aboutsummaryrefslogtreecommitdiffstats
path: root/sm
diff options
context:
space:
mode:
Diffstat (limited to 'sm')
-rw-r--r--sm/certcheck.c20
-rw-r--r--sm/certreqgen.c58
-rw-r--r--sm/sign.c62
-rw-r--r--sm/verify.c56
4 files changed, 98 insertions, 98 deletions
diff --git a/sm/certcheck.c b/sm/certcheck.c
index 51a809b8f..e2e4a4ba3 100644
--- a/sm/certcheck.c
+++ b/sm/certcheck.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -106,7 +106,7 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
{
log_error (_("a %u bit hash is not valid for a %u bit %s key\n"),
(unsigned int)nframe*8,
- gcry_pk_get_nbits (pkey),
+ gcry_pk_get_nbits (pkey),
gcry_pk_algo_name (pkalgo));
/* FIXME: we need to check the requirements for ECDSA. */
if (nframe < 20 || pkalgo == GCRY_PK_DSA )
@@ -139,16 +139,16 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
log_error ("no object identifier for algo %d\n", algo);
return gpg_error (GPG_ERR_INTERNAL);
}
-
+
len = gcry_md_get_algo_dlen (algo);
-
+
if ( len + asnlen + 4 > nframe )
{
log_error ("can't encode a %d bit MD into a %d bits frame\n",
(int)(len*8), (int)nbits);
return gpg_error (GPG_ERR_INTERNAL);
}
-
+
/* We encode the MD in this way:
*
* 0 A PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes)
@@ -177,7 +177,7 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
log_printf (" %02X", frame[j]);
log_printf ("\n");
}
-
+
gcry_mpi_scan (r_val, GCRYMPI_FMT_USG, frame, n, &nframe);
xfree (frame);
return 0;
@@ -251,7 +251,7 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
return rc;
}
if (DBG_HASHING)
- gcry_md_start_debug (md, "hash.cert");
+ gcry_md_debug (md, "hash.cert");
rc = ksba_cert_hash (cert, 1, HASH_FNC, md);
if (rc)
@@ -324,7 +324,7 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
BUG ();
gcry_mpi_release (frame);
-
+
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
if (DBG_X509)
log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
@@ -400,7 +400,7 @@ gpgsm_check_cms_signature (ksba_cert_t cert, ksba_const_sexp_t sigval,
if ( gcry_sexp_build (&s_hash, NULL, "%m", frame) )
BUG ();
gcry_mpi_release (frame);
-
+
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
if (DBG_X509)
log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
@@ -427,7 +427,7 @@ gpgsm_create_cms_signature (ctrl_t ctrl, ksba_cert_t cert,
desc = gpgsm_format_keydesc (cert);
- rc = gpgsm_agent_pksign (ctrl, grip, desc, gcry_md_read(md, mdalgo),
+ rc = gpgsm_agent_pksign (ctrl, grip, desc, gcry_md_read(md, mdalgo),
gcry_md_get_algo_dlen (mdalgo), mdalgo,
r_sigval, &siglen);
xfree (desc);
diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 49b2b9208..c3f3165c2 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -74,9 +74,9 @@ The format of the native parameter file is follows:
This is the DN name of the subject in rfc2253 format.
Name-Email: <string>
The is an email address for the altSubjectName
- Name-DNS: <string>
+ Name-DNS: <string>
The is an DNS name for the altSubjectName
- Name-URI: <string>
+ Name-URI: <string>
The is an URI for the altSubjectName
Here is an example:
@@ -98,7 +98,7 @@ EOF
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -126,7 +126,7 @@ struct para_data_s {
int lnr;
enum para_name key;
union {
- unsigned int usage;
+ unsigned int usage;
char value[1];
} u;
};
@@ -156,7 +156,7 @@ static void
release_parameter_list (struct para_data_s *r)
{
struct para_data_s *r2;
-
+
for (; r ; r = r2)
{
r2 = r->next;
@@ -168,7 +168,7 @@ static struct para_data_s *
get_parameter (struct para_data_s *para, enum para_name key, int seq)
{
struct para_data_s *r;
-
+
for (r = para; r ; r = r->next)
if ( r->key == key && !seq--)
return r;
@@ -190,7 +190,7 @@ get_parameter_algo (struct para_data_s *para, enum para_name key)
return -1;
if (digitp (r->u.value))
return atoi( r->u.value );
- return gcry_pk_map_name (r->u.value);
+ return gcry_pk_map_name (r->u.value);
}
/* Parse the usage parameter. Returns 0 on success. Note that we
@@ -203,10 +203,10 @@ parse_parameter_usage (struct para_data_s *para, enum para_name key)
struct para_data_s *r = get_parameter (para, key, 0);
char *p, *pn;
unsigned int use;
-
+
if (!r)
return 0; /* none (this is an optional parameter)*/
-
+
use = 0;
pn = r->u.value;
while ( (p = strsep (&pn, " \t,")) )
@@ -474,7 +474,7 @@ proc_parameters (ctrl_t ctrl,
log_error (_("line %d: invalid algorithm\n"), r->lnr);
return gpg_error (GPG_ERR_INV_PARAMETER);
}
-
+
/* Check the keylength. */
if (!get_parameter (para, pKEYLENGTH, 0))
nbits = 2048;
@@ -489,7 +489,7 @@ proc_parameters (ctrl_t ctrl,
xfree (cardkeyid);
return gpg_error (GPG_ERR_INV_PARAMETER);
}
-
+
/* Check the usage. */
if (parse_parameter_usage (para, pKEYUSAGE))
{
@@ -523,7 +523,7 @@ proc_parameters (ctrl_t ctrl,
/* Check that the optional email address is okay. */
for (seq=0; (s=get_parameter_value (para, pNAMEEMAIL, seq)); seq++)
- {
+ {
if (has_invalid_email_chars (s)
|| *s == '@'
|| s[strlen(s)-1] == '@'
@@ -564,7 +564,7 @@ proc_parameters (ctrl_t ctrl,
else /* Generate new key. */
{
sprintf (numbuf, "%u", nbits);
- snprintf ((char*)keyparms, DIM (keyparms)-1,
+ snprintf ((char*)keyparms, DIM (keyparms)-1,
"(6:genkey(3:rsa(5:nbits%d:%s)))",
(int)strlen (numbuf), numbuf);
rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
@@ -589,8 +589,8 @@ proc_parameters (ctrl_t ctrl,
/* Parameters are checked, the key pair has been created. Now
generate the request and write it out */
static int
-create_request (ctrl_t ctrl,
- struct para_data_s *para,
+create_request (ctrl_t ctrl,
+ struct para_data_s *para,
const char *carddirect,
ksba_const_sexp_t public,
struct reqgen_ctrl_s *outctrl)
@@ -618,11 +618,11 @@ create_request (ctrl_t ctrl,
goto leave;
}
if (DBG_HASHING)
- gcry_md_start_debug (md, "cr.cri");
+ gcry_md_debug (md, "cr.cri");
ksba_certreq_set_hash_function (cr, HASH_FNC, md);
ksba_certreq_set_writer (cr, outctrl->writer);
-
+
err = ksba_certreq_add_subject (cr, get_parameter_value (para, pNAMEDN, 0));
if (err)
{
@@ -718,14 +718,14 @@ create_request (ctrl_t ctrl,
goto leave;
}
-
+
use = get_parameter_uint (para, pKEYUSAGE);
if (use == GCRY_PK_USAGE_SIGN)
{
/* For signing only we encode the bits:
KSBA_KEYUSAGE_DIGITAL_SIGNATURE
KSBA_KEYUSAGE_NON_REPUDIATION */
- err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
+ err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
"\x03\x02\x06\xC0", 4);
}
else if (use == GCRY_PK_USAGE_ENCR)
@@ -733,7 +733,7 @@ create_request (ctrl_t ctrl,
/* For encrypt only we encode the bits:
KSBA_KEYUSAGE_KEY_ENCIPHERMENT
KSBA_KEYUSAGE_DATA_ENCIPHERMENT */
- err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
+ err = ksba_certreq_add_extension (cr, oidstr_keyUsage, 1,
"\x03\x02\x04\x30", 4);
}
else
@@ -746,7 +746,7 @@ create_request (ctrl_t ctrl,
goto leave;
}
-
+
do
{
err = ksba_certreq_build (cr, &stopreason);
@@ -788,11 +788,11 @@ create_request (ctrl_t ctrl,
gcry_sexp_release (s_pkey);
bin2hex (grip, 20, hexgrip);
- log_info ("about to sign CSR for key: &%s\n", hexgrip);
+ log_info ("about to sign CSR for key: &%s\n", hexgrip);
if (carddirect)
rc = gpgsm_scd_pksign (ctrl, carddirect, NULL,
- gcry_md_read(md, GCRY_MD_SHA1),
+ gcry_md_read(md, GCRY_MD_SHA1),
gcry_md_get_algo_dlen (GCRY_MD_SHA1),
GCRY_MD_SHA1,
&sigval, &siglen);
@@ -802,13 +802,13 @@ create_request (ctrl_t ctrl,
char *desc;
orig_codeset = i18n_switchto_utf8 ();
- desc = percent_plus_escape
+ desc = percent_plus_escape
(_("To complete this certificate request please enter"
" the passphrase for the key you just created once"
" more.\n"));
i18n_switchback (orig_codeset);
rc = gpgsm_agent_pksign (ctrl, hexgrip, desc,
- gcry_md_read(md, GCRY_MD_SHA1),
+ gcry_md_read(md, GCRY_MD_SHA1),
gcry_md_get_algo_dlen (GCRY_MD_SHA1),
GCRY_MD_SHA1,
&sigval, &siglen);
@@ -819,7 +819,7 @@ create_request (ctrl_t ctrl,
log_error ("signing failed: %s\n", gpg_strerror (rc));
goto leave;
}
-
+
err = ksba_certreq_set_sig_val (cr, sigval);
xfree (sigval);
if (err)
@@ -831,13 +831,13 @@ create_request (ctrl_t ctrl,
}
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
leave:
gcry_md_close (md);
ksba_certreq_release (cr);
- return rc;
+ return rc;
}
@@ -868,7 +868,7 @@ gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, FILE *out_fp)
}
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
diff --git a/sm/sign.c b/sm/sign.c
index fd7c4ff2f..a9d4990f6 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -50,7 +50,7 @@ hash_data (int fd, gcry_md_hd_t md)
return -1;
}
- do
+ do
{
nread = fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread);
@@ -83,7 +83,7 @@ hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer)
return tmperr;
}
- do
+ do
{
nread = fread (buffer, 1, DIM(buffer), fp);
if (nread)
@@ -152,7 +152,7 @@ gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert)
do
{
rc = keydb_get_cert (hd, &cert);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc));
keydb_release (hd);
@@ -175,13 +175,13 @@ gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert)
}
}
- ksba_cert_release (cert);
+ ksba_cert_release (cert);
cert = NULL;
}
while (!(rc = keydb_search_next (hd)));
if (rc && rc != -1)
log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc));
-
+
ksba_cert_release (cert);
keydb_release (hd);
return rc;
@@ -225,7 +225,7 @@ get_default_signer (ctrl_t ctrl)
{
log_debug ("failed to find default certificate: rc=%d\n", rc);
}
- else
+ else
{
rc = keydb_get_cert (kh, &cert);
if (rc)
@@ -241,7 +241,7 @@ get_default_signer (ctrl_t ctrl)
/* Depending on the options in CTRL add the certificate CERT as well as
other certificate up in the chain to the Root-CA to the CMS
object. */
-static int
+static int
add_certificate_list (ctrl_t ctrl, ksba_cms_t cms, ksba_cert_t cert)
{
gpg_error_t err;
@@ -302,7 +302,7 @@ add_certificate_list (ctrl_t ctrl, ksba_cms_t cms, ksba_cert_t cert)
-/* Perform a sign operation.
+/* Perform a sign operation.
Sign the data received on DATA-FD in embedded mode or in detached
mode when DETACHED is true. Write the signature to OUT_FP. The
@@ -380,7 +380,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (!cert)
{
log_error ("no default signer found\n");
- gpgsm_status2 (ctrl, STATUS_INV_SGNR,
+ gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (GPG_ERR_NO_SECKEY), NULL);
rc = gpg_error (GPG_ERR_GENERAL);
goto leave;
@@ -396,7 +396,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
char *tmpfpr;
tmpfpr = gpgsm_get_fingerprint_hexstring (cert, 0);
- gpgsm_status2 (ctrl, STATUS_INV_SGNR,
+ gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (rc), tmpfpr, NULL);
xfree (tmpfpr);
goto leave;
@@ -442,13 +442,13 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
case GCRY_MD_SHA384: oid = "2.16.840.1.101.3.4.2.2"; break;
case GCRY_MD_SHA512: oid = "2.16.840.1.101.3.4.2.3"; break;
/* case GCRY_MD_WHIRLPOOL: oid = "No OID yet"; break; */
-
+
case GCRY_MD_MD5: /* We don't want to use MD5. */
case 0: /* No algorithm found in cert. */
default: /* Other algorithms. */
log_info (_("hash algorithm %d (%s) for signer %d not supported;"
" using %s\n"),
- cl->hash_algo, oid? oid: "?", i,
+ cl->hash_algo, oid? oid: "?", i,
gcry_md_algo_name (GCRY_MD_SHA1));
cl->hash_algo = GCRY_MD_SHA1;
oid = "1.3.14.3.2.26";
@@ -460,7 +460,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (opt.verbose)
{
for (i=0, cl=signerlist; cl; cl = cl->next, i++)
- log_info (_("hash algorithm used for signer %d: %s (%s)\n"),
+ log_info (_("hash algorithm used for signer %d: %s (%s)\n"),
i, gcry_md_algo_name (cl->hash_algo), cl->hash_algo_oid);
}
@@ -471,7 +471,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
rc = gpgsm_cert_use_sign_p (cl->cert);
if (rc)
goto leave;
-
+
err = ksba_cms_add_signer (cms, cl->cert);
if (err)
{
@@ -505,13 +505,13 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
{
size_t buflen;
char buffer[1];
-
- err = ksba_cert_get_user_data (cl->cert, "is_qualified",
+
+ err = ksba_cert_get_user_data (cl->cert, "is_qualified",
&buffer, sizeof (buffer), &buflen);
if (err || !buflen)
{
log_error (_("checking for qualified certificate failed: %s\n"),
- gpg_strerror (err));
+ gpg_strerror (err));
rc = err;
goto leave;
}
@@ -525,7 +525,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
goto leave;
}
}
-
+
/* Prepare hashing (actually we are figuring out what we have set
above). */
rc = gcry_md_open (&data_md, 0, 0);
@@ -535,7 +535,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
goto leave;
}
if (DBG_HASHING)
- gcry_md_start_debug (data_md, "sign.data");
+ gcry_md_debug (data_md, "sign.data");
for (i=0; (algoid=ksba_cms_get_digest_algo_list (cms, i)); i++)
{
@@ -614,7 +614,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
/* Main building loop. */
- do
+ do
{
err = ksba_cms_build (cms, &stopreason);
if (err)
@@ -625,7 +625,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
}
if (stopreason == KSBA_SR_BEGIN_DATA)
- {
+ {
/* Hash the data and store the message digest. */
unsigned char *digest;
size_t digest_len;
@@ -658,7 +658,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
}
}
else if (stopreason == KSBA_SR_NEED_SIG)
- {
+ {
/* Compute the signature for all signers. */
gcry_md_hd_t md;
@@ -669,7 +669,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
goto leave;
}
if (DBG_HASHING)
- gcry_md_start_debug (md, "sign.attr");
+ gcry_md_debug (md, "sign.attr");
ksba_cms_set_hash_function (cms, HASH_FNC, md);
for (cl=signerlist,signer=0; cl; cl = cl->next, signer++)
{
@@ -685,7 +685,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
for (cl_tmp=signerlist; cl_tmp; cl_tmp = cl_tmp->next)
{
gcry_md_enable (md, cl_tmp->hash_algo);
- audit_log_i (ctrl->audit, AUDIT_ATTR_HASH_ALGO,
+ audit_log_i (ctrl->audit, AUDIT_ATTR_HASH_ALGO,
cl_tmp->hash_algo);
}
}
@@ -698,7 +698,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
gcry_md_close (md);
goto leave;
}
-
+
rc = gpgsm_create_cms_signature (ctrl, cl->cert,
md, cl->hash_algo, &sigval);
if (rc)
@@ -733,8 +733,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
int pkalgo = gpgsm_get_key_algo_info (cl->cert, NULL);
buf = xtryasprintf ("%c %d %d 00 %s %s",
detached? 'D':'S',
- pkalgo,
- cl->hash_algo,
+ pkalgo,
+ cl->hash_algo,
signed_at,
fpr);
if (!buf)
@@ -753,10 +753,10 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
gcry_md_close (md);
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
@@ -774,7 +774,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
gpgsm_release_certlist (signerlist);
ksba_cms_release (cms);
gpgsm_destroy_writer (b64writer);
- keydb_release (kh);
+ keydb_release (kh);
gcry_md_close (data_md);
return rc;
}
diff --git a/sm/verify.c b/sm/verify.c
index c8663e3e6..6bc44d2a6 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -22,7 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include <unistd.h>
+#include <unistd.h>
#include <time.h>
#include <assert.h>
@@ -37,7 +37,7 @@ static char *
strtimestamp_r (ksba_isotime_t atime)
{
char *buffer = xmalloc (15);
-
+
if (!atime || !*atime)
strcpy (buffer, "none");
else
@@ -64,7 +64,7 @@ hash_data (int fd, gcry_md_hd_t md)
return err;
}
- do
+ do
{
nread = fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread);
@@ -160,12 +160,12 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
goto leave;
}
if (DBG_HASHING)
- gcry_md_start_debug (data_md, "vrfy.data");
+ gcry_md_debug (data_md, "vrfy.data");
audit_log (ctrl->audit, AUDIT_SETUP_READY);
is_detached = 0;
- do
+ do
{
rc = ksba_cms_parse (cms, &stopreason);
if (rc)
@@ -184,7 +184,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
if (stopreason == KSBA_SR_NEED_HASH
|| stopreason == KSBA_SR_BEGIN_DATA)
- {
+ {
audit_log (ctrl->audit, AUDIT_GOT_DATA);
/* We are now able to enable the hash algorithms */
@@ -213,7 +213,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
if (opt.extra_digest_algo)
{
if (DBG_X509)
- log_debug ("enabling extra hash algorithm %d\n",
+ log_debug ("enabling extra hash algorithm %d\n",
opt.extra_digest_algo);
gcry_md_enable (data_md, opt.extra_digest_algo);
audit_log_i (ctrl->audit, AUDIT_DATA_HASH_ALGO,
@@ -241,12 +241,12 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
audit_log_ok (ctrl->audit, AUDIT_DATA_HASHING, 0);
}
}
- while (stopreason != KSBA_SR_READY);
+ while (stopreason != KSBA_SR_READY);
if (b64writer)
{
rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
audit_log_ok (ctrl->audit, AUDIT_WRITE_ERROR, rc);
@@ -268,7 +268,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
certificate first before entering it into the DB. This way
we would avoid cluttering the DB with invalid
certificates. */
- audit_log_cert (ctrl->audit, AUDIT_SAVE_CERT, cert,
+ audit_log_cert (ctrl->audit, AUDIT_SAVE_CERT, cert,
keydb_store_cert (cert, 0, NULL));
ksba_cert_release (cert);
}
@@ -344,7 +344,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
&algo, &is_enabled)
|| !is_enabled)
{
- log_error ("digest algo %d (%s) has not been enabled\n",
+ log_error ("digest algo %d (%s) has not been enabled\n",
algo, algoid?algoid:"");
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "unsupported");
goto next_signer;
@@ -355,7 +355,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
assert (!msgdigest);
rc = 0;
algoid = NULL;
- algo = 0;
+ algo = 0;
}
else /* real error */
{
@@ -365,7 +365,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
rc = ksba_cms_get_sigattr_oids (cms, signer,
"1.2.840.113549.1.9.3", &ctattr);
- if (!rc)
+ if (!rc)
{
const char *s;
@@ -484,9 +484,9 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
gpgsm_status (ctrl, STATUS_BADSIG, fpr);
xfree (fpr);
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad");
- goto next_signer;
+ goto next_signer;
}
-
+
audit_log_i (ctrl->audit, AUDIT_ATTR_HASH_ALGO, sigval_hash_algo);
rc = gcry_md_open (&md, sigval_hash_algo, 0);
if (rc)
@@ -496,7 +496,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
goto next_signer;
}
if (DBG_HASHING)
- gcry_md_start_debug (md, "vrfy.attr");
+ gcry_md_debug (md, "vrfy.attr");
ksba_cms_set_hash_function (cms, HASH_FNC, md);
rc = ksba_cms_hash_signed_attrs (cms, signer);
@@ -508,13 +508,13 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error");
goto next_signer;
}
- rc = gpgsm_check_cms_signature (cert, sigval, md,
+ rc = gpgsm_check_cms_signature (cert, sigval, md,
sigval_hash_algo, &info_pkalgo);
gcry_md_close (md);
}
else
{
- rc = gpgsm_check_cms_signature (cert, sigval, data_md,
+ rc = gpgsm_check_cms_signature (cert, sigval, data_md,
algo, &info_pkalgo);
}
@@ -542,7 +542,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
audit_log (ctrl->audit, AUDIT_VALIDATE_CHAIN);
rc = gpgsm_validate_chain (ctrl, cert,
*sigtime? sigtime : "19700101T000000",
- keyexptime, 0,
+ keyexptime, 0,
NULL, 0, &verifyflags);
{
char *fpr, *buf, *tstr;
@@ -555,7 +555,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
}
else
gpgsm_status (ctrl, STATUS_GOODSIG, fpr);
-
+
xfree (fpr);
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
@@ -581,7 +581,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
gpgsm_status_with_err_code (ctrl, STATUS_TRUST_NEVER, NULL,
gpg_err_code (rc));
else
- gpgsm_status_with_err_code (ctrl, STATUS_TRUST_UNDEFINED, NULL,
+ gpgsm_status_with_err_code (ctrl, STATUS_TRUST_UNDEFINED, NULL,
gpg_err_code (rc));
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad");
goto next_signer;
@@ -603,7 +603,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
{
size_t qualbuflen;
char qualbuffer[1];
-
+
rc = ksba_cert_get_user_data (cert, "is_qualified", &qualbuffer,
sizeof (qualbuffer), &qualbuflen);
if (!rc && qualbuflen)
@@ -612,20 +612,20 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
{
log_info (_("This is a qualified signature\n"));
if (!opt.qualsig_approval)
- log_info
+ log_info
(_("Note, that this software is not officially approved "
"to create or verify such signatures.\n"));
}
- }
+ }
else if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
log_error ("get_user_data(is_qualified) failed: %s\n",
- gpg_strerror (rc));
+ gpg_strerror (rc));
}
- gpgsm_status (ctrl, STATUS_TRUST_FULLY,
+ gpgsm_status (ctrl, STATUS_TRUST_FULLY,
(verifyflags & VALIDATE_FLAG_CHAIN_MODEL)?
"0 chain": "0 shell");
-
+
next_signer:
rc = 0;
@@ -642,7 +642,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
ksba_cms_release (cms);
gpgsm_destroy_reader (b64reader);
gpgsm_destroy_writer (b64writer);
- keydb_release (kh);
+ keydb_release (kh);
gcry_md_close (data_md);
if (fp)
fclose (fp);
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 20:25:04 +0000