Retry password request during decryption. #2018
Conversation
| int attempts = 3; | ||
| while (attempts--) { | ||
| errcode = RNP_ERROR_NO_SUITABLE_KEY; | ||
| if (!seckey->unlock(*handler->password_provider, PGP_OP_DECRYPT)) { |
There was a problem hiding this comment.
Here and below we should take in account case when there are multiple recipients of the message, and user want to enter password only to the particular one. This may be checked by returning result of password provider call - false or true.
There was a problem hiding this comment.
Also we should make number of password request tries configurable.
There was a problem hiding this comment.
This may be checked by returning result of password provider call - false or true.
In case of a rnp cli tool and password provider that reads from the pass-fd, it does not check the keyid, so the password and true result would be returned every time.
There was a problem hiding this comment.
Otherwise this code should still succeed when one of the passwords matches one of the keys, just many "Bad password" messages will be printed on stderr as a side effect.
There was a problem hiding this comment.
In case of a
rnpcli tool and password provider that reads from thepass-fd, it does not check the keyid, so the password andtrueresult would be returned every time.
These changes are mostly not for CLI, but for other FFI users (like TB), to let them repeat the password request if needed.
No description provided.