aboutsummaryrefslogtreecommitdiffstats
path: root/sm
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2011-02-04 11:57:53 +0000
committerWerner Koch <[email protected]>2011-02-04 11:57:53 +0000
commitb008274afdbe375b32a7e66dbd073e200f6f0587 (patch)
tree219e239d39cf06be3f03aa82fb572080ac163a15 /sm
parentLet autogen.sh check the git config (diff)
downloadgnupg-b008274afdbe375b32a7e66dbd073e200f6f0587.tar.gz
gnupg-b008274afdbe375b32a7e66dbd073e200f6f0587.zip
Nuked almost all trailing white space.post-nuke-of-trailing-ws
We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
Diffstat (limited to 'sm')
-rw-r--r--sm/Makefile.am13
-rw-r--r--sm/base64.c102
-rw-r--r--sm/call-agent.c56
-rw-r--r--sm/call-dirmngr.c34
-rw-r--r--sm/certchain.c164
-rw-r--r--sm/certcheck.c21
-rw-r--r--sm/certdump.c47
-rw-r--r--sm/certlist.c43
-rw-r--r--sm/certreqgen-ui.c8
-rw-r--r--sm/certreqgen.c57
-rw-r--r--sm/decrypt.c48
-rw-r--r--sm/delete.c16
-rw-r--r--sm/encrypt.c44
-rw-r--r--sm/export.c73
-rw-r--r--sm/fingerprint.c20
-rw-r--r--sm/gpgsm.c260
-rw-r--r--sm/gpgsm.h14
-rw-r--r--sm/import.c54
-rw-r--r--sm/keydb.c248
-rw-r--r--sm/keydb.h4
-rw-r--r--sm/keylist.c132
-rw-r--r--sm/minip12.c176
-rw-r--r--sm/misc.c1
-rw-r--r--sm/qualified.c16
-rw-r--r--sm/server.c101
-rw-r--r--sm/sign.c56
-rw-r--r--sm/verify.c55
27 files changed, 916 insertions, 947 deletions
diff --git a/sm/Makefile.am b/sm/Makefile.am
index 122323dcd..89b553809 100644
--- a/sm/Makefile.am
+++ b/sm/Makefile.am
@@ -6,12 +6,12 @@
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
-#
+#
# GnuPG is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-#
+#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
@@ -20,9 +20,9 @@
bin_PROGRAMS = gpgsm
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS)
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS)
-AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common -I$(top_srcdir)/intl
+AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common -I$(top_srcdir)/intl
include $(top_srcdir)/am/cmacros.am
@@ -64,8 +64,3 @@ gpgsm_LDFLAGS = $(extra_bin_ldflags)
# Make sure that all libs are build before we use them. This is
# important for things like make -j2.
$(PROGRAMS): $(common_libs)
-
-
-
-
-
diff --git a/sm/base64.c b/sm/base64.c
index f6329c96b..1539e2a47 100644
--- a/sm/base64.c
+++ b/sm/base64.c
@@ -1,4 +1,4 @@
-/* base64.c
+/* base64.c
* Copyright (C) 2001, 2003, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -40,10 +40,10 @@
#endif
/* Data used by the reader callbacks. */
-struct reader_cb_parm_s
+struct reader_cb_parm_s
{
estream_t fp;
-
+
unsigned char line[1024];
int linelen;
int readpos;
@@ -61,7 +61,7 @@ struct reader_cb_parm_s
int stop_seen;
int might_be_smime;
- int eof_seen;
+ int eof_seen;
struct {
int idx;
@@ -72,12 +72,12 @@ struct reader_cb_parm_s
/* Data used by the writer callbacks. */
-struct writer_cb_parm_s
+struct writer_cb_parm_s
{
estream_t stream; /* Output stream. */
-
+
const char *pem_name;
-
+
int wrote_begin;
int did_finish;
@@ -105,33 +105,33 @@ struct base64_context_s {
/* The base-64 character list */
-static char bintoasc[64] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "abcdefghijklmnopqrstuvwxyz"
- "0123456789+/";
+static char bintoasc[64] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz"
+ "0123456789+/";
/* The reverse base-64 list */
static unsigned char asctobin[256] = {
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
- 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
- 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
- 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30,
- 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
+ 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
+ 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30,
+ 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff
};
@@ -187,7 +187,7 @@ base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
parm->eof_seen = 1;
if (es_ferror (parm->fp))
return -1;
- break;
+ break;
}
parm->line[n++] = c;
if (c == '\n')
@@ -212,7 +212,7 @@ base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
{
/* wait for the header line */
parm->linelen = parm->readpos = 0;
- if (!parm->have_lf
+ if (!parm->have_lf
|| strncmp ((char*)parm->line, "-----BEGIN ", 11)
|| !strncmp ((char*)parm->line+11, "PGP ", 4))
goto next;
@@ -274,14 +274,14 @@ base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
parm->base64.stop_seen = 0;
parm->base64.idx = 0;
}
-
+
n = 0;
if (parm->is_pem || parm->is_base64)
- {
+ {
if (parm->is_pem && parm->have_lf
&& !strncmp ((char*)parm->line, "-----END ", 9))
- {
+ {
parm->identified = 0;
parm->linelen = parm->readpos = 0;
@@ -318,32 +318,32 @@ base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
if (c == '=')
{ /* pad character: stop */
if (idx == 1)
- buffer[n++] = val;
+ buffer[n++] = val;
parm->stop_seen = 1;
break;
}
- if( (c = asctobin[(c2=c)]) == 255 )
+ if( (c = asctobin[(c2=c)]) == 255 )
{
log_error (_("invalid radix64 character %02x skipped\n"),
c2);
continue;
}
- switch (idx)
+ switch (idx)
{
- case 0:
+ case 0:
val = c << 2;
break;
- case 1:
+ case 1:
val |= (c>>4)&3;
buffer[n++] = val;
val = (c<<4)&0xf0;
break;
- case 2:
+ case 2:
val |= (c>>2)&15;
buffer[n++] = val;
val = (c<<6)&0xc0;
break;
- case 3:
+ case 3:
val |= c&0x3f;
buffer[n++] = val;
break;
@@ -448,7 +448,7 @@ base64_writer_cb (void *cb_value, const void *buffer, size_t count)
es_putc (c, stream);
c = bintoasc[radbuf[2]&077];
es_putc (c, stream);
- if (++quad_count >= (64/4))
+ if (++quad_count >= (64/4))
{
es_fputs (LF, stream);
quad_count = 0;
@@ -508,8 +508,8 @@ base64_finish_write (struct writer_cb_parm_s *parm)
es_putc ('=', stream);
es_putc ('=', stream);
}
- else
- {
+ else
+ {
c = bintoasc[(((*radbuf<<4)&060)|((radbuf[1]>>4)&017))&077];
es_putc (c, stream);
c = bintoasc[((radbuf[1] << 2) & 074) & 077];
@@ -517,7 +517,7 @@ base64_finish_write (struct writer_cb_parm_s *parm)
es_putc ('=', stream);
}
- if (++quad_count >= (64/4))
+ if (++quad_count >= (64/4))
{
es_fputs (LF, stream);
quad_count = 0;
@@ -614,7 +614,7 @@ gpgsm_destroy_reader (Base64Context ctx)
if (!ctx)
return;
- ksba_reader_release (ctx->u2.reader);
+ ksba_reader_release (ctx->u2.reader);
xfree (ctx);
}
@@ -678,7 +678,7 @@ int
gpgsm_finish_writer (Base64Context ctx)
{
struct writer_cb_parm_s *parm;
-
+
if (!ctx)
return gpg_error (GPG_ERR_INV_VALUE);
parm = &ctx->u.wparm;
diff --git a/sm/call-agent.c b/sm/call-agent.c
index 81d486bd2..9619b856f 100644
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
#ifdef HAVE_LOCALE_H
@@ -97,7 +97,7 @@ start_agent (ctrl_t ctrl)
opt.session_env,
opt.verbose, DBG_ASSUAN,
gpgsm_status2, ctrl);
-
+
if (!rc)
{
/* Tell the agent that we support Pinentry notifications. No
@@ -128,7 +128,7 @@ membuf_data_cb (void *opaque, const void *buffer, size_t length)
put_membuf (data, buffer, length);
return 0;
}
-
+
/* This is the default inquiry callback. It mainly handles the
Pinentry notifications. */
@@ -142,7 +142,7 @@ default_inq_cb (void *opaque, const char *line)
{
err = gpgsm_proxy_pinentry_notify (ctrl, line);
if (err)
- log_error (_("failed to proxy %s inquiry to client\n"),
+ log_error (_("failed to proxy %s inquiry to client\n"),
"PINENTRY_LAUNCHED");
/* We do not pass errors to avoid breaking other code. */
}
@@ -249,7 +249,7 @@ gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc,
case GCRY_MD_RMD160:hashopt = "--hash=rmd160"; break;
case GCRY_MD_MD5: hashopt = "--hash=md5"; break;
case GCRY_MD_SHA256:hashopt = "--hash=sha256"; break;
- default:
+ default:
return gpg_error (GPG_ERR_DIGEST_ALGO);
}
@@ -312,7 +312,7 @@ gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc,
static gpg_error_t
inq_ciphertext_cb (void *opaque, const char *line)
{
- struct cipher_parm_s *parm = opaque;
+ struct cipher_parm_s *parm = opaque;
int rc;
if (!strncmp (line, "CIPHERTEXT", 10) && (line[10]==' '||!line[10]))
@@ -324,7 +324,7 @@ inq_ciphertext_cb (void *opaque, const char *line)
else
rc = default_inq_cb (parm->ctrl, line);
- return rc;
+ return rc;
}
@@ -332,7 +332,7 @@ inq_ciphertext_cb (void *opaque, const char *line)
the hex string KEYGRIP. */
int
gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
- ksba_const_sexp_t ciphertext,
+ ksba_const_sexp_t ciphertext,
char **r_buf, size_t *r_buflen )
{
int rc;
@@ -342,7 +342,7 @@ gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
size_t n, len;
char *p, *buf, *endp;
size_t ciphertextlen;
-
+
if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
return gpg_error (GPG_ERR_INV_VALUE);
*r_buf = NULL;
@@ -417,7 +417,7 @@ gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
endp++;
if (endp-p+n > len)
return gpg_error (GPG_ERR_INV_SEXP); /* Oops: Inconsistent S-Exp. */
-
+
memmove (buf, endp, n);
*r_buflen = n;
@@ -434,7 +434,7 @@ gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
static gpg_error_t
inq_genkey_parms (void *opaque, const char *line)
{
- struct genkey_parm_s *parm = opaque;
+ struct genkey_parm_s *parm = opaque;
int rc;
if (!strncmp (line, "KEYPARAM", 8) && (line[8]==' '||!line[8]))
@@ -444,7 +444,7 @@ inq_genkey_parms (void *opaque, const char *line)
else
rc = default_inq_cb (parm->ctrl, line);
- return rc;
+ return rc;
}
@@ -477,7 +477,7 @@ gpgsm_agent_genkey (ctrl_t ctrl,
if (!gk_parm.sexplen)
return gpg_error (GPG_ERR_INV_VALUE);
rc = assuan_transact (agent_ctx, "GENKEY",
- membuf_data_cb, &data,
+ membuf_data_cb, &data,
inq_genkey_parms, &gk_parm, NULL, NULL);
if (rc)
{
@@ -526,7 +526,7 @@ gpgsm_agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip,
init_membuf (&data, 1024);
rc = assuan_transact (agent_ctx, line,
- membuf_data_cb, &data,
+ membuf_data_cb, &data,
default_inq_cb, ctrl, NULL, NULL);
if (rc)
{
@@ -597,7 +597,7 @@ gpgsm_agent_scd_serialno (ctrl_t ctrl, char **r_serialno)
{
int rc;
char *serialno = NULL;
-
+
*r_serialno = NULL;
rc = start_agent (ctrl);
if (rc)
@@ -666,7 +666,7 @@ gpgsm_agent_scd_keypairinfo (ctrl_t ctrl, strlist_t *r_list)
{
int rc;
strlist_t list = NULL;
-
+
*r_list = NULL;
rc = start_agent (ctrl);
if (rc)
@@ -743,7 +743,7 @@ gpgsm_agent_istrusted (ctrl_t ctrl, ksba_cert_t cert, const char *hexfpr,
log_error ("error getting the fingerprint\n");
return gpg_error (GPG_ERR_GENERAL);
}
-
+
snprintf (line, DIM(line)-1, "ISTRUSTED %s", fpr);
line[DIM(line)-1] = 0;
xfree (fpr);
@@ -907,7 +907,7 @@ learn_cb (void *opaque, const void *buffer, size_t length)
init_membuf (parm->data, 4096);
return 0;
}
-
+
/* Call the agent to learn about a smartcard */
int
gpgsm_agent_learn (ctrl_t ctrl)
@@ -927,8 +927,8 @@ gpgsm_agent_learn (ctrl_t ctrl)
learn_parm.ctx = agent_ctx;
learn_parm.data = &data;
rc = assuan_transact (agent_ctx, "LEARN --send",
- learn_cb, &learn_parm,
- NULL, NULL,
+ learn_cb, &learn_parm,
+ NULL, NULL,
learn_status_cb, &learn_parm);
xfree (get_membuf (&data, &len));
if (rc)
@@ -1099,20 +1099,20 @@ gpgsm_agent_ask_passphrase (ctrl_t ctrl, const char *desc_msg, int repeat,
if (desc_msg && *desc_msg && !(arg4 = percent_plus_escape (desc_msg)))
return gpg_error_from_syserror ();
-
+
snprintf (line, DIM(line)-1, "GET_PASSPHRASE --data%s -- X X X %s",
repeat? " --repeat=1 --check --qualitybar":"",
arg4);
xfree (arg4);
init_membuf_secure (&data, 64);
- err = assuan_transact (agent_ctx, line,
+ err = assuan_transact (agent_ctx, line,
membuf_data_cb, &data,
default_inq_cb, NULL, NULL, NULL);
if (err)
xfree (get_membuf (&data, NULL));
- else
+ else
{
put_membuf (&data, "", 1);
*r_passphrase = get_membuf (&data, NULL);
@@ -1147,7 +1147,7 @@ gpgsm_agent_keywrap_key (ctrl_t ctrl, int forexport,
init_membuf_secure (&data, 64);
err = assuan_transact (agent_ctx, line,
- membuf_data_cb, &data,
+ membuf_data_cb, &data,
default_inq_cb, ctrl, NULL, NULL);
if (err)
{
@@ -1169,7 +1169,7 @@ gpgsm_agent_keywrap_key (ctrl_t ctrl, int forexport,
static gpg_error_t
inq_import_key_parms (void *opaque, const char *line)
{
- struct import_key_parm_s *parm = opaque;
+ struct import_key_parm_s *parm = opaque;
gpg_error_t err;
if (!strncmp (line, "KEYDATA", 7) && (line[7]==' '||!line[7]))
@@ -1181,7 +1181,7 @@ inq_import_key_parms (void *opaque, const char *line)
else
err = default_inq_cb (parm->ctrl, line);
- return err;
+ return err;
}
@@ -1241,7 +1241,7 @@ gpgsm_agent_export_key (ctrl_t ctrl, const char *keygrip, const char *desc,
init_membuf_secure (&data, 1024);
err = assuan_transact (agent_ctx, line,
- membuf_data_cb, &data,
+ membuf_data_cb, &data,
default_inq_cb, ctrl, NULL, NULL);
if (err)
{
@@ -1255,5 +1255,3 @@ gpgsm_agent_export_key (ctrl_t ctrl, const char *keygrip, const char *desc,
*r_resultlen = len;
return 0;
}
-
-
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 6d0236c72..d927a29c0 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -1,4 +1,4 @@
-/* call-dirmngr.c - Communication with the dirmngr
+/* call-dirmngr.c - Communication with the dirmngr
* Copyright (C) 2002, 2003, 2005, 2007, 2008,
* 2010 Free Software Foundation, Inc.
*
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
#include <ctype.h>
@@ -108,7 +108,7 @@ put_membuf (struct membuf *mb, const void *buf, size_t len)
if (mb->len + len >= mb->size)
{
char *p;
-
+
mb->size += len + 1024;
p = xtryrealloc (mb->buf, mb->size);
if (!p)
@@ -169,7 +169,7 @@ prepare_dirmngr (ctrl_t ctrl, assuan_context_t ctx, gpg_error_t err)
char *user = server->user ? server->user : "";
char *pass = server->pass ? server->pass : "";
char *base = server->base ? server->base : "";
-
+
snprintf (line, DIM (line) - 1, "LDAPSERVER %s:%i:%s:%s:%s",
server->host, server->port, user, pass, base);
line[DIM (line) - 1] = 0;
@@ -201,7 +201,7 @@ start_dirmngr_ext (ctrl_t ctrl, assuan_context_t *ctx_r)
to take care of the implicit option sending caching. */
err = start_new_dirmngr (&ctx, GPG_ERR_SOURCE_DEFAULT,
- opt.homedir, opt.dirmngr_program,
+ opt.homedir, opt.dirmngr_program,
opt.verbose, DBG_ASSUAN,
gpgsm_status2, ctrl);
prepare_dirmngr (ctrl, ctx, err);
@@ -228,7 +228,7 @@ start_dirmngr (ctrl_t ctrl)
an error in prepare_dirmngr? */
if (!dirmngr_ctx)
dirmngr_ctx_locked = 0;
- return err;
+ return err;
}
@@ -324,7 +324,7 @@ inq_certificate (void *opaque, const char *line)
for (s=line, n=0; n < 40; s++, n++)
fpr[n] = (*s >= 'a')? (*s & 0xdf): *s;
fpr[n] = 0;
-
+
if (!gpgsm_agent_istrusted (parm->ctrl, NULL, fpr, &rootca_flags))
rc = assuan_send_data (parm->ctx, "1", 1);
else
@@ -352,7 +352,7 @@ inq_certificate (void *opaque, const char *line)
"is not yet implemented\n");
rc = gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE);
}
- else
+ else
{ /* Send the given certificate. */
int err;
ksba_cert_t cert;
@@ -376,7 +376,7 @@ inq_certificate (void *opaque, const char *line)
}
xfree (ski);
- return rc;
+ return rc;
}
@@ -500,7 +500,7 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
NULL, NULL, NULL, NULL, NULL, NULL);
did_options = 1;
}
- snprintf (line, DIM(line)-1, "ISVALID%s %s",
+ snprintf (line, DIM(line)-1, "ISVALID%s %s",
use_ocsp == 2? " --only-ocsp --force-default-responder":"",
certid);
line[DIM(line)-1] = 0;
@@ -552,7 +552,7 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
{
/* Note the no_dirmngr flag: This avoids checking
this certificate over and over again. */
- rc = gpgsm_validate_chain (ctrl, rspcert, "", NULL, 0, NULL,
+ rc = gpgsm_validate_chain (ctrl, rspcert, "", NULL, 0, NULL,
VALIDATE_FLAG_NO_DIRMNGR, NULL);
if (rc)
{
@@ -674,7 +674,7 @@ pattern_from_strlist (strlist_t names)
*pattern = 0; /* is empty */
else
p[-1] = '\0'; /* remove trailing blank */
-
+
return pattern;
}
@@ -711,10 +711,10 @@ lookup_status_cb (void *opaque, const char *line)
the callback CB which will be passed cert by cert. Note that CTRL
is optional. With CACHE_ONLY the dirmngr will search only its own
key cache. */
-int
+int
gpgsm_dirmngr_lookup (ctrl_t ctrl, strlist_t names, int cache_only,
void (*cb)(void*, ksba_cert_t), void *cb_value)
-{
+{
int rc;
char *pattern;
char line[ASSUAN_LINELENGTH];
@@ -753,7 +753,7 @@ gpgsm_dirmngr_lookup (ctrl_t ctrl, strlist_t names, int cache_only,
return out_of_core ();
}
- snprintf (line, DIM(line)-1, "LOOKUP%s %s",
+ snprintf (line, DIM(line)-1, "LOOKUP%s %s",
cache_only? " --cache-only":"", pattern);
line[DIM(line)-1] = 0;
xfree (pattern);
@@ -842,7 +842,7 @@ run_command_inq_cb (void *opaque, const char *line)
rc = gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE);
}
- return rc;
+ return rc;
}
static gpg_error_t
@@ -877,7 +877,7 @@ run_command_status_cb (void *opaque, const char *line)
int
gpgsm_dirmngr_run_command (ctrl_t ctrl, const char *command,
int argc, char **argv)
-{
+{
int rc;
int i;
const char *s;
diff --git a/sm/certchain.c b/sm/certchain.c
index 3d856fee1..1a2632504 100644
--- a/sm/certchain.c
+++ b/sm/certchain.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <stdarg.h>
#include <assert.h>
@@ -193,7 +193,7 @@ has_validation_model_chain (ksba_cert_t cert, int listmode, estream_t listfp)
if (opt.verbose)
do_list (0, listmode, listfp,
- _("validation model requested by certificate: %s"),
+ _("validation model requested by certificate: %s"),
!strcmp (oidbuf, "1.3.6.1.4.1.8301.3.5.1")? _("chain") :
!strcmp (oidbuf, "1.3.6.1.4.1.8301.3.5.2")? _("shell") :
/* */ oidbuf);
@@ -276,7 +276,7 @@ unknown_criticals (ksba_cert_t cert, int listmode, estream_t fp)
BasicConstraints extension. The function returns 0 on success and
the allowed length of the chain at CHAINLEN. */
static int
-allowed_ca (ctrl_t ctrl,
+allowed_ca (ctrl_t ctrl,
ksba_cert_t cert, int *chainlen, int listmode, estream_t fp)
{
gpg_error_t err;
@@ -327,7 +327,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
any_critical = !!strstr (policies, ":C");
if (!opt.policy_file)
- {
+ {
xfree (policies);
if (any_critical)
{
@@ -358,7 +358,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
return gpg_error (GPG_ERR_NO_POLICY_MATCH);
}
- for (;;)
+ for (;;)
{
int c;
char *p, line[256];
@@ -389,7 +389,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
fclose (fp);
return tmperr;
}
-
+
if (!*line || line[strlen(line)-1] != '\n')
{
/* eat until end of line */
@@ -400,13 +400,13 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
return gpg_error (*line? GPG_ERR_LINE_TOO_LONG
: GPG_ERR_INCOMPLETE_LINE);
}
-
+
/* Allow for empty lines and spaces */
for (p=line; spacep (p); p++)
;
}
while (!*p || *p == '\n' || *p == '#');
-
+
/* parse line */
for (allowed=line; spacep (allowed); allowed++)
;
@@ -463,7 +463,7 @@ find_up_search_by_keyid (KEYDB_HANDLE kh,
break; /* Found matching cert. */
}
}
-
+
ksba_cert_release (cert);
xfree (subj);
return rc? -1:0;
@@ -493,7 +493,7 @@ find_up_external (ctrl_t ctrl, KEYDB_HANDLE kh,
int count = 0;
char *pattern;
const char *s;
-
+
if (opt.verbose)
log_info (_("looking up issuer at external location\n"));
/* The Dirmngr process is confused about unknown attributes. As a
@@ -515,7 +515,7 @@ find_up_external (ctrl_t ctrl, KEYDB_HANDLE kh,
if (opt.verbose)
log_info (_("number of issuers matching: %d\n"), count);
- if (rc)
+ if (rc)
{
log_error ("external key lookup failed: %s\n", gpg_strerror (rc));
rc = -1;
@@ -556,7 +556,7 @@ find_up_dirmngr (ctrl_t ctrl, KEYDB_HANDLE kh,
char *pattern;
(void)kh;
-
+
if (opt.verbose)
log_info (_("looking up issuer from the Dirmngr cache\n"));
if (subject_mode)
@@ -583,7 +583,7 @@ find_up_dirmngr (ctrl_t ctrl, KEYDB_HANDLE kh,
if (opt.verbose)
log_info (_("number of matching certificates: %d\n"), count);
- if (rc && !opt.quiet)
+ if (rc && !opt.quiet)
log_info (_("dirmngr cache-only key lookup failed: %s\n"),
gpg_strerror (rc));
return (!rc && count)? 0 : -1;
@@ -598,7 +598,7 @@ find_up_dirmngr (ctrl_t ctrl, KEYDB_HANDLE kh,
keydb_get_cert on the keyDb context KH will return it. Returns 0
on success, -1 if not found or an error code. */
static int
-find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
+find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
ksba_cert_t cert, const char *issuer, int find_next)
{
ksba_name_t authid;
@@ -614,7 +614,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
rc = keydb_search_issuer_sn (kh, s, authidno);
if (rc)
keydb_search_reset (kh);
-
+
/* In case of an error, try to get the certificate from the
dirmngr. That is done by trying to put that certifcate
into the ephemeral DB and let the code below do the
@@ -627,7 +627,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
that in find_next mode because we can't keep the search
state then. */
if (rc == -1 && !find_next)
- {
+ {
int old = keydb_set_ephemeral (kh, 1);
if (!old)
{
@@ -637,7 +637,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
}
keydb_set_ephemeral (kh, old);
}
- if (rc)
+ if (rc)
rc = -1; /* Need to make sure to have this error code. */
}
@@ -656,7 +656,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
rc = find_up_search_by_keyid (kh, issuer, keyid);
keydb_set_ephemeral (kh, old);
}
- if (rc)
+ if (rc)
rc = -1; /* Need to make sure to have this error code. */
}
@@ -676,7 +676,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
}
keydb_set_ephemeral (kh, old);
}
- if (rc)
+ if (rc)
rc = -1; /* Need to make sure to have this error code. */
}
@@ -714,7 +714,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
ksba_name_release (authid);
xfree (authidno);
}
-
+
if (rc) /* Not found via authorithyKeyIdentifier, try regular issuer name. */
rc = keydb_search_subject (kh, issuer);
if (rc == -1 && !find_next)
@@ -748,7 +748,7 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
int
gpgsm_walk_cert_chain (ctrl_t ctrl, ksba_cert_t start, ksba_cert_t *r_next)
{
- int rc = 0;
+ int rc = 0;
char *issuer = NULL;
char *subject = NULL;
KEYDB_HANDLE kh = keydb_new (0);
@@ -779,7 +779,7 @@ gpgsm_walk_cert_chain (ctrl_t ctrl, ksba_cert_t start, ksba_cert_t *r_next)
if (is_root_cert (start, issuer, subject))
{
rc = -1; /* we are at the root */
- goto leave;
+ goto leave;
}
rc = find_up (ctrl, kh, start, issuer, 0);
@@ -803,7 +803,7 @@ gpgsm_walk_cert_chain (ctrl_t ctrl, ksba_cert_t start, ksba_cert_t *r_next)
leave:
xfree (issuer);
xfree (subject);
- keydb_release (kh);
+ keydb_release (kh);
return rc;
}
@@ -850,20 +850,20 @@ is_root_cert (ksba_cert_t cert, const char *issuerdn, const char *subjectdn)
that is the case this is a root certificate. */
ak_name_str = ksba_name_enum (ak_name, 0);
if (ak_name_str
- && !strcmp (ak_name_str, issuerdn)
+ && !strcmp (ak_name_str, issuerdn)
&& !cmp_simple_canon_sexp (ak_sn, serialno))
{
result = 1; /* Right, CERT is self-signed. */
goto leave;
- }
-
+ }
+
/* Similar for the ak_keyid. */
if (ak_keyid && !ksba_cert_get_subj_key_id (cert, NULL, &subj_keyid)
&& !cmp_simple_canon_sexp (ak_keyid, subj_keyid))
{
result = 1; /* Right, CERT is self-signed. */
goto leave;
- }
+ }
leave:
@@ -872,7 +872,7 @@ is_root_cert (ksba_cert_t cert, const char *issuerdn, const char *subjectdn)
ksba_name_release (ak_name);
ksba_free (ak_sn);
ksba_free (serialno);
- return result;
+ return result;
}
@@ -896,7 +896,7 @@ gpgsm_is_root_cert (ksba_cert_t cert)
/* This is a helper for gpgsm_validate_chain. */
-static gpg_error_t
+static gpg_error_t
is_cert_still_valid (ctrl_t ctrl, int force_ocsp, int lm, estream_t fp,
ksba_cert_t subject_cert, ksba_cert_t issuer_cert,
int *any_revoked, int *any_no_crl, int *any_crl_too_old)
@@ -905,13 +905,13 @@ is_cert_still_valid (ctrl_t ctrl, int force_ocsp, int lm, estream_t fp,
if (opt.no_crl_check && !ctrl->use_ocsp)
{
- audit_log_ok (ctrl->audit, AUDIT_CRL_CHECK,
+ audit_log_ok (ctrl->audit, AUDIT_CRL_CHECK,
gpg_error (GPG_ERR_NOT_ENABLED));
return 0;
}
err = gpgsm_dirmngr_isvalid (ctrl,
- subject_cert, issuer_cert,
+ subject_cert, issuer_cert,
force_ocsp? 2 : !!ctrl->use_ocsp);
audit_log_ok (ctrl->audit, AUDIT_CRL_CHECK, err);
@@ -948,7 +948,7 @@ is_cert_still_valid (ctrl_t ctrl, int force_ocsp, int lm, estream_t fp,
"\"dirmngr\" is properly installed\n"));
*any_crl_too_old = 1;
break;
-
+
default:
do_list (1, lm, fp, _("checking the CRL failed: %s"),
gpg_strerror (err));
@@ -963,7 +963,7 @@ is_cert_still_valid (ctrl_t ctrl, int force_ocsp, int lm, estream_t fp,
SUBJECT_CERT. The caller needs to pass EXPTIME which will be
updated to the nearest expiration time seen. A DEPTH of 0 indicates
the target certifciate, -1 the final root certificate and other
- values intermediate certificates. */
+ values intermediate certificates. */
static gpg_error_t
check_validity_period (ksba_isotime_t current_time,
ksba_cert_t subject_cert,
@@ -993,7 +993,7 @@ check_validity_period (ksba_isotime_t current_time,
if (*not_before && strcmp (current_time, not_before) < 0 )
{
- do_list (1, listmode, listfp,
+ do_list (1, listmode, listfp,
depth == 0 ? _("certificate not yet valid") :
depth == -1 ? _("root certificate not yet valid") :
/* other */ _("intermediate certificate not yet valid"));
@@ -1004,8 +1004,8 @@ check_validity_period (ksba_isotime_t current_time,
log_printf (")\n");
}
return gpg_error (GPG_ERR_CERT_TOO_YOUNG);
- }
-
+ }
+
if (*not_after && strcmp (current_time, not_after) > 0 )
{
do_list (opt.ignore_expiration?0:1, listmode, listfp,
@@ -1022,8 +1022,8 @@ check_validity_period (ksba_isotime_t current_time,
log_info ("WARNING: ignoring expiration\n");
else
return gpg_error (GPG_ERR_CERT_EXPIRED);
- }
-
+ }
+
return 0;
}
@@ -1070,7 +1070,7 @@ check_validity_period_cm (ksba_isotime_t current_time,
log_printf (")\n");
return gpg_error (GPG_ERR_BAD_CERT);
}
-
+
if (!*exptime)
gnupg_copy_time (exptime, not_after);
else if (strcmp (not_after, exptime) < 0 )
@@ -1078,7 +1078,7 @@ check_validity_period_cm (ksba_isotime_t current_time,
if (strcmp (current_time, not_before) < 0 )
{
- do_list (1, listmode, listfp,
+ do_list (1, listmode, listfp,
depth == 0 ? _("certificate not yet valid") :
depth == -1 ? _("root certificate not yet valid") :
/* other */ _("intermediate certificate not yet valid"));
@@ -1089,16 +1089,16 @@ check_validity_period_cm (ksba_isotime_t current_time,
log_printf (")\n");
}
return gpg_error (GPG_ERR_CERT_TOO_YOUNG);
- }
+ }
if (*check_time
- && (strcmp (check_time, not_before) < 0
+ && (strcmp (check_time, not_before) < 0
|| strcmp (check_time, not_after) > 0))
{
/* Note that we don't need a case for the root certificate
because its own consitency has already been checked. */
do_list(opt.ignore_expiration?0:1, listmode, listfp,
- depth == 0 ?
+ depth == 0 ?
_("signature not created during lifetime of certificate") :
depth == 1 ?
_("certificate not created during lifetime of issuer") :
@@ -1135,7 +1135,7 @@ check_validity_period_cm (ksba_isotime_t current_time,
static int
ask_marktrusted (ctrl_t ctrl, ksba_cert_t cert, int listmode)
{
- static int no_more_questions;
+ static int no_more_questions;
int rc;
char *fpr;
int success = 0;
@@ -1143,7 +1143,7 @@ ask_marktrusted (ctrl_t ctrl, ksba_cert_t cert, int listmode)
fpr = gpgsm_get_fingerprint_string (cert, GCRY_MD_SHA1);
log_info (_("fingerprint=%s\n"), fpr? fpr : "?");
xfree (fpr);
-
+
if (no_more_questions)
rc = gpg_error (GPG_ERR_NOT_SUPPORTED);
else
@@ -1225,7 +1225,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
{
if (!strcmp (checktime_arg, "19700101T000000"))
{
- do_list (1, listmode, listfp,
+ do_list (1, listmode, listfp,
_("WARNING: creation time of signature not known - "
"assuming current time"));
gnupg_copy_time (check_time, current_time);
@@ -1314,7 +1314,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
if (has_validation_model_chain (subject_cert, listmode, listfp))
rootca_flags->chain_model = 1;
}
-
+
/* Check the validity period. */
if ( (flags & VALIDATE_FLAG_CHAIN_MODEL) )
@@ -1332,7 +1332,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
}
else if (rc)
goto leave;
-
+
/* Assert that we understand all critical extensions. */
rc = unknown_criticals (subject_cert, listmode, listfp);
@@ -1355,7 +1355,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
/* If this is the root certificate we are at the end of the chain. */
if (is_root)
- {
+ {
if (!istrusted_rc)
; /* No need to check the certificate for a trusted one. */
else if (gpgsm_check_cert_sig (subject_cert, subject_cert) )
@@ -1378,8 +1378,8 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
if (rc)
goto leave;
}
-
-
+
+
/* Set the flag for qualified signatures. This flag is
deduced from a list of root certificates allowed for
qualified signatures. */
@@ -1388,15 +1388,15 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
gpg_error_t err;
size_t buflen;
char buf[1];
-
- if (!ksba_cert_get_user_data (cert, "is_qualified",
+
+ if (!ksba_cert_get_user_data (cert, "is_qualified",
&buf, sizeof (buf),
&buflen) && buflen)
{
/* We already checked this for this certificate,
thus we simply take it from the user data. */
is_qualified = !!*buf;
- }
+ }
else
{
/* Need to consult the list of root certificates for
@@ -1419,7 +1419,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
"is_qualified", buf, 1);
if (err)
log_error ("set_user_data(is_qualified) failed: %s\n",
- gpg_strerror (err));
+ gpg_strerror (err));
}
}
}
@@ -1431,7 +1431,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
;
else if (gpg_err_code (rc) == GPG_ERR_NOT_TRUSTED)
{
- do_list (0, listmode, listfp,
+ do_list (0, listmode, listfp,
_("root certificate is not marked trusted"));
/* If we already figured out that the certificate is
expired it does not make much sense to ask the user
@@ -1443,12 +1443,12 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
&& ask_marktrusted (ctrl, subject_cert, listmode) )
rc = 0;
}
- else
+ else
{
log_error (_("checking the trust list failed: %s\n"),
gpg_strerror (rc));
}
-
+
if (rc)
goto leave;
@@ -1456,9 +1456,9 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
if ((flags & VALIDATE_FLAG_NO_DIRMNGR))
;
else if (opt.no_trusted_cert_crl_check || rootca_flags->relax)
- ;
+ ;
else
- rc = is_cert_still_valid (ctrl,
+ rc = is_cert_still_valid (ctrl,
(flags & VALIDATE_FLAG_CHAIN_MODEL),
listmode, listfp,
subject_cert, subject_cert,
@@ -1470,7 +1470,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
break; /* Okay: a self-signed certicate is an end-point. */
} /* End is_root. */
-
+
/* Take care that the chain does not get too long. */
if ((depth+1) > maxdepth)
{
@@ -1552,7 +1552,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
do_list (0, listmode, listfp,
_("found another possible matching "
"CA certificate - trying again"));
- ksba_cert_release (issuer_cert);
+ ksba_cert_release (issuer_cert);
issuer_cert = tmp_cert;
goto try_another_cert;
}
@@ -1629,9 +1629,9 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
rc = 0;
else if (is_root && (opt.no_trusted_cert_crl_check
|| (!istrusted_rc && rootca_flags->relax)))
- rc = 0;
+ rc = 0;
else
- rc = is_cert_still_valid (ctrl,
+ rc = is_cert_still_valid (ctrl,
(flags & VALIDATE_FLAG_CHAIN_MODEL),
listmode, listfp,
subject_cert, issuer_cert,
@@ -1690,7 +1690,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
else if (any_no_policy_match)
rc = gpg_error (GPG_ERR_NO_POLICY_MATCH);
}
-
+
leave:
/* If we have traversed a complete chain up to the root we will
reset the ephemeral flag for all these certificates. This is done
@@ -1700,7 +1700,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
{
gpg_error_t err;
chain_item_t ci;
-
+
for (ci = chain; ci; ci = ci->next)
{
/* Note that it is possible for the last certificate in the
@@ -1714,7 +1714,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
;
else if (err)
log_error ("clearing ephemeral flag failed: %s\n",
- gpg_strerror (err));
+ gpg_strerror (err));
}
}
@@ -1729,14 +1729,14 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
char buf[1];
buf[0] = !!is_qualified;
-
+
for (ci = chain; ci; ci = ci->next)
{
err = ksba_cert_set_user_data (ci->cert, "is_qualified", buf, 1);
if (err)
{
log_error ("set_user_data(is_qualified) failed: %s\n",
- gpg_strerror (err));
+ gpg_strerror (err));
if (!rc)
rc = err;
}
@@ -1762,7 +1762,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
gnupg_copy_time (r_exptime, exptime);
xfree (issuer);
xfree (subject);
- keydb_release (kh);
+ keydb_release (kh);
while (chain)
{
chain_item_t ci_next = chain->next;
@@ -1807,7 +1807,7 @@ gpgsm_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime,
*retflags = (flags & VALIDATE_FLAG_CHAIN_MODEL);
memset (&rootca_flags, 0, sizeof rootca_flags);
- rc = do_validate_chain (ctrl, cert, checktime,
+ rc = do_validate_chain (ctrl, cert, checktime,
r_exptime, listmode, listfp, flags,
&rootca_flags);
if (gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED
@@ -1816,17 +1816,17 @@ gpgsm_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime,
{
do_list (0, listmode, listfp, _("switching to chain model"));
rc = do_validate_chain (ctrl, cert, checktime,
- r_exptime, listmode, listfp,
+ r_exptime, listmode, listfp,
(flags |= VALIDATE_FLAG_CHAIN_MODEL),
&rootca_flags);
*retflags |= VALIDATE_FLAG_CHAIN_MODEL;
}
if (opt.verbose)
- do_list (0, listmode, listfp, _("validation model used: %s"),
+ do_list (0, listmode, listfp, _("validation model used: %s"),
(*retflags & VALIDATE_FLAG_CHAIN_MODEL)?
_("chain"):_("shell"));
-
+
return rc;
}
@@ -1843,7 +1843,7 @@ gpgsm_basic_cert_check (ctrl_t ctrl, ksba_cert_t cert)
char *subject = NULL;
KEYDB_HANDLE kh;
ksba_cert_t issuer_cert = NULL;
-
+
if (opt.no_chain_validation)
{
log_info ("WARNING: bypassing basic certificate checks\n");
@@ -1900,7 +1900,7 @@ gpgsm_basic_cert_check (ctrl_t ctrl, ksba_cert_t cert)
rc = gpg_error (GPG_ERR_MISSING_ISSUER_CERT);
goto leave;
}
-
+
ksba_cert_release (issuer_cert); issuer_cert = NULL;
rc = keydb_get_cert (kh, &issuer_cert);
if (rc)
@@ -1930,7 +1930,7 @@ gpgsm_basic_cert_check (ctrl_t ctrl, ksba_cert_t cert)
leave:
xfree (issuer);
xfree (subject);
- keydb_release (kh);
+ keydb_release (kh);
ksba_cert_release (issuer_cert);
return rc;
}
@@ -1941,7 +1941,7 @@ gpgsm_basic_cert_check (ctrl_t ctrl, ksba_cert_t cert)
authority for qualified signature. They do not set the
basicConstraints and thus we need this workaround. It works by
looking up the root certificate and checking whether that one is
- listed as a qualified certificate for Germany.
+ listed as a qualified certificate for Germany.
We also try to cache this data but as long as don't keep a
reference to the certificate this won't be used.
@@ -1967,7 +1967,7 @@ get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen)
chainlen = &dummy_chainlen;
*chainlen = 0;
- err = ksba_cert_get_user_data (cert, "regtp_ca_chainlen",
+ err = ksba_cert_get_user_data (cert, "regtp_ca_chainlen",
&buf, sizeof (buf), &buflen);
if (!err)
{
@@ -2024,7 +2024,7 @@ get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen)
"\x01\x00", 2);
if (err)
log_error ("ksba_set_user_data(%s) failed: %s\n",
- "regtp_ca_chainlen", gpg_strerror (err));
+ "regtp_ca_chainlen", gpg_strerror (err));
for (i=0; i < depth; i++)
ksba_cert_release (array[i]);
*chainlen = (depth>1? 0:1);
@@ -2033,11 +2033,11 @@ get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen)
leave:
/* Nothing special with this certificate. Mark the target
- certificate anyway to avoid duplicate lookups. */
+ certificate anyway to avoid duplicate lookups. */
err = ksba_cert_set_user_data (cert, "regtp_ca_chainlen", "", 1);
if (err)
log_error ("ksba_set_user_data(%s) failed: %s\n",
- "regtp_ca_chainlen", gpg_strerror (err));
+ "regtp_ca_chainlen", gpg_strerror (err));
for (i=0; i < depth; i++)
ksba_cert_release (array[i]);
return 0;
diff --git a/sm/certcheck.c b/sm/certcheck.c
index 51a809b8f..18fadb1fe 100644
--- a/sm/certcheck.c
+++ b/sm/certcheck.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -106,7 +106,7 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
{
log_error (_("a %u bit hash is not valid for a %u bit %s key\n"),
(unsigned int)nframe*8,
- gcry_pk_get_nbits (pkey),
+ gcry_pk_get_nbits (pkey),
gcry_pk_algo_name (pkalgo));
/* FIXME: we need to check the requirements for ECDSA. */
if (nframe < 20 || pkalgo == GCRY_PK_DSA )
@@ -139,16 +139,16 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
log_error ("no object identifier for algo %d\n", algo);
return gpg_error (GPG_ERR_INTERNAL);
}
-
+
len = gcry_md_get_algo_dlen (algo);
-
+
if ( len + asnlen + 4 > nframe )
{
log_error ("can't encode a %d bit MD into a %d bits frame\n",
(int)(len*8), (int)nbits);
return gpg_error (GPG_ERR_INTERNAL);
}
-
+
/* We encode the MD in this way:
*
* 0 A PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes)
@@ -177,7 +177,7 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
log_printf (" %02X", frame[j]);
log_printf ("\n");
}
-
+
gcry_mpi_scan (r_val, GCRYMPI_FMT_USG, frame, n, &nframe);
xfree (frame);
return 0;
@@ -324,7 +324,7 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
BUG ();
gcry_mpi_release (frame);
-
+
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
if (DBG_X509)
log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
@@ -400,7 +400,7 @@ gpgsm_check_cms_signature (ksba_cert_t cert, ksba_const_sexp_t sigval,
if ( gcry_sexp_build (&s_hash, NULL, "%m", frame) )
BUG ();
gcry_mpi_release (frame);
-
+
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
if (DBG_X509)
log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
@@ -427,13 +427,10 @@ gpgsm_create_cms_signature (ctrl_t ctrl, ksba_cert_t cert,
desc = gpgsm_format_keydesc (cert);
- rc = gpgsm_agent_pksign (ctrl, grip, desc, gcry_md_read(md, mdalgo),
+ rc = gpgsm_agent_pksign (ctrl, grip, desc, gcry_md_read(md, mdalgo),
gcry_md_get_algo_dlen (mdalgo), mdalgo,
r_sigval, &siglen);
xfree (desc);
xfree (grip);
return rc;
}
-
-
-
diff --git a/sm/certdump.c b/sm/certdump.c
index 6d7d5b68e..9d9feb07d 100644
--- a/sm/certdump.c
+++ b/sm/certdump.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
#ifdef HAVE_LOCALE_H
@@ -175,7 +175,7 @@ gpgsm_dump_string (const char *string)
/* This simple dump function is mainly used for debugging purposes. */
-void
+void
gpgsm_dump_cert (const char *text, ksba_cert_t cert)
{
ksba_sexp_t sexp;
@@ -206,7 +206,7 @@ gpgsm_dump_cert (const char *text, ksba_cert_t cert)
gpgsm_dump_string (dn);
ksba_free (dn);
log_printf ("\n");
-
+
dn = ksba_cert_get_subject (cert, 0);
log_debug (" subject: ");
gpgsm_dump_string (dn);
@@ -256,7 +256,7 @@ gpgsm_format_sn_issuer (ksba_sexp_t sn, const char *issuer)
/* Log the certificate's name in "#SN/ISSUERDN" format along with
TEXT. */
-void
+void
gpgsm_cert_log_name (const char *text, ksba_cert_t cert)
{
log_info ("%s", text? text:"certificate" );
@@ -301,7 +301,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
{"T", "2.5.4.12" },
{"GN", "2.5.4.42" },
{"SN", "2.5.4.4" },
- {"NameDistinguisher", "0.2.262.1.10.7.20"},
+ {"NameDistinguisher", "0.2.262.1.10.7.20"},
{"ADDR", "2.5.4.16" },
{"BC", "2.5.4.15" },
{"D", "2.5.4.13" },
@@ -329,7 +329,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
array->key = p = xtrymalloc (n+10);
if (!array->key)
return NULL;
- memcpy (p, string, n);
+ memcpy (p, string, n);
p[n] = 0;
trim_trailing_spaces (p);
@@ -373,7 +373,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
{ /* pair */
s++;
if (*s == ',' || *s == '=' || *s == '+'
- || *s == '<' || *s == '>' || *s == '#' || *s == ';'
+ || *s == '<' || *s == '>' || *s == '#' || *s == ';'
|| *s == '\\' || *s == '\"' || *s == ' ')
n++;
else if (hexdigitp (s) && hexdigitp (s+1))
@@ -388,7 +388,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
return NULL; /* invalid encoding */
else if (*s == ',' || *s == '=' || *s == '+'
|| *s == '<' || *s == '>' || *s == ';' )
- break;
+ break;
else
n++;
}
@@ -399,7 +399,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
for (s=string; n; s++, n--)
{
if (*s == '\\')
- {
+ {
s++;
if (hexdigitp (s))
{
@@ -440,7 +440,7 @@ parse_dn (const unsigned char *string)
if (!*string)
break; /* ready */
if (arrayidx >= arraysize)
- {
+ {
struct dn_array_s *a2;
arraysize += 5;
@@ -537,10 +537,10 @@ print_dn_parts (FILE *fp, estream_t stream,
struct dn_array_s *dn, int translate)
{
const char *stdpart[] = {
- "CN", "OU", "O", "STREET", "L", "ST", "C", "EMail", NULL
+ "CN", "OU", "O", "STREET", "L", "ST", "C", "EMail", NULL
};
int i;
-
+
for (i=0; stdpart[i]; i++)
print_dn_part (fp, stream, dn, stdpart[i], translate);
@@ -677,9 +677,9 @@ gpgsm_print_name2 (FILE *fp, const char *name, int translate)
struct dn_array_s *dn = parse_dn (s);
if (!dn)
fputs (_("[Error - invalid DN]"), fp);
- else
+ else
{
- print_dn_parts (fp, NULL, dn, translate);
+ print_dn_parts (fp, NULL, dn, translate);
for (i=0; dn[i].key; i++)
{
xfree (dn[i].key);
@@ -736,9 +736,9 @@ gpgsm_es_print_name2 (estream_t fp, const char *name, int translate)
if (!dn)
es_fputs (_("[Error - invalid DN]"), fp);
- else
+ else
{
- print_dn_parts (NULL, fp, dn, translate);
+ print_dn_parts (NULL, fp, dn, translate);
for (i=0; dn[i].key; i++)
{
xfree (dn[i].key);
@@ -758,7 +758,7 @@ gpgsm_es_print_name (estream_t fp, const char *name)
/* A cookie structure used for the memory stream. */
-struct format_name_cookie
+struct format_name_cookie
{
char *buffer; /* Malloced buffer with the data to deliver. */
size_t size; /* Allocated size of this buffer. */
@@ -809,7 +809,7 @@ format_name_writer (void *cookie, const void *buffer, size_t size)
}
memcpy (p + c->len, buffer, size);
c->len += size;
- p[c->len] = 0; /* Terminate string. */
+ p[c->len] = 0; /* Terminate string. */
return (ssize_t)size;
}
@@ -869,7 +869,7 @@ gpgsm_fpr_and_name_for_status (ksba_cert_t cert)
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
if (!fpr)
return NULL;
-
+
name = ksba_cert_get_subject (cert, 0);
if (!name)
{
@@ -954,21 +954,20 @@ gpgsm_format_keydesc (ksba_cert_t cert)
sn? sn: "?",
gpgsm_get_short_fingerprint (cert, NULL),
created, expires);
-
+
i18n_switchback (orig_codeset);
-
+
if (!name)
{
xfree (subject);
xfree (sn);
return NULL;
}
-
+
xfree (subject);
xfree (sn);
buffer = percent_plus_escape (name);
- xfree (name);
+ xfree (name);
return buffer;
}
-
diff --git a/sm/certlist.c b/sm/certlist.c
index 8221e4ac3..299d075f2 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -95,7 +95,7 @@ cert_usage_p (ksba_cert_t cert, int mode)
extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
| KSBA_KEYUSAGE_NON_REPUDIATION);
}
-
+
/* This is a hack to cope with OCSP. Note that we do
not yet fully comply with the requirements and that
the entire CRL/OCSP checking thing should undergo a
@@ -108,7 +108,7 @@ cert_usage_p (ksba_cert_t cert, int mode)
}
xfree (extkeyusages);
extkeyusages = NULL;
-
+
if (!any_critical)
extusemask = ~0; /* Reset to the don't care mask. */
}
@@ -128,12 +128,12 @@ cert_usage_p (ksba_cert_t cert, int mode)
}
if (err)
- {
+ {
log_error (_("error getting key usage information: %s\n"),
gpg_strerror (err));
xfree (extkeyusages);
return err;
- }
+ }
if (mode == 4)
{
@@ -146,7 +146,7 @@ cert_usage_p (ksba_cert_t cert, int mode)
if (mode == 5)
{
- if (use != ~0
+ if (use != ~0
&& (have_ocsp_signing
|| (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
|KSBA_KEYUSAGE_CRL_SIGN))))
@@ -216,7 +216,7 @@ same_subject_issuer (const char *subject, const char *issuer, ksba_cert_t cert)
char *subject2 = ksba_cert_get_subject (cert, 0);
char *issuer2 = ksba_cert_get_issuer (cert, 0);
int tmp;
-
+
tmp = (subject && subject2
&& !strcmp (subject, subject2)
&& issuer && issuer2
@@ -268,7 +268,7 @@ is_cert_in_certlist (ksba_cert_t cert, certlist_t certlist)
/* Add CERT to the list of certificates at CERTADDR but avoid
duplicates. */
-int
+int
gpgsm_add_cert_to_certlist (ctrl_t ctrl, ksba_cert_t cert,
certlist_t *listaddr, int is_encrypt_to)
{
@@ -355,7 +355,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
/* We want the error code from the first match in this case. */
if (rc && wrong_usage)
rc = wrong_usage;
-
+
if (!rc)
{
certlist_t dup_certs = NULL;
@@ -367,8 +367,8 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
else if (!rc)
{
ksba_cert_t cert2 = NULL;
-
- /* If this is the first possible duplicate, add the original
+
+ /* If this is the first possible duplicate, add the original
certificate to our list of duplicates. */
if (!dup_certs)
gpgsm_add_cert_to_certlist (ctrl, cert, &dup_certs, 0);
@@ -384,8 +384,8 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
keybox). */
if (!keydb_get_cert (kh, &cert2))
{
- int tmp = (same_subject_issuer (first_subject,
- first_issuer,
+ int tmp = (same_subject_issuer (first_subject,
+ first_issuer,
cert2)
&& ((gpg_err_code (
secret? gpgsm_cert_use_sign_p (cert2)
@@ -400,7 +400,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
if (is_cert_in_certlist (cert2, dup_certs))
tmp = 1;
}
-
+
ksba_cert_release (cert2);
if (tmp)
goto next_ambigious;
@@ -416,10 +416,10 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
if (!rc && !is_cert_in_certlist (cert, *listaddr))
{
- if (!rc && secret)
+ if (!rc && secret)
{
char *p;
-
+
rc = gpg_error (GPG_ERR_NO_SECKEY);
p = gpgsm_get_keygrip_hexstring (cert);
if (p)
@@ -437,7 +437,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
certlist_t cl = xtrycalloc (1, sizeof *cl);
if (!cl)
rc = out_of_core ();
- else
+ else
{
cl->cert = cert; cert = NULL;
cl->next = *listaddr;
@@ -448,7 +448,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
}
}
}
-
+
keydb_release (kh);
ksba_cert_release (cert);
return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc;
@@ -496,7 +496,7 @@ gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert)
if (!rc && keyid)
{
ksba_sexp_t subj;
-
+
rc = ksba_cert_get_subj_key_id (*r_cert, NULL, &subj);
if (!rc)
{
@@ -525,7 +525,7 @@ gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert)
rc = keydb_search (kh, &desc, 1);
if (rc == -1)
rc = 0;
- else
+ else
{
if (!rc)
{
@@ -548,8 +548,7 @@ gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert)
}
}
}
-
+
keydb_release (kh);
return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc;
}
-
diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c
index 3dabb654e..526a182bb 100644
--- a/sm/certreqgen-ui.c
+++ b/sm/certreqgen-ui.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -40,7 +40,7 @@ ask_mb_lines (membuf_t *mb, const char *prefix)
{
char *answer = NULL;
- do
+ do
{
xfree (answer);
answer = tty_get ("> ");
@@ -88,7 +88,7 @@ store_mb_lines (membuf_t *mb, membuf_t *lines)
/* Chech whether we have a key for the key with HEXGRIP. Returns NULL
if not or a string describing the type of the key (RSA, ELG, DSA,
- etc..). */
+ etc..). */
static const char *
check_keygrip (ctrl_t ctrl, const char *hexgrip)
{
@@ -202,7 +202,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream)
answer = tty_get (_("Enter the keygrip: "));
tty_kill_prompt ();
trim_spaces (answer);
-
+
if (!*answer)
goto again;
else if (strlen (answer) != 40 &&
diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 72cab29c6..4218908d2 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -75,9 +75,9 @@ The format of the native parameter file is follows:
This is the DN name of the subject in rfc2253 format.
Name-Email: <string>
The is an email address for the altSubjectName
- Name-DNS: <string>
+ Name-DNS: <string>
The is an DNS name for the altSubjectName
- Name-URI: <string>
+ Name-URI: <string>
The is an URI for the altSubjectName
Here is an example:
@@ -99,7 +99,7 @@ EOF
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -127,7 +127,7 @@ struct para_data_s {
int lnr;
enum para_name key;
union {
- unsigned int usage;
+ unsigned int usage;
char value[1];
} u;
};
@@ -157,7 +157,7 @@ static void
release_parameter_list (struct para_data_s *r)
{
struct para_data_s *r2;
-
+
for (; r ; r = r2)
{
r2 = r->next;
@@ -169,7 +169,7 @@ static struct para_data_s *
get_parameter (struct para_data_s *para, enum para_name key, int seq)
{
struct para_data_s *r;
-
+
for (r = para; r ; r = r->next)
if ( r->key == key && !seq--)
return r;
@@ -191,7 +191,7 @@ get_parameter_algo (struct para_data_s *para, enum para_name key)
return -1;
if (digitp (r->u.value))
return atoi( r->u.value );
- return gcry_pk_map_name (r->u.value);
+ return gcry_pk_map_name (r->u.value);
}
/* Parse the usage parameter. Returns 0 on success. Note that we
@@ -204,10 +204,10 @@ parse_parameter_usage (struct para_data_s *para, enum para_name key)
struct para_data_s *r = get_parameter (para, key, 0);
char *p, *pn;
unsigned int use;
-
+
if (!r)
return 0; /* none (this is an optional parameter)*/
-
+
use = 0;
pn = r->u.value;
while ( (p = strsep (&pn, " \t,")) )
@@ -475,7 +475,7 @@ proc_parameters (ctrl_t ctrl,
log_error (_("line %d: invalid algorithm\n"), r->lnr);
return gpg_error (GPG_ERR_INV_PARAMETER);
}
-
+
/* Check the keylength. NOTE: If you change this make sure that it
macthes the gpgconflist item in gpgsm.c */
if (!get_parameter (para, pKEYLENGTH, 0))
@@ -491,7 +491,7 @@ proc_parameters (ctrl_t ctrl,
xfree (cardkeyid);
return gpg_error (GPG_ERR_INV_PARAMETER);
}
-
+
/* Check the usage. */
if (parse_parameter_usage (para, pKEYUSAGE))
{
@@ -525,7 +525,7 @@ proc_parameters (ctrl_t ctrl,
/* Check that the optional email address is okay. */
for (seq=0; (s=get_parameter_value (para, pNAMEEMAIL, seq)); seq++)
- {
+ {
if (has_invalid_email_chars (s)
|| *s == '@'
|| s[strlen(s)-1] == '@'
@@ -566,7 +566,7 @@ proc_parameters (ctrl_t ctrl,
else /* Generate new key. */
{
sprintf (numbuf, "%u", nbits);
- snprintf ((char*)keyparms, DIM (keyparms)-1,
+ snprintf ((char*)keyparms, DIM (keyparms)-1,
"(6:genkey(3:rsa(5:nbits%d:%s)))",
(int)strlen (numbuf), numbuf);
rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
@@ -591,8 +591,8 @@ proc_parameters (ctrl_t ctrl,
/* Parameters are checked, the key pair has been created. Now
generate the request and write it out */
static int
-create_request (ctrl_t ctrl,
- struct para_data_s *para,
+create_request (ctrl_t ctrl,
+ struct para_data_s *para,
const char *carddirect,
ksba_const_sexp_t public,
struct reqgen_ctrl_s *outctrl)
@@ -624,7 +624,7 @@ create_request (ctrl_t ctrl,
ksba_certreq_set_hash_function (cr, HASH_FNC, md);
ksba_certreq_set_writer (cr, outctrl->writer);
-
+
err = ksba_certreq_add_subject (cr, get_parameter_value (para, pNAMEDN, 0));
if (err)
{
@@ -720,14 +720,14 @@ create_request (ctrl_t ctrl,
goto leave;
}
-
+
use = get_parameter_uint (para, pKEYUSAGE);
if (use == GCRY_PK_USAGE_SIGN)
{
/* For signing only we encode the bits:
KSBA_KEYUSAGE_DIGITAL_SIGNATURE
KSBA_KEYUSAGE_NON_REPUDIATION */
- err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
+ err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
"\x03\x02\x06\xC0", 4);
}
else if (use == GCRY_PK_USAGE_ENCR)
@@ -735,7 +735,7 @@ create_request (ctrl_t ctrl,
/* For encrypt only we encode the bits:
KSBA_KEYUSAGE_KEY_ENCIPHERMENT
KSBA_KEYUSAGE_DATA_ENCIPHERMENT */
- err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
+ err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
"\x03\x02\x04\x30", 4);
}
else
@@ -748,7 +748,7 @@ create_request (ctrl_t ctrl,
goto leave;
}
-
+
do
{
err = ksba_certreq_build (cr, &stopreason);
@@ -790,11 +790,11 @@ create_request (ctrl_t ctrl,
gcry_sexp_release (s_pkey);
bin2hex (grip, 20, hexgrip);
- log_info ("about to sign CSR for key: &%s\n", hexgrip);
+ log_info ("about to sign CSR for key: &%s\n", hexgrip);
if (carddirect)
rc = gpgsm_scd_pksign (ctrl, carddirect, NULL,
- gcry_md_read(md, GCRY_MD_SHA1),
+ gcry_md_read(md, GCRY_MD_SHA1),
gcry_md_get_algo_dlen (GCRY_MD_SHA1),
GCRY_MD_SHA1,
&sigval, &siglen);
@@ -804,13 +804,13 @@ create_request (ctrl_t ctrl,
char *desc;
orig_codeset = i18n_switchto_utf8 ();
- desc = percent_plus_escape
+ desc = percent_plus_escape
(_("To complete this certificate request please enter"
" the passphrase for the key you just created once"
" more.\n"));
i18n_switchback (orig_codeset);
rc = gpgsm_agent_pksign (ctrl, hexgrip, desc,
- gcry_md_read(md, GCRY_MD_SHA1),
+ gcry_md_read(md, GCRY_MD_SHA1),
gcry_md_get_algo_dlen (GCRY_MD_SHA1),
GCRY_MD_SHA1,
&sigval, &siglen);
@@ -821,7 +821,7 @@ create_request (ctrl_t ctrl,
log_error ("signing failed: %s\n", gpg_strerror (rc));
goto leave;
}
-
+
err = ksba_certreq_set_sig_val (cr, sigval);
xfree (sigval);
if (err)
@@ -833,13 +833,13 @@ create_request (ctrl_t ctrl,
}
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
leave:
gcry_md_close (md);
ksba_certreq_release (cr);
- return rc;
+ return rc;
}
@@ -870,7 +870,7 @@ gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, estream_t out_stream)
}
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -883,4 +883,3 @@ gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, estream_t out_stream)
gpgsm_destroy_writer (b64writer);
return rc;
}
-
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 4fb3c2d3c..da833e106 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -33,7 +33,7 @@
#include "keydb.h"
#include "i18n.h"
-struct decrypt_filter_parm_s
+struct decrypt_filter_parm_s
{
int algo;
int mode;
@@ -53,7 +53,7 @@ struct decrypt_filter_parm_s
/* Decrypt the session key and fill in the parm structure. The
algo and the IV is expected to be already in PARM. */
-static int
+static int
prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
ksba_const_sexp_t enc_val,
struct decrypt_filter_parm_s *parm)
@@ -84,9 +84,9 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
if (n + 7 > seskeylen )
{
rc = gpg_error (GPG_ERR_INV_SESSION_KEY);
- goto leave;
+ goto leave;
}
-
+
/* FIXME: Actually the leading zero is required but due to the way
we encode the output in libgcrypt as an MPI we are not able to
encode that leading zero. However, when using a Smartcard we are
@@ -94,20 +94,20 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
should be fixed in gpg-agent of course. */
if (!seskey[n])
n++;
-
+
if (seskey[n] != 2 ) /* Wrong block type version. */
- {
+ {
rc = gpg_error (GPG_ERR_INV_SESSION_KEY);
- goto leave;
+ goto leave;
}
-
+
for (n++; n < seskeylen && seskey[n]; n++) /* Skip the random bytes. */
;
n++; /* and the zero byte */
if (n >= seskeylen )
- {
+ {
rc = gpg_error (GPG_ERR_INV_SESSION_KEY);
- goto leave;
+ goto leave;
}
}
@@ -120,7 +120,7 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
log_error ("error creating decryptor: %s\n", gpg_strerror (rc));
goto leave;
}
-
+
rc = gcry_cipher_setkey (parm->hd, seskey+n, seskeylen-n);
if (gpg_err_code (rc) == GPG_ERR_WEAK_KEY)
{
@@ -301,7 +301,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
audit_log (ctrl->audit, AUDIT_SETUP_READY);
/* Parser loop. */
- do
+ do
{
rc = ksba_cms_parse (cms, &stopreason);
if (rc)
@@ -316,7 +316,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
int algo, mode;
const char *algoid;
int any_key = 0;
-
+
audit_log (ctrl->audit, AUDIT_GOT_DATA);
algoid = ksba_cms_get_content_oid (cms, 2/* encryption algo*/);
@@ -363,7 +363,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
log_error ("error getting IV: %s\n", gpg_strerror (rc));
goto leave;
}
-
+
for (recp=0; !any_key; recp++)
{
char *issuer;
@@ -412,7 +412,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
if (rc)
{
log_error ("failed to get cert: %s\n", gpg_strerror (rc));
- goto oops;
+ goto oops;
}
/* Print the ENC_TO status line. Note that we can
@@ -424,11 +424,11 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
keyid for later use. */
{
unsigned long kid[2];
-
+
kid[0] = gpgsm_get_short_fingerprint (cert, kid+1);
snprintf (kidbuf, sizeof kidbuf, "%08lX%08lX",
kid[1], kid[0]);
- gpgsm_status2 (ctrl, STATUS_ENC_TO,
+ gpgsm_status2 (ctrl, STATUS_ENC_TO,
kidbuf, "0", "0", NULL);
}
@@ -535,7 +535,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
goto leave;
}
rc = ksba_writer_write (writer,
- dfparm.lastblock,
+ dfparm.lastblock,
dfparm.blklen - npadding);
if (rc)
goto leave;
@@ -553,10 +553,10 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -575,11 +575,9 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
ksba_cms_release (cms);
gpgsm_destroy_reader (b64reader);
gpgsm_destroy_writer (b64writer);
- keydb_release (kh);
+ keydb_release (kh);
es_fclose (in_fp);
if (dfparm.hd)
- gcry_cipher_close (dfparm.hd);
+ gcry_cipher_close (dfparm.hd);
return rc;
}
-
-
diff --git a/sm/delete.c b/sm/delete.c
index e2835a98b..10ec965cb 100644
--- a/sm/delete.c
+++ b/sm/delete.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -44,7 +44,7 @@ delete_one (ctrl_t ctrl, const char *username)
ksba_cert_t cert = NULL;
int duplicates = 0;
int is_ephem = 0;
-
+
rc = classify_user_id (username, &desc);
if (rc)
{
@@ -122,8 +122,8 @@ delete_one (ctrl_t ctrl, const char *username)
log_error (_("error locking keybox: %s\n"), gpg_strerror (rc));
goto leave;
}
-
- do
+
+ do
{
keydb_search_reset (kh);
rc = keydb_search (kh, &desc, 1);
@@ -133,9 +133,9 @@ delete_one (ctrl_t ctrl, const char *username)
gpg_strerror (rc));
goto leave;
}
-
+
rc = keydb_delete (kh, duplicates ? 0 : 1);
- if (rc)
+ if (rc)
goto leave;
if (opt.verbose)
{
@@ -166,7 +166,7 @@ gpgsm_delete (ctrl_t ctrl, strlist_t names)
log_error ("nothing to delete\n");
return gpg_error (GPG_ERR_NO_DATA);
}
-
+
for (; names; names=names->next )
{
rc = delete_one (ctrl, names->d);
@@ -177,6 +177,6 @@ gpgsm_delete (ctrl_t ctrl, strlist_t names)
return rc;
}
}
-
+
return 0;
}
diff --git a/sm/encrypt.c b/sm/encrypt.c
index ffe88a790..e66fac7f6 100644
--- a/sm/encrypt.c
+++ b/sm/encrypt.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -48,7 +48,7 @@ typedef struct dek_s *DEK;
/* Callback parameters for the encryption. */
-struct encrypt_cb_parm_s
+struct encrypt_cb_parm_s
{
estream_t fp;
DEK dek;
@@ -77,7 +77,7 @@ init_dek (DEK dek)
log_error ("unsupported algorithm `%s'\n", dek->algoid);
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
}
-
+
/* Extra check for algorithms we consider to be too weak for
encryption, although we support them for decryption. Note that
there is another check below discriminating on the key length. */
@@ -102,18 +102,18 @@ init_dek (DEK dek)
/* Make sure we don't use weak keys. */
if (dek->keylen < 100/8)
- {
+ {
log_error ("key length of `%s' too small\n", dek->algoid);
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
}
-
+
rc = gcry_cipher_open (&dek->chd, dek->algo, mode, GCRY_CIPHER_SECURE);
if (rc)
{
log_error ("failed to create cipher context: %s\n", gpg_strerror (rc));
return rc;
}
-
+
for (i=0; i < 8; i++)
{
gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM );
@@ -139,7 +139,7 @@ init_dek (DEK dek)
dek->chd = NULL;
return rc;
}
-
+
return 0;
}
@@ -160,7 +160,7 @@ encode_session_key (DEK dek, gcry_sexp_t * r_data)
rc = gcry_sexp_sscan (&data, NULL, p, strlen (p));
xfree (p);
*r_data = data;
- return rc;
+ return rc;
}
@@ -210,7 +210,7 @@ encrypt_dek (const DEK dek, ksba_cert_t cert, unsigned char **encval)
rc = gcry_pk_encrypt (&s_ciph, s_data, s_pkey);
gcry_sexp_release (s_data);
gcry_sexp_release (s_pkey);
-
+
/* Reformat it. */
rc = make_canon_sexp (s_ciph, encval, NULL);
gcry_sexp_release (s_ciph);
@@ -237,7 +237,7 @@ encrypt_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
if (count < blklen)
BUG ();
-
+
if (!parm->eof_seen)
{ /* fillup the buffer */
p = parm->buffer;
@@ -252,13 +252,13 @@ encrypt_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
return -1;
}
parm->eof_seen = 1;
- break;
+ break;
}
p[n] = c;
}
parm->buflen = n;
}
-
+
n = parm->buflen < count? parm->buflen : count;
n = n/blklen * blklen;
if (n)
@@ -287,7 +287,7 @@ encrypt_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
-/* Perform an encrypt operation.
+/* Perform an encrypt operation.
Encrypt the data received on DATA-FD and write it to OUT_FP. The
recipients are take from the certificate given in recplist; if this
@@ -400,7 +400,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
}
/* Create a session key */
- dek = xtrycalloc_secure (1, sizeof *dek);
+ dek = xtrycalloc_secure (1, sizeof *dek);
if (!dek)
rc = out_of_core ();
else
@@ -433,7 +433,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
rc = out_of_core ();
goto leave;
}
-
+
audit_log_s (ctrl->audit, AUDIT_SESSION_KEY, dek->algoid);
/* Gather certificates of recipients, encrypt the session key for
@@ -441,7 +441,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
for (recpno = 0, cl = recplist; cl; recpno++, cl = cl->next)
{
unsigned char *encval;
-
+
rc = encrypt_dek (dek, cl->cert, &encval);
if (rc)
{
@@ -450,7 +450,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
recpno, gpg_strerror (rc));
goto leave;
}
-
+
err = ksba_cms_add_recipient (cms, cl->cert);
if (err)
{
@@ -461,7 +461,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
xfree (encval);
goto leave;
}
-
+
err = ksba_cms_set_enc_val (cms, recpno, encval);
xfree (encval);
audit_log_cert (ctrl->audit, AUDIT_ENCRYPTED_TO, cl->cert, err);
@@ -476,7 +476,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
/* Main control loop for encryption. */
recpno = 0;
- do
+ do
{
err = ksba_cms_build (cms, &stopreason);
if (err)
@@ -486,7 +486,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
goto leave;
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
if (encparm.readerror)
{
@@ -497,7 +497,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -509,7 +509,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
ksba_cms_release (cms);
gpgsm_destroy_writer (b64writer);
ksba_reader_release (reader);
- keydb_release (kh);
+ keydb_release (kh);
xfree (dek);
es_fclose (data_fp);
xfree (encparm.buffer);
diff --git a/sm/export.c b/sm/export.c
index f76ed8f01..7884adff3 100644
--- a/sm/export.c
+++ b/sm/export.c
@@ -78,7 +78,7 @@ destroy_duptable (duptable_t *table)
if (table)
{
- for (idx=0; idx < DUPTABLE_SIZE; idx++)
+ for (idx=0; idx < DUPTABLE_SIZE; idx++)
for (t = table[idx]; t; t = t2)
{
t2 = t->next;
@@ -95,15 +95,15 @@ insert_duptable (duptable_t *table, unsigned char *fpr, int *exists)
{
size_t idx;
duptable_t t;
-
+
*exists = 0;
idx = fpr[0];
#if DUPTABLE_BITS > 16 || DUPTABLE_BITS < 8
#error cannot handle a table larger than 16 bits or smaller than 8 bits
#elif DUPTABLE_BITS > 8
- idx <<= (DUPTABLE_BITS - 8);
- idx |= (fpr[1] & ~(~0 << 4));
-#endif
+ idx <<= (DUPTABLE_BITS - 8);
+ idx |= (fpr[1] & ~(~0 << 4));
+#endif
for (t = table[idx]; t; t = t->next)
if (!memcmp (t->fpr, fpr+1, 19))
@@ -141,7 +141,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
int i;
duptable_t *dtable;
-
+
dtable = create_duptable ();
if (!dtable)
{
@@ -160,7 +160,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
ndesc = 1;
else
{
- for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++)
+ for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++)
;
}
@@ -174,9 +174,9 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
if (!names)
desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
- else
+ else
{
- for (ndesc=0, sl=names; sl; sl = sl->next)
+ for (ndesc=0, sl=names; sl; sl = sl->next)
{
rc = classify_user_id (sl->d, desc+ndesc);
if (rc)
@@ -204,17 +204,17 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
if (i == ndesc)
keydb_set_ephemeral (hd, 1);
}
-
+
while (!(rc = keydb_search (hd, desc, ndesc)))
{
unsigned char fpr[20];
int exists;
- if (!names)
+ if (!names)
desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
rc = keydb_get_cert (hd, &cert);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -281,7 +281,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
{
/* We want one certificate per PEM block */
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -291,7 +291,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
}
}
- ksba_cert_release (cert);
+ ksba_cert_release (cert);
cert = NULL;
}
if (rc && rc != -1)
@@ -299,13 +299,13 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
else if (b64writer)
{
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
}
-
+
leave:
gpgsm_destroy_writer (b64writer);
ksba_cert_release (cert);
@@ -361,13 +361,13 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream)
if (!err)
{
err = keydb_get_cert (hd, &cert);
- if (err)
+ if (err)
{
log_error ("keydb_get_cert failed: %s\n", gpg_strerror (err));
goto leave;
}
- next_ambiguous:
+ next_ambiguous:
err = keydb_search (hd, desc, 1);
if (!err)
{
@@ -393,7 +393,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream)
goto leave;
}
}
-
+
keygrip = gpgsm_get_keygrip_hexstring (cert);
if (!keygrip || gpgsm_agent_havekey (ctrl, keygrip))
{
@@ -402,7 +402,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream)
log_error ("can't export key `%s': %s\n", name, gpg_strerror (err));
goto leave;
}
-
+
image = ksba_cert_get_image (cert, &imagelen);
if (!image)
{
@@ -447,7 +447,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream)
{
/* We want one certificate per PEM block */
err = gpgsm_finish_writer (b64writer);
- if (err)
+ if (err)
{
log_error ("write failed: %s\n", gpg_strerror (err));
goto leave;
@@ -455,8 +455,8 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream)
gpgsm_destroy_writer (b64writer);
b64writer = NULL;
}
-
- ksba_cert_release (cert);
+
+ ksba_cert_release (cert);
cert = NULL;
leave:
@@ -479,19 +479,19 @@ print_short_info (ksba_cert_t cert, estream_t stream)
{
es_fputs ((!idx
? "Issuer ...: "
- : "\n aka ...: "), stream);
+ : "\n aka ...: "), stream);
gpgsm_es_print_name (stream, p);
xfree (p);
}
es_putc ('\n', stream);
- es_fputs ("Serial ...: ", stream);
+ es_fputs ("Serial ...: ", stream);
sexp = ksba_cert_get_serial (cert);
if (sexp)
{
int len;
const unsigned char *s = sexp;
-
+
if (*s == '(')
{
s++;
@@ -508,7 +508,7 @@ print_short_info (ksba_cert_t cert, estream_t stream)
{
es_fputs ((!idx
? "Subject ..: "
- : "\n aka ..: "), stream);
+ : "\n aka ..: "), stream);
gpgsm_es_print_name (stream, p);
xfree (p);
}
@@ -533,7 +533,7 @@ sexp_to_kparms (gcry_sexp_t sexp)
list = gcry_sexp_find_token (sexp, "private-key", 0 );
if(!list)
- return NULL;
+ return NULL;
l2 = gcry_sexp_cadr (list);
gcry_sexp_release (list);
list = l2;
@@ -552,7 +552,7 @@ sexp_to_kparms (gcry_sexp_t sexp)
gcry_sexp_release (list);
return NULL;
}
- for (idx=0, s=elems; *s; s++, idx++ )
+ for (idx=0, s=elems; *s; s++, idx++ )
{
if (*s == '-')
continue; /* Computed below */
@@ -575,11 +575,11 @@ sexp_to_kparms (gcry_sexp_t sexp)
array[5] = gcry_mpi_snew (0); /* compute d mod (q-1) */
gcry_mpi_sub_ui (array[5], array[3], 1);
- gcry_mpi_mod (array[5], array[2], array[5]);
+ gcry_mpi_mod (array[5], array[2], array[5]);
array[6] = gcry_mpi_snew (0); /* compute d mod (p-1) */
gcry_mpi_sub_ui (array[6], array[4], 1);
- gcry_mpi_mod (array[6], array[3], array[6]);
+ gcry_mpi_mod (array[6], array[3], array[6]);
return array;
}
@@ -616,7 +616,7 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
}
/* Receive the wrapped key from the agent. */
- err = gpgsm_agent_export_key (ctrl, keygrip, prompt,
+ err = gpgsm_agent_export_key (ctrl, keygrip, prompt,
&wrappedkey, &wrappedkeylen);
if (err)
goto leave;
@@ -669,8 +669,8 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
log_error ("error converting key parameters\n");
err = GPG_ERR_BAD_SECKEY;
goto leave;
- }
-
+ }
+
err = gpgsm_agent_ask_passphrase
(ctrl,
i18n_utf8 ("Please enter the passphrase to protect the "
@@ -685,7 +685,7 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
passphrase = NULL;
if (!result)
err = gpg_error (GPG_ERR_GENERAL);
-
+
leave:
xfree (key);
gcry_sexp_release (s_skey);
@@ -698,7 +698,7 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
gcry_cipher_close (cipherhd);
xfree (wrappedkey);
xfree (kek);
-
+
if (gpg_err_code (err) == GPG_ERR_BAD_PASSPHRASE)
{
/* During export this is the passphrase used to unprotect the
@@ -719,4 +719,3 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
}
return err;
}
-
diff --git a/sm/fingerprint.c b/sm/fingerprint.c
index 4704f5972..b0c7608cf 100644
--- a/sm/fingerprint.c
+++ b/sm/fingerprint.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -37,7 +37,7 @@
allocates the array. If r_len is not NULL, the length of the
digest is returned; well, this can also be done by using
gcry_md_get_algo_dlen(). If algo is 0, a SHA-1 will be used.
-
+
If there is a problem , the function does never return NULL but a
digest of all 0xff.
*/
@@ -47,7 +47,7 @@ gpgsm_get_fingerprint (ksba_cert_t cert, int algo,
{
gcry_md_hd_t md;
int rc, len;
-
+
if (!algo)
algo = GCRY_MD_SHA1;
@@ -65,7 +65,7 @@ gpgsm_get_fingerprint (ksba_cert_t cert, int algo,
size_t buflen;
assert (len >= 20);
- if (!ksba_cert_get_user_data (cert, "sha1-fingerprint",
+ if (!ksba_cert_get_user_data (cert, "sha1-fingerprint",
array, len, &buflen)
&& buflen == 20)
return array;
@@ -165,7 +165,7 @@ gpgsm_get_keygrip (ksba_cert_t cert, unsigned char *array)
int rc;
ksba_sexp_t p;
size_t n;
-
+
p = ksba_cert_get_public_key (cert);
if (!p)
return NULL; /* oops */
@@ -234,7 +234,7 @@ gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits)
p = ksba_cert_get_public_key (cert);
if (!p)
- return 0;
+ return 0;
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
if (!n)
{
@@ -282,7 +282,7 @@ gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits)
serial number for this. In most cases the serial number is not
that large and the resulting string can be passed on an assuan
command line. Everything is hexencoded with the serialnumber
- delimited from the hash by a dot.
+ delimited from the hash by a dot.
The caller must free the string.
*/
@@ -296,7 +296,7 @@ gpgsm_get_certid (ksba_cert_t cert)
unsigned long n;
char *certid;
int i;
-
+
p = ksba_cert_get_issuer (cert, 0);
if (!p)
return NULL; /* Ooops: No issuer */
@@ -341,7 +341,3 @@ gpgsm_get_certid (ksba_cert_t cert)
xfree (serial);
return certid;
}
-
-
-
-
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index f3718ae9f..c6732fce9 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -1,4 +1,4 @@
-/* gpgsm.c - GnuPG for S/MIME
+/* gpgsm.c - GnuPG for S/MIME
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
* 2010 Free Software Foundation, Inc.
*
@@ -72,7 +72,7 @@ enum cmd_and_opt_values {
aRecvKeys,
aExport,
aExportSecretKeyP12,
- aServer,
+ aServer,
aLearnCard,
aCallDirmngr,
aCallProtectTool,
@@ -140,7 +140,7 @@ enum cmd_and_opt_values {
oDisablePolicyChecks,
oEnablePolicyChecks,
oAutoIssuerKeyRetrieve,
-
+
oWithFingerprint,
oWithMD5Fingerprint,
oWithKeygrip,
@@ -194,22 +194,22 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")),
ARGPARSE_c (aVerify, "verify", N_("verify a signature")),
ARGPARSE_c (aListKeys, "list-keys", N_("list keys")),
- ARGPARSE_c (aListExternalKeys, "list-external-keys",
+ ARGPARSE_c (aListExternalKeys, "list-external-keys",
N_("list external keys")),
ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
- ARGPARSE_c (aListChain, "list-chain", N_("list certificate chain")),
+ ARGPARSE_c (aListChain, "list-chain", N_("list certificate chain")),
ARGPARSE_c (aFingerprint, "fingerprint", N_("list keys and fingerprints")),
ARGPARSE_c (aKeygen, "gen-key", N_("generate a new key pair")),
- ARGPARSE_c (aDeleteKey, "delete-keys",
+ ARGPARSE_c (aDeleteKey, "delete-keys",
N_("remove keys from the public keyring")),
ARGPARSE_c (aSendKeys, "send-keys", N_("export keys to a key server")),
ARGPARSE_c (aRecvKeys, "recv-keys", N_("import keys from a key server")),
ARGPARSE_c (aImport, "import", N_("import certificates")),
ARGPARSE_c (aExport, "export", N_("export certificates")),
- ARGPARSE_c (aExportSecretKeyP12, "export-secret-key-p12", "@"),
+ ARGPARSE_c (aExportSecretKeyP12, "export-secret-key-p12", "@"),
ARGPARSE_c (aLearnCard, "learn-card", N_("register a smartcard")),
ARGPARSE_c (aServer, "server", N_("run in server mode")),
- ARGPARSE_c (aCallDirmngr, "call-dirmngr",
+ ARGPARSE_c (aCallDirmngr, "call-dirmngr",
N_("pass a command to the dirmngr")),
ARGPARSE_c (aCallProtectTool, "call-protect-tool",
N_("invoke gpg-protect-tool")),
@@ -232,23 +232,23 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oP12Charset, "p12-charset", "@"),
- ARGPARSE_s_n (oAssumeArmor, "assume-armor",
+ ARGPARSE_s_n (oAssumeArmor, "assume-armor",
N_("assume input is in PEM format")),
ARGPARSE_s_n (oAssumeBase64, "assume-base64",
N_("assume input is in base-64 format")),
- ARGPARSE_s_n (oAssumeBinary, "assume-binary",
+ ARGPARSE_s_n (oAssumeBinary, "assume-binary",
N_("assume input is in binary format")),
ARGPARSE_s_s (oRecipient, "recipient", N_("|USER-ID|encrypt for USER-ID")),
ARGPARSE_s_n (oPreferSystemDirmngr,"prefer-system-dirmngr", "@"),
- ARGPARSE_s_n (oDisableCRLChecks, "disable-crl-checks",
+ ARGPARSE_s_n (oDisableCRLChecks, "disable-crl-checks",
N_("never consult a CRL")),
ARGPARSE_s_n (oEnableCRLChecks, "enable-crl-checks", "@"),
ARGPARSE_s_n (oDisableTrustedCertCRLCheck,
"disable-trusted-cert-crl-check", "@"),
- ARGPARSE_s_n (oEnableTrustedCertCRLCheck,
+ ARGPARSE_s_n (oEnableTrustedCertCRLCheck,
"enable-trusted-cert-crl-check", "@"),
ARGPARSE_s_n (oForceCRLRefresh, "force-crl-refresh", "@"),
@@ -258,7 +258,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oValidationModel, "validation-model", "@"),
- ARGPARSE_s_i (oIncludeCerts, "include-certs",
+ ARGPARSE_s_i (oIncludeCerts, "include-certs",
N_("|N|number of certificates to include") ),
ARGPARSE_s_s (oPolicyFile, "policy-file",
@@ -286,7 +286,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oNoLogFile, "no-log-file", "@"),
ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"),
- ARGPARSE_s_s (oAuditLog, "audit-log",
+ ARGPARSE_s_s (oAuditLog, "audit-log",
N_("|FILE|write an audit log to FILE")),
ARGPARSE_s_s (oHtmlAuditLog, "html-audit-log", "@"),
ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
@@ -325,12 +325,12 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_i (oStatusFD, "status-fd",
N_("|FD|write status info to this FD")),
- ARGPARSE_s_s (oCipherAlgo, "cipher-algo",
+ ARGPARSE_s_s (oCipherAlgo, "cipher-algo",
N_("|NAME|use cipher algorithm NAME")),
ARGPARSE_s_s (oDigestAlgo, "digest-algo",
N_("|NAME|use message digest algorithm NAME")),
ARGPARSE_s_s (oExtraDigestAlgo, "extra-digest-algo", "@"),
-
+
ARGPARSE_group (302, N_(
"@\n(See the man page for a complete listing of all commands and options)\n"
@@ -346,13 +346,13 @@ static ARGPARSE_OPTS opts[] = {
/* Hidden options. */
ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"),
ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"),
- ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
+ ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
ARGPARSE_s_n (oNoArmor, "no-armor", "@"),
ARGPARSE_s_n (oNoArmor, "no-armour", "@"),
ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
ARGPARSE_s_n (oNoOptions, "no-options", "@"),
- ARGPARSE_s_s (oHomedir, "homedir", "@"),
+ ARGPARSE_s_s (oHomedir, "homedir", "@"),
ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
ARGPARSE_s_s (oDisplay, "display", "@"),
ARGPARSE_s_s (oTTYname, "ttyname", "@"),
@@ -381,11 +381,11 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oIgnoreCertExtension, "ignore-cert-extension", "@"),
/* Command aliases. */
- ARGPARSE_c (aListKeys, "list-key", "@"),
- ARGPARSE_c (aListChain, "list-sig", "@"),
- ARGPARSE_c (aListChain, "list-sigs", "@"),
- ARGPARSE_c (aListChain, "check-sig", "@"),
- ARGPARSE_c (aListChain, "check-sigs", "@"),
+ ARGPARSE_c (aListKeys, "list-key", "@"),
+ ARGPARSE_c (aListChain, "list-sig", "@"),
+ ARGPARSE_c (aListChain, "list-sigs", "@"),
+ ARGPARSE_c (aListChain, "check-sig", "@"),
+ ARGPARSE_c (aListChain, "check-sigs", "@"),
ARGPARSE_c (aDeleteKey, "delete-key", "@"),
ARGPARSE_end ()
@@ -409,7 +409,7 @@ static int allow_special_filenames;
/* Default value for include-certs. We need an extra macro for
gpgconf-list because the variable will be changed by the command
- line option.
+ line option.
It is often cumbersome to locate intermediate certificates, thus by
default we include all certificates in the chain. However we leave
@@ -418,7 +418,7 @@ static int allow_special_filenames;
should be installed only after due checks and thus it won't help to
send it along with each message. */
#define DEFAULT_INCLUDE_CERTS -2 /* Include all certs but root. */
-static int default_include_certs = DEFAULT_INCLUDE_CERTS;
+static int default_include_certs = DEFAULT_INCLUDE_CERTS;
/* Whether the chain mode shall be used for validation. */
static int default_validation_model;
@@ -500,7 +500,7 @@ make_libversion (const char *libname, const char *(*getfnc)(const char*))
{
const char *s;
char *result;
-
+
if (maybe_setuid)
{
gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
@@ -568,7 +568,7 @@ my_strusage( int level )
digests = build_list("Hash: ", gcry_md_algo_name, our_md_test_algo );
p = digests;
break;
-
+
default: p = NULL; break;
}
return p;
@@ -581,7 +581,7 @@ build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int))
int i;
size_t n=strlen(text)+2;
char *list, *p;
-
+
if (maybe_setuid) {
gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */
}
@@ -635,7 +635,7 @@ static void
set_opt_session_env (const char *name, const char *value)
{
gpg_error_t err;
-
+
err = session_env_setenv (opt.session_env, name, value);
if (err)
log_fatal ("error setting session environment: %s\n",
@@ -670,7 +670,7 @@ set_debug (void)
/* Unless the "guru" string has been used we don't want to allow
hashing debugging. The rationale is that people tend to
select the highest debug value and would then clutter their
- disk with debug files which may reveal confidential data. */
+ disk with debug files which may reveal confidential data. */
if (numok)
opt.debug &= ~(DBG_HASHING_VALUE);
}
@@ -695,16 +695,16 @@ set_debug (void)
if (opt.debug)
log_info ("enabled debug flags:%s%s%s%s%s%s%s%s\n",
- (opt.debug & DBG_X509_VALUE )? " x509":"",
- (opt.debug & DBG_MPI_VALUE )? " mpi":"",
- (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
- (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
- (opt.debug & DBG_CACHE_VALUE )? " cache":"",
- (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
- (opt.debug & DBG_HASHING_VALUE)? " hashing":"",
+ (opt.debug & DBG_X509_VALUE )? " x509":"",
+ (opt.debug & DBG_MPI_VALUE )? " mpi":"",
+ (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
+ (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
+ (opt.debug & DBG_CACHE_VALUE )? " cache":"",
+ (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
+ (opt.debug & DBG_HASHING_VALUE)? " hashing":"",
(opt.debug & DBG_ASSUAN_VALUE )? " assuan":"" );
}
-
+
static void
@@ -721,7 +721,7 @@ set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
else if ( (cmd == aSign && new_cmd == aClearsign)
|| (cmd == aClearsign && new_cmd == aSign) )
cmd = aClearsign;
- else
+ else
{
log_error(_("conflicting commands\n"));
gpgsm_exit(2);
@@ -813,39 +813,39 @@ parse_keyserver_line (char *line,
fail = 1;
}
break;
-
+
case 2:
if (*p)
server->port = atoi (p);
break;
-
+
case 3:
if (*p)
server->user = xstrdup (p);
break;
-
+
case 4:
if (*p && !server->user)
{
- log_error (_("%s:%u: password given without user\n"),
+ log_error (_("%s:%u: password given without user\n"),
filename, lineno);
fail = 1;
}
else if (*p)
server->pass = xstrdup (p);
break;
-
+
case 5:
if (*p)
server->base = xstrdup (p);
break;
-
+
default:
/* (We silently ignore extra fields.) */
break;
}
}
-
+
if (fail)
{
log_info (_("%s:%u: skipping this line\n"), filename, lineno);
@@ -916,7 +916,7 @@ main ( int argc, char **argv)
/* Check that the libraries are suitable. Do it here because the
option parse may need services of the library */
if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
+ log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) );
if (!ksba_check_version (NEED_KSBA_VERSION) )
log_fatal (_("%s is too old (need %s, have %s)\n"), "libksba",
@@ -926,9 +926,9 @@ main ( int argc, char **argv)
gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
may_coredump = disable_core_dumps ();
-
+
gnupg_init_signals (0, emergency_cleanup);
-
+
create_dotlock (NULL); /* register locking cleanup */
opt.session_env = session_env_new ();
@@ -938,11 +938,11 @@ main ( int argc, char **argv)
/* Note: If you change this default cipher algorithm , please
remember to update the Gpgconflist entry as well. */
- opt.def_cipher_algoid = DEFAULT_CIPHER_ALGO;
+ opt.def_cipher_algoid = DEFAULT_CIPHER_ALGO;
opt.homedir = default_homedir ();
-
+
/* First check whether we have a config file on the commandline */
orig_argc = argc;
orig_argv = argv;
@@ -967,14 +967,14 @@ main ( int argc, char **argv)
break; /* This break makes sure that --version and --help are
passed to the protect-tool. */
}
-
-
+
+
/* Initialize the secure memory. */
gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
maybe_setuid = 0;
- /*
- Now we are now working under our real uid
+ /*
+ Now we are now working under our real uid
*/
ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
@@ -1000,7 +1000,7 @@ main ( int argc, char **argv)
configname = make_filename (opt.homedir, "gpgsm.conf", NULL);
/* Set the default policy file */
opt.policy_file = make_filename (opt.homedir, "policies.txt", NULL);
-
+
argc = orig_argc;
argv = orig_argv;
pargs.argc = &argc;
@@ -1018,7 +1018,7 @@ main ( int argc, char **argv)
if (parse_debug)
log_info (_("NOTE: no default option file `%s'\n"), configname);
}
- else
+ else
{
log_error (_("option file `%s': %s\n"), configname, strerror(errno));
gpgsm_exit(2);
@@ -1031,19 +1031,19 @@ main ( int argc, char **argv)
default_config = 0;
}
- while (!no_more_options
+ while (!no_more_options
&& optfile_parse (configfp, configname, &configlineno, &pargs, opts))
{
switch (pargs.r_opt)
{
- case aGPGConfList:
- case aGPGConfTest:
+ case aGPGConfList:
+ case aGPGConfTest:
set_cmd (&cmd, pargs.r_opt);
do_not_setup_keys = 1;
nogreeting = 1;
break;
- case aServer:
+ case aServer:
opt.batch = 1;
set_cmd (&cmd, aServer);
break;
@@ -1060,7 +1060,7 @@ main ( int argc, char **argv)
no_more_options = 1; /* Stop parsing. */
do_not_setup_keys = 1;
break;
-
+
case aDeleteKey:
set_cmd (&cmd, aDeleteKey);
/*greeting=1;*/
@@ -1069,45 +1069,45 @@ main ( int argc, char **argv)
case aDetachedSign:
detached_sig = 1;
- set_cmd (&cmd, aSign );
+ set_cmd (&cmd, aSign );
break;
case aKeygen:
set_cmd (&cmd, aKeygen);
- greeting=1;
+ greeting=1;
do_not_setup_keys = 1;
break;
- case aImport:
- case aSendKeys:
- case aRecvKeys:
- case aExport:
- case aExportSecretKeyP12:
+ case aImport:
+ case aSendKeys:
+ case aRecvKeys:
+ case aExport:
+ case aExportSecretKeyP12:
case aDumpKeys:
case aDumpChain:
- case aDumpExternalKeys:
- case aDumpSecretKeys:
+ case aDumpExternalKeys:
+ case aDumpSecretKeys:
case aListKeys:
- case aListExternalKeys:
- case aListSecretKeys:
- case aListChain:
- case aLearnCard:
- case aPasswd:
+ case aListExternalKeys:
+ case aListSecretKeys:
+ case aListChain:
+ case aLearnCard:
+ case aPasswd:
case aKeydbClearSomeCertFlags:
do_not_setup_keys = 1;
set_cmd (&cmd, pargs.r_opt);
break;
- case aEncr:
+ case aEncr:
recp_required = 1;
set_cmd (&cmd, pargs.r_opt);
break;
case aSym:
- case aDecrypt:
- case aSign:
- case aClearsign:
- case aVerify:
+ case aDecrypt:
+ case aSign:
+ case aClearsign:
+ case aVerify:
set_cmd (&cmd, pargs.r_opt);
break;
@@ -1115,15 +1115,15 @@ main ( int argc, char **argv)
case oArmor:
ctrl.create_pem = 1;
break;
- case oBase64:
+ case oBase64:
ctrl.create_pem = 0;
ctrl.create_base64 = 1;
break;
- case oNoArmor:
+ case oNoArmor:
ctrl.create_pem = 0;
ctrl.create_base64 = 0;
break;
-
+
case oP12Charset:
opt.p12_charset = pargs.r.ret_str;
break;
@@ -1168,8 +1168,8 @@ main ( int argc, char **argv)
ctrl.use_ocsp = opt.enable_ocsp = 1;
break;
- case oIncludeCerts:
- ctrl.include_certs = default_include_certs = pargs.r.ret_int;
+ case oIncludeCerts:
+ ctrl.include_certs = default_include_certs = pargs.r.ret_int;
break;
case oPolicyFile:
@@ -1186,14 +1186,14 @@ main ( int argc, char **argv)
case oEnablePolicyChecks:
opt.no_policy_check = 0;
break;
-
+
case oAutoIssuerKeyRetrieve:
opt.auto_issuer_key_retrieve = 1;
break;
case oOutput: opt.outfile = pargs.r.ret_str; break;
-
+
case oQuiet: opt.quiet = 1; break;
case oNoTTY: /* fixme:tty_no_terminal(1);*/ break;
case oDryRun: opt.dry_run = 1; break;
@@ -1208,17 +1208,17 @@ main ( int argc, char **argv)
break;
case oLogFile: logfile = pargs.r.ret_str; break;
- case oNoLogFile: logfile = NULL; break;
+ case oNoLogFile: logfile = NULL; break;
case oAuditLog: auditlog = pargs.r.ret_str; break;
case oHtmlAuditLog: htmlauditlog = pargs.r.ret_str; break;
- case oBatch:
+ case oBatch:
opt.batch = 1;
greeting = 0;
break;
case oNoBatch: opt.batch = 0; break;
-
+
case oAnswerYes: opt.answer_yes = 1; break;
case oAnswerNo: opt.answer_no = 1; break;
@@ -1283,12 +1283,12 @@ main ( int argc, char **argv)
case oDisableDirmngr: opt.disable_dirmngr = 1; break;
case oPreferSystemDirmngr: /* Obsolete */; break;
case oProtectToolProgram:
- opt.protect_tool_program = pargs.r.ret_str;
+ opt.protect_tool_program = pargs.r.ret_str;
break;
-
+
case oFakedSystemTime:
{
- time_t faked_time = isotime2epoch (pargs.r.ret_str);
+ time_t faked_time = isotime2epoch (pargs.r.ret_str);
if (faked_time == (time_t)(-1))
faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
gnupg_set_time (faked_time, 0);
@@ -1344,20 +1344,20 @@ main ( int argc, char **argv)
break;
case oNoSecmemWarn:
- gcry_control (GCRYCTL_DISABLE_SECMEM_WARN);
+ gcry_control (GCRYCTL_DISABLE_SECMEM_WARN);
break;
case oCipherAlgo:
opt.def_cipher_algoid = pargs.r.ret_str;
break;
- case oDisableCipherAlgo:
+ case oDisableCipherAlgo:
{
int algo = gcry_cipher_map_name (pargs.r.ret_str);
gcry_cipher_ctl (NULL, GCRYCTL_DISABLE_ALGO, &algo, sizeof algo);
}
break;
- case oDisablePubkeyAlgo:
+ case oDisablePubkeyAlgo:
{
int algo = gcry_pk_map_name (pargs.r.ret_str);
gcry_pk_ctl (GCRYCTL_DISABLE_ALGO,&algo, sizeof algo );
@@ -1368,7 +1368,7 @@ main ( int argc, char **argv)
forced_digest_algo = pargs.r.ret_str;
break;
- case oExtraDigestAlgo:
+ case oExtraDigestAlgo:
extra_digest_algo = pargs.r.ret_str;
break;
@@ -1402,8 +1402,8 @@ main ( int argc, char **argv)
add_to_strlist (&opt.ignored_cert_extensions, pargs.r.ret_str);
break;
- default:
- pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
+ default:
+ pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
break;
}
}
@@ -1432,7 +1432,7 @@ main ( int argc, char **argv)
if (nogreeting)
greeting = 0;
-
+
if (greeting)
{
es_fprintf (es_stderr, "%s %s; %s\n",
@@ -1471,7 +1471,7 @@ main ( int argc, char **argv)
dump_isotime (tbuf);
log_printf ("\n");
}
-
+
/*FIXME if (opt.batch) */
/* tty_batchmode (1); */
@@ -1509,7 +1509,7 @@ main ( int argc, char **argv)
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42";
else if (!strcmp (opt.def_cipher_algoid, "SEED") )
opt.def_cipher_algoid = "1.2.410.200004.1.4";
- else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA")
+ else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA")
|| !strcmp (opt.def_cipher_algoid, "CAMELLIA128") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") )
@@ -1539,18 +1539,18 @@ main ( int argc, char **argv)
if (log_get_errorcount(0))
gpgsm_exit(2);
-
+
/* Set the random seed file. */
- if (use_random_seed)
+ if (use_random_seed)
{
char *p = make_filename (opt.homedir, "random_seed", NULL);
gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
xfree(p);
}
-
+
if (!cmd && opt.fingerprint && !with_fpr)
set_cmd (&cmd, aListKeys);
-
+
/* Add default keybox. */
if (!nrings && default_keyring)
{
@@ -1561,7 +1561,7 @@ main ( int argc, char **argv)
{
/* Import the standard certificates for a new default keybox. */
char *filelist[2];
-
+
filelist[0] = make_filename (gnupg_datadir (),"com-certs.pem", NULL);
filelist[1] = NULL;
if (!access (filelist[0], F_OK))
@@ -1583,7 +1583,7 @@ main ( int argc, char **argv)
{
switch (cmd)
{
- case aEncr:
+ case aEncr:
case aSign:
case aDecrypt:
case aVerify:
@@ -1615,7 +1615,7 @@ main ( int argc, char **argv)
get_inv_recpsgnr_code (rc), sl->d, NULL);
}
}
-
+
/* Build the recipient list. We first add the regular ones and then
the encrypt-to ones because the underlying function will silently
ignore duplicates and we can't allow to keep a duplicate which is
@@ -1634,13 +1634,13 @@ main ( int argc, char **argv)
if (log_get_errorcount(0))
gpgsm_exit(1); /* Must stop for invalid recipients. */
-
+
fname = argc? *argv : NULL;
-
+
/* Dispatch command. */
switch (cmd)
{
- case aGPGConfList:
+ case aGPGConfList:
{ /* List options and default values in the GPG Conf format. */
char *config_filename_esc = percent_escape (opt.config_filename, NULL);
@@ -1709,7 +1709,7 @@ main ( int argc, char **argv)
set_binary (stdin);
if (!argc) /* Source is stdin. */
- gpgsm_encrypt (&ctrl, recplist, 0, fp);
+ gpgsm_encrypt (&ctrl, recplist, 0, fp);
else if (argc == 1) /* Source is the given file. */
gpgsm_encrypt (&ctrl, recplist, open_read (*argv), fp);
else
@@ -1727,17 +1727,17 @@ main ( int argc, char **argv)
signing because that is what gpg does.*/
set_binary (stdin);
if (!argc) /* Create from stdin. */
- gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
+ gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
else if (argc == 1) /* From file. */
gpgsm_sign (&ctrl, signerlist,
- open_read (*argv), detached_sig, fp);
+ open_read (*argv), detached_sig, fp);
else
wrong_args ("--sign [datafile]");
es_fclose (fp);
}
break;
-
+
case aSignEncr: /* sign and encrypt the given file */
log_error ("this command has not yet been implemented\n");
break;
@@ -1761,7 +1761,7 @@ main ( int argc, char **argv)
else if (argc == 1)
gpgsm_verify (&ctrl, open_read (*argv), -1, fp); /* std signature */
else if (argc == 2) /* detached signature (sig, detached) */
- gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL);
+ gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL);
else
wrong_args ("--verify [signature [detached_data]]");
@@ -1809,7 +1809,7 @@ main ( int argc, char **argv)
{
case aListChain:
case aListKeys: mode = (0 | 0 | (1<<6)); break;
- case aDumpChain:
+ case aDumpChain:
case aDumpKeys: mode = (256 | 0 | (1<<6)); break;
case aListExternalKeys: mode = (0 | 0 | (1<<7)); break;
case aDumpExternalKeys: mode = (256 | 0 | (1<<7)); break;
@@ -1836,13 +1836,13 @@ main ( int argc, char **argv)
if (opt.batch)
{
if (!argc) /* Create from stdin. */
- fpin = open_es_fread ("-", "r");
+ fpin = open_es_fread ("-", "r");
else if (argc == 1) /* From file. */
- fpin = open_es_fread (*argv, "r");
+ fpin = open_es_fread (*argv, "r");
else
wrong_args ("--gen-key --batch [parmfile]");
}
-
+
fpout = open_es_fwrite (opt.outfile?opt.outfile:"-");
if (fpin)
@@ -1884,7 +1884,7 @@ main ( int argc, char **argv)
es_fclose (fp);
}
break;
-
+
case aSendKeys:
case aRecvKeys:
log_error ("this command has not yet been implemented\n");
@@ -1916,7 +1916,7 @@ main ( int argc, char **argv)
;
else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
rc = gpg_error (GPG_ERR_BUG);
- else
+ else
{
char *desc = gpgsm_format_keydesc (cert);
rc = gpgsm_agent_passwd (&ctrl, grip, desc);
@@ -1954,7 +1954,7 @@ main ( int argc, char **argv)
es_fclose (auditfp);
es_fclose (htmlauditfp);
}
-
+
/* cleanup */
keyserver_list_free (opt.keyserver);
opt.keyserver = NULL;
@@ -2002,7 +2002,7 @@ gpgsm_init_default_ctrl (struct server_control_s *ctrl)
int
gpgsm_parse_validation_model (const char *model)
-{
+{
if (!ascii_strcasecmp (model, "shell") )
return 0;
else if ( !ascii_strcasecmp (model, "chain") )
@@ -2020,11 +2020,11 @@ check_special_filename (const char *fname, int for_write)
if (allow_special_filenames
&& fname && *fname == '-' && fname[1] == '&' ) {
int i;
-
+
fname += 2;
for (i=0; isdigit (fname[i]); i++ )
;
- if ( !fname[i] )
+ if ( !fname[i] )
return translate_sys2libc_fd_int (atoi (fname), for_write);
}
return -1;
@@ -2035,7 +2035,7 @@ check_special_filename (const char *fname, int for_write)
/* Open the FILENAME for read and return the file descriptor. Stop
with an error message in case of problems. "-" denotes stdin and
if special filenames are allowed the given fd is opened instead. */
-static int
+static int
open_read (const char *filename)
{
int fd;
@@ -2146,7 +2146,7 @@ run_protect_tool (int argc, char **argv)
for (i=1; argc; i++, argc--, argv++)
av[i] = *argv;
av[i] = NULL;
- execv (pgm, av);
+ execv (pgm, av);
log_error ("error executing `%s': %s\n", pgm, strerror (errno));
#endif /*HAVE_W32_SYSTEM*/
gpgsm_exit (2);
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 7953f9915..54d4aff93 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -50,7 +50,7 @@ struct keyserver_spec
/* A large struct named "opt" to keep global flags. */
-struct
+struct
{
unsigned int debug; /* debug flags (DBG_foo_VALUE) */
int verbose; /* verbosity level */
@@ -62,7 +62,7 @@ struct
const char *homedir; /* Configuration directory name */
const char *config_filename; /* Name of the used config file. */
- const char *agent_program;
+ const char *agent_program;
session_env_t session_env;
char *lc_ctype;
@@ -74,7 +74,7 @@ struct
char *outfile; /* name of output file */
int with_key_data;/* include raw key in the column delimted output */
-
+
int fingerprint; /* list fingerprints in all key listings */
int with_md5_fingerprint; /* Also print an MD5 fingerprint for
@@ -171,11 +171,11 @@ struct server_control_s
int no_server; /* We are not running under server control */
int status_fd; /* Only for non-server mode */
struct server_local_s *server_local;
-
+
audit_ctx_t audit; /* NULL or a context for the audit subsystem. */
int agent_seen; /* Flag indicating that the gpg-agent has been
accessed. */
-
+
int with_colons; /* Use column delimited output format */
int with_chain; /* Include the certifying certs in a listing */
int with_validation;/* Validate each key while listing. */
@@ -204,7 +204,7 @@ typedef struct base64_context_s *Base64Context;
/* An object to keep a list of certificates. */
-struct certlist_s
+struct certlist_s
{
struct certlist_s *next;
ksba_cert_t cert;
@@ -388,7 +388,7 @@ int gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc,
unsigned char *digest, size_t digestlen, int digestalgo,
unsigned char **r_buf, size_t *r_buflen);
int gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
- ksba_const_sexp_t ciphertext,
+ ksba_const_sexp_t ciphertext,
char **r_buf, size_t *r_buflen);
int gpgsm_agent_genkey (ctrl_t ctrl,
ksba_const_sexp_t keyparms, ksba_sexp_t *r_pubkey);
diff --git a/sm/import.c b/sm/import.c
index c70e4e916..7b5852443 100644
--- a/sm/import.c
+++ b/sm/import.c
@@ -53,7 +53,7 @@ struct stats_s {
};
-struct rsa_secret_key_s
+struct rsa_secret_key_s
{
gcry_mpi_t n; /* public modulus */
gcry_mpi_t e; /* public exponent */
@@ -73,12 +73,12 @@ static void
print_imported_status (ctrl_t ctrl, ksba_cert_t cert, int new_cert)
{
char *fpr;
-
+
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
if (new_cert)
gpgsm_status2 (ctrl, STATUS_IMPORTED, fpr, "[X.509]", NULL);
- gpgsm_status2 (ctrl, STATUS_IMPORT_OK,
+ gpgsm_status2 (ctrl, STATUS_IMPORT_OK,
new_cert? "1":"0", fpr, NULL);
xfree (fpr);
@@ -125,7 +125,7 @@ print_imported_summary (ctrl_t ctrl, struct stats_s *stats)
if (!opt.quiet)
{
log_info (_("total number processed: %lu\n"), stats->count);
- if (stats->imported)
+ if (stats->imported)
{
log_info (_(" imported: %lu"), stats->imported );
log_printf ("\n");
@@ -186,8 +186,8 @@ check_and_store (ctrl_t ctrl, struct stats_s *stats,
to be different but because gpgsm_verify even imports
certificates without any checks, it doesn't matter much and the
code gets much cleaner. A housekeeping function to remove
- certificates w/o an anchor would be nice, though.
-
+ certificates w/o an anchor would be nice, though.
+
Optionally we do a full validation in addition to the basic test.
*/
rc = gpgsm_basic_cert_check (ctrl, cert);
@@ -215,7 +215,7 @@ check_and_store (ctrl_t ctrl, struct stats_s *stats,
if (stats)
stats->unchanged++;
}
-
+
if (opt.verbose > 1 && existed)
{
if (depth)
@@ -257,7 +257,7 @@ check_and_store (ctrl_t ctrl, struct stats_s *stats,
/* We keep the test for GPG_ERR_MISSING_CERT only in case
GPG_ERR_MISSING_CERT has been used instead of the newer
GPG_ERR_MISSING_ISSUER_CERT. */
- print_import_problem
+ print_import_problem
(ctrl, cert,
gpg_err_code (rc) == GPG_ERR_MISSING_ISSUER_CERT? 2 :
gpg_err_code (rc) == GPG_ERR_MISSING_CERT? 2 :
@@ -294,25 +294,25 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
log_error ("can't create reader: %s\n", gpg_strerror (rc));
goto leave;
}
-
-
+
+
/* We need to loop here to handle multiple PEM objects in one
file. */
do
{
ksba_cms_release (cms); cms = NULL;
ksba_cert_release (cert); cert = NULL;
-
+
ct = ksba_cms_identify (reader);
if (ct == KSBA_CT_SIGNED_DATA)
{ /* This is probably a signed-only message - import the certs */
ksba_stop_reason_t stopreason;
int i;
-
+
rc = ksba_cms_new (&cms);
if (rc)
goto leave;
-
+
rc = ksba_cms_set_reader_writer (cms, reader, NULL);
if (rc)
{
@@ -321,7 +321,7 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
goto leave;
}
- do
+ do
{
rc = ksba_cms_parse (cms, &stopreason);
if (rc)
@@ -333,12 +333,12 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
if (stopreason == KSBA_SR_BEGIN_DATA)
log_info ("not a certs-only message\n");
}
- while (stopreason != KSBA_SR_READY);
-
+ while (stopreason != KSBA_SR_READY);
+
for (i=0; (cert=ksba_cms_get_cert (cms, i)); i++)
{
check_and_store (ctrl, stats, cert, 0);
- ksba_cert_release (cert);
+ ksba_cert_release (cert);
cert = NULL;
}
if (!i)
@@ -347,7 +347,7 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
any = 1;
}
else if (ct == KSBA_CT_PKCS12)
- {
+ {
/* This seems to be a pkcs12 message. */
rc = parse_p12 (ctrl, reader, stats);
if (!rc)
@@ -372,7 +372,7 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
log_error ("can't extract certificates from input\n");
rc = gpg_error (GPG_ERR_NO_DATA);
}
-
+
ksba_reader_clear (reader, NULL, NULL);
}
while (!gpgsm_reader_eof_seen (b64reader));
@@ -411,7 +411,7 @@ reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
goto leave;
}
keydb_set_ephemeral (kh, 1);
-
+
fp = es_fdopen_nc (in_fd, "r");
if (!fp)
{
@@ -430,7 +430,7 @@ reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
trim_spaces (line);
if (!*line)
continue;
-
+
stats->count++;
err = classify_user_id (line, &desc);
@@ -481,7 +481,7 @@ reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
if (err)
{
log_error ("clearing ephemeral flag failed: %s\n",
- gpg_strerror (err));
+ gpg_strerror (err));
print_import_problem (ctrl, cert, 0);
stats->not_imported++;
continue;
@@ -536,7 +536,7 @@ gpgsm_import_files (ctrl_t ctrl, int nfiles, char **files,
struct stats_s stats;
memset (&stats, 0, sizeof stats);
-
+
if (!nfiles)
rc = import_one (ctrl, &stats, 0);
else
@@ -615,7 +615,7 @@ rsa_key_check (struct rsa_secret_key_s *skey)
gcry_mpi_mul (phi, t1, t2);
gcry_mpi_invm (t, skey->e, phi);
if (gcry_mpi_cmp (t, skey->d))
- {
+ {
/* No: try universal exponent. */
gcry_mpi_gcd (t, t1, t2);
gcry_mpi_div (t, NULL, phi, t, 0);
@@ -656,7 +656,7 @@ struct store_cert_parm_s
};
/* Helper to store the DER encoded certificate CERTDATA of length
- CERTDATALEN. */
+ CERTDATALEN. */
static void
store_cert_cb (void *opaque,
const unsigned char *certdata, size_t certdatalen)
@@ -808,7 +808,7 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader, struct stats_s *stats)
/* print_mpi (" p", sk.p); */
/* print_mpi (" q", sk.q); */
/* print_mpi (" u", sk.u); */
-
+
/* Create an S-expresion from the parameters. */
err = gcry_sexp_build (&s_key, NULL,
"(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
@@ -929,6 +929,6 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader, struct stats_s *stats)
gpgsm_status_with_err_code (ctrl, STATUS_ERROR,
"import.parsep12", GPG_ERR_BAD_PASSPHRASE);
}
-
+
return err;
}
diff --git a/sm/keydb.c b/sm/keydb.c
index ddf9a4830..35343f3dc 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -29,7 +29,7 @@
#include "gpgsm.h"
#include "../kbx/keybox.h"
-#include "keydb.h"
+#include "keydb.h"
#include "i18n.h"
static int active_handles;
@@ -71,7 +71,7 @@ static void unlock_all (KEYDB_HANDLE hd);
* Register a resource (which currently may only be a keybox file).
* The first keybox which is added by this function is created if it
* does not exist. If AUTO_CREATED is not NULL it will be set to true
- * if the function has created a a new keybox.
+ * if the function has created a a new keybox.
*/
int
keydb_add_resource (const char *url, int force, int secret, int *auto_created)
@@ -79,7 +79,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
static int any_secret, any_public;
const char *resname = url;
char *filename = NULL;
- int rc = 0;
+ int rc = 0;
FILE *fp;
KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE;
const char *created_fname = NULL;
@@ -91,7 +91,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
gnupg-kbx:filename := this is a plain keybox
filename := See what is is, but create as plain keybox.
*/
- if (strlen (resname) > 10)
+ if (strlen (resname) > 10)
{
if (!strncmp (resname, "gnupg-kbx:", 10) )
{
@@ -117,20 +117,20 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
}
else
filename = xstrdup (resname);
-
+
if (!force)
force = secret? !any_secret : !any_public;
-
+
/* see whether we can determine the filetype */
if (rt == KEYDB_RESOURCE_TYPE_NONE)
{
FILE *fp2 = fopen( filename, "rb" );
-
+
if (fp2) {
u32 magic;
-
+
/* FIXME: check for the keybox magic */
- if (fread( &magic, 4, 1, fp2) == 1 )
+ if (fread( &magic, 4, 1, fp2) == 1 )
{
if (magic == 0x13579ace || magic == 0xce9a5713)
; /* GDBM magic - no more support */
@@ -144,14 +144,14 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
else /* no file yet: create ring */
rt = KEYDB_RESOURCE_TYPE_KEYBOX;
}
-
+
switch (rt)
{
case KEYDB_RESOURCE_TYPE_NONE:
log_error ("unknown type of key resource `%s'\n", url );
rc = gpg_error (GPG_ERR_GENERAL);
goto leave;
-
+
case KEYDB_RESOURCE_TYPE_KEYBOX:
fp = fopen (filename, "rb");
if (!fp && !force)
@@ -159,13 +159,13 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
rc = gpg_error (gpg_err_code_from_errno (errno));
goto leave;
}
-
+
if (!fp)
{ /* no file */
#if 0 /* no autocreate of the homedirectory yet */
{
char *last_slash_in_filename;
-
+
last_slash_in_filename = strrchr (filename, DIRSEP_C);
*last_slash_in_filename = 0;
if (access (filename, F_OK))
@@ -202,13 +202,13 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
fp = NULL;
/* now register the file */
{
-
+
void *token = keybox_register_file (filename, secret);
if (!token)
; /* already registered - ignore it */
else if (used_resources >= MAX_KEYDB_RESOURCES)
rc = gpg_error (GPG_ERR_RESOURCE_LIMIT);
- else
+ else
{
all_resources[used_resources].type = rt;
all_resources[used_resources].u.kr = NULL; /* Not used here */
@@ -224,7 +224,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
if (!make_dotlock (all_resources[used_resources].lockhandle, 0))
{
KEYBOX_HANDLE kbxhd = keybox_new (token, secret);
-
+
if (kbxhd)
{
keybox_compress (kbxhd);
@@ -232,7 +232,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
}
release_dotlock (all_resources[used_resources].lockhandle);
}
-
+
used_resources++;
}
}
@@ -264,10 +264,10 @@ keydb_new (int secret)
{
KEYDB_HANDLE hd;
int i, j;
-
+
hd = xcalloc (1, sizeof *hd);
hd->found = -1;
-
+
assert (used_resources <= MAX_KEYDB_RESOURCES);
for (i=j=0; i < used_resources; i++)
{
@@ -283,7 +283,7 @@ keydb_new (int secret)
hd->active[j].secret = all_resources[i].secret;
hd->active[j].lockhandle = all_resources[i].lockhandle;
hd->active[j].u.kr = keybox_new (all_resources[i].token, secret);
- if (!hd->active[j].u.kr)
+ if (!hd->active[j].u.kr)
{
xfree (hd);
return NULL; /* fixme: release all previously allocated handles*/
@@ -293,16 +293,16 @@ keydb_new (int secret)
}
}
hd->used = j;
-
+
active_handles++;
return hd;
}
-void
+void
keydb_release (KEYDB_HANDLE hd)
{
int i;
-
+
if (!hd)
return;
assert (active_handles > 0);
@@ -311,7 +311,7 @@ keydb_release (KEYDB_HANDLE hd)
unlock_all (hd);
for (i=0; i < hd->used; i++)
{
- switch (hd->active[i].type)
+ switch (hd->active[i].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
break;
@@ -336,27 +336,27 @@ keydb_get_resource_name (KEYDB_HANDLE hd)
{
int idx;
const char *s = NULL;
-
- if (!hd)
+
+ if (!hd)
return NULL;
- if ( hd->found >= 0 && hd->found < hd->used)
+ if ( hd->found >= 0 && hd->found < hd->used)
idx = hd->found;
- else if ( hd->current >= 0 && hd->current < hd->used)
+ else if ( hd->current >= 0 && hd->current < hd->used)
idx = hd->current;
else
idx = 0;
- switch (hd->active[idx].type)
+ switch (hd->active[idx].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
- s = NULL;
+ s = NULL;
break;
case KEYDB_RESOURCE_TYPE_KEYBOX:
s = keybox_get_resource_name (hd->active[idx].u.kr);
break;
}
-
+
return s? s: "";
}
@@ -374,7 +374,7 @@ keydb_set_ephemeral (KEYDB_HANDLE hd, int yes)
{
for (i=0; i < hd->used; i++)
{
- switch (hd->active[i].type)
+ switch (hd->active[i].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
break;
@@ -384,7 +384,7 @@ keydb_set_ephemeral (KEYDB_HANDLE hd, int yes)
}
}
}
-
+
i = hd->is_ephemeral;
hd->is_ephemeral = yes;
return i;
@@ -407,7 +407,7 @@ keydb_lock (KEYDB_HANDLE hd)
-static int
+static int
lock_all (KEYDB_HANDLE hd)
{
int i, rc = 0;
@@ -415,9 +415,9 @@ lock_all (KEYDB_HANDLE hd)
/* Fixme: This locking scheme may lead to deadlock if the resources
are not added in the same order by all processes. We are
currently only allowing one resource so it is not a problem. */
- for (i=0; i < hd->used; i++)
+ for (i=0; i < hd->used; i++)
{
- switch (hd->active[i].type)
+ switch (hd->active[i].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
break;
@@ -430,12 +430,12 @@ lock_all (KEYDB_HANDLE hd)
break;
}
- if (rc)
+ if (rc)
{
/* revert the already set locks */
- for (i--; i >= 0; i--)
+ for (i--; i >= 0; i--)
{
- switch (hd->active[i].type)
+ switch (hd->active[i].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
break;
@@ -459,13 +459,13 @@ static void
unlock_all (KEYDB_HANDLE hd)
{
int i;
-
+
if (!hd->locked)
return;
- for (i=hd->used-1; i >= 0; i--)
+ for (i=hd->used-1; i >= 0; i--)
{
- switch (hd->active[i].type)
+ switch (hd->active[i].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
break;
@@ -483,7 +483,7 @@ unlock_all (KEYDB_HANDLE hd)
/*
* Return the last found keybox. Caller must free it.
* The returned keyblock has the kbode flag bit 0 set for the node with
- * the public key used to locate the keyblock or flag bit 1 set for
+ * the public key used to locate the keyblock or flag bit 1 set for
* the user ID node.
*/
int
@@ -494,7 +494,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
if (!hd)
return G10ERR_INV_ARG;
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
switch (hd->active[hd->found].type) {
@@ -509,7 +509,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
return rc;
}
-/*
+/*
* update the current keyblock with KB
*/
int
@@ -520,7 +520,7 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb)
if (!hd)
return G10ERR_INV_ARG;
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
if( opt.dry_run )
@@ -543,8 +543,8 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb)
}
-/*
- * Insert a new KB into one of the resources.
+/*
+ * Insert a new KB into one of the resources.
*/
int
keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
@@ -552,15 +552,15 @@ keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
int rc = -1;
int idx;
- if (!hd)
+ if (!hd)
return G10ERR_INV_ARG;
if( opt.dry_run )
return 0;
- if ( hd->found >= 0 && hd->found < hd->used)
+ if ( hd->found >= 0 && hd->found < hd->used)
idx = hd->found;
- else if ( hd->current >= 0 && hd->current < hd->used)
+ else if ( hd->current >= 0 && hd->current < hd->used)
idx = hd->current;
else
return G10ERR_GENERAL;
@@ -598,11 +598,11 @@ keydb_get_cert (KEYDB_HANDLE hd, ksba_cert_t *r_cert)
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
-
- if ( hd->found < 0 || hd->found >= hd->used)
+
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
-
- switch (hd->active[hd->found].type)
+
+ switch (hd->active[hd->found].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
rc = gpg_error (GPG_ERR_GENERAL); /* oops */
@@ -611,7 +611,7 @@ keydb_get_cert (KEYDB_HANDLE hd, ksba_cert_t *r_cert)
rc = keybox_get_cert (hd->active[hd->found].u.kr, r_cert);
break;
}
-
+
return rc;
}
@@ -626,11 +626,11 @@ keydb_get_flags (KEYDB_HANDLE hd, int which, int idx, unsigned int *value)
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
-
- if ( hd->found < 0 || hd->found >= hd->used)
+
+ if ( hd->found < 0 || hd->found >= hd->used)
return gpg_error (GPG_ERR_NOTHING_FOUND);
-
- switch (hd->active[hd->found].type)
+
+ switch (hd->active[hd->found].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
err = gpg_error (GPG_ERR_GENERAL); /* oops */
@@ -639,7 +639,7 @@ keydb_get_flags (KEYDB_HANDLE hd, int which, int idx, unsigned int *value)
err = keybox_get_flags (hd->active[hd->found].u.kr, which, idx, value);
break;
}
-
+
return err;
}
@@ -656,14 +656,14 @@ keydb_set_flags (KEYDB_HANDLE hd, int which, int idx, unsigned int value)
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
-
- if ( hd->found < 0 || hd->found >= hd->used)
+
+ if ( hd->found < 0 || hd->found >= hd->used)
return gpg_error (GPG_ERR_NOTHING_FOUND);
-
+
if (!hd->locked)
return gpg_error (GPG_ERR_NOT_LOCKED);
- switch (hd->active[hd->found].type)
+ switch (hd->active[hd->found].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
err = gpg_error (GPG_ERR_GENERAL); /* oops */
@@ -672,12 +672,12 @@ keydb_set_flags (KEYDB_HANDLE hd, int which, int idx, unsigned int value)
err = keybox_set_flags (hd->active[hd->found].u.kr, which, idx, value);
break;
}
-
+
return err;
}
-/*
- * Insert a new Certificate into one of the resources.
+/*
+ * Insert a new Certificate into one of the resources.
*/
int
keydb_insert_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
@@ -685,16 +685,16 @@ keydb_insert_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
int rc = -1;
int idx;
unsigned char digest[20];
-
- if (!hd)
+
+ if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (opt.dry_run)
return 0;
-
- if ( hd->found >= 0 && hd->found < hd->used)
+
+ if ( hd->found >= 0 && hd->found < hd->used)
idx = hd->found;
- else if ( hd->current >= 0 && hd->current < hd->used)
+ else if ( hd->current >= 0 && hd->current < hd->used)
idx = hd->current;
else
return gpg_error (GPG_ERR_GENERAL);
@@ -704,7 +704,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); /* kludge*/
- switch (hd->active[idx].type)
+ switch (hd->active[idx].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
rc = gpg_error (GPG_ERR_GENERAL);
@@ -713,7 +713,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
rc = keybox_insert_cert (hd->active[idx].u.kr, cert, digest);
break;
}
-
+
unlock_all (hd);
return rc;
}
@@ -726,11 +726,11 @@ keydb_update_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
{
int rc = 0;
unsigned char digest[20];
-
+
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
if (opt.dry_run)
@@ -742,7 +742,7 @@ keydb_update_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); /* kludge*/
- switch (hd->active[hd->found].type)
+ switch (hd->active[hd->found].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
rc = gpg_error (GPG_ERR_GENERAL); /* oops */
@@ -757,25 +757,25 @@ keydb_update_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
}
-/*
+/*
* The current keyblock or cert will be deleted.
*/
int
keydb_delete (KEYDB_HANDLE hd, int unlock)
{
int rc = -1;
-
+
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
if( opt.dry_run )
return 0;
if (!hd->locked)
- return gpg_error (GPG_ERR_NOT_LOCKED);
+ return gpg_error (GPG_ERR_NOT_LOCKED);
switch (hd->active[hd->found].type)
{
@@ -797,7 +797,7 @@ keydb_delete (KEYDB_HANDLE hd, int unlock)
/*
* Locate the default writable key resource, so that the next
* operation (which is only relevant for inserts) will be done on this
- * resource.
+ * resource.
*/
int
keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
@@ -805,17 +805,17 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
int rc;
(void)reserved;
-
+
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
-
+
rc = keydb_search_reset (hd); /* this does reset hd->current */
if (rc)
return rc;
-
- for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++)
+
+ for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++)
{
- switch (hd->active[hd->current].type)
+ switch (hd->active[hd->current].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
BUG();
@@ -826,7 +826,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
break;
}
}
-
+
return -1;
}
@@ -837,7 +837,7 @@ void
keydb_rebuild_caches (void)
{
int i;
-
+
for (i=0; i < used_resources; i++)
{
if (all_resources[i].secret)
@@ -858,23 +858,23 @@ keydb_rebuild_caches (void)
-/*
+/*
* Start the next search on this handle right at the beginning
*/
-int
+int
keydb_search_reset (KEYDB_HANDLE hd)
{
int i, rc = 0;
-
+
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
- hd->current = 0;
+ hd->current = 0;
hd->found = -1;
/* and reset all resources */
- for (i=0; !rc && i < hd->used; i++)
+ for (i=0; !rc && i < hd->used; i++)
{
- switch (hd->active[i].type)
+ switch (hd->active[i].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
break;
@@ -887,21 +887,21 @@ keydb_search_reset (KEYDB_HANDLE hd)
all modules*/
}
-/*
+/*
* Search through all keydb resources, starting at the current position,
* for a keyblock which contains one of the keys described in the DESC array.
*/
-int
+int
keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
{
int rc = -1;
-
+
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
- while (rc == -1 && hd->current >= 0 && hd->current < hd->used)
+ while (rc == -1 && hd->current >= 0 && hd->current < hd->used)
{
- switch (hd->active[hd->current].type)
+ switch (hd->active[hd->current].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
BUG(); /* we should never see it here */
@@ -911,12 +911,12 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
break;
}
if (rc == -1) /* EOF -> switch to next resource */
- hd->current++;
+ hd->current++;
else if (!rc)
hd->found = hd->current;
}
-
- return rc;
+
+ return rc;
}
@@ -924,7 +924,7 @@ int
keydb_search_first (KEYDB_HANDLE hd)
{
KEYDB_SEARCH_DESC desc;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_FIRST;
return keydb_search (hd, &desc, 1);
@@ -934,7 +934,7 @@ int
keydb_search_next (KEYDB_HANDLE hd)
{
KEYDB_SEARCH_DESC desc;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_NEXT;
return keydb_search (hd, &desc, 1);
@@ -946,7 +946,7 @@ keydb_search_kid (KEYDB_HANDLE hd, u32 *kid)
KEYDB_SEARCH_DESC desc;
(void)kid;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_LONG_KID;
desc.u.kid[0] = kid[0];
@@ -958,7 +958,7 @@ int
keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr)
{
KEYDB_SEARCH_DESC desc;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_FPR;
memcpy (desc.u.fpr, fpr, 20);
@@ -970,7 +970,7 @@ keydb_search_issuer (KEYDB_HANDLE hd, const char *issuer)
{
KEYDB_SEARCH_DESC desc;
int rc;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_ISSUER;
desc.u.name = issuer;
@@ -985,7 +985,7 @@ keydb_search_issuer_sn (KEYDB_HANDLE hd,
KEYDB_SEARCH_DESC desc;
int rc;
const unsigned char *s;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_ISSUER_SN;
s = serial;
@@ -1007,7 +1007,7 @@ keydb_search_subject (KEYDB_HANDLE hd, const char *name)
{
KEYDB_SEARCH_DESC desc;
int rc;
-
+
memset (&desc, 0, sizeof desc);
desc.mode = KEYDB_SEARCH_MODE_SUBJECT;
desc.u.name = name;
@@ -1046,7 +1046,7 @@ keydb_store_cert (ksba_cert_t cert, int ephemeral, int *existed)
if (ephemeral)
keydb_set_ephemeral (kh, 1);
-
+
rc = lock_all (kh);
if (rc)
return rc;
@@ -1081,7 +1081,7 @@ keydb_store_cert (ksba_cert_t cert, int ephemeral, int *existed)
keydb_release (kh);
return rc;
}
- keydb_release (kh);
+ keydb_release (kh);
return 0;
}
@@ -1090,8 +1090,8 @@ keydb_store_cert (ksba_cert_t cert, int ephemeral, int *existed)
transaction by locating the certificate in the DB and updating the
flags. */
gpg_error_t
-keydb_set_cert_flags (ksba_cert_t cert, int ephemeral,
- int which, int idx,
+keydb_set_cert_flags (ksba_cert_t cert, int ephemeral,
+ int which, int idx,
unsigned int mask, unsigned int value)
{
KEYDB_HANDLE kh;
@@ -1156,7 +1156,7 @@ keydb_set_cert_flags (ksba_cert_t cert, int ephemeral,
}
}
- keydb_release (kh);
+ keydb_release (kh);
return 0;
}
@@ -1175,7 +1175,7 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
unsigned int old_value, value;
(void)ctrl;
-
+
hd = keydb_new (0);
if (!hd)
{
@@ -1187,7 +1187,7 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
ndesc = 1;
else
{
- for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++)
+ for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++)
;
}
@@ -1201,9 +1201,9 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
if (!names)
desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
- else
+ else
{
- for (ndesc=0, sl=names; sl; sl = sl->next)
+ for (ndesc=0, sl=names; sl; sl = sl->next)
{
rc = classify_user_id (sl->d, desc+ndesc);
if (rc)
@@ -1226,7 +1226,7 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
while (!(rc = keydb_search (hd, desc, ndesc)))
{
- if (!names)
+ if (!names)
desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
err = keydb_get_flags (hd, KEYBOX_FLAG_VALIDITY, 0, &old_value);
@@ -1236,7 +1236,7 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
gpg_strerror (err));
goto leave;
}
-
+
value = (old_value & ~VALIDITY_REVOKED);
if (value != old_value)
{
@@ -1250,10 +1250,8 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
}
if (rc && rc != -1)
log_error ("keydb_search failed: %s\n", gpg_strerror (rc));
-
+
leave:
xfree (desc);
keydb_release (hd);
}
-
-
diff --git a/sm/keydb.h b/sm/keydb.h
index a62ce99cb..33876ceba 100644
--- a/sm/keydb.h
+++ b/sm/keydb.h
@@ -78,7 +78,3 @@ void keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names);
#endif /*GNUPG_KEYDB_H*/
-
-
-
-
diff --git a/sm/keylist.c b/sm/keylist.c
index 4f876ff60..1d6ce6e89 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -37,7 +37,7 @@
#include "i18n.h"
#include "tlv.h"
-struct list_external_parm_s
+struct list_external_parm_s
{
ctrl_t ctrl;
estream_t fp;
@@ -56,18 +56,18 @@ struct
const char *name;
} key_purpose_map[] = {
{ "1.3.6.1.5.5.7.3.1", "serverAuth" },
- { "1.3.6.1.5.5.7.3.2", "clientAuth" },
- { "1.3.6.1.5.5.7.3.3", "codeSigning" },
- { "1.3.6.1.5.5.7.3.4", "emailProtection" },
- { "1.3.6.1.5.5.7.3.5", "ipsecEndSystem" },
- { "1.3.6.1.5.5.7.3.6", "ipsecTunnel" },
- { "1.3.6.1.5.5.7.3.7", "ipsecUser" },
- { "1.3.6.1.5.5.7.3.8", "timeStamping" },
- { "1.3.6.1.5.5.7.3.9", "ocspSigning" },
- { "1.3.6.1.5.5.7.3.10", "dvcs" },
+ { "1.3.6.1.5.5.7.3.2", "clientAuth" },
+ { "1.3.6.1.5.5.7.3.3", "codeSigning" },
+ { "1.3.6.1.5.5.7.3.4", "emailProtection" },
+ { "1.3.6.1.5.5.7.3.5", "ipsecEndSystem" },
+ { "1.3.6.1.5.5.7.3.6", "ipsecTunnel" },
+ { "1.3.6.1.5.5.7.3.7", "ipsecUser" },
+ { "1.3.6.1.5.5.7.3.8", "timeStamping" },
+ { "1.3.6.1.5.5.7.3.9", "ocspSigning" },
+ { "1.3.6.1.5.5.7.3.10", "dvcs" },
{ "1.3.6.1.5.5.7.3.11", "sbgpCertAAServerAuth" },
{ "1.3.6.1.5.5.7.3.13", "eapOverPPP" },
- { "1.3.6.1.5.5.7.3.14", "wlanSSID" },
+ { "1.3.6.1.5.5.7.3.14", "wlanSSID" },
{ "2.16.840.1.113730.4.1", "serverGatedCrypto.ns" }, /* Netscape. */
{ "1.3.6.1.4.1.311.10.3.3", "serverGatedCrypto.ms"}, /* Microsoft. */
@@ -82,10 +82,10 @@ struct
for oids which are already available via ksba fucntions. */
#define OID_FLAG_SKIP 1
/* The extension is a simple UTF8String and should be printed. */
-#define OID_FLAG_UTF8 2
+#define OID_FLAG_UTF8 2
/* A table mapping OIDs to a descriptive string. */
-static struct
+static struct
{
char *oid;
char *name;
@@ -155,7 +155,7 @@ static struct
{ "2.5.29.20", "cRLNumber" },
{ "2.5.29.21", "cRLReason" },
{ "2.5.29.22", "expirationDate" },
- { "2.5.29.23", "instructionCode" },
+ { "2.5.29.23", "instructionCode" },
{ "2.5.29.24", "invalidityDate" },
{ "2.5.29.27", "deltaCRLIndicator" },
{ "2.5.29.28", "issuingDistributionPoint" },
@@ -194,7 +194,7 @@ static struct
};
-/* Return the description for OID; if no description is available
+/* Return the description for OID; if no description is available
NULL is returned. */
static const char *
get_oid_desc (const char *oid, unsigned int *flag)
@@ -218,11 +218,11 @@ get_oid_desc (const char *oid, unsigned int *flag)
static void
print_key_data (ksba_cert_t cert, estream_t fp)
{
-#if 0
+#if 0
int n = pk ? pubkey_get_npkey( pk->pubkey_algo ) : 0;
int i;
- for(i=0; i < n; i++ )
+ for(i=0; i < n; i++ )
{
es_fprintf (fp, "pkd:%d:%u:", i, mpi_get_nbits( pk->pkey[i] ) );
mpi_print(stdout, pk->pkey[i], 1 );
@@ -243,18 +243,18 @@ print_capabilities (ksba_cert_t cert, estream_t fp)
size_t buflen;
char buffer[1];
- err = ksba_cert_get_user_data (cert, "is_qualified",
+ err = ksba_cert_get_user_data (cert, "is_qualified",
&buffer, sizeof (buffer), &buflen);
if (!err && buflen)
{
if (*buffer)
es_putc ('q', fp);
- }
+ }
else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
; /* Don't know - will not get marked as 'q' */
else
log_debug ("get_user_data(is_qualified) failed: %s\n",
- gpg_strerror (err));
+ gpg_strerror (err));
err = ksba_cert_get_key_usage (cert, &use);
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
@@ -268,11 +268,11 @@ print_capabilities (ksba_cert_t cert, estream_t fp)
return;
}
if (err)
- {
+ {
log_error (_("error getting key usage information: %s\n"),
gpg_strerror (err));
return;
- }
+ }
if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT)))
es_putc ('e', fp);
@@ -296,7 +296,7 @@ print_time (gnupg_isotime_t t, estream_t fp)
{
if (!t || !*t)
;
- else
+ else
es_fputs (t, fp);
}
@@ -406,13 +406,13 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
*truststring = 'r';
else if (gpg_err_code (valerr) == GPG_ERR_CERT_EXPIRED)
*truststring = 'e';
- else
+ else
{
/* Lets also check whether the certificate under question
expired. This is merely a hack until we found a proper way
to store the expiration flag in the keybox. */
ksba_isotime_t current_time, not_after;
-
+
gnupg_get_isotime (current_time);
if (!opt.ignore_expiration
&& !ksba_cert_get_validity (cert, 1, not_after)
@@ -438,7 +438,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
*truststring = 'n'; /* No, we do not trust this one. */
/* (in case of an error we can't tell anything.) */
}
-
+
if (*truststring)
es_fputs (truststring, fp);
@@ -457,7 +457,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
{
int len;
const unsigned char *s = sexp;
-
+
if (*s == '(')
{
s++;
@@ -479,9 +479,9 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
xfree (p);
}
es_putc (':', fp);
- /* Field 11, signature class - not used */
+ /* Field 11, signature class - not used */
es_putc (':', fp);
- /* Field 12, capabilities: */
+ /* Field 12, capabilities: */
print_capabilities (cert, fp);
/* Field 13, not used: */
es_putc (':', fp);
@@ -584,7 +584,7 @@ print_names_raw (estream_t fp, int indent, ksba_name_t name)
es_fputs ("none\n", fp);
return;
}
-
+
for (idx=0; (s = ksba_name_enum (name, idx)); idx++)
{
char *p = ksba_name_get_uri (name, idx);
@@ -597,7 +597,7 @@ print_names_raw (estream_t fp, int indent, ksba_name_t name)
static void
-print_utf8_extn_raw (estream_t fp, int indent,
+print_utf8_extn_raw (estream_t fp, int indent,
const unsigned char *der, size_t derlen)
{
gpg_error_t err;
@@ -621,7 +621,7 @@ print_utf8_extn_raw (estream_t fp, int indent,
static void
-print_utf8_extn (estream_t fp, int indent,
+print_utf8_extn (estream_t fp, int indent,
const unsigned char *der, size_t derlen)
{
gpg_error_t err;
@@ -800,21 +800,21 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
{
if ( (kusage & KSBA_KEYUSAGE_DIGITAL_SIGNATURE))
es_fputs (" digitalSignature", fp);
- if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION))
+ if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION))
es_fputs (" nonRepudiation", fp);
- if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT))
+ if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT))
es_fputs (" keyEncipherment", fp);
if ( (kusage & KSBA_KEYUSAGE_DATA_ENCIPHERMENT))
es_fputs (" dataEncipherment", fp);
- if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT))
+ if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT))
es_fputs (" keyAgreement", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_CERT_SIGN))
es_fputs (" certSign", fp);
- if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN))
+ if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN))
es_fputs (" crlSign", fp);
if ( (kusage & KSBA_KEYUSAGE_ENCIPHER_ONLY))
es_fputs (" encipherOnly", fp);
- if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY))
+ if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY))
es_fputs (" decipherOnly", fp);
}
es_putc ('\n', fp);
@@ -825,7 +825,7 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
es_fputs (" extKeyUsage: ", fp);
err = ksba_cert_get_ext_key_usages (cert, &string);
if (gpg_err_code (err) != GPG_ERR_NO_DATA)
- {
+ {
if (err)
es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else
@@ -1106,21 +1106,21 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
{
if ( (kusage & KSBA_KEYUSAGE_DIGITAL_SIGNATURE))
es_fputs (" digitalSignature", fp);
- if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION))
+ if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION))
es_fputs (" nonRepudiation", fp);
- if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT))
+ if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT))
es_fputs (" keyEncipherment", fp);
if ( (kusage & KSBA_KEYUSAGE_DATA_ENCIPHERMENT))
es_fputs (" dataEncipherment", fp);
- if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT))
+ if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT))
es_fputs (" keyAgreement", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_CERT_SIGN))
es_fputs (" certSign", fp);
- if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN))
+ if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN))
es_fputs (" crlSign", fp);
if ( (kusage & KSBA_KEYUSAGE_ENCIPHER_ONLY))
es_fputs (" encipherOnly", fp);
- if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY))
+ if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY))
es_fputs (" decipherOnly", fp);
}
es_putc ('\n', fp);
@@ -1128,7 +1128,7 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
err = ksba_cert_get_ext_key_usages (cert, &string);
if (gpg_err_code (err) != GPG_ERR_NO_DATA)
- {
+ {
es_fputs ("ext key usage: ", fp);
if (err)
es_fprintf (fp, "[error: %s]", gpg_strerror (err));
@@ -1224,7 +1224,7 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
es_fprintf (fp, " keygrip: %s\n", dn);
xfree (dn);
}
- }
+ }
if (have_secret)
{
@@ -1242,20 +1242,20 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
gpg_error_t tmperr;
size_t buflen;
char buffer[1];
-
+
err = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, fp, 0, NULL);
- tmperr = ksba_cert_get_user_data (cert, "is_qualified",
+ tmperr = ksba_cert_get_user_data (cert, "is_qualified",
&buffer, sizeof (buffer), &buflen);
if (!tmperr && buflen)
{
if (*buffer)
es_fputs (" [qualified]\n", fp);
- }
+ }
else if (gpg_err_code (tmperr) == GPG_ERR_NOT_FOUND)
; /* Don't know - will not get marked as 'q' */
else
log_debug ("get_user_data(is_qualified) failed: %s\n",
- gpg_strerror (tmperr));
+ gpg_strerror (tmperr));
if (!err)
es_fprintf (fp, " [certificate is good]\n");
@@ -1326,7 +1326,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
ndesc = 1;
else
{
- for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++)
+ for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++)
;
}
@@ -1340,9 +1340,9 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
if (!names)
desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
- else
+ else
{
- for (ndesc=0, sl=names; sl; sl = sl->next)
+ for (ndesc=0, sl=names; sl; sl = sl->next)
{
rc = classify_user_id (sl->d, desc+ndesc);
if (rc)
@@ -1354,7 +1354,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
else
ndesc++;
}
-
+
}
/* If all specifications are done by fingerprint or keygrip, we
@@ -1390,7 +1390,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
{
unsigned int validity;
- if (!names)
+ if (!names)
desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
rc = keydb_get_flags (hd, KEYBOX_FLAG_VALIDITY, 0, &validity);
@@ -1400,7 +1400,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
goto leave;
}
rc = keydb_get_cert (hd, &cert);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -1416,11 +1416,11 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
}
resname = keydb_get_resource_name (hd);
-
- if (lastresname != resname )
+
+ if (lastresname != resname )
{
int i;
-
+
if (ctrl->no_server)
{
es_fprintf (fp, "%s\n", resname );
@@ -1437,7 +1437,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
char *p = gpgsm_get_keygrip_hexstring (cert);
if (p)
{
- rc = gpgsm_agent_havekey (ctrl, p);
+ rc = gpgsm_agent_havekey (ctrl, p);
if (!rc)
have_secret = 1;
else if ( gpg_err_code (rc) != GPG_ERR_NO_SECKEY)
@@ -1468,7 +1468,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
}
}
- ksba_cert_release (lastcert);
+ ksba_cert_release (lastcert);
lastcert = cert;
cert = NULL;
}
@@ -1476,10 +1476,10 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
rc = 0;
if (rc)
log_error ("keydb_search failed: %s\n", gpg_strerror (rc));
-
+
leave:
ksba_cert_release (cert);
- ksba_cert_release (lastcert);
+ ksba_cert_release (lastcert);
xfree (desc);
keydb_release (hd);
return rc;
@@ -1539,7 +1539,7 @@ list_external_keys (ctrl_t ctrl, strlist_t names, estream_t fp, int raw_mode)
parm.raw_mode = raw_mode;
rc = gpgsm_dirmngr_lookup (ctrl, names, 0, list_external_cb, &parm);
- if (gpg_err_code (rc) == GPG_ERR_EOF || rc == -1
+ if (gpg_err_code (rc) == GPG_ERR_EOF || rc == -1
|| gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
rc = 0; /* "Not found" is not an error here. */
if (rc)
@@ -1548,7 +1548,7 @@ list_external_keys (ctrl_t ctrl, strlist_t names, estream_t fp, int raw_mode)
}
/* List all keys or just the key given as NAMES.
- MODE controls the operation mode:
+ MODE controls the operation mode:
Bit 0-2:
0 = list all public keys but don't flag secret ones
1 = list only public keys
@@ -1567,6 +1567,6 @@ gpgsm_list_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
if ((mode & (1<<6)))
err = list_internal_keys (ctrl, names, fp, (mode & 3), (mode&256));
if (!err && (mode & (1<<7)))
- err = list_external_keys (ctrl, names, fp, (mode&256));
+ err = list_external_keys (ctrl, names, fp, (mode&256));
return err;
}
diff --git a/sm/minip12.c b/sm/minip12.c
index d340f9821..10f7c99f6 100644
--- a/sm/minip12.c
+++ b/sm/minip12.c
@@ -111,14 +111,14 @@ static unsigned char const oid_rsaEncryption[9] = {
static unsigned char const data_3desiter2048[30] = {
0x30, 0x1C, 0x06, 0x0A, 0x2A, 0x86, 0x48, 0x86,
- 0xF7, 0x0D, 0x01, 0x0C, 0x01, 0x03, 0x30, 0x0E,
+ 0xF7, 0x0D, 0x01, 0x0C, 0x01, 0x03, 0x30, 0x0E,
0x04, 0x08, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0x02, 0x02, 0x08, 0x00 };
#define DATA_3DESITER2048_SALT_OFF 18
static unsigned char const data_rc2iter2048[30] = {
0x30, 0x1C, 0x06, 0x0A, 0x2A, 0x86, 0x48, 0x86,
- 0xF7, 0x0D, 0x01, 0x0C, 0x01, 0x06, 0x30, 0x0E,
+ 0xF7, 0x0D, 0x01, 0x0C, 0x01, 0x06, 0x30, 0x0E,
0x04, 0x08, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0x02, 0x02, 0x08, 0x00 };
#define DATA_RC2ITER2048_SALT_OFF 18
@@ -130,7 +130,7 @@ static unsigned char const data_mactemplate[51] = {
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0x04, 0x08, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x02,
- 0x02, 0x08, 0x00 };
+ 0x02, 0x08, 0x00 };
#define DATA_MACTEMPLATE_MAC_OFF 17
#define DATA_MACTEMPLATE_SALT_OFF 39
@@ -151,14 +151,14 @@ static unsigned char const data_attrtemplate[106] = {
0x04, 0x14 }; /* Need to append SHA-1 digest. */
#define DATA_ATTRTEMPLATE_KEYID_OFF 73
-struct buffer_s
+struct buffer_s
{
unsigned char *buffer;
size_t length;
-};
+};
-struct tag_info
+struct tag_info
{
int class;
int is_constructed;
@@ -173,7 +173,7 @@ struct tag_info
the tag and the length part from the TLV triplet. Update BUFFER
and SIZE on success. Checks that the encoded length does not
exhaust the length of the provided buffer. */
-static int
+static int
parse_tag (unsigned char const **buffer, size_t *size, struct tag_info *ti)
{
int c;
@@ -239,13 +239,13 @@ parse_tag (unsigned char const **buffer, size_t *size, struct tag_info *ti)
}
ti->length = len;
}
-
+
if (ti->class == UNIVERSAL && !ti->tag)
ti->length = 0;
if (ti->length > length)
return -1; /* data larger than buffer. */
-
+
*buffer = buf;
*size = length;
return 0;
@@ -262,9 +262,9 @@ parse_tag (unsigned char const **buffer, size_t *size, struct tag_info *ti)
[...]
04 2: OCTET STRING
: 00 00
- : } -- This denotes a Null tag and are the last
+ : } -- This denotes a Null tag and are the last
-- two bytes in INPUT.
-
+
Create a new buffer with the content of that octet string. INPUT
is the orginal buffer with a length as stored at LENGTH. Returns
NULL on error or a new malloced buffer with the length of this new
@@ -291,7 +291,7 @@ cram_octet_string (const unsigned char *input, size_t *length,
{
if (parse_tag (&s, &n, &ti))
goto bailout;
- if (ti.class == UNIVERSAL && ti.tag == TAG_OCTET_STRING
+ if (ti.class == UNIVERSAL && ti.tag == TAG_OCTET_STRING
&& !ti.ndef && !ti.is_constructed)
{
memcpy (d, s, ti.length);
@@ -300,7 +300,7 @@ cram_octet_string (const unsigned char *input, size_t *length,
n -= ti.length;
}
else if (ti.class == UNIVERSAL && !ti.tag && !ti.is_constructed)
- break; /* Ready */
+ break; /* Ready */
else
goto bailout;
}
@@ -320,7 +320,7 @@ cram_octet_string (const unsigned char *input, size_t *length,
-static int
+static int
string_to_key (int id, char *salt, size_t saltlen, int iter, const char *pw,
int req_keylen, unsigned char *keybuf)
{
@@ -345,7 +345,7 @@ string_to_key (int id, char *salt, size_t saltlen, int iter, const char *pw,
log_error ("salt too short\n");
return -1;
}
-
+
/* Store salt and password in BUF_I */
p = buf_i;
for(i=0; i < 64; i++)
@@ -381,7 +381,7 @@ string_to_key (int id, char *salt, size_t saltlen, int iter, const char *pw,
gcry_mpi_release (num_b1);
return 0; /* ready */
}
-
+
/* need more bytes. */
for(i=0; i < 64; i++)
buf_b[i] = hash[i % 20];
@@ -418,7 +418,7 @@ string_to_key (int id, char *salt, size_t saltlen, int iter, const char *pw,
}
-static int
+static int
set_key_iv (gcry_cipher_hd_t chd, char *salt, size_t saltlen, int iter,
const char *pw, int keybytes)
{
@@ -454,7 +454,7 @@ crypt_block (unsigned char *buffer, size_t length, char *salt, size_t saltlen,
gcry_cipher_hd_t chd;
int rc;
- rc = gcry_cipher_open (&chd, cipher_algo, GCRY_CIPHER_MODE_CBC, 0);
+ rc = gcry_cipher_open (&chd, cipher_algo, GCRY_CIPHER_MODE_CBC, 0);
if (rc)
{
log_error ( "gcry_cipher_open failed: %s\n", gpg_strerror(rc));
@@ -481,7 +481,7 @@ crypt_block (unsigned char *buffer, size_t length, char *salt, size_t saltlen,
leave:
gcry_cipher_close (chd);
}
-
+
/* Decrypt a block of data and try several encodings of the key.
CIPHERTEXT is the encrypted data of size LENGTH bytes; PLAINTEXT is
@@ -555,7 +555,7 @@ decrypt_block (const void *ciphertext, unsigned char *plaintext, size_t length,
outptr = convertedpw;
outbytes = convertedpwsize - 1;
if ( jnlib_iconv (cd, (const char **)&inptr, &inbytes,
- &outptr, &outbytes) == (size_t)-1)
+ &outptr, &outbytes) == (size_t)-1)
{
jnlib_iconv_close (cd);
continue;
@@ -591,7 +591,7 @@ bag_decrypted_data_p (const void *plaintext, size_t length)
/* exit (2); */
/* fclose (fp); */
/* } */
-
+
if (parse_tag (&p, &n, &ti))
return 0;
if (ti.class || ti.tag != TAG_SEQUENCE)
@@ -599,7 +599,7 @@ bag_decrypted_data_p (const void *plaintext, size_t length)
if (parse_tag (&p, &n, &ti))
return 0;
- return 1;
+ return 1;
}
/* Note: If R_RESULT is passed as NULL, a key object as already be
@@ -666,7 +666,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
goto bailout;
if (parse_tag (&p, &n, &ti))
goto bailout;
- if (!ti.class && ti.tag == TAG_OBJECT_ID
+ if (!ti.class && ti.tag == TAG_OBJECT_ID
&& ti.length == DIM(oid_pbeWithSHAAnd40BitRC2_CBC)
&& !memcmp (p, oid_pbeWithSHAAnd40BitRC2_CBC,
DIM(oid_pbeWithSHAAnd40BitRC2_CBC)))
@@ -674,7 +674,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
p += DIM(oid_pbeWithSHAAnd40BitRC2_CBC);
n -= DIM(oid_pbeWithSHAAnd40BitRC2_CBC);
}
- else if (!ti.class && ti.tag == TAG_OBJECT_ID
+ else if (!ti.class && ti.tag == TAG_OBJECT_ID
&& ti.length == DIM(oid_pbeWithSHAAnd3_KeyTripleDES_CBC)
&& !memcmp (p, oid_pbeWithSHAAnd3_KeyTripleDES_CBC,
DIM(oid_pbeWithSHAAnd3_KeyTripleDES_CBC)))
@@ -707,10 +707,10 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
for (iter=0; ti.length; ti.length--)
{
iter <<= 8;
- iter |= (*p++) & 0xff;
+ iter |= (*p++) & 0xff;
n--;
}
-
+
where = "rc2or3des-ciphertext";
if (parse_tag (&p, &n, &ti))
goto bailout;
@@ -734,7 +734,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
;
else
goto bailout;
-
+
log_info ("%lu bytes of %s encrypted text\n",ti.length,is_3des?"3DES":"RC2");
plain = gcry_malloc_secure (ti.length);
@@ -743,8 +743,8 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
log_error ("error allocating decryption buffer\n");
goto bailout;
}
- decrypt_block (p, plain, ti.length, salt, saltlen, iter, pw,
- is_3des? GCRY_CIPHER_3DES : GCRY_CIPHER_RFC2268_40,
+ decrypt_block (p, plain, ti.length, salt, saltlen, iter, pw,
+ is_3des? GCRY_CIPHER_3DES : GCRY_CIPHER_RFC2268_40,
bag_decrypted_data_p);
n = ti.length;
startoffset = 0;
@@ -891,7 +891,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
len -= ti.length;
if (!result_count && ti.length == 1 && !*p)
; /* ignore the very first one if it is a 0 */
- else
+ else
{
int rc;
@@ -927,7 +927,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
goto bailout;
p += DIM(oid_x509Certificate_for_pkcs_12);
n -= DIM(oid_x509Certificate_for_pkcs_12);
-
+
where = "certbag.before.octetstring";
if (parse_tag (&p, &n, &ti))
goto bailout;
@@ -937,11 +937,11 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
goto bailout;
if (ti.class || ti.tag != TAG_OCTET_STRING || ti.ndef)
goto bailout;
-
+
/* Return the certificate. */
if (certcb)
certcb (certcbarg, p, ti.length);
-
+
p += ti.length;
n -= ti.length;
}
@@ -951,7 +951,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
reasonable assume that all valid data will be longer than
just one block. */
if (n <= 8)
- n = 0;
+ n = 0;
/* Skip the optional SET with the pkcs12 cert attributes. */
if (n)
@@ -974,7 +974,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
goto bailout;
}
}
-
+
if (r_consumed)
*r_consumed = consumed;
gcry_free (plain);
@@ -1033,7 +1033,7 @@ bag_data_p (const void *plaintext, size_t length)
|| ti.length != 1 || *p)
return 0;
- return 1;
+ return 1;
}
@@ -1081,7 +1081,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
*r_consumed = consumed;
r_consumed = NULL; /* Ugly hack to not update that value any further. */
}
-
+
where = "data.outerseqs";
if (parse_tag (&p, &n, &ti))
@@ -1148,18 +1148,18 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
for (iter=0; ti.length; ti.length--)
{
iter <<= 8;
- iter |= (*p++) & 0xff;
+ iter |= (*p++) & 0xff;
n--;
}
-
+
where = "3des-ciphertext";
if (parse_tag (&p, &n, &ti))
goto bailout;
if (ti.class || ti.tag != TAG_OCTET_STRING || !ti.length )
goto bailout;
-
+
log_info ("%lu bytes of 3DES encrypted text\n", ti.length);
-
+
plain = gcry_malloc_secure (ti.length);
if (!plain)
{
@@ -1167,8 +1167,8 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
goto bailout;
}
consumed += p - p_start + ti.length;
- decrypt_block (p, plain, ti.length, salt, saltlen, iter, pw,
- GCRY_CIPHER_3DES,
+ decrypt_block (p, plain, ti.length, salt, saltlen, iter, pw,
+ GCRY_CIPHER_3DES,
bag_data_p);
n = ti.length;
startoffset = 0;
@@ -1230,7 +1230,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
len -= ti.length;
if (!result_count && ti.length == 1 && !*p)
; /* ignore the very first one if it is a 0 */
- else
+ else
{
rc = gcry_mpi_scan (result+result_count, GCRYMPI_FMT_USG, p,
ti.length, NULL);
@@ -1304,7 +1304,7 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw,
if (ti.tag != TAG_INTEGER || ti.length != 1 || *p != 3)
goto bailout;
p++; n--;
-
+
where = "authSave";
if (parse_tag (&p, &n, &ti))
goto bailout;
@@ -1352,7 +1352,7 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw,
if (parse_tag (&p, &n, &ti))
goto bailout;
if (bagseqndef && ti.class == UNIVERSAL && !ti.tag && !ti.is_constructed)
- break; /* Ready */
+ break; /* Ready */
if (ti.class != UNIVERSAL || ti.tag != TAG_SEQUENCE)
goto bailout;
@@ -1371,9 +1371,9 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw,
if (parse_tag (&p, &n, &ti))
goto bailout;
if (lenndef)
- len = ti.nhdr;
+ len = ti.nhdr;
else
- len -= ti.nhdr;
+ len -= ti.nhdr;
if (ti.tag == TAG_OBJECT_ID && ti.length == DIM(oid_encryptedData)
&& !memcmp (p, oid_encryptedData, DIM(oid_encryptedData)))
@@ -1436,7 +1436,7 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw,
goto bailout;
}
}
-
+
gcry_free (cram_buffer);
return result;
bailout:
@@ -1458,7 +1458,7 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw,
static size_t
compute_tag_length (size_t n)
-{
+{
int needed = 0;
if (n < 128)
@@ -1477,7 +1477,7 @@ compute_tag_length (size_t n)
static unsigned char *
store_tag_length (unsigned char *p, int tag, size_t n)
-{
+{
if (tag == TAG_SEQUENCE)
tag |= 0x20; /* constructed */
@@ -1576,7 +1576,7 @@ create_final (struct buffer_s *sequences, const char *pw, size_t *r_length)
/* 1. Store the version integer 3. */
*p++ = TAG_INTEGER;
- *p++ = 1;
+ *p++ = 1;
*p++ = 3;
/* 2. Store another sequence. */
@@ -1584,8 +1584,8 @@ create_final (struct buffer_s *sequences, const char *pw, size_t *r_length)
/* 3. Store the data OID. */
p = store_tag_length (p, TAG_OBJECT_ID, DIM (oid_data));
- memcpy (p, oid_data, DIM (oid_data));
- p += DIM (oid_data);
+ memcpy (p, oid_data, DIM (oid_data));
+ p += DIM (oid_data);
/* 4. Next comes a context tag. */
p = store_tag_length (p, 0xa0, len[4]);
@@ -1662,7 +1662,7 @@ create_final (struct buffer_s *sequences, const char *pw, size_t *r_length)
SEQUENCE {
INTEGER 0
INTEGER
- INTEGER
+ INTEGER
INTEGER
INTEGER
INTEGER
@@ -1672,9 +1672,9 @@ create_final (struct buffer_s *sequences, const char *pw, size_t *r_length)
}
}
}
-*/
-
-static unsigned char *
+*/
+
+static unsigned char *
build_key_sequence (gcry_mpi_t *kparms, size_t *r_length)
{
int rc, i;
@@ -1727,7 +1727,7 @@ build_key_sequence (gcry_mpi_t *kparms, size_t *r_length)
if (!n)
return NULL;
needed += n;
-
+
/* allocate 8 extra bytes for padding */
plain = gcry_malloc_secure (needed+8);
if (!plain)
@@ -1735,7 +1735,7 @@ build_key_sequence (gcry_mpi_t *kparms, size_t *r_length)
log_error ("error allocating encryption buffer\n");
return NULL;
}
-
+
/* And now fill the plaintext buffer. */
p = plain;
p = store_tag_length (p, TAG_SEQUENCE, outseqlen);
@@ -1746,8 +1746,8 @@ build_key_sequence (gcry_mpi_t *kparms, size_t *r_length)
/* Store object identifier sequence. */
p = store_tag_length (p, TAG_SEQUENCE, oidseqlen);
p = store_tag_length (p, TAG_OBJECT_ID, DIM (oid_rsaEncryption));
- memcpy (p, oid_rsaEncryption, DIM (oid_rsaEncryption));
- p += DIM (oid_rsaEncryption);
+ memcpy (p, oid_rsaEncryption, DIM (oid_rsaEncryption));
+ p += DIM (oid_rsaEncryption);
*p++ = TAG_NULL;
*p++ = 0;
/* Start with the octet string. */
@@ -1769,7 +1769,7 @@ build_key_sequence (gcry_mpi_t *kparms, size_t *r_length)
return NULL;
}
p = store_tag_length (p, TAG_INTEGER, n);
-
+
n = plain + needed - p;
rc = gcry_mpi_print (GCRYMPI_FMT_STD, p, n, &n, kparms[i]);
if (rc)
@@ -1864,8 +1864,8 @@ build_key_bag (unsigned char *buffer, size_t buflen, char *salt,
/* 1. Store the data OID. */
p = store_tag_length (p, TAG_OBJECT_ID, DIM (oid_data));
- memcpy (p, oid_data, DIM (oid_data));
- p += DIM (oid_data);
+ memcpy (p, oid_data, DIM (oid_data));
+ p += DIM (oid_data);
/* 2. Store a [0] tag. */
p = store_tag_length (p, 0xa0, len[2]);
@@ -1881,8 +1881,8 @@ build_key_bag (unsigned char *buffer, size_t buflen, char *salt,
p = store_tag_length (p, TAG_OBJECT_ID,
DIM (oid_pkcs_12_pkcs_8ShroudedKeyBag));
memcpy (p, oid_pkcs_12_pkcs_8ShroudedKeyBag,
- DIM (oid_pkcs_12_pkcs_8ShroudedKeyBag));
- p += DIM (oid_pkcs_12_pkcs_8ShroudedKeyBag);
+ DIM (oid_pkcs_12_pkcs_8ShroudedKeyBag));
+ p += DIM (oid_pkcs_12_pkcs_8ShroudedKeyBag);
/* 7. Store a [0] tag. */
p = store_tag_length (p, 0xa0, len[7]);
@@ -1918,7 +1918,7 @@ build_key_bag (unsigned char *buffer, size_t buflen, char *salt,
if (needed != keybaglen)
log_debug ("length mismatch: %lu, %lu\n",
(unsigned long)needed, (unsigned long)keybaglen);
-
+
*r_length = keybaglen;
return keybag;
}
@@ -1981,8 +1981,8 @@ build_cert_bag (unsigned char *buffer, size_t buflen, char *salt,
/* 1. Store the encryptedData OID. */
p = store_tag_length (p, TAG_OBJECT_ID, DIM (oid_encryptedData));
- memcpy (p, oid_encryptedData, DIM (oid_encryptedData));
- p += DIM (oid_encryptedData);
+ memcpy (p, oid_encryptedData, DIM (oid_encryptedData));
+ p += DIM (oid_encryptedData);
/* 2. Store a [0] tag. */
p = store_tag_length (p, 0xa0, len[2]);
@@ -1992,7 +1992,7 @@ build_cert_bag (unsigned char *buffer, size_t buflen, char *salt,
/* 4. Store the integer 0. */
*p++ = TAG_INTEGER;
- *p++ = 1;
+ *p++ = 1;
*p++ = 0;
/* 5. Store a sequence. */
@@ -2000,8 +2000,8 @@ build_cert_bag (unsigned char *buffer, size_t buflen, char *salt,
/* 6. Store the data OID. */
p = store_tag_length (p, TAG_OBJECT_ID, DIM (oid_data));
- memcpy (p, oid_data, DIM (oid_data));
- p += DIM (oid_data);
+ memcpy (p, oid_data, DIM (oid_data));
+ p += DIM (oid_data);
/* 7. Now for the pre-encoded algorithm identifier and the salt. */
memcpy (p, data_rc2iter2048, DIM (data_rc2iter2048));
@@ -2013,7 +2013,7 @@ build_cert_bag (unsigned char *buffer, size_t buflen, char *salt,
memcpy (p, buffer, buflen);
p += buflen;
certbaglen = p - certbag;
-
+
if (needed != certbaglen)
log_debug ("length mismatch: %lu, %lu\n",
(unsigned long)needed, (unsigned long)certbaglen);
@@ -2024,7 +2024,7 @@ build_cert_bag (unsigned char *buffer, size_t buflen, char *salt,
static unsigned char *
-build_cert_sequence (const unsigned char *buffer, size_t buflen,
+build_cert_sequence (const unsigned char *buffer, size_t buflen,
const unsigned char *sha1hash, const char *keyidstr,
size_t *r_length)
{
@@ -2089,8 +2089,8 @@ build_cert_sequence (const unsigned char *buffer, size_t buflen,
/* 2. Store the pkcs12-cert-bag OID. */
p = store_tag_length (p, TAG_OBJECT_ID, DIM (oid_pkcs_12_CertBag));
- memcpy (p, oid_pkcs_12_CertBag, DIM (oid_pkcs_12_CertBag));
- p += DIM (oid_pkcs_12_CertBag);
+ memcpy (p, oid_pkcs_12_CertBag, DIM (oid_pkcs_12_CertBag));
+ p += DIM (oid_pkcs_12_CertBag);
/* 3. Store a [0] tag. */
p = store_tag_length (p, 0xa0, len[3]);
@@ -2102,8 +2102,8 @@ build_cert_sequence (const unsigned char *buffer, size_t buflen,
p = store_tag_length (p, TAG_OBJECT_ID,
DIM (oid_x509Certificate_for_pkcs_12));
memcpy (p, oid_x509Certificate_for_pkcs_12,
- DIM (oid_x509Certificate_for_pkcs_12));
- p += DIM (oid_x509Certificate_for_pkcs_12);
+ DIM (oid_x509Certificate_for_pkcs_12));
+ p += DIM (oid_x509Certificate_for_pkcs_12);
/* 6. Store a [0] tag. */
p = store_tag_length (p, 0xa0, len[6]);
@@ -2112,7 +2112,7 @@ build_cert_sequence (const unsigned char *buffer, size_t buflen,
p = store_tag_length (p, TAG_OCTET_STRING, buflen);
memcpy (p, buffer, buflen);
p += buflen;
-
+
/* Append the attributes whose length we calculated at step 2b. */
if (sha1hash)
{
@@ -2133,7 +2133,7 @@ build_cert_sequence (const unsigned char *buffer, size_t buflen,
n = 8 - certseqlen % 8;
for (i=0; i < n; i++, certseqlen++)
*p++ = n;
-
+
*r_length = certseqlen;
return certseq;
}
@@ -2143,7 +2143,7 @@ build_cert_sequence (const unsigned char *buffer, size_t buflen,
Create a PKCS structure from it and return it as well as the length
in R_LENGTH; return NULL in case of an error. If CHARSET is not
NULL, re-encode PW to that character set. */
-unsigned char *
+unsigned char *
p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
const char *pw, const char *charset, size_t *r_length)
{
@@ -2193,7 +2193,7 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
outptr = pwbuf;
outbytes = pwbufsize - 1;
if ( jnlib_iconv (cd, (const char **)&inptr, &inbytes,
- &outptr, &outbytes) == (size_t)-1)
+ &outptr, &outbytes) == (size_t)-1)
{
log_error ("error converting passphrase to"
" requested charset `%s': %s\n",
@@ -2225,7 +2225,7 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
gcry_randomize (salt, 8, GCRY_STRONG_RANDOM);
crypt_block (buffer, buflen, salt, 8, 2048, pw,
GCRY_CIPHER_RFC2268_40, 1);
-
+
/* Encode the encrypted stuff into a bag. */
seqlist[seqlistidx].buffer = build_cert_bag (buffer, buflen, salt, &n);
seqlist[seqlistidx].length = n;
@@ -2243,14 +2243,14 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
buffer = build_key_sequence (kparms, &buflen);
if (!buffer)
goto failure;
-
+
/* Encrypt it. */
gcry_randomize (salt, 8, GCRY_STRONG_RANDOM);
crypt_block (buffer, buflen, salt, 8, 2048, pw, GCRY_CIPHER_3DES, 1);
/* Encode the encrypted stuff into a bag. */
if (cert && certlen)
- seqlist[seqlistidx].buffer = build_key_bag (buffer, buflen, salt,
+ seqlist[seqlistidx].buffer = build_key_bag (buffer, buflen, salt,
sha1hash, keyidstr, &n);
else
seqlist[seqlistidx].buffer = build_key_bag (buffer, buflen, salt,
@@ -2284,7 +2284,7 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
#ifdef TEST
-static void
+static void
cert_cb (void *opaque, const unsigned char *cert, size_t certlen)
{
printf ("got a certificate of %u bytes length\n", certlen);
@@ -2315,7 +2315,7 @@ main (int argc, char **argv)
fprintf (stderr, "can't open `%s': %s\n", argv[1], strerror (errno));
return 1;
}
-
+
if (fstat (fileno(fp), &st))
{
fprintf (stderr, "can't stat `%s': %s\n", argv[1], strerror (errno));
diff --git a/sm/misc.c b/sm/misc.c
index 58ef4833c..2d6cdd6b5 100644
--- a/sm/misc.c
+++ b/sm/misc.c
@@ -86,4 +86,3 @@ setup_pinentry_env (void)
#endif /*!HAVE_W32_SYSTEM*/
}
-
diff --git a/sm/qualified.c b/sm/qualified.c
index bb8e78f7f..b24b65eaf 100644
--- a/sm/qualified.c
+++ b/sm/qualified.c
@@ -89,13 +89,13 @@ read_list (char *key, char *country, int *lnr)
: GPG_ERR_INCOMPLETE_LINE);
}
++*lnr;
-
+
/* Allow for empty lines and spaces */
for (p=line; spacep (p); p++)
;
}
while (!*p || *p == '\n' || *p == '#');
-
+
for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
if ( p[i] != ':' )
key[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
@@ -110,8 +110,8 @@ read_list (char *key, char *country, int *lnr)
i++;
while (spacep (p+i))
i++;
- if ( p[i] >= 'a' && p[i] <= 'z'
- && p[i+1] >= 'a' && p[i+1] <= 'z'
+ if ( p[i] >= 'a' && p[i] <= 'z'
+ && p[i+1] >= 'a' && p[i+1] <= 'z'
&& (spacep (p+i+2) || p[i+2] == '\n'))
{
country[0] = p[i];
@@ -135,7 +135,7 @@ read_list (char *key, char *country, int *lnr)
as maintained by gpg-agent and includes fingerprints of root
certificates to be used for qualified (legally binding like
handwritten) signatures. We keep this list system wide and not
- per user because it is not a decision of the user.
+ per user because it is not a decision of the user.
Returns: 0 if the certificate is included. GPG_ERR_NOT_FOUND if it
is not in the list or any other error (e.g. if no list of
@@ -210,7 +210,7 @@ gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert)
"equated to a handwritten signature.\n\n%s%s"
"Are you really sure that you want to do this?"),
subject? subject:"?",
- opt.qualsig_approval?
+ opt.qualsig_approval?
"":
_("Note, that this software is not officially approved "
"to create or verify such signatures.\n"),
@@ -246,7 +246,7 @@ gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert)
*p++ = *s;
}
*p = 0;
- free (name);
+ free (name);
err = gpgsm_agent_get_confirmation (ctrl, buffer);
@@ -315,7 +315,7 @@ gpgsm_not_qualified_warning (ctrl_t ctrl, ksba_cert_t cert)
*p++ = *s;
}
*p = 0;
- free (name);
+ free (name);
err = gpgsm_agent_get_confirmation (ctrl, buffer);
diff --git a/sm/server.c b/sm/server.c
index 6eaadd768..19c4a1678 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -1,4 +1,4 @@
-/* server.c - Server mode and main entry point
+/* server.c - Server mode and main entry point
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
* 2010 Free Software Foundation, Inc.
*
@@ -81,7 +81,7 @@ strcpy_escaped_plus (char *d, const char *s)
while (*s)
{
if (*s == '%' && s[1] && s[2])
- {
+ {
s++;
*d++ = xtoi_2 (s);
s += 2;
@@ -91,11 +91,11 @@ strcpy_escaped_plus (char *d, const char *s)
else
*d++ = *s++;
}
- *d = 0;
+ *d = 0;
}
-/* Skip over options.
+/* Skip over options.
Blanks after the options are also removed. */
static char *
skip_options (const char *line)
@@ -158,7 +158,7 @@ data_line_cookie_close (void *cookie)
}
-static void
+static void
close_message_fd (ctrl_t ctrl)
{
if (ctrl->server_local->message_fd != -1)
@@ -180,7 +180,7 @@ start_audit_session (ctrl_t ctrl)
ctrl->audit = NULL;
if (ctrl->server_local->enable_audit_log && !(ctrl->audit = audit_new ()) )
return gpg_error_from_syserror ();
-
+
return 0;
}
@@ -338,9 +338,9 @@ input_notify (assuan_context_t ctx, char *line)
ctrl->is_pem = 0;
ctrl->is_base64 = 0;
if (strstr (line, "--armor"))
- ctrl->is_pem = 1;
+ ctrl->is_pem = 1;
else if (strstr (line, "--base64"))
- ctrl->is_base64 = 1;
+ ctrl->is_base64 = 1;
else if (strstr (line, "--binary"))
;
else
@@ -356,14 +356,14 @@ output_notify (assuan_context_t ctx, char *line)
ctrl->create_pem = 0;
ctrl->create_base64 = 0;
if (strstr (line, "--armor"))
- ctrl->create_pem = 1;
+ ctrl->create_pem = 1;
else if (strstr (line, "--base64"))
ctrl->create_base64 = 1; /* just the raw output */
return 0;
}
-static const char hlp_recipient[] =
+static const char hlp_recipient[] =
"RECIPIENT <userID>\n"
"\n"
"Set the recipient for the encryption. USERID shall be the\n"
@@ -399,7 +399,7 @@ cmd_recipient (assuan_context_t ctx, char *line)
}
-static const char hlp_signer[] =
+static const char hlp_signer[] =
"SIGNER <userID>\n"
"\n"
"Set the signer's keys for the signature creation. USERID should\n"
@@ -423,18 +423,18 @@ cmd_signer (assuan_context_t ctx, char *line)
&ctrl->server_local->signerlist, 0);
if (rc)
{
- gpgsm_status2 (ctrl, STATUS_INV_SGNR,
+ gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (rc), line, NULL);
/* For compatibiliy reasons we also issue the old code after the
new one. */
- gpgsm_status2 (ctrl, STATUS_INV_RECP,
+ gpgsm_status2 (ctrl, STATUS_INV_RECP,
get_inv_recpsgnr_code (rc), line, NULL);
}
return rc;
}
-static const char hlp_encrypt[] =
+static const char hlp_encrypt[] =
"ENCRYPT \n"
"\n"
"Do the actual encryption process. Takes the plaintext from the INPUT\n"
@@ -469,7 +469,7 @@ cmd_encrypt (assuan_context_t ctx, char *line)
out_fp = es_fdopen_nc (out_fd, "w");
if (!out_fp)
return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
-
+
/* Now add all encrypt-to marked recipients from the default
list. */
rc = 0;
@@ -498,7 +498,7 @@ cmd_encrypt (assuan_context_t ctx, char *line)
}
-static const char hlp_decrypt[] =
+static const char hlp_decrypt[] =
"DECRYPT\n"
"\n"
"This performs the decrypt operation after doing some check on the\n"
@@ -529,7 +529,7 @@ cmd_decrypt (assuan_context_t ctx, char *line)
rc = start_audit_session (ctrl);
if (!rc)
- rc = gpgsm_decrypt (ctrl, inp_fd, out_fp);
+ rc = gpgsm_decrypt (ctrl, inp_fd, out_fp);
es_fclose (out_fp);
/* Close and reset the fds. */
@@ -541,7 +541,7 @@ cmd_decrypt (assuan_context_t ctx, char *line)
}
-static const char hlp_verify[] =
+static const char hlp_verify[] =
"VERIFY\n"
"\n"
"This does a verify operation on the message send to the input FD.\n"
@@ -586,7 +586,7 @@ cmd_verify (assuan_context_t ctx, char *line)
}
-static const char hlp_sign[] =
+static const char hlp_sign[] =
"SIGN [--detached]\n"
"\n"
"Sign the data set with the INPUT command and write it to the sink\n"
@@ -608,7 +608,7 @@ cmd_sign (assuan_context_t ctx, char *line)
if (out_fd == -1)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
- detached = has_option (line, "--detached");
+ detached = has_option (line, "--detached");
out_fp = es_fdopen_nc (out_fd, "w");
if (!out_fp)
@@ -629,7 +629,7 @@ cmd_sign (assuan_context_t ctx, char *line)
}
-static const char hlp_import[] =
+static const char hlp_import[] =
"IMPORT [--re-import]\n"
"\n"
"Import the certificates read form the input-fd, return status\n"
@@ -647,7 +647,7 @@ cmd_import (assuan_context_t ctx, char *line)
ctrl_t ctrl = assuan_get_pointer (ctx);
int rc;
int fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- int reimport = has_option (line, "--re-import");
+ int reimport = has_option (line, "--re-import");
(void)line;
@@ -680,7 +680,7 @@ cmd_export (assuan_context_t ctx, char *line)
char *p;
strlist_t list, sl;
int use_data;
-
+
use_data = has_option (line, "--data");
if (use_data)
@@ -723,7 +723,7 @@ cmd_export (assuan_context_t ctx, char *line)
if (!stream)
{
free_strlist (list);
- return set_error (GPG_ERR_ASS_GENERAL,
+ return set_error (GPG_ERR_ASS_GENERAL,
"error setting up a data stream");
}
gpgsm_export (ctrl, list, stream);
@@ -745,7 +745,7 @@ cmd_export (assuan_context_t ctx, char *line)
free_strlist (list);
return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
}
-
+
gpgsm_export (ctrl, list, out_fp);
es_fclose (out_fp);
}
@@ -859,7 +859,7 @@ cmd_message (assuan_context_t ctx, char *line)
-static const char hlp_listkeys[] =
+static const char hlp_listkeys[] =
"LISTKEYS [<patterns>]\n"
"LISTSECRETKEYS [<patterns>]\n"
"DUMPKEYS [<patterns>]\n"
@@ -887,7 +887,7 @@ static const char hlp_listkeys[] =
"\n"
" \"list-to-output\" set to true: Write output to the file descriptor\n"
" given by the last \"OUTPUT\" command.";
-static int
+static int
do_listkeys (assuan_context_t ctx, char *line, int mode)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
@@ -934,12 +934,12 @@ do_listkeys (assuan_context_t ctx, char *line, int mode)
{
fp = es_fopencookie (ctx, "w", data_line_cookie_functions);
if (!fp)
- return set_error (GPG_ERR_ASS_GENERAL,
+ return set_error (GPG_ERR_ASS_GENERAL,
"error setting up a data stream");
}
-
+
ctrl->with_colons = 1;
- listmode = mode;
+ listmode = mode;
if (ctrl->server_local->list_internal)
listmode |= (1<<6);
if (ctrl->server_local->list_external)
@@ -1040,8 +1040,8 @@ cmd_getauditlog (assuan_context_t ctx, char *line)
int opt_data, opt_html;
int rc;
- opt_data = has_option (line, "--data");
- opt_html = has_option (line, "--html");
+ opt_data = has_option (line, "--data");
+ opt_html = has_option (line, "--html");
line = skip_options (line);
if (!ctrl->audit)
@@ -1051,7 +1051,7 @@ cmd_getauditlog (assuan_context_t ctx, char *line)
{
out_stream = es_fopencookie (ctx, "w", data_line_cookie_functions);
if (!out_stream)
- return set_error (GPG_ERR_ASS_GENERAL,
+ return set_error (GPG_ERR_ASS_GENERAL,
"error setting up a data stream");
}
else
@@ -1059,7 +1059,7 @@ cmd_getauditlog (assuan_context_t ctx, char *line)
out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
if (out_fd == -1)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
-
+
out_stream = es_fdopen_nc (out_fd, "w");
if (!out_stream)
{
@@ -1078,7 +1078,7 @@ cmd_getauditlog (assuan_context_t ctx, char *line)
return rc;
}
-static const char hlp_getinfo[] =
+static const char hlp_getinfo[] =
"GETINFO <what>\n"
"\n"
"Multipurpose function to return a variety of information.\n"
@@ -1169,7 +1169,7 @@ cmd_passwd (assuan_context_t ctx, char *line)
;
else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
err = gpg_error (GPG_ERR_INTERNAL);
- else
+ else
{
char *desc = gpgsm_format_keydesc (cert);
err = gpgsm_agent_passwd (ctrl, grip, desc);
@@ -1193,7 +1193,7 @@ command_has_option (const char *cmd, const char *cmdopt)
if (!strcmp (cmdopt, "re-import"))
return 1;
}
-
+
return 0;
}
@@ -1215,8 +1215,8 @@ register_commands (assuan_context_t ctx)
{ "SIGN", cmd_sign, hlp_sign },
{ "IMPORT", cmd_import, hlp_import },
{ "EXPORT", cmd_export, hlp_export },
- { "INPUT", NULL, hlp_input },
- { "OUTPUT", NULL, hlp_output },
+ { "INPUT", NULL, hlp_input },
+ { "OUTPUT", NULL, hlp_output },
{ "MESSAGE", cmd_message, hlp_message },
{ "LISTKEYS", cmd_listkeys, hlp_listkeys },
{ "DUMPKEYS", cmd_dumpkeys, hlp_listkeys },
@@ -1237,7 +1237,7 @@ register_commands (assuan_context_t ctx)
table[i].help);
if (rc)
return rc;
- }
+ }
return 0;
}
@@ -1340,7 +1340,7 @@ gpgsm_server (certlist_t default_recplist)
log_info ("Assuan accept problem: %s\n", gpg_strerror (rc));
break;
}
-
+
rc = assuan_process (ctx);
if (rc)
{
@@ -1384,40 +1384,40 @@ gpgsm_status2 (ctrl_t ctrl, int no, ...)
statusfp = stderr;
else
statusfp = fdopen (ctrl->status_fd, "w");
-
+
if (!statusfp)
{
log_fatal ("can't open fd %d for status output: %s\n",
ctrl->status_fd, strerror(errno));
}
}
-
+
fputs ("[GNUPG:] ", statusfp);
fputs (get_status_string (no), statusfp);
-
+
while ( (text = va_arg (arg_ptr, const char*) ))
{
putc ( ' ', statusfp );
- for (; *text; text++)
+ for (; *text; text++)
{
if (*text == '\n')
fputs ( "\\n", statusfp );
else if (*text == '\r')
fputs ( "\\r", statusfp );
- else
+ else
putc ( *(const byte *)text, statusfp );
}
}
putc ('\n', statusfp);
fflush (statusfp);
}
- else
+ else
{
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
char buf[950], *p;
size_t n;
- p = buf;
+ p = buf;
n = 0;
while ( (text = va_arg (arg_ptr, const char *)) )
{
@@ -1463,11 +1463,8 @@ gpgsm_status_with_err_code (ctrl_t ctrl, int no, const char *text,
gpg_error_t
gpgsm_proxy_pinentry_notify (ctrl_t ctrl, const unsigned char *line)
{
- if (!ctrl || !ctrl->server_local
+ if (!ctrl || !ctrl->server_local
|| !ctrl->server_local->allow_pinentry_notify)
return 0;
return assuan_inquire (ctrl->server_local->assuan_ctx, line, NULL, NULL, 0);
}
-
-
-
diff --git a/sm/sign.c b/sm/sign.c
index 250363be9..0f83db60b 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -51,7 +51,7 @@ hash_data (int fd, gcry_md_hd_t md)
return -1;
}
- do
+ do
{
nread = es_fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread);
@@ -85,7 +85,7 @@ hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer)
return tmperr;
}
- do
+ do
{
nread = es_fread (buffer, 1, DIM(buffer), fp);
if (nread)
@@ -154,7 +154,7 @@ gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert)
do
{
rc = keydb_get_cert (hd, &cert);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc));
keydb_release (hd);
@@ -177,13 +177,13 @@ gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert)
}
}
- ksba_cert_release (cert);
+ ksba_cert_release (cert);
cert = NULL;
}
while (!(rc = keydb_search_next (hd)));
if (rc && rc != -1)
log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc));
-
+
ksba_cert_release (cert);
keydb_release (hd);
return rc;
@@ -227,7 +227,7 @@ get_default_signer (ctrl_t ctrl)
{
log_debug ("failed to find default certificate: rc=%d\n", rc);
}
- else
+ else
{
rc = keydb_get_cert (kh, &cert);
if (rc)
@@ -243,7 +243,7 @@ get_default_signer (ctrl_t ctrl)
/* Depending on the options in CTRL add the certificate CERT as well as
other certificate up in the chain to the Root-CA to the CMS
object. */
-static int
+static int
add_certificate_list (ctrl_t ctrl, ksba_cms_t cms, ksba_cert_t cert)
{
gpg_error_t err;
@@ -304,7 +304,7 @@ add_certificate_list (ctrl_t ctrl, ksba_cms_t cms, ksba_cert_t cert)
-/* Perform a sign operation.
+/* Perform a sign operation.
Sign the data received on DATA-FD in embedded mode or in detached
mode when DETACHED is true. Write the signature to OUT_FP. The
@@ -382,7 +382,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (!cert)
{
log_error ("no default signer found\n");
- gpgsm_status2 (ctrl, STATUS_INV_SGNR,
+ gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (GPG_ERR_NO_SECKEY), NULL);
rc = gpg_error (GPG_ERR_GENERAL);
goto leave;
@@ -398,7 +398,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
char *tmpfpr;
tmpfpr = gpgsm_get_fingerprint_hexstring (cert, 0);
- gpgsm_status2 (ctrl, STATUS_INV_SGNR,
+ gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (rc), tmpfpr, NULL);
xfree (tmpfpr);
goto leave;
@@ -444,13 +444,13 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
case GCRY_MD_SHA384: oid = "2.16.840.1.101.3.4.2.2"; break;
case GCRY_MD_SHA512: oid = "2.16.840.1.101.3.4.2.3"; break;
/* case GCRY_MD_WHIRLPOOL: oid = "No OID yet"; break; */
-
+
case GCRY_MD_MD5: /* We don't want to use MD5. */
case 0: /* No algorithm found in cert. */
default: /* Other algorithms. */
log_info (_("hash algorithm %d (%s) for signer %d not supported;"
" using %s\n"),
- cl->hash_algo, oid? oid: "?", i,
+ cl->hash_algo, oid? oid: "?", i,
gcry_md_algo_name (GCRY_MD_SHA1));
cl->hash_algo = GCRY_MD_SHA1;
oid = "1.3.14.3.2.26";
@@ -462,7 +462,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (opt.verbose)
{
for (i=0, cl=signerlist; cl; cl = cl->next, i++)
- log_info (_("hash algorithm used for signer %d: %s (%s)\n"),
+ log_info (_("hash algorithm used for signer %d: %s (%s)\n"),
i, gcry_md_algo_name (cl->hash_algo), cl->hash_algo_oid);
}
@@ -473,7 +473,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
rc = gpgsm_cert_use_sign_p (cl->cert);
if (rc)
goto leave;
-
+
err = ksba_cms_add_signer (cms, cl->cert);
if (err)
{
@@ -509,13 +509,13 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
{
size_t buflen;
char buffer[1];
-
- err = ksba_cert_get_user_data (cl->cert, "is_qualified",
+
+ err = ksba_cert_get_user_data (cl->cert, "is_qualified",
&buffer, sizeof (buffer), &buflen);
if (err || !buflen)
{
log_error (_("checking for qualified certificate failed: %s\n"),
- gpg_strerror (err));
+ gpg_strerror (err));
rc = err;
goto leave;
}
@@ -619,7 +619,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
/* Main building loop. */
- do
+ do
{
err = ksba_cms_build (cms, &stopreason);
if (err)
@@ -630,7 +630,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
}
if (stopreason == KSBA_SR_BEGIN_DATA)
- {
+ {
/* Hash the data and store the message digest. */
unsigned char *digest;
size_t digest_len;
@@ -663,7 +663,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
}
}
else if (stopreason == KSBA_SR_NEED_SIG)
- {
+ {
/* Compute the signature for all signers. */
gcry_md_hd_t md;
@@ -690,7 +690,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
for (cl_tmp=signerlist; cl_tmp; cl_tmp = cl_tmp->next)
{
gcry_md_enable (md, cl_tmp->hash_algo);
- audit_log_i (ctrl->audit, AUDIT_ATTR_HASH_ALGO,
+ audit_log_i (ctrl->audit, AUDIT_ATTR_HASH_ALGO,
cl_tmp->hash_algo);
}
}
@@ -703,7 +703,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
gcry_md_close (md);
goto leave;
}
-
+
rc = gpgsm_create_cms_signature (ctrl, cl->cert,
md, cl->hash_algo, &sigval);
if (rc)
@@ -738,8 +738,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
int pkalgo = gpgsm_get_key_algo_info (cl->cert, NULL);
buf = xtryasprintf ("%c %d %d 00 %s %s",
detached? 'D':'S',
- pkalgo,
- cl->hash_algo,
+ pkalgo,
+ cl->hash_algo,
signed_at,
fpr);
if (!buf)
@@ -758,10 +758,10 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
gcry_md_close (md);
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -779,7 +779,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
gpgsm_release_certlist (signerlist);
ksba_cms_release (cms);
gpgsm_destroy_writer (b64writer);
- keydb_release (kh);
+ keydb_release (kh);
gcry_md_close (data_md);
return rc;
}
diff --git a/sm/verify.c b/sm/verify.c
index 7a13bcb7c..add1b445b 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -1,5 +1,5 @@
/* verify.c - Verify a messages signature
- * Copyright (C) 2001, 2002, 2003, 2007,
+ * Copyright (C) 2001, 2002, 2003, 2007,
* 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
@@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -38,7 +38,7 @@ static char *
strtimestamp_r (ksba_isotime_t atime)
{
char *buffer = xmalloc (15);
-
+
if (!atime || !*atime)
strcpy (buffer, "none");
else
@@ -65,7 +65,7 @@ hash_data (int fd, gcry_md_hd_t md)
return err;
}
- do
+ do
{
nread = es_fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread);
@@ -166,7 +166,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
audit_log (ctrl->audit, AUDIT_SETUP_READY);
is_detached = 0;
- do
+ do
{
rc = ksba_cms_parse (cms, &stopreason);
if (rc)
@@ -185,7 +185,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
if (stopreason == KSBA_SR_NEED_HASH
|| stopreason == KSBA_SR_BEGIN_DATA)
- {
+ {
audit_log (ctrl->audit, AUDIT_GOT_DATA);
/* We are now able to enable the hash algorithms */
@@ -214,7 +214,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
if (opt.extra_digest_algo)
{
if (DBG_X509)
- log_debug ("enabling extra hash algorithm %d\n",
+ log_debug ("enabling extra hash algorithm %d\n",
opt.extra_digest_algo);
gcry_md_enable (data_md, opt.extra_digest_algo);
audit_log_i (ctrl->audit, AUDIT_DATA_HASH_ALGO,
@@ -242,12 +242,12 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
audit_log_ok (ctrl->audit, AUDIT_DATA_HASHING, 0);
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
if (b64writer)
{
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
audit_log_ok (ctrl->audit, AUDIT_WRITE_ERROR, rc);
@@ -269,7 +269,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
certificate first before entering it into the DB. This way
we would avoid cluttering the DB with invalid
certificates. */
- audit_log_cert (ctrl->audit, AUDIT_SAVE_CERT, cert,
+ audit_log_cert (ctrl->audit, AUDIT_SAVE_CERT, cert,
keydb_store_cert (cert, 0, NULL));
ksba_cert_release (cert);
}
@@ -345,7 +345,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
&algo, &is_enabled)
|| !is_enabled)
{
- log_error ("digest algo %d (%s) has not been enabled\n",
+ log_error ("digest algo %d (%s) has not been enabled\n",
algo, algoid?algoid:"");
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "unsupported");
goto next_signer;
@@ -356,7 +356,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
assert (!msgdigest);
rc = 0;
algoid = NULL;
- algo = 0;
+ algo = 0;
}
else /* real error */
{
@@ -366,7 +366,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
rc = ksba_cms_get_sigattr_oids (cms, signer,
"1.2.840.113549.1.9.3", &ctattr);
- if (!rc)
+ if (!rc)
{
const char *s;
@@ -485,9 +485,9 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
gpgsm_status (ctrl, STATUS_BADSIG, fpr);
xfree (fpr);
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad");
- goto next_signer;
+ goto next_signer;
}
-
+
audit_log_i (ctrl->audit, AUDIT_ATTR_HASH_ALGO, sigval_hash_algo);
rc = gcry_md_open (&md, sigval_hash_algo, 0);
if (rc)
@@ -509,13 +509,13 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error");
goto next_signer;
}
- rc = gpgsm_check_cms_signature (cert, sigval, md,
+ rc = gpgsm_check_cms_signature (cert, sigval, md,
sigval_hash_algo, &info_pkalgo);
gcry_md_close (md);
}
else
{
- rc = gpgsm_check_cms_signature (cert, sigval, data_md,
+ rc = gpgsm_check_cms_signature (cert, sigval, data_md,
algo, &info_pkalgo);
}
@@ -543,7 +543,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
audit_log (ctrl->audit, AUDIT_VALIDATE_CHAIN);
rc = gpgsm_validate_chain (ctrl, cert,
*sigtime? sigtime : "19700101T000000",
- keyexptime, 0,
+ keyexptime, 0,
NULL, 0, &verifyflags);
{
char *fpr, *buf, *tstr;
@@ -556,7 +556,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
}
else
gpgsm_status (ctrl, STATUS_GOODSIG, fpr);
-
+
xfree (fpr);
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
@@ -582,7 +582,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
gpgsm_status_with_err_code (ctrl, STATUS_TRUST_NEVER, NULL,
gpg_err_code (rc));
else
- gpgsm_status_with_err_code (ctrl, STATUS_TRUST_UNDEFINED, NULL,
+ gpgsm_status_with_err_code (ctrl, STATUS_TRUST_UNDEFINED, NULL,
gpg_err_code (rc));
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad");
goto next_signer;
@@ -604,7 +604,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
{
size_t qualbuflen;
char qualbuffer[1];
-
+
rc = ksba_cert_get_user_data (cert, "is_qualified", &qualbuffer,
sizeof (qualbuffer), &qualbuflen);
if (!rc && qualbuflen)
@@ -613,20 +613,20 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
{
log_info (_("This is a qualified signature\n"));
if (!opt.qualsig_approval)
- log_info
+ log_info
(_("Note, that this software is not officially approved "
"to create or verify such signatures.\n"));
}
- }
+ }
else if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
log_error ("get_user_data(is_qualified) failed: %s\n",
- gpg_strerror (rc));
+ gpg_strerror (rc));
}
- gpgsm_status (ctrl, STATUS_TRUST_FULLY,
+ gpgsm_status (ctrl, STATUS_TRUST_FULLY,
(verifyflags & VALIDATE_FLAG_CHAIN_MODEL)?
"0 chain": "0 shell");
-
+
next_signer:
rc = 0;
@@ -643,7 +643,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
ksba_cms_release (cms);
gpgsm_destroy_reader (b64reader);
gpgsm_destroy_writer (b64writer);
- keydb_release (kh);
+ keydb_release (kh);
gcry_md_close (data_md);
es_fclose (in_fp);
@@ -657,4 +657,3 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
return rc;
}
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 18:15:42 +0000