gpg: New option --override-session-key-fd.
authorWerner Koch <wk@gnupg.org>
Wed, 16 Nov 2016 08:02:53 +0000 (09:02 +0100)
committerWerner Koch <wk@gnupg.org>
Wed, 16 Nov 2016 08:03:03 +0000 (09:03 +0100)
commit43bfaf2c5417ede621c0a07721952ea549a7a139
tree8165dcba16f5ff6e8f2c0e39ba134bca177f5da4
parent500e594c2da530e69a63fc1a40d173458682fa0e
gpg: New option --override-session-key-fd.

* g10/gpg.c (oOverrideSessionKeyFD): New.
(opts): Add option --override-session-key-fd.
(main): Handle that option.
(read_sessionkey_from_fd): New.
--

The override-session-key feature was designed to mitigate the effect
of the British RIP act by allowing to keep the private key private and
hand out only a session key.  For that use case the leaking of the
session key would not be a problem.  However there are other use
cases, for example fast re-decryption after an initial decryption,
which would benefit from concealing the session key from other users.

Signed-off-by: Werner Koch <wk@gnupg.org>
doc/gpg.texi
g10/gpg.c