Changeset View
Changeset View
Standalone View
Standalone View
g10/mainproc.c
Show First 20 Lines • Show All 593 Lines • ▼ Show 20 Lines | else if (!c->dek && !c->last_was_session_key) | ||||
result = gpg_error (GPG_ERR_CANCELED); | result = gpg_error (GPG_ERR_CANCELED); | ||||
else | else | ||||
result = gpg_error (GPG_ERR_INV_PASSPHRASE); | result = gpg_error (GPG_ERR_INV_PASSPHRASE); | ||||
} | } | ||||
} | } | ||||
else if (!c->dek) | else if (!c->dek) | ||||
result = GPG_ERR_NO_SECKEY; | result = GPG_ERR_NO_SECKEY; | ||||
/* Compute compliance with CO_DE_VS. */ | |||||
if (!result && is_status_enabled () | |||||
/* Symmetric encryption voids compliance. */ | |||||
&& c->symkeys == 0 | |||||
/* Overriding session key voids compliance. */ | |||||
&& opt.override_session_key == NULL | |||||
/* Check symmetric cipher. */ | |||||
&& gnupg_cipher_is_compliant (CO_DE_VS, c->dek->algo)) | |||||
{ | |||||
struct kidlist_item *i; | |||||
int compliant = 1; | |||||
PKT_public_key *pk = xmalloc (sizeof *pk); | |||||
log_assert (c->pkenc_list || !"where else did the session key come from!?"); | |||||
/* Now check that every key used to encrypt the session key is | |||||
* compliant. */ | |||||
for (i = c->pkenc_list; i && compliant; i = i->next) | |||||
{ | |||||
memset (pk, 0, sizeof *pk); | |||||
pk->pubkey_algo = i->pubkey_algo; | |||||
if (get_pubkey (c->ctrl, pk, i->kid) != 0 | |||||
|| ! gnupg_pk_is_compliant (CO_DE_VS, pk, 0, NULL)) | |||||
compliant = 0; | |||||
release_public_key_parts (pk); | |||||
} | |||||
xfree (pk); | |||||
if (compliant) | |||||
write_status_strings (STATUS_DECRYPTION_COMPLIANCE_MODE, | |||||
gnupg_status_compliance_flag (CO_DE_VS), | |||||
NULL); | |||||
} | |||||
if (!result) | if (!result) | ||||
result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek ); | result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek ); | ||||
if (result == -1) | if (result == -1) | ||||
; | ; | ||||
else if (!result | else if (!result | ||||
&& !opt.ignore_mdc_error | && !opt.ignore_mdc_error | ||||
&& !pkt->pkt.encrypted->mdc_method | && !pkt->pkt.encrypted->mdc_method | ||||
▲ Show 20 Lines • Show All 1,581 Lines • ▼ Show 20 Lines | /* Since this is just informational, don't actually ask the | ||||
is not a detached signature. */ | is not a detached signature. */ | ||||
log_info (_("WARNING: not a detached signature; " | log_info (_("WARNING: not a detached signature; " | ||||
"file '%s' was NOT verified!\n"), dfile); | "file '%s' was NOT verified!\n"), dfile); | ||||
} | } | ||||
xfree (dfile); | xfree (dfile); | ||||
} | } | ||||
} | } | ||||
/* Compute compliance with CO_DE_VS. */ | |||||
if (pk && is_status_enabled () | |||||
&& gnupg_pk_is_compliant (CO_DE_VS, pk, 0, 0) | |||||
&& gnupg_digest_is_compliant (CO_DE_VS, sig->digest_algo)) | |||||
write_status_strings (STATUS_VERIFICATION_COMPLIANCE_MODE, | |||||
gnupg_status_compliance_flag (CO_DE_VS), | |||||
NULL); | |||||
free_public_key (pk); | free_public_key (pk); | ||||
pk = NULL; | pk = NULL; | ||||
release_kbnode( keyblock ); | release_kbnode( keyblock ); | ||||
if (rc) | if (rc) | ||||
g10_errors_seen = 1; | g10_errors_seen = 1; | ||||
if (opt.batch && rc) | if (opt.batch && rc) | ||||
g10_exit (1); | g10_exit (1); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 273 Lines • Show Last 20 Lines |