Re: [gmime-devel] applying GMimeVerifyFlags during message decryption

[Jeffrey Stedfast <jestedfa microsoft com>]

What I was thinking is that we could just duplicate any VerifyFlags into DecryptFlags.

Possibly we could even make it such that bitwise-oring VerifyFlags and DecryptFlags worked.

In other words, if VerifyFlags was setup such that the enum flags did not overlap with DecryptFlags, they 
could be combined in the decrypt() calls.

What do you think?

Jeff

On 2/2/18, 6:26 PM, "gmime-devel-list on behalf of Daniel Kahn Gillmor" <gmime-devel-list-bounces gnome org 
on behalf of dkg fifthhorseman net> wrote:

    Hi GMime folks--
    
    i know that sometimes message decryption folds in verification as well
    (e.g. OpenPGP single-pass signed+encrypted messages).  But
    g_mime_multipart_encrypted_decrypt() and g_mime_part_openpgp_decrypt()
    only take a GMimeDecryptFlags.  they don't take a GMimeVerifyFlags
    argument.
    
    At the moment, there are no GMimeVerifyFlags, so this isn't relevant.
    but if we introduce some possible GMimeVerifyFlag, how can a user ensure
    that they get these choices applied during decryption?
    
    I'm asking in the context of a proposed "no online metadata leakage"
    flag, which is relevant during both decryption and verification.
    
    Anyway, the "obvious" formal approach is to add a GMimeVerifyFlags
    argument to the two decryption functions mentioned above, but that's an
    API/ABI change, so maybe something that we should put off til later.
    
    So in the meantime, maybe we can just hope that there aren't many flags
    added until the next ABI change?  or is there a better fix?
    
            --dkg