@ agent_release_card_info (struct agent_card_info_s *info)
/* Print an error message for a failed assuan_transact and return a
gpg error code. No error is printed if RC is 0. */
static gpg_error_t
-test_transact (int rc, const char *command)
+test_transact2 (int rc, const char *command, int silent)
{
if (!rc)
return 0;
+ if (!silent)
log_error ("sending command `%s' to agent failed: %s\n",
command, assuan_strerror (rc));
return gpg_error (GPG_ERR_CARD);
}
+static gpg_error_t
+test_transact (int rc, const char *command)
+{
+ return test_transact2 (rc, command, 0);
+}
/* Try to open a card using an already running agent. Prepare a
proper application context and return it. */
@@ -1370,6 +1376,7 @@ agent_scd_pksign (const char *serialno, int hashalgo,
int
agent_scd_pkdecrypt (const char *serialno,
const unsigned char *indata, size_t indatalen,
+ int silent,
unsigned char **r_buf, size_t *r_buflen)
{
struct pincb_parm_s parm;
@@ -1406,10 +1413,10 @@ agent_scd_pkdecrypt (const char *serialno,
init_membuf (&data, 1024);
snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
line[DIM(line)-1] = 0;
- rc = test_transact (assuan_transact (app->assuan_ctx, line,
+ rc = assuan_transact (app->assuan_ctx, line,
membuf_data_cb, &data,
- NULL, NULL, NULL, NULL),
- "SCD PKDECRYPT");
+ NULL, NULL, NULL, NULL);
+ rc = test_transact2 (rc, "SCD PKDECRYPT", silent);
if (rc)
xfree (get_membuf (&data, &len));
else
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 51b5c55..6f42576 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -36,7 +36,7 @@
#include "cardglue.h"
static int get_it( PKT_pubkey_enc *k,
- DEK *dek, PKT_secret_key *sk, u32 *keyid );
+ DEK *dek, PKT_secret_key *sk, u32 *keyid, int silent);
/* check that the given algo is mentioned in one of the valid user IDs */
@@ -80,7 +80,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
sk = xmalloc_clear( sizeof *sk );
sk->pubkey_algo = k->pubkey_algo; /* we want a pubkey with this algo*/
if( !(rc = get_seckey( sk, k->keyid )) )
- rc = get_it( k, dek, sk, k->keyid );
+ rc = get_it( k, dek, sk, k->keyid, 0 );
}
else { /* anonymous receiver: Try all available secret keys */
void *enum_context = NULL;
@@ -114,7 +114,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
once */
if( !rc )
{
- rc = get_it( k, dek, sk, keyid );
+ rc = get_it( k, dek, sk, keyid, 1 );
/* Successfully checked the secret key (either it was
a card, had no passphrase, or had the right
passphrase) but couldn't decrypt the session key,
@@ -145,7 +145,8 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
static int
-get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
+get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid,
+ int silent)
{
int rc;
MPI plain_dek = NULL;
@@ -170,7 +171,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
if (!indata)
BUG ();
- rc = agent_scd_pkdecrypt (snbuf, indata, indatalen, &rbuf, &rbuflen);
+ rc = agent_scd_pkdecrypt (snbuf, indata, indatalen, silent,
+ &rbuf, &rbuflen);
xfree (snbuf);
xfree (indata);
if (rc)
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list