openpgp: Change PKESK::decrypt to return an Option<_>.

  - Returning rich errors from this function may compromise secret key
    material due to Bleichenbacher-style attacks.  Change the API to
    prevent this.

  - Hat tip to Hanno Böck.

  - See #507.

2 files changed, 6 insertions, 4 deletions

diff --git a/ipc/examples/gpg-agent-decrypt.rs b/ipc/examples/gpg-agent-decrypt.rs
index 254aebdd..b580b353 100644
--- a/ipc/examples/gpg-agent-decrypt.rs
+++ b/ipc/examples/gpg-agent-decrypt.rs
@@ -106,8 +106,8 @@ impl<'a> DecryptionHelper for Helper<'a> {
         for pkesk in pkesks {
             if let Some(key) = self.keys.get(pkesk.recipient()) {
                 let mut pair = KeyPair::new(self.ctx, key)?;
-                if let Ok(_) = pkesk.decrypt(&mut pair, sym_algo)
-                    .and_then(|(algo, session_key)| decrypt(algo, &session_key))
+                if let Some(_) = pkesk.decrypt(&mut pair, sym_algo)
+                    .and_then(|(algo, session_key)| decrypt(algo, &session_key).ok())
                 {
                     break;
                 }
diff --git a/ipc/tests/gpg-agent.rs b/ipc/tests/gpg-agent.rs
index 9b0e2fc9..606dd683 100644
--- a/ipc/tests/gpg-agent.rs
+++ b/ipc/tests/gpg-agent.rs
@@ -287,10 +287,12 @@ fn decrypt() -> openpgp::Result<()> {
                     .unwrap();
 
                 pkesks[0].decrypt(&mut keypair, sym_algo)
-                    .and_then(|(algo, session_key)| decrypt(algo, &session_key))
-                    .map(|_| None)
+                    .and_then(
+                        |(algo, session_key)| decrypt(algo, &session_key).ok());
+
                 // XXX: In production code, return the Fingerprint of the
                 // recipient's Cert here
+                Ok(None)
             }
         }
     }