1 /* encrypt.c - Main encryption driver
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
3 * 2006, 2009 Free Software Foundation, Inc.
4 * Copyright (C) 2016 g10 Code GmbH
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
31 #include "../common/status.h"
32 #include "../common/iobuf.h"
34 #include "../common/util.h"
38 #include "../common/i18n.h"
39 #include "../common/status.h"
41 #include "../common/compliance.h"
44 static int encrypt_simple( const char *filename, int mode, int use_seskey );
45 static int write_pubkey_enc_from_list (ctrl_t ctrl,
46 PK_LIST pk_list, DEK *dek, iobuf_t out);
49 * Encrypt FILENAME with only the symmetric cipher. Take input from
50 * stdin if FILENAME is NULL.
53 encrypt_symmetric (const char *filename)
55 return encrypt_simple( filename, 1, 0 );
60 * Encrypt FILENAME as a literal data packet only. Take input from
61 * stdin if FILENAME is NULL.
64 encrypt_store (const char *filename)
66 return encrypt_simple( filename, 0, 0 );
70 /* *SESKEY contains the unencrypted session key ((*SESKEY)->KEY) and
71 the algorithm that will be used to encrypt the contents of the SED
72 packet ((*SESKEY)->ALGO). If *SESKEY is NULL, then a random
73 session key that is appropriate for DEK->ALGO is generated and
76 Encrypt that session key using DEK and store the result in ENCKEY,
77 which must be large enough to hold (*SESKEY)->KEYLEN + 1 bytes. */
79 encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey)
84 log_assert ( dek->keylen <= 32 );
87 *seskey=xmalloc_clear(sizeof(DEK));
88 (*seskey)->algo=dek->algo;
89 make_session_key(*seskey);
90 /*log_hexdump( "thekey", c->key, c->keylen );*/
93 /* The encrypted session key is prefixed with a one-octet algorithm id. */
94 buf[0] = (*seskey)->algo;
95 memcpy( buf + 1, (*seskey)->key, (*seskey)->keylen );
97 /* We only pass already checked values to the following function,
98 thus we consider any failure as fatal. */
99 if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
101 if (gcry_cipher_setkey (hd, dek->key, dek->keylen))
103 gcry_cipher_setiv (hd, NULL, 0);
104 gcry_cipher_encrypt (hd, buf, (*seskey)->keylen + 1, NULL, 0);
105 gcry_cipher_close (hd);
107 memcpy( enckey, buf, (*seskey)->keylen + 1 );
108 wipememory( buf, sizeof buf ); /* burn key */
112 /* Shall we use the MDC? Yes - unless rfc-2440 compatibility is
113 * requested. Must return 1 or 0. */
115 use_mdc (pk_list_t pk_list,int algo)
120 /* RFC-2440 don't has MDC - this is the only way to create a legacy
121 * non-MDC encryption packet. */
125 return 1; /* In all other cases we use the MDC */
129 /* We don't want to use use_seskey yet because older gnupg versions
130 can't handle it, and there isn't really any point unless we're
131 making a message that can be decrypted by a public key or
134 encrypt_simple (const char *filename, int mode, int use_seskey)
138 PKT_plaintext *pt = NULL;
139 STRING2KEY *s2k = NULL;
144 cipher_filter_context_t cfx;
145 armor_filter_context_t *afx = NULL;
146 compress_filter_context_t zfx;
147 text_filter_context_t tfx;
148 progress_filter_context_t *pfx;
149 int do_compress = !!default_compress_algo();
151 if (!gnupg_rng_is_compliant (opt.compliance))
153 rc = gpg_error (GPG_ERR_FORBIDDEN);
154 log_error (_("%s is not compliant with %s mode\n"),
156 gnupg_compliance_option_string (opt.compliance));
157 write_status_error ("random-compliance", rc);
161 pfx = new_progress_context ();
162 memset( &cfx, 0, sizeof cfx);
163 memset( &zfx, 0, sizeof zfx);
164 memset( &tfx, 0, sizeof tfx);
167 /* Prepare iobufs. */
168 inp = iobuf_open(filename);
170 iobuf_ioctl (inp, IOBUF_IOCTL_NO_CACHE, 1, NULL);
171 if (inp && is_secured_file (iobuf_get_fd (inp)))
175 gpg_err_set_errno (EPERM);
179 rc = gpg_error_from_syserror ();
180 log_error(_("can't open '%s': %s\n"), filename? filename: "[stdin]",
182 release_progress_context (pfx);
186 handle_progress (pfx, inp, filename);
189 iobuf_push_filter( inp, text_filter, &tfx );
194 rc = setup_symkey (&s2k, &cfx.dek);
198 if (gpg_err_code (rc) == GPG_ERR_CIPHER_ALGO
199 || gpg_err_code (rc) == GPG_ERR_DIGEST_ALGO)
200 ; /* Error has already been printed. */
202 log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc));
203 release_progress_context (pfx);
206 if (use_seskey && s2k->mode != 1 && s2k->mode != 3)
209 log_info (_("can't use a symmetric ESK packet "
210 "due to the S2K mode\n"));
217 seskeylen = openpgp_cipher_get_algo_keylen (default_cipher_algo ());
218 encrypt_seskey( cfx.dek, &dek, enckey );
219 xfree( cfx.dek ); cfx.dek = dek;
223 log_info(_("using cipher %s\n"),
224 openpgp_cipher_algo_name (cfx.dek->algo));
226 cfx.dek->use_mdc=use_mdc(NULL,cfx.dek->algo);
229 if (do_compress && cfx.dek && cfx.dek->use_mdc
230 && is_file_compressed(filename, &rc))
233 log_info(_("'%s' already compressed\n"), filename);
237 if ( rc || (rc = open_outfile (-1, filename, opt.armor? 1:0, 0, &out )))
242 release_progress_context (pfx);
248 afx = new_armor_context ();
249 push_armor_filter (afx, out);
254 PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc + seskeylen + 1 );
256 enc->cipher_algo = cfx.dek->algo;
258 if ( use_seskey && seskeylen )
260 enc->seskeylen = seskeylen + 1; /* algo id */
261 memcpy (enc->seskey, enckey, seskeylen + 1 );
263 pkt.pkttype = PKT_SYMKEY_ENC;
264 pkt.pkt.symkey_enc = enc;
265 if ((rc = build_packet( out, &pkt )))
266 log_error("build symkey packet failed: %s\n", gpg_strerror (rc) );
271 pt = setup_plaintext_name (filename, inp);
273 /* Note that PGP 5 has problems decrypting symmetrically encrypted
274 data if the file length is in the inner packet. It works when
275 only partial length headers are use. In the past, we always used
276 partial body length here, but since PGP 2, PGP 6, and PGP 7 need
277 the file length, and nobody should be using PGP 5 nowadays
278 anyway, this is now set to the file length. Note also that this
279 only applies to the RFC-1991 style symmetric messages, and not
280 the RFC-2440 style. PGP 6 and 7 work with either partial length
281 or fixed length with the new style messages. */
283 if ( !iobuf_is_pipe_filename (filename) && *filename && !opt.textmode )
288 if ( !(tmpsize = iobuf_get_filelength(inp, &overflow))
289 && !overflow && opt.verbose)
290 log_info(_("WARNING: '%s' is an empty file\n"), filename );
291 /* We can't encode the length of very large files because
292 OpenPGP uses only 32 bit for file sizes. So if the
293 size of a file is larger than 2^32 minus some bytes for
294 packet headers, we switch to partial length encoding. */
295 if ( tmpsize < (IOBUF_FILELENGTH_LIMIT - 65536) )
301 filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
305 /* Note that PT has been initialized above in !no_literal mode. */
306 pt->timestamp = make_timestamp();
307 pt->mode = opt.mimemode? 'm' : opt.textmode? 't' : 'b';
309 pt->new_ctb = !pt->len;
311 pkt.pkttype = PKT_PLAINTEXT;
312 pkt.pkt.plaintext = pt;
313 cfx.datalen = filesize && !do_compress ? calc_packet_length( &pkt ) : 0;
317 cfx.datalen = filesize && !do_compress ? filesize : 0;
319 pkt.pkt.generic = NULL;
322 /* Register the cipher filter. */
324 iobuf_push_filter ( out, cipher_filter, &cfx );
326 /* Register the compress filter. */
329 if (cfx.dek && cfx.dek->use_mdc)
331 push_compress_filter (out, &zfx, default_compress_algo());
337 if ( (rc = build_packet( out, &pkt )) )
338 log_error("build_packet failed: %s\n", gpg_strerror (rc) );
342 /* User requested not to create a literal packet, so we copy the
344 byte copy_buffer[4096];
346 while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1)
347 if ( (rc=iobuf_write(out, copy_buffer, bytes_copied)) ) {
348 log_error ("copying input to output failed: %s\n",
352 wipememory (copy_buffer, 4096); /* burn buffer */
355 /* Finish the stuff. */
361 iobuf_close (out); /* fixme: check returncode */
363 write_status ( STATUS_END_ENCRYPTION );
367 free_packet (&pkt, NULL);
370 release_armor_context (afx);
371 release_progress_context (pfx);
377 setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek)
383 defcipher = default_cipher_algo ();
384 if (!gnupg_cipher_is_allowed (opt.compliance, 1, defcipher,
385 GCRY_CIPHER_MODE_CFB))
387 log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
388 openpgp_cipher_algo_name (defcipher),
389 gnupg_compliance_option_string (opt.compliance));
390 return gpg_error (GPG_ERR_CIPHER_ALGO);
393 s2kdigest = S2K_DIGEST_ALGO;
394 if (!gnupg_digest_is_allowed (opt.compliance, 1, s2kdigest))
396 log_error (_("digest algorithm '%s' may not be used in %s mode\n"),
397 gcry_md_algo_name (s2kdigest),
398 gnupg_compliance_option_string (opt.compliance));
399 return gpg_error (GPG_ERR_DIGEST_ALGO);
402 *symkey_s2k = xmalloc_clear (sizeof **symkey_s2k);
403 (*symkey_s2k)->mode = opt.s2k_mode;
404 (*symkey_s2k)->hash_algo = s2kdigest;
406 *symkey_dek = passphrase_to_dek (defcipher,
407 *symkey_s2k, 1, 0, NULL, 0, &canceled);
408 if (!*symkey_dek || !(*symkey_dek)->keylen)
412 return gpg_error (canceled?GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE);
420 write_symkey_enc (STRING2KEY *symkey_s2k, DEK *symkey_dek, DEK *dek,
423 int rc, seskeylen = openpgp_cipher_get_algo_keylen (dek->algo);
429 enc=xmalloc_clear(sizeof(PKT_symkey_enc)+seskeylen+1);
430 encrypt_seskey(symkey_dek,&dek,enckey);
433 enc->cipher_algo = opt.s2k_cipher_algo;
434 enc->s2k = *symkey_s2k;
435 enc->seskeylen = seskeylen + 1; /* algo id */
436 memcpy( enc->seskey, enckey, seskeylen + 1 );
438 pkt.pkttype = PKT_SYMKEY_ENC;
439 pkt.pkt.symkey_enc = enc;
441 if ((rc=build_packet(out,&pkt)))
442 log_error("build symkey_enc packet failed: %s\n",gpg_strerror (rc));
450 * Encrypt the file with the given userids (or ask if none is
451 * supplied). Either FILENAME or FILEFD must be given, but not both.
452 * The caller may provide a checked list of public keys in
453 * PROVIDED_PKS; if not the function builds a list of keys on its own.
455 * Note that FILEFD is currently only used by cmd_encrypt in the
456 * not yet finished server.c.
459 encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
460 strlist_t remusr, int use_symkey, pk_list_t provided_keys,
466 PKT_plaintext *pt = NULL;
467 DEK *symkey_dek = NULL;
468 STRING2KEY *symkey_s2k = NULL;
471 cipher_filter_context_t cfx;
472 armor_filter_context_t *afx = NULL;
473 compress_filter_context_t zfx;
474 text_filter_context_t tfx;
475 progress_filter_context_t *pfx;
480 if (filefd != -1 && filename)
481 return gpg_error (GPG_ERR_INV_ARG); /* Both given. */
483 do_compress = !!opt.compress_algo;
485 pfx = new_progress_context ();
486 memset( &cfx, 0, sizeof cfx);
487 memset( &zfx, 0, sizeof zfx);
488 memset( &tfx, 0, sizeof tfx);
492 && (rc=setup_symkey(&symkey_s2k,&symkey_dek)))
494 release_progress_context (pfx);
499 pk_list = provided_keys;
502 if ((rc = build_pk_list (ctrl, remusr, &pk_list)))
504 release_progress_context (pfx);
509 /* Prepare iobufs. */
510 #ifdef HAVE_W32_SYSTEM
512 inp = iobuf_open (filename);
516 gpg_err_set_errno (ENOSYS);
519 if (filefd == GNUPG_INVALID_FD)
520 inp = iobuf_open (filename);
522 inp = iobuf_fdopen_nc (FD2INT(filefd), "rb");
525 iobuf_ioctl (inp, IOBUF_IOCTL_NO_CACHE, 1, NULL);
526 if (inp && is_secured_file (iobuf_get_fd (inp)))
530 gpg_err_set_errno (EPERM);
536 rc = gpg_error_from_syserror ();
538 snprintf (xname, sizeof xname, "[fd %d]", filefd);
540 strcpy (xname, "[stdin]");
543 log_error (_("can't open '%s': %s\n"),
544 *xname? xname : filename, gpg_strerror (rc) );
549 log_info (_("reading from '%s'\n"), iobuf_get_fname_nonnull (inp));
551 handle_progress (pfx, inp, filename);
554 iobuf_push_filter (inp, text_filter, &tfx);
556 rc = open_outfile (outputfd, filename, opt.armor? 1:0, 0, &out);
562 afx = new_armor_context ();
563 push_armor_filter (afx, out);
566 /* Create a session key. */
567 cfx.dek = xmalloc_secure_clear (sizeof *cfx.dek);
568 if (!opt.def_cipher_algo)
570 /* Try to get it from the prefs. */
571 cfx.dek->algo = select_algo_from_prefs (pk_list, PREFTYPE_SYM, -1, NULL);
572 /* The only way select_algo_from_prefs can fail here is when
573 mixing v3 and v4 keys, as v4 keys have an implicit preference
574 entry for 3DES, and the pk_list cannot be empty. In this
575 case, use 3DES anyway as it's the safest choice - perhaps the
576 v3 key is being used in an OpenPGP implementation and we know
577 that the implementation behind any v4 key can handle 3DES. */
578 if (cfx.dek->algo == -1)
580 cfx.dek->algo = CIPHER_ALGO_3DES;
583 /* In case 3DES has been selected, print a warning if any key
584 does not have a preference for AES. This should help to
585 indentify why encrypting to several recipients falls back to
587 if (opt.verbose && cfx.dek->algo == CIPHER_ALGO_3DES)
588 warn_missing_aes_from_pklist (pk_list);
593 && (select_algo_from_prefs (pk_list, PREFTYPE_SYM,
594 opt.def_cipher_algo, NULL)
595 != opt.def_cipher_algo))
597 log_info(_("WARNING: forcing symmetric cipher %s (%d)"
598 " violates recipient preferences\n"),
599 openpgp_cipher_algo_name (opt.def_cipher_algo),
600 opt.def_cipher_algo);
603 cfx.dek->algo = opt.def_cipher_algo;
606 /* Check compliance. */
607 if (! gnupg_cipher_is_allowed (opt.compliance, 1, cfx.dek->algo,
608 GCRY_CIPHER_MODE_CFB))
610 log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
611 openpgp_cipher_algo_name (cfx.dek->algo),
612 gnupg_compliance_option_string (opt.compliance));
613 rc = gpg_error (GPG_ERR_CIPHER_ALGO);
617 if (!gnupg_rng_is_compliant (opt.compliance))
619 rc = gpg_error (GPG_ERR_FORBIDDEN);
620 log_error (_("%s is not compliant with %s mode\n"),
622 gnupg_compliance_option_string (opt.compliance));
623 write_status_error ("random-compliance", rc);
627 compliant = gnupg_cipher_is_compliant (CO_DE_VS, cfx.dek->algo,
628 GCRY_CIPHER_MODE_CFB);
633 for (pkr = pk_list; pkr; pkr = pkr->next)
635 PKT_public_key *pk = pkr->pk;
636 unsigned int nbits = nbits_from_pk (pk);
638 if (!gnupg_pk_is_compliant (opt.compliance, pk->pubkey_algo, 0,
639 pk->pkey, nbits, NULL))
640 log_info (_("WARNING: key %s is not suitable for encryption"
643 gnupg_compliance_option_string (opt.compliance));
646 && !gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0, pk->pkey,
654 write_status_strings (STATUS_ENCRYPTION_COMPLIANCE_MODE,
655 gnupg_status_compliance_flag (CO_DE_VS),
658 if (opt.flags.require_compliance
659 && opt.compliance == CO_DE_VS
662 log_error (_("operation forced to fail due to"
663 " unfulfilled compliance rules\n"));
664 rc = gpg_error (GPG_ERR_FORBIDDEN);
670 cfx.dek->use_mdc = use_mdc (pk_list,cfx.dek->algo);
672 /* Only do the is-file-already-compressed check if we are using a
673 MDC. This forces compressed files to be re-compressed if we do
674 not have a MDC to give some protection against chosen ciphertext
677 if (do_compress && cfx.dek->use_mdc && is_file_compressed(filename, &rc2))
680 log_info(_("'%s' already compressed\n"), filename);
689 make_session_key (cfx.dek);
691 log_printhex (cfx.dek->key, cfx.dek->keylen, "DEK is: ");
693 rc = write_pubkey_enc_from_list (ctrl, pk_list, cfx.dek, out);
697 /* We put the passphrase (if any) after any public keys as this
698 seems to be the most useful on the recipient side - there is no
699 point in prompting a user for a passphrase if they have the
700 secret key needed to decrypt. */
701 if(use_symkey && (rc = write_symkey_enc(symkey_s2k,symkey_dek,cfx.dek,out)))
705 pt = setup_plaintext_name (filename, inp);
707 /* Get the size of the file if possible, i.e., if it is a real file. */
708 if (filename && *filename
709 && !iobuf_is_pipe_filename (filename) && !opt.textmode )
714 if ( !(tmpsize = iobuf_get_filelength(inp, &overflow))
715 && !overflow && opt.verbose)
716 log_info(_("WARNING: '%s' is an empty file\n"), filename );
717 /* We can't encode the length of very large files because
718 OpenPGP uses only 32 bit for file sizes. So if the size
719 of a file is larger than 2^32 minus some bytes for packet
720 headers, we switch to partial length encoding. */
721 if (tmpsize < (IOBUF_FILELENGTH_LIMIT - 65536) )
727 filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
731 pt->timestamp = make_timestamp();
732 pt->mode = opt.mimemode? 'm' : opt.textmode ? 't' : 'b';
734 pt->new_ctb = !pt->len;
736 pkt.pkttype = PKT_PLAINTEXT;
737 pkt.pkt.plaintext = pt;
738 cfx.datalen = filesize && !do_compress? calc_packet_length( &pkt ) : 0;
741 cfx.datalen = filesize && !do_compress ? filesize : 0;
743 /* Register the cipher filter. */
744 iobuf_push_filter (out, cipher_filter, &cfx);
746 /* Register the compress filter. */
749 int compr_algo = opt.compress_algo;
751 if (compr_algo == -1)
753 compr_algo = select_algo_from_prefs (pk_list, PREFTYPE_ZIP, -1, NULL);
754 if (compr_algo == -1)
755 compr_algo = DEFAULT_COMPRESS_ALGO;
756 /* Theoretically impossible to get here since uncompressed
760 && select_algo_from_prefs(pk_list, PREFTYPE_ZIP,
761 compr_algo, NULL) != compr_algo)
763 log_info (_("WARNING: forcing compression algorithm %s (%d)"
764 " violates recipient preferences\n"),
765 compress_algo_to_string(compr_algo), compr_algo);
768 /* Algo 0 means no compression. */
771 if (cfx.dek && cfx.dek->use_mdc)
773 push_compress_filter (out,&zfx,compr_algo);
780 if ((rc = build_packet( out, &pkt )))
781 log_error ("build_packet failed: %s\n", gpg_strerror (rc));
785 /* User requested not to create a literal packet, so we copy the
787 byte copy_buffer[4096];
789 while ((bytes_copied = iobuf_read (inp, copy_buffer, 4096)) != -1)
791 rc = iobuf_write (out, copy_buffer, bytes_copied);
794 log_error ("copying input to output failed: %s\n",
799 wipememory (copy_buffer, 4096); /* Burn the buffer. */
802 /* Finish the stuff. */
809 iobuf_close (out); /* fixme: check returncode */
810 write_status (STATUS_END_ENCRYPTION);
814 free_packet (&pkt, NULL);
819 release_pk_list (pk_list);
820 release_armor_context (afx);
821 release_progress_context (pfx);
827 * Filter to do a complete public key encryption.
830 encrypt_filter (void *opaque, int control,
831 iobuf_t a, byte *buf, size_t *ret_len)
833 size_t size = *ret_len;
834 encrypt_filter_context_t *efx = opaque;
837 if (control == IOBUFCTRL_UNDERFLOW) /* decrypt */
839 BUG(); /* not used */
841 else if ( control == IOBUFCTRL_FLUSH ) /* encrypt */
843 if ( !efx->header_okay )
845 efx->cfx.dek = xmalloc_secure_clear ( sizeof *efx->cfx.dek );
846 if ( !opt.def_cipher_algo )
848 /* Try to get it from the prefs. */
850 select_algo_from_prefs (efx->pk_list, PREFTYPE_SYM, -1, NULL);
851 if (efx->cfx.dek->algo == -1 )
853 /* Because 3DES is implicitly in the prefs, this can
854 only happen if we do not have any public keys in
856 efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO;
859 /* In case 3DES has been selected, print a warning if
860 any key does not have a preference for AES. This
861 should help to indentify why encrypting to several
862 recipients falls back to 3DES. */
864 && efx->cfx.dek->algo == CIPHER_ALGO_3DES)
865 warn_missing_aes_from_pklist (efx->pk_list);
870 && select_algo_from_prefs (efx->pk_list,PREFTYPE_SYM,
872 NULL) != opt.def_cipher_algo)
873 log_info(_("forcing symmetric cipher %s (%d) "
874 "violates recipient preferences\n"),
875 openpgp_cipher_algo_name (opt.def_cipher_algo),
876 opt.def_cipher_algo);
878 efx->cfx.dek->algo = opt.def_cipher_algo;
881 efx->cfx.dek->use_mdc = use_mdc (efx->pk_list,efx->cfx.dek->algo);
883 make_session_key ( efx->cfx.dek );
885 log_printhex (efx->cfx.dek->key, efx->cfx.dek->keylen, "DEK is: ");
887 rc = write_pubkey_enc_from_list (efx->ctrl,
888 efx->pk_list, efx->cfx.dek, a);
892 if(efx->symkey_s2k && efx->symkey_dek)
894 rc=write_symkey_enc(efx->symkey_s2k,efx->symkey_dek,
900 iobuf_push_filter (a, cipher_filter, &efx->cfx);
902 efx->header_okay = 1;
904 rc = iobuf_write (a, buf, size);
907 else if (control == IOBUFCTRL_FREE)
909 xfree (efx->symkey_dek);
910 xfree (efx->symkey_s2k);
912 else if ( control == IOBUFCTRL_DESC )
914 mem2str (buf, "encrypt_filter", *ret_len);
921 * Write a pubkey-enc packet for the public key PK to OUT.
924 write_pubkey_enc (ctrl_t ctrl,
925 PKT_public_key *pk, int throw_keyid, DEK *dek, iobuf_t out)
932 print_pubkey_algo_note ( pk->pubkey_algo );
933 enc = xmalloc_clear ( sizeof *enc );
934 enc->pubkey_algo = pk->pubkey_algo;
935 keyid_from_pk( pk, enc->keyid );
936 enc->throw_keyid = throw_keyid;
938 /* Okay, what's going on: We have the session key somewhere in
939 * the structure DEK and want to encode this session key in an
940 * integer value of n bits. pubkey_nbits gives us the number of
941 * bits we have to use. We then encode the session key in some
942 * way and we get it back in the big intger value FRAME. Then
943 * we use FRAME, the public key PK->PKEY and the algorithm
944 * number PK->PUBKEY_ALGO and pass it to pubkey_encrypt which
945 * returns the encrypted value in the array ENC->DATA. This
946 * array has a size which depends on the used algorithm (e.g. 2
947 * for Elgamal). We don't need frame anymore because we have
948 * everything now in enc->data which is the passed to
950 frame = encode_session_key (pk->pubkey_algo, dek,
951 pubkey_nbits (pk->pubkey_algo, pk->pkey));
952 rc = pk_encrypt (pk->pubkey_algo, enc->data, frame, pk, pk->pkey);
953 gcry_mpi_release (frame);
955 log_error ("pubkey_encrypt failed: %s\n", gpg_strerror (rc) );
960 char *ustr = get_user_id_string_native (ctrl, enc->keyid);
961 log_info (_("%s/%s encrypted for: \"%s\"\n"),
962 openpgp_pk_algo_name (enc->pubkey_algo),
963 openpgp_cipher_algo_name (dek->algo),
969 pkt.pkttype = PKT_PUBKEY_ENC;
970 pkt.pkt.pubkey_enc = enc;
971 rc = build_packet (out, &pkt);
973 log_error ("build_packet(pubkey_enc) failed: %s\n",
976 free_pubkey_enc(enc);
982 * Write pubkey-enc packets from the list of PKs to OUT.
985 write_pubkey_enc_from_list (ctrl_t ctrl, PK_LIST pk_list, DEK *dek, iobuf_t out)
987 if (opt.throw_keyids && (PGP6 || PGP7 || PGP8))
989 log_info(_("option '%s' may not be used in %s mode\n"),
991 gnupg_compliance_option_string (opt.compliance));
992 compliance_failure();
995 for ( ; pk_list; pk_list = pk_list->next )
997 PKT_public_key *pk = pk_list->pk;
998 int throw_keyid = (opt.throw_keyids || (pk_list->flags&1));
999 int rc = write_pubkey_enc (ctrl, pk, throw_keyid, dek, out);
1008 encrypt_crypt_files (ctrl_t ctrl, int nfiles, char **files, strlist_t remusr)
1014 log_error(_("--output doesn't work for this command\n"));
1021 unsigned int lno = 0;
1022 while ( fgets(line, DIM(line), stdin) )
1025 if (!*line || line[strlen(line)-1] != '\n')
1027 log_error("input line %u too long or missing LF\n", lno);
1030 line[strlen(line)-1] = '\0';
1031 print_file_status(STATUS_FILE_START, line, 2);
1032 rc = encrypt_crypt (ctrl, -1, line, remusr, 0, NULL, -1);
1034 log_error ("encryption of '%s' failed: %s\n",
1035 print_fname_stdin(line), gpg_strerror (rc) );
1036 write_status( STATUS_FILE_DONE );
1043 print_file_status(STATUS_FILE_START, *files, 2);
1044 if ( (rc = encrypt_crypt (ctrl, -1, *files, remusr, 0, NULL, -1)) )
1045 log_error("encryption of '%s' failed: %s\n",
1046 print_fname_stdin(*files), gpg_strerror (rc) );
1047 write_status( STATUS_FILE_DONE );