gpgme/src/decrypt.c

620 lines
16 KiB
C
Raw Normal View History

/* decrypt.c - Decrypt function.
Copyright (C) 2000 Werner Koch (dd9jn)
Copyright (C) 2001, 2002, 2003, 2004, 2017 g10 Code GmbH
2000-11-16 13:15:48 +00:00
This file is part of GPGME.
GPGME is free software; you can redistribute it and/or modify it
2004-12-07 Marcus Brinkmann <marcus@g10code.de> * README: Refer to COPYING.LESSER and "each file" instead of COPYING. * COPYING.LESSER: New file. * gpgme.spec.in (%doc): Add COPYING.LESSER. * acinclude.m4, configure.ac, Makefile.am: Change license to LGPL 2.1 or later. * TODO: Add copyright notice. * README.CVS: Likewise. assuan/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * README.1st: Add copyright notice. doc/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * Makefile.am: Change license to LGPL. (gpgme_TEXINFOS): Replace gpl.texi with lesser.texi. * gpgme.texi: Change license to LGPL (also for documentation of GPGME's license). * lesser.texi: New file. * gpl.texi: File removed. gpgme/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * putc_unlocked.c, funopen.c: I just claim copyright on these files and change their license to LGPL, because they are totally trivial wrapper functions. * isascii.c: Change copyright notice to the one from ctype/ctype.h in the GNU C Library (CVS Head 2004-10-10), where isascii is defined as a macro doing exactly the same as the function in this file. * memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06). * stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10). * ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c, ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c, data.c, data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c, data-user.c, debug.c, debug.h, decrypt.c, decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c, engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c, export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h, key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c, passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c, rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c, util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c, wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change license to LGPL. tests/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * gpg/mkdemodirs: Add copyright notice. * gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c, gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c, gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c, gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c, gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c, gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c, gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c, gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c, gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c, gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c, t-version.c: Change license to LGPL.
2004-12-07 21:13:39 +00:00
under the terms of the GNU Lesser General Public License as
published by the Free Software Foundation; either version 2.1 of
the License, or (at your option) any later version.
GPGME is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
2004-12-07 Marcus Brinkmann <marcus@g10code.de> * README: Refer to COPYING.LESSER and "each file" instead of COPYING. * COPYING.LESSER: New file. * gpgme.spec.in (%doc): Add COPYING.LESSER. * acinclude.m4, configure.ac, Makefile.am: Change license to LGPL 2.1 or later. * TODO: Add copyright notice. * README.CVS: Likewise. assuan/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * README.1st: Add copyright notice. doc/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * Makefile.am: Change license to LGPL. (gpgme_TEXINFOS): Replace gpl.texi with lesser.texi. * gpgme.texi: Change license to LGPL (also for documentation of GPGME's license). * lesser.texi: New file. * gpl.texi: File removed. gpgme/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * putc_unlocked.c, funopen.c: I just claim copyright on these files and change their license to LGPL, because they are totally trivial wrapper functions. * isascii.c: Change copyright notice to the one from ctype/ctype.h in the GNU C Library (CVS Head 2004-10-10), where isascii is defined as a macro doing exactly the same as the function in this file. * memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06). * stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10). * ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c, ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c, data.c, data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c, data-user.c, debug.c, debug.h, decrypt.c, decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c, engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c, export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h, key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c, passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c, rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c, util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c, wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change license to LGPL. tests/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * gpg/mkdemodirs: Add copyright notice. * gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c, gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c, gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c, gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c, gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c, gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c, gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c, gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c, gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c, gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c, t-version.c: Change license to LGPL.
2004-12-07 21:13:39 +00:00
Lesser General Public License for more details.
2004-12-07 Marcus Brinkmann <marcus@g10code.de> * README: Refer to COPYING.LESSER and "each file" instead of COPYING. * COPYING.LESSER: New file. * gpgme.spec.in (%doc): Add COPYING.LESSER. * acinclude.m4, configure.ac, Makefile.am: Change license to LGPL 2.1 or later. * TODO: Add copyright notice. * README.CVS: Likewise. assuan/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * README.1st: Add copyright notice. doc/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * Makefile.am: Change license to LGPL. (gpgme_TEXINFOS): Replace gpl.texi with lesser.texi. * gpgme.texi: Change license to LGPL (also for documentation of GPGME's license). * lesser.texi: New file. * gpl.texi: File removed. gpgme/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * putc_unlocked.c, funopen.c: I just claim copyright on these files and change their license to LGPL, because they are totally trivial wrapper functions. * isascii.c: Change copyright notice to the one from ctype/ctype.h in the GNU C Library (CVS Head 2004-10-10), where isascii is defined as a macro doing exactly the same as the function in this file. * memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06). * stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10). * ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c, ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c, data.c, data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c, data-user.c, debug.c, debug.h, decrypt.c, decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c, engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c, export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h, key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c, passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c, rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c, util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c, wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change license to LGPL. tests/ 2004-12-07 Marcus Brinkmann <marcus@g10code.de> * gpg/mkdemodirs: Add copyright notice. * gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c, gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c, gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c, gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c, gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c, gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c, gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c, gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c, gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c, gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c, t-version.c: Change license to LGPL.
2004-12-07 21:13:39 +00:00
You should have received a copy of the GNU Lesser General Public
License along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
02111-1307, USA. */
#if HAVE_CONFIG_H
2000-11-16 13:15:48 +00:00
#include <config.h>
#endif
2000-11-16 13:15:48 +00:00
#include <stdlib.h>
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
#include <string.h>
#include <errno.h>
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP. * src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const. (gpgme_decrypt_flags_t): New enum. (GPGME_DECRYPT_VERIFY): New const (GPGME_DECRYPT_UNWRAP): New const (gpgme_op_decrypt_ext_start): New func. (gpgme_op_decrypt_ext): New func. * src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New. (gpgme_op_decrypt_ext): New. (decrypt_verify_start): Add arg FLAGS. Replace call to engine_op_decrypt_verify by the plain decrypt with the flag set. (gpgme_op_decrypt_verify_start): Pass the flag. (gpgme_op_decrypt_verify): Pass the flag. * src/decrypt.c (decrypt_start): Rename to ... (_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to engine_op_decrypt. (gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG. (gpgme_op_decrypt_start): Ditto. * src/engine.c (_gpgme_engine_op_decrypt_verify): Remove. (_gpgme_engine_op_decrypt): Add arg FLAGS. * src/gpgme.def, src/libgpgme.vers: Add new functions. * src/engine-backend.h (struct engine_ops): Remove member 'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization. * src/engine-uiserver.c (uiserver_decrypt): Remove. (uiserver_decrypt_verify): Remove. (_uiserver_decrypt): Rename to ... (uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS. * src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP. (gpg_encrypt): Support GPGME_ENCRYPT_WRAP. * tests/run-decrypt.c (main): New option --unwrap. * tests/run-encrypt.c (main): New option --wrap. -- Manual testing of that wrap/unwrap feature can be done this way: ./run-encrypt --verbose --key Alice /etc/motd > x ./run-decrypt --verbose --unwrap x > y ./run-encrypt --verbose --key Bob --wrap y > z 1. The message was first encrypted to Alice. 2. Alice decrypts the message receiving a valid OpenPGP message. 3. Alice encrypt that message to Bob This will also work with encrypted and signed messages; the signature will be kept intact during re-encryption. Requires GnuPG 2.1.12. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 13:36:54 +00:00
#include <assert.h>
2000-11-16 13:15:48 +00:00
#include "debug.h"
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
#include "gpgme.h"
#include "util.h"
2000-11-16 13:15:48 +00:00
#include "context.h"
#include "ops.h"
core: Blank out the plaintext after decryption failure. * src/data.h (data_prop_t): New enum. (struct gpgme_data): Add field propidx. * src/data.c (property_t): New. (property_table, property_table_size, property_table_lock): New. (insert_into_property_table): New. (remove_from_property_table): New. (_gpgme_data_get_dserial): New. (_gpgme_data_set_prop): New. (_gpgme_data_get_prop): New. (_gpgme_data_new): Connect new object to property_table. (_gpgme_data_release): Remove from property_table. (gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer. * src/data-mem.c (gpgme_data_release_and_get_mem): Likewise. * src/decrypt.c (struct op_data): Add field plaintext_dserial. (_gpgme_op_decrypt_init_result): Add arg plaintext and init new field. (_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption failure. (_gpgme_decrypt_start): Pass PLAIN to the init function. * src/decrypt-verify.c (decrypt_verify_start): Ditto. * configure.ac: Check for stdint.h and bail out if uint64_t is not available. -- This is a best effort feature to not output plaintext after a decryption failure (e.g. due to no or broken authenticated encryption). It always work when using a memory object and reading it after the decryption but it can't work reliable when the user is reading from the data object while the decryption process is still running. This is quite a large change because the data objects and the context objects are allowed to be owned by different threads. Thus a synchronization is needed and we do this with a global table of all data objects to which the context objects can do soft-linking via a unique data object serial number. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 15:38:50 +00:00
#include "data.h"
2000-11-16 13:15:48 +00:00
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
typedef struct
{
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
struct _gpgme_op_decrypt_result result;
/* The error code from a FAILURE status line or 0. */
gpg_error_t failure_code;
int okay;
/* A flag telling that the a decryption failed and an optional error
* code to further specify the failure. */
int failed;
gpg_error_t pkdecrypt_failed;
/* At least one secret key is not available. gpg issues NO_SECKEY
* status lines for each key the message has been encrypted to but
* that secret key is not available. This can't be done for hidden
* recipients, though. We track it here to allow for a better error
* message than the general DECRYPTION_FAILED. */
int any_no_seckey;
/* If the engine emits a DECRYPTION_INFO status and that does not
* indicate that an integrity protection mode is active, this flag
* is set. */
int not_integrity_protected;
/* The error code from the first ERROR line. This is in some cases
* used to return a better matching error code to the caller. */
gpg_error_t first_status_error;
/* A pointer to the next pointer of the last recipient in the list.
This makes appending new invalid signers painless while
preserving the order. */
gpgme_recipient_t *last_recipient_p;
core: Blank out the plaintext after decryption failure. * src/data.h (data_prop_t): New enum. (struct gpgme_data): Add field propidx. * src/data.c (property_t): New. (property_table, property_table_size, property_table_lock): New. (insert_into_property_table): New. (remove_from_property_table): New. (_gpgme_data_get_dserial): New. (_gpgme_data_set_prop): New. (_gpgme_data_get_prop): New. (_gpgme_data_new): Connect new object to property_table. (_gpgme_data_release): Remove from property_table. (gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer. * src/data-mem.c (gpgme_data_release_and_get_mem): Likewise. * src/decrypt.c (struct op_data): Add field plaintext_dserial. (_gpgme_op_decrypt_init_result): Add arg plaintext and init new field. (_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption failure. (_gpgme_decrypt_start): Pass PLAIN to the init function. * src/decrypt-verify.c (decrypt_verify_start): Ditto. * configure.ac: Check for stdint.h and bail out if uint64_t is not available. -- This is a best effort feature to not output plaintext after a decryption failure (e.g. due to no or broken authenticated encryption). It always work when using a memory object and reading it after the decryption but it can't work reliable when the user is reading from the data object while the decryption process is still running. This is quite a large change because the data objects and the context objects are allowed to be owned by different threads. Thus a synchronization is needed and we do this with a global table of all data objects to which the context objects can do soft-linking via a unique data object serial number. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 15:38:50 +00:00
/* The data object serial number of the plaintext. */
uint64_t plaintext_dserial;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
} *op_data_t;
2000-11-16 13:15:48 +00:00
2002-02-02 Marcus Brinkmann <marcus@g10code.de> This patch has gotten a bit large... mmh. The main thing that happens here is that error values are now not determined in the operation function after gpgme_wait completed, but in the status handler when EOF is received. It should always be the case that either an error is flagged or EOF is received, so that after a gpgme_wait you should never have the situation that no error is flagged and EOF is not received. One problem is that the engine status handlers don't have access to the context, a horrible kludge works around this for now. All errors that happen during a pending operation should be catched and reported in ctx->error, including out-of-core and cancellation. This rounds up neatly a couple of loose ends, and makes it possible to pass up any errors in the communication with the backend as well. As a bonus, there will be a function to access gpgme->wait, so that the operations can truly be implemented with their _start function. * engine-gpgsm.c (gpgsm_status_handler): Horrible kludge to report error back to the context. * rungpg.c (gpg_status_handler): Same horrible kludge applied here. * engine-gpgsm.c (gpgsm_assuan_simple_command): Add error checking. * wait.c (_gpgme_wait_on_condition): If canceled, set CTX->error to a value indication that. * verify.c (add_notation): Set error, not out_of_core. (finish_sig): Likewise. (gpgme_op_verify_start): Don't clear out_of_core. (_gpgme_verify_status_handler): At EOF, clean up the notation data. (gpgme_op_verify): And don't do it here. * trustlist.c (trustlist_status_handler): Check error, not out_of_core. (gpgme_op_trustlist_start): Don't clear out_of_core. (gpgme_op_trustlist_next): Check error, not out_of_core. (gpgme_op_trustlist_end): Likewise. * ops.h (test_and_allocate_result): New macro. (_gpgme_passphrase_result): Remove prototype. * delete.c (gpgme_op_delete): Return error from context. (delete_status_handler): Use macro test_and_allocate_result. Perform error checking at EOF. (gpgme_op_delete_start): Release result. * passphrase.c (_gpgme_passphrase_status_handler): Use macro test_and_allocate_result, and perform error checking here. (_gpgme_passphrase_result): Function removed. * sign.c (gpgme_op_sign_start): Do not set out_of_core to zero. (gpgme_op_sign): Just return the error value from the context. (sign_status_handler): Only progress if no error is set yet. If we process an EOF, set the resulting error value (if any). * decrypt.c (_gpgme_decrypt_result): Function removed. (create_result_struct): Function removed. (_gpgme_decrypt_status_handler): Use macro test_and_allocate_result, caclulate error on EOF, do not progress with errors. (_gpgme_decrypt_start): Do not set out_of_core to zero. (gpgme_op_decrypt): Just return the error value from the context. * encrypt.c (encrypt_status_handler): Perform the error checking here. (gpgme_op_encrypt_start): Do not clear out_of_core. * export.c (export_status_handler): Return if error is set in context. (gpgme_op_export_start): Release result. (gpgme_op_export): Return error from context. * decrypt-verify.c (gpgme_op_decrypt_verify): Return the error in the context. * genkey.c (genkey_status_handler): Use macro test_and_allocate_result. Perform error checking at EOF. (gpgme_op_genkey): Just return the error from context. * import.c (gpgme_op_import): Return the error from context. (import_status_handler): Use macro test_and_allocate_result. * keylist.c (gpgme_op_keylist_start): Do not clear out_of_core. (gpgme_op_keylist_next): Return error of context. (keylist_colon_handler): Set error instead out_of_code. (finish_key): Likewise. * context.h: Remove member out_of_core, add member error. * gpgme.c (_gpgme_release_result): Clear error flag. * engine.h (_gpgme_engine_get_error): New prototype. * engine.c (_gpgme_engine_get_error): New function. * engine-gpgsm.c (_gpgme_gpgsm_get_error): New function. * engine-gpgsm.c (map_assuan_error): New function. (gpgsm_assuan_simple_command): Change return type to GpgmeError, use the new function to map error values. (gpgsm_set_fd): Change return type tp GpgmeError. (_gpgme_gpgsm_op_decrypt): Change type of ERR to GpgmeError. (gpgsm_set_recipients): Likewise. Change type of return value equivalently. Adjust error values. (_gpgme_gpgsm_op_import): Likewise. (_gpgme_gpgsm_op_sign): Likewise. (struct gpgsm_object_s): New member error. (gpgsm_status_handler): Set error if error occurs. Determine error number from ERR line received. If assuan_read_line fails, terminate the connection.
2002-02-02 03:52:59 +00:00
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
static void
release_op_data (void *hook)
{
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
op_data_t opd = (op_data_t) hook;
gpgme_recipient_t recipient = opd->result.recipients;
free (opd->result.unsupported_algorithm);
free (opd->result.file_name);
free (opd->result.session_key);
free (opd->result.symkey_algo);
core: Enable extraction of session keys. * src/gpgme.c (gpgme_set_export_session_keys): New function. (gpgme_get_export_session_keys): New function. * src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key member. (gpgme_{set,get}_export_session_keys): Declare new functions. * src/libgpgme.vers, src/gpgme.def: Export new functions in shared object. * src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key parameter. (_gpgme_engine_op_decrypt_verify): Add export_session_key parameter. * src/engine-backend.h: (struct engine_ops): Change function pointer declarations to match. * src/context.h (struct gpgme_context): Add export_session_keys member. * src/decrypt.c (release_op_data): Free result.session_key. (_gpgme_decrypt_status_handler): Store a copy of the exported session key. (decrypt_start): Pass export_session_keys from the context. * src/decrypt-verify.c (decrypt_verify_start): Pass export_session_keys from context. * src/engine.c (_gpgme_engine_op_decrypt): Pass through export_session_key flag. (_gpgme_engine_op_decrypt_verify): Pass through export_session_key flag. * src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add --export-session-key to argument list. * src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for now, since gpgsm offers no such mechanism. * src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is set, add --export-session-key flag to cmd. * doc/gpgme.texi: Document new functions and session_key member of decrypt_result_t. * doc/uiserver.texi: Add --export-session-key flag to DECRYPT command. -- gpg(1) documents session key export as useful for key escrow, and is rightly dubious of that use case. However, session key export is also useful in other use cases. Two examples from MUA development (where this functionality would be specifically useful to me right now): * If the MUA stores a local copy of the session key upon decrypting the message, it can re-decrypt the message without expensive asymmetric operations. When rendering a thread with dozens of encrypted messages, this can represent a significant speedup. * A user may have expired encryption-capable secret key material, along with many messages encrypted to that material. If she stores the session keys for those messages she wants to keep, she can destroy her secret key material and make any messages she has deleted completely unrecoverable, even to an attacker who gets her remaining secret keys in the future. This patchset makes a two specific implementation decisions that could have gone in different ways. I welcome feedback on preferred outcomes. 0) session key representation: we currently represent the session key as an opaque textual string, rather than trying to provide any sort of in-memory structure. While it wouldn't be hard to parse the data produced by gpg's --export-session-key, I chose to use the opaque string rather than lock in a particular data format. 1) API/ABI: i've added a member to gpgme_op_decrypt_result_t. This has the potential to cause an out-of-bound memory access if someone uses code compiled against the newer verision, but linked at runtime against an older version. I've attempted to limit that risk by documenting that users must verify gpgme_get_export_session_keys() before accessing this new struct member -- this means that code expecting this capability will require the symbol at link-time, and will refuse to link against older versions. Another approach to solving this problem would be to avoid modifying gpgme_op_decrypt_result_t, and to introduce instead a new function gpgme_op_session_key(), which could be called in the same places as gpgme_op_decrypt_result(). Depending on the representation of the session key, this might introduce new memory-management burdens on the user of the library, and the session key is certainly part of a decryption result, so it seemed simpler to go with what i have here. If anyone has strong preferences that these choices should be solved in a different way, i'm happy to hear them. Additionally, I note that i'm also still pretty unclear about how the "UI Server" fits into this whole ecosystem. In particular, I don't know whether it's kosher to just add an --export-session-key flag to the DECRYPT operation without actually having implemented it anywhere, but i don't see where i would actually implement it either :/ If this patch (or some variant) is adopted, i will supply another patch that permits offering a session key during decryption (e.g. "gpg --override-session-key"), but I wanted to get these implementation choices ironed out first. Gnupg-Bug-Id: 2754 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> On the concern of adding a new field to a structure: It may not be clearly documented but we don't expect that a user ever allocates such a structure - those result structure may only be created bu gpgme and are read-only for the user. Adding a new member constitutes a compatible ABI change and thus an older SO may not be used by code compiled with a header for the newer API. Unless someone tinkers with the build system, this should never happen. We have added new fields to result structure may times and I can't remember any problems. - wk
2016-11-11 07:49:28 +00:00
while (recipient)
{
gpgme_recipient_t next = recipient->next;
free (recipient);
recipient = next;
}
}
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_decrypt_result_t
gpgme_op_decrypt_result (gpgme_ctx_t ctx)
{
2003-05-27 02:54:36 +00:00
void *hook;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
op_data_t opd;
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_error_t err;
TRACE_BEG (DEBUG_CTX, "gpgme_op_decrypt_result", ctx);
ctx->ignore_mdc_error = 0; /* Always reset this flag. */
2003-05-27 02:54:36 +00:00
err = _gpgme_op_data_lookup (ctx, OPDATA_DECRYPT, &hook, -1, NULL);
opd = hook;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
if (err || !opd)
{
TRACE_SUC0 ("result=(null)");
return NULL;
}
/* Make sure that SYMKEY_ALGO has a value. */
if (!opd->result.symkey_algo)
{
opd->result.symkey_algo = strdup ("?.?");
if (!opd->result.symkey_algo)
{
TRACE_SUC0 ("result=(null)");
return NULL;
}
}
if (_gpgme_debug_trace ())
{
gpgme_recipient_t rcp;
if (opd->result.unsupported_algorithm)
{
TRACE_LOG1 ("result: unsupported_algorithm: %s",
opd->result.unsupported_algorithm);
}
if (opd->result.wrong_key_usage)
{
TRACE_LOG ("result: wrong key usage");
}
rcp = opd->result.recipients;
while (rcp)
{
TRACE_LOG3 ("result: recipient: keyid=%s, pubkey_algo=%i, "
"status=%s", rcp->keyid, rcp->pubkey_algo,
gpg_strerror (rcp->status));
rcp = rcp->next;
}
if (opd->result.file_name)
{
TRACE_LOG1 ("result: original file name: %s", opd->result.file_name);
}
}
2000-11-16 13:15:48 +00:00
TRACE_SUC1 ("result=%p", &opd->result);
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
return &opd->result;
}
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
/* Parse the ARGS of an error status line and record some error
* conditions at OPD. Returns 0 on success. */
static gpgme_error_t
parse_status_error (char *args, op_data_t opd)
{
gpgme_error_t err;
char *field[3];
int nfields;
char *args2;
if (!args)
return trace_gpg_error (GPG_ERR_INV_ENGINE);
args2 = strdup (args); /* Split modifies the input string. */
nfields = _gpgme_split_fields (args2, field, DIM (field));
if (nfields < 1)
{
free (args2);
return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing. */
}
err = nfields < 2 ? 0 : atoi (field[1]);
if (!strcmp (field[0], "decrypt.algorithm"))
{
if (gpg_err_code (err) == GPG_ERR_UNSUPPORTED_ALGORITHM
&& nfields > 2
&& strcmp (field[2], "?"))
{
opd->result.unsupported_algorithm = strdup (field[2]);
if (!opd->result.unsupported_algorithm)
{
free (args2);
return gpg_error_from_syserror ();
}
}
}
else if (!strcmp (field[0], "decrypt.keyusage"))
{
if (gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE)
opd->result.wrong_key_usage = 1;
}
else if (!strcmp (field[0], "pkdecrypt_failed"))
{
switch (gpg_err_code (err))
{
case GPG_ERR_CANCELED:
case GPG_ERR_FULLY_CANCELED:
/* It is better to return with a cancel error code than the
* general decryption failed error code. */
opd->pkdecrypt_failed = gpg_err_make (gpg_err_source (err),
GPG_ERR_CANCELED);
break;
case GPG_ERR_BAD_PASSPHRASE:
/* A bad passphrase is severe enough that we return this
* error code. */
opd->pkdecrypt_failed = err;
break;
default:
/* For now all other error codes are ignored and the
* standard DECRYPT_FAILED is returned. */
break;
}
}
else if (!strcmp (field[0], "nomdc_with_legacy_cipher"))
{
opd->result.legacy_cipher_nomdc = 1;
opd->not_integrity_protected = 1;
}
/* Record the first error code. */
if (err && !opd->first_status_error)
opd->first_status_error = err;
free (args2);
return 0;
}
static gpgme_error_t
parse_enc_to (char *args, gpgme_recipient_t *recp, gpgme_protocol_t protocol)
{
gpgme_recipient_t rec;
char *tail;
int i;
rec = malloc (sizeof (*rec));
if (!rec)
return gpg_error_from_syserror ();
rec->next = NULL;
rec->keyid = rec->_keyid;
rec->status = 0;
for (i = 0; i < sizeof (rec->_keyid) - 1; i++)
{
if (args[i] == '\0' || args[i] == ' ')
break;
rec->_keyid[i] = args[i];
}
rec->_keyid[i] = '\0';
args = &args[i];
if (*args != '\0' && *args != ' ')
{
free (rec);
return trace_gpg_error (GPG_ERR_INV_ENGINE);
}
while (*args == ' ')
args++;
if (*args)
{
gpg_err_set_errno (0);
rec->pubkey_algo = _gpgme_map_pk_algo (strtol (args, &tail, 0), protocol);
if (errno || args == tail || *tail != ' ')
{
/* The crypto backend does not behave. */
free (rec);
return trace_gpg_error (GPG_ERR_INV_ENGINE);
}
}
/* FIXME: The key length is always 0 right now, so no need to parse
it. */
*recp = rec;
return 0;
}
/* Parse the ARGS of a
* DECRYPTION_INFO <mdc_method> <sym_algo> [<aead_algo>]
* status. Returns 0 on success and updates the OPD.
*/
static gpgme_error_t
parse_decryption_info (char *args, op_data_t opd, gpgme_protocol_t protocol)
{
char *field[3];
int nfields;
char *args2;
int mdc, aead_algo;
const char *algostr, *modestr;
if (!args)
return trace_gpg_error (GPG_ERR_INV_ENGINE);
args2 = strdup (args); /* Split modifies the input string. */
nfields = _gpgme_split_fields (args2, field, DIM (field));
if (nfields < 2)
{
free (args2);
return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing. */
}
mdc = atoi (field[0]);
algostr = _gpgme_cipher_algo_name (atoi (field[1]), protocol);
aead_algo = nfields < 3? 0 : atoi (field[2]);
modestr = _gpgme_cipher_mode_name (aead_algo, protocol);
free (args2);
free (opd->result.symkey_algo);
if (!aead_algo && mdc != 2)
opd->result.symkey_algo = _gpgme_strconcat (algostr, ".PGPCFB", NULL);
else
opd->result.symkey_algo = _gpgme_strconcat (algostr, ".", modestr, NULL);
if (!opd->result.symkey_algo)
return gpg_error_from_syserror ();
if (!mdc && !aead_algo)
opd->not_integrity_protected = 1;
return 0;
}
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_error_t
2003-05-18 21:08:43 +00:00
_gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
char *args)
2000-11-16 13:15:48 +00:00
{
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_ctx_t ctx = (gpgme_ctx_t) priv;
gpgme_error_t err;
2003-05-27 02:54:36 +00:00
void *hook;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
op_data_t opd;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
err = _gpgme_passphrase_status_handler (priv, code, args);
if (err)
return err;
2003-05-27 02:54:36 +00:00
err = _gpgme_op_data_lookup (ctx, OPDATA_DECRYPT, &hook, -1, NULL);
opd = hook;
doc/ 2003-01-29 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (I/O Callback Interface): Document new even GPGME_EVENT_START. (Waiting For Completion): Document new possible return values. (I/O Callback Interface): Document return type of GpgmeIOCb. gpgme/ 2003-01-29 Marcus Brinkmann <marcus@g10code.de> * context.h (gpgme_context_s): Remove member ERROR. * types.h (GpgmeStatusHandler): Change return type to GpgmeError. (GpgmeCommandHandler): Change return type to GpgmeError and add new argument RESULT. * gpgme.h (GpgmeIOCb): Change return type to GpgmeError. (GpgmeEventIO): New event GPGME_EVENT_START. (GpgmeIdleFunc): Remove type. (gpgme_register_idle): Remove prototype. * data.c: Include <assert.h>. (_gpgme_data_inbound_handler): Change return type to GpgmeError. Return any error instead ignoring it, don't close file descriptor on error. (_gpgme_data_outbound_handler): Likewise. * decrypt.c: Do not include <stdio.h>, <string.h> and <assert.h>. (_gpgme_decrypt_status_handler): Change return type to GpgmeError. Return error instead setting ctx->error. Return success at end of function. (gpgme_op_decrypt): Don't work around the old kludge anymore. * decrypt-verify.c (decrypt_verify_status_handler): Change return type to GpgmeError. Return possible errors. * delete.c: Do not include <stdio.h>, <string.h>, <time.h> and <assert.h>. (delete_status_handler): Change return type to GpgmeError. Return error instead setting ctx->error. Return success at end of function. * edit.c: Do not include <stdio.h> and <string.h>. (_gpgme_edit_status_handler): Change type to GpgmeError, make static and rename to ... (edit_status_handler): ... this. Return error directly. (command_handler): Change return type to GpgmeError, add result argument. Return error directly. * encrypt.c (status_handler_finish): Remove function. (_gpgme_encrypt_status_handler): Change return type to GpgmeError. Return error directly. (_gpgme_encrypt_sym_status_handler): Likewise. * encrypt-sign.c (encrypt_sign_status_handler): Likewise. * engine-gpgsm.c (close_notify_handler): Do not signal done event anymore. (status_handler): Change return type to GpgmeError. Diddle things around a bit to return errors directly. (start): Send start event. * export.c: Do not include <stdio.h>, <string.h> and <assert.h>. (export_status_handler): Change return type to GpgmeError. Don't check ctx->error. * genkey.c: Do not include <stdio.h> and <assert.h>. (genkey_status_handler): Change return type to GpgmeError. Don't check ctx->error. Return errors directly. * gpgme.c (_gpgme_release_result): Do not initialize ctx->error. (_gpgme_op_event_cb): Function removed. (_gpgme_op_event_cb_user): Likewise. * import.c: Do not include <stdio.h>, <string.h> and <assert.h>. (import_status_handler): Change return type to GpgmeError. Don't check ctx->error. * keylist.c (keylist_colon_handler, keylist_status_handler, finish_key): Change return type to GpgmeError, return error directly. * Makefile (libgpgme_la_SOURCES): Add wait-global.c, wait-private.c and wait-user.c * ops.h (test_and_allocate_result): Return error instead setting ctx->error. (_gpgme_data_inbound_handler, _gpgme_data_outbound_handler, _gpgme_verify_status_handler, _gpgme_decrypt_status_handler, _gpgme_sign_status_handler, _gpgme_encrypt_staus_handler, _gpgme_passphrase_status_handler, _gpgme_progress_status_handler): Change return type to GpgmeError. (_gpgme_passphease_command_handler): Change return type to GpgmeError and add new argument RESULT. * op-support.c: Use new callback functions, and change private data to ctx everywhere. * passphrase.c (_gpgme_passphrase_status_handler): Change return type to GpgmeError, return error directly. (_gpgme_passphrase_command_handler): Change return type to GpgmeError, add result argument. Return results accordingly. * progress.c (_gpgme_progress_status_handler): Change return type to GpgmeError, return errors directly. * rungpg.c (status_handler): Change return type to GpgmeError. Return error directly. (close_notify_handler): Don't send done event. (colon_line_handler): Change return type to GpgmeError, return errors directly. * rungpg.c (start): Send start event. * sign.c (_gpgme_sign_status_handler): Change return type to GpgmeError, return errors directly. * trustlist.c (trustlist_status_handler): Change return type to GpgmeError. Return 0. (trustlist_colon_handler): Change return type GpgmeError. Return errors directly. * verify.c (add_notation): Change return type to GpgmeError, return errors directly. (_gpgme_verify_status_handler): Likewise. * wait.h (struct fd_table): Remove lock member. (struct wait_item_s): Moved here from wait.c. (struct tag): New structure. (_gpgme_wait_event_cb): Remove prototype. (_gpgme_wait_private_event_cb, _gpgme_wait_global_event_cb, _gpgme_wait_user_add_io_cb, _gpgme_wait_user_remove_io_cb, _gpgme_wait_user_event_io_cb): New prototypes. * wait.c: Don't include <stdio.h>. (ftd_global, ctx_done_list, ctx_done_list_size, ctx_done_list_length, ctx_done_list_lock, idle_function): Remove global variable. (gpgme_register_idle, do_select, _gpgme_wait_event_cb): Remove function. (gpgme_wait): Move to file wait-global.c. (_gpgme_add_io_cb): Take ctx as private argument, initialize ctx member in wait item and tag. (_gpgme_remove_io_cb): Take ctx from tag. Don't use FDT lock. (_gpgme_wait_one, _gpgme_wait_on_condition): Move to wait-private.c. (gpgme_fd_table_init): Don't initialize FDT->lock. (gpgme_fd_table_deinit): Don't destroy FDT->lock. (_gpgme_fd_table_put): Make static and rename to ... (fd_table_put): ... this function. Don't use FDT->lock. (struct wait_item_s): Move to wait.h. * wait-global.c: New file. * wait-private.c: New file. * wait-user.c: New file.
2003-01-29 15:20:58 +00:00
if (err)
return err;
2000-11-16 13:15:48 +00:00
switch (code)
{
case GPGME_STATUS_FAILURE:
opd->failure_code = _gpgme_parse_failure (args);
break;
2002-07-28 Marcus Brinkmann <marcus@g10code.de> * data.c (gpgme_data_read): For GPGME_DATA_TYPE_NONE, return EOF instead an error. The following changes make it possible to flush an inbound data pipe before invoking a command handler: * posix-io.c (_gpgme_io_select): Accept new argument NONBLOCK to _gpgme_io_select. Set timeout of 0 if this is set. * w32-io.c (_gpgme_io_select): Likewise. * io.h: Add new argument NONBLOCK to _gpgme_io_select prototype. * wait.c (do_select): Add new argument to _gpgme_io_select invocation. * rungpg.h (_gpgme_gpg_set_command_handler): Add new argument linked_data to prototype. * engine.h (_gpgme_engine_set_command_handler): Likewise. * engine.c (_gpgme_engine_set_command_handler): Likewise. * passphrase.c (_gpgme_passphrase_start): Pass NULL as linked_data argument to _gpgme_engine_set_command_handler. * rungpg.c (struct gpg_object_s): New members linked_data and linked_idx in CMD. (_gpgme_gpg_new): Initialize those new members. (_gpgme_gpg_set_command_handler): Accept new argument linked_data. (build_argv): Handle linked_data in the same hack as cb_data. (read_status): If linked_data is in use, flush the pipe before activating the command handler. * gpgme.h: Add prototypes for gpgme_op_edit_start and gpgme_op_edit. The next changes export the status codes to the user: * decrypt.c (_gpgme_decrypt_status_handler): Likewise, also prefix all STATUS_ with GPGME_. * delete.c (delete_status_handler): Likewise. * decrypt-verify.c (decrypt_verify_status_handler): Likewise. * encrypt.c (_gpgme_encrypt_status_handler): Likewise. (_gpgme_encrypt_sym_status_handler): Likewise. * encrypt-sign.c (encrypt_sign_status_handler): Likewise. * engine-gpgsm.c (parse_status): Likewise. (gpgsm_status_handler): Likewise. (gpgsm_set_recipients): Likewise. * export.c (export_status_handler): Likewise. * genkey.c (genkey_status_handler): Likewise. * import.c (append_xml_impinfo): Likewise. (import_status_handler): Likewise. * keylist.c (keylist_status_handler): Likewise. * passphrase.c (_gpgme_passphrase_status_handler): Likewise. (command_handler): Likewise. * progress.c (_gpgme_progress_status_handler): Likewise. * sign.c (_gpgme_sign_status_handler): Likewise. * trustlist.c (trustlist_status_handler): Likewise. * verify.c (_gpgme_verify_status_handler): Likewise. * gpgme.h (GpgmeEditCb): New type. * rungpg.h (GpgStatusCode): Rename and move to ... * gpgme.h (GpgmeStatusCode): ... this and here. * Makefile.am (status-table.h): Run mkstatus on gpgme.h, not rungpg.h. * mkstatus: Prefix STATUS with GPGME_. * rungpg.h (GpgStatusHandler, GpgCommandHandler): Change type accordingly. * ops.h (_gpgme_verify_status_handler, _gpgme_decrypt_status_handler, _gpgme_sign_status_handler, _gpgme_encrypt_status_handler, _gpgme_passphrase_status_handler, _gpgme_progress_status_handler): Likewise. * rungpg.c (struct gpg_object_s): Likewise for CMD.code. These changes add an edit operation to GPGME: * context.h (struct gpgme_context_s): New member RESULT.edit. * ops.h: Add prototype for _gpgme_release_edit_result and _gpgme_passphrase_command_handler. * passphrase.c (command_handler): Make non-static and rename to ... (_gpgme_passphrase_command_handler): ... this. (_gpgme_passphrase_start): Use new name for command handler. * types.h: Add EditResult type. * gpgme.c (_gpgme_release_result): Release EDIT result. * edit.c: New file. * Makefile.am (libgpgme_la_SOURCES): Add edit.c. (libgpgme_la_LDADD): Rename to libgpgme_la_LIBADD, and include assuan_libobjs. (assuan_libobjs): New variable, set this instead libgpgme_la_LIBADD. * engine.h (_gpgme_engine_op_edit): New prototype. * engine.c (_gpgme_engine_op_edit): New function. * rungpg.h (_gpgme_gpg_op_edit): New prototype. * rungpg.c (_gpgme_gpg_op_edit): New function.
2002-07-28 18:41:02 +00:00
case GPGME_STATUS_EOF:
/* We force an encryption failure if we know that integrity
* protection is missing. For modern version of gpg using
* modern cipher algorithms this is not required because gpg
* will issue a failure anyway. However older gpg versions emit
* only a warning.
* Fixme: These error values should probably be attributed to
* the underlying crypto engine (as error source). */
if (opd->failed)
{
/* This comes from a specialized ERROR status line. */
if (opd->pkdecrypt_failed)
return opd->pkdecrypt_failed;
/* For an integrity failure return just DECRYPTION_FAILED;
* the actual cause can be taken from an already set
* decryption result flag. */
if ((opd->not_integrity_protected && !ctx->ignore_mdc_error))
return gpg_error (GPG_ERR_DECRYPT_FAILED);
/* If we have any other ERROR code we prefer that over
* NO_SECKEY because it is probably the better matching
* code. For example a garbled message with multiple
* plaintext will return BAD_DATA here but may also have
* indicated a NO_SECKEY. */
if (opd->first_status_error)
return opd->first_status_error;
/* No secret key is pretty common reason. */
if (opd->any_no_seckey)
return gpg_error (GPG_ERR_NO_SECKEY);
/* Generic decryption failed error code. */
return gpg_error (GPG_ERR_DECRYPT_FAILED);
}
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
else if (!opd->okay)
{
/* No data was found. */
return gpg_error (GPG_ERR_NO_DATA);
}
else if (opd->failure_code)
{
/* The engine returned failure code at program exit. */
return opd->failure_code;
}
break;
2001-01-11 11:56:34 +00:00
case GPGME_STATUS_DECRYPTION_INFO:
err = parse_decryption_info (args, opd, ctx->protocol);
if (err)
return err;
break;
2002-07-28 Marcus Brinkmann <marcus@g10code.de> * data.c (gpgme_data_read): For GPGME_DATA_TYPE_NONE, return EOF instead an error. The following changes make it possible to flush an inbound data pipe before invoking a command handler: * posix-io.c (_gpgme_io_select): Accept new argument NONBLOCK to _gpgme_io_select. Set timeout of 0 if this is set. * w32-io.c (_gpgme_io_select): Likewise. * io.h: Add new argument NONBLOCK to _gpgme_io_select prototype. * wait.c (do_select): Add new argument to _gpgme_io_select invocation. * rungpg.h (_gpgme_gpg_set_command_handler): Add new argument linked_data to prototype. * engine.h (_gpgme_engine_set_command_handler): Likewise. * engine.c (_gpgme_engine_set_command_handler): Likewise. * passphrase.c (_gpgme_passphrase_start): Pass NULL as linked_data argument to _gpgme_engine_set_command_handler. * rungpg.c (struct gpg_object_s): New members linked_data and linked_idx in CMD. (_gpgme_gpg_new): Initialize those new members. (_gpgme_gpg_set_command_handler): Accept new argument linked_data. (build_argv): Handle linked_data in the same hack as cb_data. (read_status): If linked_data is in use, flush the pipe before activating the command handler. * gpgme.h: Add prototypes for gpgme_op_edit_start and gpgme_op_edit. The next changes export the status codes to the user: * decrypt.c (_gpgme_decrypt_status_handler): Likewise, also prefix all STATUS_ with GPGME_. * delete.c (delete_status_handler): Likewise. * decrypt-verify.c (decrypt_verify_status_handler): Likewise. * encrypt.c (_gpgme_encrypt_status_handler): Likewise. (_gpgme_encrypt_sym_status_handler): Likewise. * encrypt-sign.c (encrypt_sign_status_handler): Likewise. * engine-gpgsm.c (parse_status): Likewise. (gpgsm_status_handler): Likewise. (gpgsm_set_recipients): Likewise. * export.c (export_status_handler): Likewise. * genkey.c (genkey_status_handler): Likewise. * import.c (append_xml_impinfo): Likewise. (import_status_handler): Likewise. * keylist.c (keylist_status_handler): Likewise. * passphrase.c (_gpgme_passphrase_status_handler): Likewise. (command_handler): Likewise. * progress.c (_gpgme_progress_status_handler): Likewise. * sign.c (_gpgme_sign_status_handler): Likewise. * trustlist.c (trustlist_status_handler): Likewise. * verify.c (_gpgme_verify_status_handler): Likewise. * gpgme.h (GpgmeEditCb): New type. * rungpg.h (GpgStatusCode): Rename and move to ... * gpgme.h (GpgmeStatusCode): ... this and here. * Makefile.am (status-table.h): Run mkstatus on gpgme.h, not rungpg.h. * mkstatus: Prefix STATUS with GPGME_. * rungpg.h (GpgStatusHandler, GpgCommandHandler): Change type accordingly. * ops.h (_gpgme_verify_status_handler, _gpgme_decrypt_status_handler, _gpgme_sign_status_handler, _gpgme_encrypt_status_handler, _gpgme_passphrase_status_handler, _gpgme_progress_status_handler): Likewise. * rungpg.c (struct gpg_object_s): Likewise for CMD.code. These changes add an edit operation to GPGME: * context.h (struct gpgme_context_s): New member RESULT.edit. * ops.h: Add prototype for _gpgme_release_edit_result and _gpgme_passphrase_command_handler. * passphrase.c (command_handler): Make non-static and rename to ... (_gpgme_passphrase_command_handler): ... this. (_gpgme_passphrase_start): Use new name for command handler. * types.h: Add EditResult type. * gpgme.c (_gpgme_release_result): Release EDIT result. * edit.c: New file. * Makefile.am (libgpgme_la_SOURCES): Add edit.c. (libgpgme_la_LDADD): Rename to libgpgme_la_LIBADD, and include assuan_libobjs. (assuan_libobjs): New variable, set this instead libgpgme_la_LIBADD. * engine.h (_gpgme_engine_op_edit): New prototype. * engine.c (_gpgme_engine_op_edit): New function. * rungpg.h (_gpgme_gpg_op_edit): New prototype. * rungpg.c (_gpgme_gpg_op_edit): New function.
2002-07-28 18:41:02 +00:00
case GPGME_STATUS_DECRYPTION_OKAY:
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
opd->okay = 1;
break;
2002-07-28 Marcus Brinkmann <marcus@g10code.de> * data.c (gpgme_data_read): For GPGME_DATA_TYPE_NONE, return EOF instead an error. The following changes make it possible to flush an inbound data pipe before invoking a command handler: * posix-io.c (_gpgme_io_select): Accept new argument NONBLOCK to _gpgme_io_select. Set timeout of 0 if this is set. * w32-io.c (_gpgme_io_select): Likewise. * io.h: Add new argument NONBLOCK to _gpgme_io_select prototype. * wait.c (do_select): Add new argument to _gpgme_io_select invocation. * rungpg.h (_gpgme_gpg_set_command_handler): Add new argument linked_data to prototype. * engine.h (_gpgme_engine_set_command_handler): Likewise. * engine.c (_gpgme_engine_set_command_handler): Likewise. * passphrase.c (_gpgme_passphrase_start): Pass NULL as linked_data argument to _gpgme_engine_set_command_handler. * rungpg.c (struct gpg_object_s): New members linked_data and linked_idx in CMD. (_gpgme_gpg_new): Initialize those new members. (_gpgme_gpg_set_command_handler): Accept new argument linked_data. (build_argv): Handle linked_data in the same hack as cb_data. (read_status): If linked_data is in use, flush the pipe before activating the command handler. * gpgme.h: Add prototypes for gpgme_op_edit_start and gpgme_op_edit. The next changes export the status codes to the user: * decrypt.c (_gpgme_decrypt_status_handler): Likewise, also prefix all STATUS_ with GPGME_. * delete.c (delete_status_handler): Likewise. * decrypt-verify.c (decrypt_verify_status_handler): Likewise. * encrypt.c (_gpgme_encrypt_status_handler): Likewise. (_gpgme_encrypt_sym_status_handler): Likewise. * encrypt-sign.c (encrypt_sign_status_handler): Likewise. * engine-gpgsm.c (parse_status): Likewise. (gpgsm_status_handler): Likewise. (gpgsm_set_recipients): Likewise. * export.c (export_status_handler): Likewise. * genkey.c (genkey_status_handler): Likewise. * import.c (append_xml_impinfo): Likewise. (import_status_handler): Likewise. * keylist.c (keylist_status_handler): Likewise. * passphrase.c (_gpgme_passphrase_status_handler): Likewise. (command_handler): Likewise. * progress.c (_gpgme_progress_status_handler): Likewise. * sign.c (_gpgme_sign_status_handler): Likewise. * trustlist.c (trustlist_status_handler): Likewise. * verify.c (_gpgme_verify_status_handler): Likewise. * gpgme.h (GpgmeEditCb): New type. * rungpg.h (GpgStatusCode): Rename and move to ... * gpgme.h (GpgmeStatusCode): ... this and here. * Makefile.am (status-table.h): Run mkstatus on gpgme.h, not rungpg.h. * mkstatus: Prefix STATUS with GPGME_. * rungpg.h (GpgStatusHandler, GpgCommandHandler): Change type accordingly. * ops.h (_gpgme_verify_status_handler, _gpgme_decrypt_status_handler, _gpgme_sign_status_handler, _gpgme_encrypt_status_handler, _gpgme_passphrase_status_handler, _gpgme_progress_status_handler): Likewise. * rungpg.c (struct gpg_object_s): Likewise for CMD.code. These changes add an edit operation to GPGME: * context.h (struct gpgme_context_s): New member RESULT.edit. * ops.h: Add prototype for _gpgme_release_edit_result and _gpgme_passphrase_command_handler. * passphrase.c (command_handler): Make non-static and rename to ... (_gpgme_passphrase_command_handler): ... this. (_gpgme_passphrase_start): Use new name for command handler. * types.h: Add EditResult type. * gpgme.c (_gpgme_release_result): Release EDIT result. * edit.c: New file. * Makefile.am (libgpgme_la_SOURCES): Add edit.c. (libgpgme_la_LDADD): Rename to libgpgme_la_LIBADD, and include assuan_libobjs. (assuan_libobjs): New variable, set this instead libgpgme_la_LIBADD. * engine.h (_gpgme_engine_op_edit): New prototype. * engine.c (_gpgme_engine_op_edit): New function. * rungpg.h (_gpgme_gpg_op_edit): New prototype. * rungpg.c (_gpgme_gpg_op_edit): New function.
2002-07-28 18:41:02 +00:00
case GPGME_STATUS_DECRYPTION_FAILED:
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
opd->failed = 1;
core: Blank out the plaintext after decryption failure. * src/data.h (data_prop_t): New enum. (struct gpgme_data): Add field propidx. * src/data.c (property_t): New. (property_table, property_table_size, property_table_lock): New. (insert_into_property_table): New. (remove_from_property_table): New. (_gpgme_data_get_dserial): New. (_gpgme_data_set_prop): New. (_gpgme_data_get_prop): New. (_gpgme_data_new): Connect new object to property_table. (_gpgme_data_release): Remove from property_table. (gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer. * src/data-mem.c (gpgme_data_release_and_get_mem): Likewise. * src/decrypt.c (struct op_data): Add field plaintext_dserial. (_gpgme_op_decrypt_init_result): Add arg plaintext and init new field. (_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption failure. (_gpgme_decrypt_start): Pass PLAIN to the init function. * src/decrypt-verify.c (decrypt_verify_start): Ditto. * configure.ac: Check for stdint.h and bail out if uint64_t is not available. -- This is a best effort feature to not output plaintext after a decryption failure (e.g. due to no or broken authenticated encryption). It always work when using a memory object and reading it after the decryption but it can't work reliable when the user is reading from the data object while the decryption process is still running. This is quite a large change because the data objects and the context objects are allowed to be owned by different threads. Thus a synchronization is needed and we do this with a global table of all data objects to which the context objects can do soft-linking via a unique data object serial number. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 15:38:50 +00:00
/* Tell the data object that it shall not return any data. We
* use the serial number because the data object may be owned by
* another thread. We also don't check for an error because it
* is possible that the data object has already been destroyed
* and we are then not interested in returning an error. */
if (!ctx->ignore_mdc_error)
_gpgme_data_set_prop (NULL, opd->plaintext_dserial,
DATA_PROP_BLANKOUT, 1);
break;
case GPGME_STATUS_ERROR:
/* Note that this is an informational status code which should
* not lead to an error return unless it is something not
* related to the backend. However, it is used to return a
* better matching final error code. */
err = parse_status_error (args, opd);
if (err)
return err;
break;
case GPGME_STATUS_ENC_TO:
err = parse_enc_to (args, opd->last_recipient_p, ctx->protocol);
if (err)
return err;
opd->last_recipient_p = &(*opd->last_recipient_p)->next;
break;
core: Enable extraction of session keys. * src/gpgme.c (gpgme_set_export_session_keys): New function. (gpgme_get_export_session_keys): New function. * src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key member. (gpgme_{set,get}_export_session_keys): Declare new functions. * src/libgpgme.vers, src/gpgme.def: Export new functions in shared object. * src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key parameter. (_gpgme_engine_op_decrypt_verify): Add export_session_key parameter. * src/engine-backend.h: (struct engine_ops): Change function pointer declarations to match. * src/context.h (struct gpgme_context): Add export_session_keys member. * src/decrypt.c (release_op_data): Free result.session_key. (_gpgme_decrypt_status_handler): Store a copy of the exported session key. (decrypt_start): Pass export_session_keys from the context. * src/decrypt-verify.c (decrypt_verify_start): Pass export_session_keys from context. * src/engine.c (_gpgme_engine_op_decrypt): Pass through export_session_key flag. (_gpgme_engine_op_decrypt_verify): Pass through export_session_key flag. * src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add --export-session-key to argument list. * src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for now, since gpgsm offers no such mechanism. * src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is set, add --export-session-key flag to cmd. * doc/gpgme.texi: Document new functions and session_key member of decrypt_result_t. * doc/uiserver.texi: Add --export-session-key flag to DECRYPT command. -- gpg(1) documents session key export as useful for key escrow, and is rightly dubious of that use case. However, session key export is also useful in other use cases. Two examples from MUA development (where this functionality would be specifically useful to me right now): * If the MUA stores a local copy of the session key upon decrypting the message, it can re-decrypt the message without expensive asymmetric operations. When rendering a thread with dozens of encrypted messages, this can represent a significant speedup. * A user may have expired encryption-capable secret key material, along with many messages encrypted to that material. If she stores the session keys for those messages she wants to keep, she can destroy her secret key material and make any messages she has deleted completely unrecoverable, even to an attacker who gets her remaining secret keys in the future. This patchset makes a two specific implementation decisions that could have gone in different ways. I welcome feedback on preferred outcomes. 0) session key representation: we currently represent the session key as an opaque textual string, rather than trying to provide any sort of in-memory structure. While it wouldn't be hard to parse the data produced by gpg's --export-session-key, I chose to use the opaque string rather than lock in a particular data format. 1) API/ABI: i've added a member to gpgme_op_decrypt_result_t. This has the potential to cause an out-of-bound memory access if someone uses code compiled against the newer verision, but linked at runtime against an older version. I've attempted to limit that risk by documenting that users must verify gpgme_get_export_session_keys() before accessing this new struct member -- this means that code expecting this capability will require the symbol at link-time, and will refuse to link against older versions. Another approach to solving this problem would be to avoid modifying gpgme_op_decrypt_result_t, and to introduce instead a new function gpgme_op_session_key(), which could be called in the same places as gpgme_op_decrypt_result(). Depending on the representation of the session key, this might introduce new memory-management burdens on the user of the library, and the session key is certainly part of a decryption result, so it seemed simpler to go with what i have here. If anyone has strong preferences that these choices should be solved in a different way, i'm happy to hear them. Additionally, I note that i'm also still pretty unclear about how the "UI Server" fits into this whole ecosystem. In particular, I don't know whether it's kosher to just add an --export-session-key flag to the DECRYPT operation without actually having implemented it anywhere, but i don't see where i would actually implement it either :/ If this patch (or some variant) is adopted, i will supply another patch that permits offering a session key during decryption (e.g. "gpg --override-session-key"), but I wanted to get these implementation choices ironed out first. Gnupg-Bug-Id: 2754 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> On the concern of adding a new field to a structure: It may not be clearly documented but we don't expect that a user ever allocates such a structure - those result structure may only be created bu gpgme and are read-only for the user. Adding a new member constitutes a compatible ABI change and thus an older SO may not be used by code compiled with a header for the newer API. Unless someone tinkers with the build system, this should never happen. We have added new fields to result structure may times and I can't remember any problems. - wk
2016-11-11 07:49:28 +00:00
case GPGME_STATUS_SESSION_KEY:
if (opd->result.session_key)
free (opd->result.session_key);
opd->result.session_key = strdup(args);
break;
case GPGME_STATUS_NO_SECKEY:
{
gpgme_recipient_t rec = opd->result.recipients;
while (rec)
{
if (!strcmp (rec->keyid, args))
{
rec->status = gpg_error (GPG_ERR_NO_SECKEY);
break;
}
rec = rec->next;
}
/* FIXME: Is this ok? */
if (!rec)
return trace_gpg_error (GPG_ERR_INV_ENGINE);
opd->any_no_seckey = 1;
}
break;
case GPGME_STATUS_PLAINTEXT:
{
int mime = 0;
err = _gpgme_parse_plaintext (args, &opd->result.file_name, &mime);
if (err)
return err;
opd->result.is_mime = !!mime;
}
break;
case GPGME_STATUS_INQUIRE_MAXLEN:
api: Add new function gpgme_set_ctx_flag. * src/gpgme.h.in (gpgme_set_ctx_flag): New prototype. * src/gpgme.c (gpgme_set_ctx_flag): New. * src/gpgme.def, src/libgpgme.vers: Add new function. * src/context.h (struct gpgme_context): Add FULL_STATUS. * src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the status callback if FULL_STATUS is set. * src/genkey.c (genkey_status_handler): Ditto. * src/passphrase.c (_gpgme_passphrase_status_handler): Ditto. * src/sign.c (_gpgme_sign_status_handler): Ditto. * src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add adjust all definitions of that variable. * src/engine.c (_gpgme_engine_set_status_cb): New. * src/op-support.c (_gpgme_op_reset): Call this function. * src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and MON_CB_VALUE. (gpg_set_status_cb): New. (_gpgme_engine_ops_gpg): Register that function. (read_status): Call the monitor callback. * src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and MON_CB_VALUE. (_gpgme_engine_ops_gpgsm): Register that function. (gpgsm_assuan_simple_command): Change first arg to be an engine context and adjust call callers. Call the monitor callback. * src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB and MON_CB_VALUE. (_gpgme_engine_ops_uiserver): Register that function. (uiserver_assuan_simple_command): Change first arg to be an engine context and adjust call callers. Call the monitor callback. * tests/run-verify.c (status_cb): New. (print_result): Print algo names. (main): Add option --status. -- This new feature is mainly intended for bug tracking. Having access to the raw status lines might also be useful for applications, though. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-19 15:01:07 +00:00
if (ctx->status_cb && !ctx->full_status)
{
err = ctx->status_cb (ctx->status_cb_value, "INQUIRE_MAXLEN", args);
if (err)
return err;
}
break;
case GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE:
PARSE_COMPLIANCE_FLAGS (args, &opd->result);
break;
default:
break;
}
doc/ 2003-01-29 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (I/O Callback Interface): Document new even GPGME_EVENT_START. (Waiting For Completion): Document new possible return values. (I/O Callback Interface): Document return type of GpgmeIOCb. gpgme/ 2003-01-29 Marcus Brinkmann <marcus@g10code.de> * context.h (gpgme_context_s): Remove member ERROR. * types.h (GpgmeStatusHandler): Change return type to GpgmeError. (GpgmeCommandHandler): Change return type to GpgmeError and add new argument RESULT. * gpgme.h (GpgmeIOCb): Change return type to GpgmeError. (GpgmeEventIO): New event GPGME_EVENT_START. (GpgmeIdleFunc): Remove type. (gpgme_register_idle): Remove prototype. * data.c: Include <assert.h>. (_gpgme_data_inbound_handler): Change return type to GpgmeError. Return any error instead ignoring it, don't close file descriptor on error. (_gpgme_data_outbound_handler): Likewise. * decrypt.c: Do not include <stdio.h>, <string.h> and <assert.h>. (_gpgme_decrypt_status_handler): Change return type to GpgmeError. Return error instead setting ctx->error. Return success at end of function. (gpgme_op_decrypt): Don't work around the old kludge anymore. * decrypt-verify.c (decrypt_verify_status_handler): Change return type to GpgmeError. Return possible errors. * delete.c: Do not include <stdio.h>, <string.h>, <time.h> and <assert.h>. (delete_status_handler): Change return type to GpgmeError. Return error instead setting ctx->error. Return success at end of function. * edit.c: Do not include <stdio.h> and <string.h>. (_gpgme_edit_status_handler): Change type to GpgmeError, make static and rename to ... (edit_status_handler): ... this. Return error directly. (command_handler): Change return type to GpgmeError, add result argument. Return error directly. * encrypt.c (status_handler_finish): Remove function. (_gpgme_encrypt_status_handler): Change return type to GpgmeError. Return error directly. (_gpgme_encrypt_sym_status_handler): Likewise. * encrypt-sign.c (encrypt_sign_status_handler): Likewise. * engine-gpgsm.c (close_notify_handler): Do not signal done event anymore. (status_handler): Change return type to GpgmeError. Diddle things around a bit to return errors directly. (start): Send start event. * export.c: Do not include <stdio.h>, <string.h> and <assert.h>. (export_status_handler): Change return type to GpgmeError. Don't check ctx->error. * genkey.c: Do not include <stdio.h> and <assert.h>. (genkey_status_handler): Change return type to GpgmeError. Don't check ctx->error. Return errors directly. * gpgme.c (_gpgme_release_result): Do not initialize ctx->error. (_gpgme_op_event_cb): Function removed. (_gpgme_op_event_cb_user): Likewise. * import.c: Do not include <stdio.h>, <string.h> and <assert.h>. (import_status_handler): Change return type to GpgmeError. Don't check ctx->error. * keylist.c (keylist_colon_handler, keylist_status_handler, finish_key): Change return type to GpgmeError, return error directly. * Makefile (libgpgme_la_SOURCES): Add wait-global.c, wait-private.c and wait-user.c * ops.h (test_and_allocate_result): Return error instead setting ctx->error. (_gpgme_data_inbound_handler, _gpgme_data_outbound_handler, _gpgme_verify_status_handler, _gpgme_decrypt_status_handler, _gpgme_sign_status_handler, _gpgme_encrypt_staus_handler, _gpgme_passphrase_status_handler, _gpgme_progress_status_handler): Change return type to GpgmeError. (_gpgme_passphease_command_handler): Change return type to GpgmeError and add new argument RESULT. * op-support.c: Use new callback functions, and change private data to ctx everywhere. * passphrase.c (_gpgme_passphrase_status_handler): Change return type to GpgmeError, return error directly. (_gpgme_passphrase_command_handler): Change return type to GpgmeError, add result argument. Return results accordingly. * progress.c (_gpgme_progress_status_handler): Change return type to GpgmeError, return errors directly. * rungpg.c (status_handler): Change return type to GpgmeError. Return error directly. (close_notify_handler): Don't send done event. (colon_line_handler): Change return type to GpgmeError, return errors directly. * rungpg.c (start): Send start event. * sign.c (_gpgme_sign_status_handler): Change return type to GpgmeError, return errors directly. * trustlist.c (trustlist_status_handler): Change return type to GpgmeError. Return 0. (trustlist_colon_handler): Change return type GpgmeError. Return errors directly. * verify.c (add_notation): Change return type to GpgmeError, return errors directly. (_gpgme_verify_status_handler): Likewise. * wait.h (struct fd_table): Remove lock member. (struct wait_item_s): Moved here from wait.c. (struct tag): New structure. (_gpgme_wait_event_cb): Remove prototype. (_gpgme_wait_private_event_cb, _gpgme_wait_global_event_cb, _gpgme_wait_user_add_io_cb, _gpgme_wait_user_remove_io_cb, _gpgme_wait_user_event_io_cb): New prototypes. * wait.c: Don't include <stdio.h>. (ftd_global, ctx_done_list, ctx_done_list_size, ctx_done_list_length, ctx_done_list_lock, idle_function): Remove global variable. (gpgme_register_idle, do_select, _gpgme_wait_event_cb): Remove function. (gpgme_wait): Move to file wait-global.c. (_gpgme_add_io_cb): Take ctx as private argument, initialize ctx member in wait item and tag. (_gpgme_remove_io_cb): Take ctx from tag. Don't use FDT lock. (_gpgme_wait_one, _gpgme_wait_on_condition): Move to wait-private.c. (gpgme_fd_table_init): Don't initialize FDT->lock. (gpgme_fd_table_deinit): Don't destroy FDT->lock. (_gpgme_fd_table_put): Make static and rename to ... (fd_table_put): ... this function. Don't use FDT->lock. (struct wait_item_s): Move to wait.h. * wait-global.c: New file. * wait-private.c: New file. * wait-user.c: New file.
2003-01-29 15:20:58 +00:00
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
return 0;
}
2002-02-02 Marcus Brinkmann <marcus@g10code.de> This patch has gotten a bit large... mmh. The main thing that happens here is that error values are now not determined in the operation function after gpgme_wait completed, but in the status handler when EOF is received. It should always be the case that either an error is flagged or EOF is received, so that after a gpgme_wait you should never have the situation that no error is flagged and EOF is not received. One problem is that the engine status handlers don't have access to the context, a horrible kludge works around this for now. All errors that happen during a pending operation should be catched and reported in ctx->error, including out-of-core and cancellation. This rounds up neatly a couple of loose ends, and makes it possible to pass up any errors in the communication with the backend as well. As a bonus, there will be a function to access gpgme->wait, so that the operations can truly be implemented with their _start function. * engine-gpgsm.c (gpgsm_status_handler): Horrible kludge to report error back to the context. * rungpg.c (gpg_status_handler): Same horrible kludge applied here. * engine-gpgsm.c (gpgsm_assuan_simple_command): Add error checking. * wait.c (_gpgme_wait_on_condition): If canceled, set CTX->error to a value indication that. * verify.c (add_notation): Set error, not out_of_core. (finish_sig): Likewise. (gpgme_op_verify_start): Don't clear out_of_core. (_gpgme_verify_status_handler): At EOF, clean up the notation data. (gpgme_op_verify): And don't do it here. * trustlist.c (trustlist_status_handler): Check error, not out_of_core. (gpgme_op_trustlist_start): Don't clear out_of_core. (gpgme_op_trustlist_next): Check error, not out_of_core. (gpgme_op_trustlist_end): Likewise. * ops.h (test_and_allocate_result): New macro. (_gpgme_passphrase_result): Remove prototype. * delete.c (gpgme_op_delete): Return error from context. (delete_status_handler): Use macro test_and_allocate_result. Perform error checking at EOF. (gpgme_op_delete_start): Release result. * passphrase.c (_gpgme_passphrase_status_handler): Use macro test_and_allocate_result, and perform error checking here. (_gpgme_passphrase_result): Function removed. * sign.c (gpgme_op_sign_start): Do not set out_of_core to zero. (gpgme_op_sign): Just return the error value from the context. (sign_status_handler): Only progress if no error is set yet. If we process an EOF, set the resulting error value (if any). * decrypt.c (_gpgme_decrypt_result): Function removed. (create_result_struct): Function removed. (_gpgme_decrypt_status_handler): Use macro test_and_allocate_result, caclulate error on EOF, do not progress with errors. (_gpgme_decrypt_start): Do not set out_of_core to zero. (gpgme_op_decrypt): Just return the error value from the context. * encrypt.c (encrypt_status_handler): Perform the error checking here. (gpgme_op_encrypt_start): Do not clear out_of_core. * export.c (export_status_handler): Return if error is set in context. (gpgme_op_export_start): Release result. (gpgme_op_export): Return error from context. * decrypt-verify.c (gpgme_op_decrypt_verify): Return the error in the context. * genkey.c (genkey_status_handler): Use macro test_and_allocate_result. Perform error checking at EOF. (gpgme_op_genkey): Just return the error from context. * import.c (gpgme_op_import): Return the error from context. (import_status_handler): Use macro test_and_allocate_result. * keylist.c (gpgme_op_keylist_start): Do not clear out_of_core. (gpgme_op_keylist_next): Return error of context. (keylist_colon_handler): Set error instead out_of_code. (finish_key): Likewise. * context.h: Remove member out_of_core, add member error. * gpgme.c (_gpgme_release_result): Clear error flag. * engine.h (_gpgme_engine_get_error): New prototype. * engine.c (_gpgme_engine_get_error): New function. * engine-gpgsm.c (_gpgme_gpgsm_get_error): New function. * engine-gpgsm.c (map_assuan_error): New function. (gpgsm_assuan_simple_command): Change return type to GpgmeError, use the new function to map error values. (gpgsm_set_fd): Change return type tp GpgmeError. (_gpgme_gpgsm_op_decrypt): Change type of ERR to GpgmeError. (gpgsm_set_recipients): Likewise. Change type of return value equivalently. Adjust error values. (_gpgme_gpgsm_op_import): Likewise. (_gpgme_gpgsm_op_sign): Likewise. (struct gpgsm_object_s): New member error. (gpgsm_status_handler): Set error if error occurs. Determine error number from ERR line received. If assuan_read_line fails, terminate the connection.
2002-02-02 03:52:59 +00:00
static gpgme_error_t
decrypt_status_handler (void *priv, gpgme_status_code_t code, char *args)
{
gpgme_error_t err;
err = _gpgme_progress_status_handler (priv, code, args);
if (!err)
err = _gpgme_decrypt_status_handler (priv, code, args);
return err;
}
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_error_t
core: Blank out the plaintext after decryption failure. * src/data.h (data_prop_t): New enum. (struct gpgme_data): Add field propidx. * src/data.c (property_t): New. (property_table, property_table_size, property_table_lock): New. (insert_into_property_table): New. (remove_from_property_table): New. (_gpgme_data_get_dserial): New. (_gpgme_data_set_prop): New. (_gpgme_data_get_prop): New. (_gpgme_data_new): Connect new object to property_table. (_gpgme_data_release): Remove from property_table. (gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer. * src/data-mem.c (gpgme_data_release_and_get_mem): Likewise. * src/decrypt.c (struct op_data): Add field plaintext_dserial. (_gpgme_op_decrypt_init_result): Add arg plaintext and init new field. (_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption failure. (_gpgme_decrypt_start): Pass PLAIN to the init function. * src/decrypt-verify.c (decrypt_verify_start): Ditto. * configure.ac: Check for stdint.h and bail out if uint64_t is not available. -- This is a best effort feature to not output plaintext after a decryption failure (e.g. due to no or broken authenticated encryption). It always work when using a memory object and reading it after the decryption but it can't work reliable when the user is reading from the data object while the decryption process is still running. This is quite a large change because the data objects and the context objects are allowed to be owned by different threads. Thus a synchronization is needed and we do this with a global table of all data objects to which the context objects can do soft-linking via a unique data object serial number. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 15:38:50 +00:00
_gpgme_op_decrypt_init_result (gpgme_ctx_t ctx, gpgme_data_t plaintext)
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
{
gpgme_error_t err;
2003-05-27 02:54:36 +00:00
void *hook;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
op_data_t opd;
err = _gpgme_op_data_lookup (ctx, OPDATA_DECRYPT, &hook,
sizeof (*opd), release_op_data);
opd = hook;
if (err)
return err;
opd->last_recipient_p = &opd->result.recipients;
core: Blank out the plaintext after decryption failure. * src/data.h (data_prop_t): New enum. (struct gpgme_data): Add field propidx. * src/data.c (property_t): New. (property_table, property_table_size, property_table_lock): New. (insert_into_property_table): New. (remove_from_property_table): New. (_gpgme_data_get_dserial): New. (_gpgme_data_set_prop): New. (_gpgme_data_get_prop): New. (_gpgme_data_new): Connect new object to property_table. (_gpgme_data_release): Remove from property_table. (gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer. * src/data-mem.c (gpgme_data_release_and_get_mem): Likewise. * src/decrypt.c (struct op_data): Add field plaintext_dserial. (_gpgme_op_decrypt_init_result): Add arg plaintext and init new field. (_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption failure. (_gpgme_decrypt_start): Pass PLAIN to the init function. * src/decrypt-verify.c (decrypt_verify_start): Ditto. * configure.ac: Check for stdint.h and bail out if uint64_t is not available. -- This is a best effort feature to not output plaintext after a decryption failure (e.g. due to no or broken authenticated encryption). It always work when using a memory object and reading it after the decryption but it can't work reliable when the user is reading from the data object while the decryption process is still running. This is quite a large change because the data objects and the context objects are allowed to be owned by different threads. Thus a synchronization is needed and we do this with a global table of all data objects to which the context objects can do soft-linking via a unique data object serial number. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 15:38:50 +00:00
opd->plaintext_dserial = _gpgme_data_get_dserial (plaintext);
return 0;
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
}
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP. * src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const. (gpgme_decrypt_flags_t): New enum. (GPGME_DECRYPT_VERIFY): New const (GPGME_DECRYPT_UNWRAP): New const (gpgme_op_decrypt_ext_start): New func. (gpgme_op_decrypt_ext): New func. * src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New. (gpgme_op_decrypt_ext): New. (decrypt_verify_start): Add arg FLAGS. Replace call to engine_op_decrypt_verify by the plain decrypt with the flag set. (gpgme_op_decrypt_verify_start): Pass the flag. (gpgme_op_decrypt_verify): Pass the flag. * src/decrypt.c (decrypt_start): Rename to ... (_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to engine_op_decrypt. (gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG. (gpgme_op_decrypt_start): Ditto. * src/engine.c (_gpgme_engine_op_decrypt_verify): Remove. (_gpgme_engine_op_decrypt): Add arg FLAGS. * src/gpgme.def, src/libgpgme.vers: Add new functions. * src/engine-backend.h (struct engine_ops): Remove member 'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization. * src/engine-uiserver.c (uiserver_decrypt): Remove. (uiserver_decrypt_verify): Remove. (_uiserver_decrypt): Rename to ... (uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS. * src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP. (gpg_encrypt): Support GPGME_ENCRYPT_WRAP. * tests/run-decrypt.c (main): New option --unwrap. * tests/run-encrypt.c (main): New option --wrap. -- Manual testing of that wrap/unwrap feature can be done this way: ./run-encrypt --verbose --key Alice /etc/motd > x ./run-decrypt --verbose --unwrap x > y ./run-encrypt --verbose --key Bob --wrap y > z 1. The message was first encrypted to Alice. 2. Alice decrypts the message receiving a valid OpenPGP message. 3. Alice encrypt that message to Bob This will also work with encrypted and signed messages; the signature will be kept intact during re-encryption. Requires GnuPG 2.1.12. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 13:36:54 +00:00
gpgme_error_t
_gpgme_decrypt_start (gpgme_ctx_t ctx, int synchronous,
gpgme_decrypt_flags_t flags,
gpgme_data_t cipher, gpgme_data_t plain)
2000-11-16 13:15:48 +00:00
{
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_error_t err;
2000-11-16 13:15:48 +00:00
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP. * src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const. (gpgme_decrypt_flags_t): New enum. (GPGME_DECRYPT_VERIFY): New const (GPGME_DECRYPT_UNWRAP): New const (gpgme_op_decrypt_ext_start): New func. (gpgme_op_decrypt_ext): New func. * src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New. (gpgme_op_decrypt_ext): New. (decrypt_verify_start): Add arg FLAGS. Replace call to engine_op_decrypt_verify by the plain decrypt with the flag set. (gpgme_op_decrypt_verify_start): Pass the flag. (gpgme_op_decrypt_verify): Pass the flag. * src/decrypt.c (decrypt_start): Rename to ... (_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to engine_op_decrypt. (gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG. (gpgme_op_decrypt_start): Ditto. * src/engine.c (_gpgme_engine_op_decrypt_verify): Remove. (_gpgme_engine_op_decrypt): Add arg FLAGS. * src/gpgme.def, src/libgpgme.vers: Add new functions. * src/engine-backend.h (struct engine_ops): Remove member 'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization. * src/engine-uiserver.c (uiserver_decrypt): Remove. (uiserver_decrypt_verify): Remove. (_uiserver_decrypt): Rename to ... (uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS. * src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP. (gpg_encrypt): Support GPGME_ENCRYPT_WRAP. * tests/run-decrypt.c (main): New option --unwrap. * tests/run-encrypt.c (main): New option --wrap. -- Manual testing of that wrap/unwrap feature can be done this way: ./run-encrypt --verbose --key Alice /etc/motd > x ./run-decrypt --verbose --unwrap x > y ./run-encrypt --verbose --key Bob --wrap y > z 1. The message was first encrypted to Alice. 2. Alice decrypts the message receiving a valid OpenPGP message. 3. Alice encrypt that message to Bob This will also work with encrypted and signed messages; the signature will be kept intact during re-encryption. Requires GnuPG 2.1.12. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 13:36:54 +00:00
assert (!(flags & GPGME_DECRYPT_VERIFY));
2002-06-10 Marcus Brinkmann <marcus@g10code.de> * engine-gpgsm.c (_gpgme_gpgsm_start): Move the code that sets the close notification for the status fd to ... (_gpgme_gpgsm_new): ... here. * wait.h: Include "sema.h". Remove prototypes of _gpgme_remove_proc_from_wait_queue and _gpgme_register_pipe_handler. Add prototypes of _gpgme_fd_table_init, _gpgme_fd_table_deinit, _gpgme_fd_table_put, _gpgme_add_io_cb, _gpgme_remove_io_cb, _gpgme_wait_event_cb and _gpgme_wait_one.. * wait.c: Remove global variables PROC_QUEUE, PROC_QUEUE_LOCK, FD_TABLE_SIZE, FD_TABLE, FD_TABLE_LOCK. New global variables FDT_GLOBAL, CTX_DONE_LIST, CTX_DONE_LIST_SIZE, CTX_DONE_LIST_LENGTH and CTX_DONE_LIST_LOCK. Remove struct proc_s. Replace struct wait_item_s. (_gpgme_fd_table_init): New function. (_gpgme_fd_table_deinit): Likewise. (_gpgme_fd_table_put): Likewise. (set_process_done): Remove function. (do_select): Take argument FDT. Use that to decide which fds to select on. (_gpgme_remove_proc_from_wait_queue): Remove function. (_gpgme_wait_event_cb): New function. (_gpgme_wait_one): Likewise. (_gpgme_register_pipe_hanldler): Remove function. (_gpgme_add_io_cb): New function. (_gpgme_remove_io_cb): Likewise. (_gpgme_freeze_fd): Remove function. (_gpgme_thaw_fd): Remove function. * rungpg.c (struct fd_data_map_s): Add new member TAG. (struct gpg_object_s): Likewise for STATUS and COLON. Add member IDX to CMD. Add new member IO_CBS. (close_notify_handler): New variables POSSIBLY_DONE and NOT_DONE. For each I/O callback, check if it should be unregistered. If all callbacks have been unregistered, trigger GPGME_EVENT_DONE. Remove member RUNNING. (_gpgme_gpg_new): Initialize new members. (_gpgme_gpg_release): Check PID not RUNNING. Don't call _gpgme_remove_proc_from_wait_queue. Close GPG->CMD.FD if set. (build_argv): Store away the index instead the file descriptor for CMD. (_gpgme_gpg_add_io_cb): New function. (_gpgme_gpg_spawn): Use _gpgme_gpg_add_io_cb to register IO callbacks. (gpg_status_handler): Change return type to void, remove PID argument, close filedescriptor if EOF or error occurs. (read_status): Use _gpgme_gpg_add_io_cb instead _gpgme_thaw_fd. Use IO_CBS->remove instead _gpgme_freeze_fd. (gpg_colon_line_handler): Change return type to void, remove PID argument, close filedescriptor if EOF or error occurs. (command_cb): Use IO_CBS->remove instead _gpgme_freeze_fd. (_gpgme_gpg_set_io_cbs): New function. * rungpg.h (_gpgme_gpg_set_io_cbs): Prototype for _gpgme_gpg_set_io_cbs. * gpgme.h (GpgmeIOCb): New type. (GpgmeRegisterIOCb): Likewise. (GpgmeRemoveIOCb): Likewise. (GpgmeEventIO): Likewise. (GpgmeEventIOCb): Likewise. (struct GpgmeIOCbs): New structure to hold I/O callbacks. (gpgme_set_op_io_cbs): New prototype. (gpgme_get_op_io_cbs): Likewise. * ops.h: New prototype for _gpgme_op_event_cb. Remove prototypes for _gpgme_freeze_fd and _gpgme_thaw_fd. Remove PID argument from _gpgme_data_inbound_handler and _gpgme_data_outbound_handler prototype. Add prototype for _gpgme_op_reset. Add synchronous argument to _gpgme_decrypt_start prototype. * io.h: Beautification. * gpgme.c: Include "wait.h". (gpgme_new): Initialize FDT. (gpgme_set_io_cbs): New function. (gpgme_get_io_cbs): Likewise. (_gpgme_op_event_cb): Likewise. * data.c (_gpgme_data_inbound_handler): Change return type to void. Drop PID argument. Close FD on error and EOF. (write_mem_data): Don't close FD here ... (write_cb_data): ... or here ... (_gpgme_data_outbound_handler): ... but here. Change return type to void. Drop PID argument. * context.h: Include "wait.h". (struct gpgme_context_s): New members FDT and IO_CBS. * op-support.c: New file. * Makefile.am (libgpgme_la_SOURCES): Add op-support.c. * ops.h: Add prototype for _gpgme_op_reset(). * decrypt.c (_gpgme_decrypt_start): New argument SYNCHRONOUS. Use _gpgme_op_reset. (gpgme_op_decrypt_start): Add synchronous argument. (gpgme_op_decrypt): Likewise. Use _gpgme_wait_one instead gpgme_wait. * delete.c (gpgme_op_delete_start): Rename to ... (_gpgme_op_delete_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_delete_start): Just a wrapper around _gpgme_op_delete_start now. (gpgme_op_delete): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * encrypt.c: Include "wait.h". (ggpgme_op_encrypt_start): Rename to ... (_gpgme_op_encrypt_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_encrypt_start): Just a wrapper around _gpgme_op_encrypt_start now. (gpgme_op_encrypt): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * encrypt_sign.c (gpgme_op_encrypt_sign_start): Rename to ... (_gpgme_op_encrypt_sign_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_encrypt_sign_start): Just a wrapper around _gpgme_op_encrypt_sign_start now. (gpgme_op_encrypt_sign): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * export.c (gpgme_op_export_start): Rename to ... (_gpgme_op_export_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_export_start): Just a wrapper around _gpgme_op_export_start now. (gpgme_op_export): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * genkey.c (gpgme_op_genkey_start): Rename to ... (_gpgme_op_genkey_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_genkey_start): Just a wrapper around _gpgme_op_genkey_start now. (gpgme_op_genkey): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * import.c (gpgme_op_import_start): Rename to ... (_gpgme_op_import_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_import_start): Just a wrapper around _gpgme_op_import_start now. (gpgme_op_import): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * keylist.c (gpgme_op_keylist_start): Use _gpgme_op_reset. (gpgme_op_keylist_ext_start): Likewise. * sign.c (gpgme_op_sign_start): Rename to ... (_gpgme_op_sign_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_sign_start): Just a wrapper around _gpgme_op_sign_start now. (gpgme_op_sign): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * trustlist.c (gpgme_op_trustlist_start): Use _gpgme_op_reset. * verify.c (gpgme_op_verify_start): Rename to ... (_gpgme_op_verify_start): ... this. New argument SYNCHRONOUS. Use _gpgme_op_reset. Make function static. (gpgme_op_verify_start): Just a wrapper around _gpgme_op_verify_start now. (gpgme_op_verify): Add synchronous argument. Use _gpgme_wait_one instead gpgme_wait. * engine-gpgsm.c (iocb_data_t): New type. (struct gpgsm_object_s): New member status_cb. Replace input_fd and input_data with input_cb. Replace output_fd and output_data with output_cb. Replace message_fd and message_data with message_cb. New member io_cbs. (_gpgme_gpgsm_new): Initialize all new members (and drop the old ones). (close_notify_handler): New variable POSSIBLY_DONE. For each I/O callback, check if it should be unregistered. If all callbacks have been unregistered, trigger GPGME_EVENT_DONE. (_gpgme_gpgsm_release): Remove variable PID. Use new variable names to close the file descriptors. (_gpgme_gpgsm_op_decrypt): Use new variable names, (_gpgme_gpgsm_op_encrypt): Likewise. (_gpgme_gpgsm_op_genkey): Likewise. (_gpgme_gpgsm_op_import): Likewise. (_gpgme_gpgsm_op_keylist): Likewise. (_gpgme_gpgsm_op_keylist_ext): Likewise. (_gpgme_gpgsm_op_sign): Likewise. (_gpgme_gpgsm_op_verify): Likewise. (gpgsm_status_handler): Drop argument PID. Change return type to void. Close status pipe before returning because of EOF or error. (_gpgme_gpgsm_add_io_cb): New function. (_gpgme_gpgsm_start): Use _gpgme_gpgsm_add_io_cb to register callback function. (_gpgme_gpgsm_set_io_cbs): New function. * engine-gpgsm.h: New prototype for _gpgme_gpgsm_set_io_cbs. * engine.c (_gpgme_engine_set_io_cbs): New function. * engine.h: New prototype for _gpgme_engine_set_io_cbs.
2002-06-10 14:13:55 +00:00
err = _gpgme_op_reset (ctx, synchronous);
if (err)
return err;
2000-11-16 13:15:48 +00:00
core: Blank out the plaintext after decryption failure. * src/data.h (data_prop_t): New enum. (struct gpgme_data): Add field propidx. * src/data.c (property_t): New. (property_table, property_table_size, property_table_lock): New. (insert_into_property_table): New. (remove_from_property_table): New. (_gpgme_data_get_dserial): New. (_gpgme_data_set_prop): New. (_gpgme_data_get_prop): New. (_gpgme_data_new): Connect new object to property_table. (_gpgme_data_release): Remove from property_table. (gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer. * src/data-mem.c (gpgme_data_release_and_get_mem): Likewise. * src/decrypt.c (struct op_data): Add field plaintext_dserial. (_gpgme_op_decrypt_init_result): Add arg plaintext and init new field. (_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption failure. (_gpgme_decrypt_start): Pass PLAIN to the init function. * src/decrypt-verify.c (decrypt_verify_start): Ditto. * configure.ac: Check for stdint.h and bail out if uint64_t is not available. -- This is a best effort feature to not output plaintext after a decryption failure (e.g. due to no or broken authenticated encryption). It always work when using a memory object and reading it after the decryption but it can't work reliable when the user is reading from the data object while the decryption process is still running. This is quite a large change because the data objects and the context objects are allowed to be owned by different threads. Thus a synchronization is needed and we do this with a global table of all data objects to which the context objects can do soft-linking via a unique data object serial number. Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 15:38:50 +00:00
err = _gpgme_op_decrypt_init_result (ctx, plain);
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
if (err)
return err;
if (!cipher)
return gpg_error (GPG_ERR_NO_DATA);
gpgme/ 2002-10-08 Marcus Brinkmann <marcus@g10code.de> New data object component: * gpgme.h (GpgmeDataReadCb, GpgmeDataWriteCb, GpgmeDataSeekCb, GpgmeDataReleaseCb): New types. (struct GpgmeDataCbs): New structure. (gpgme_data_read): Changed prototype to match that of read() closely. (gpgme_data_write): Similar for write(). (gpgme_data_seek, gpgme_data_new_from_cbs, gpgme_data_new_from_fd, gpgme_data_new_from_stream): New prototypes. (gpgme_data_get_type, gpgme_check_engine): Prototype removed. * Makefile.am (libgpgme_la_SOURCES): Add data.h, data-fd.c, data-stream.c, data-mem.c, data-user.c and data-compat.c. * data.c: Reimplemented from scratch. * (data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c, data-user.c): New file. * context.h (struct gpgme_data_s): Removed. * conversion.c: Include <errno.h> and <sys/types.h>. (_gpgme_data_append): New function. * data.c (_gpgme_data_append_string): Move to ... * conversion.c (_gpgme_data_append_string): ... here. * data.c (_gpgme_data_append_for_xml): Move to ... * conversion.c (_gpgme_data_append_for_xml): ... here. * data.c (_gpgme_data_append_string_for_xml): Move to ... * conversion.c (_gpgme_data_append_string_for_xml): ... here. * data.c (_gpgme_data_append_percentstring_for_xml): Move to ... * conversion.c (_gpgme_data_append_percentstring_for_xml): ... here. * ops.h (_gpgme_data_get_mode, _gpgme_data_set_mode): Prototype removed. * types.h (GpgmeDataMode): Type removed. * decrypt.c (_gpgme_decrypt_start): Don't check data type or mode. * edit.c (_gpgme_op_edit_start): Likewise. * encrypt.c (_gpgme_op_encrypt_start): Likewise. * encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise. * encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise. * export.c (_gpgme_op_export_start): Likewise. * genkey.c (_gpgme_op_genkey_start): Likewise. * import.c (_gpgme_op_import_start): Likewise. * sign.c (_gpgme_op_sign_start): Likewise. * verify.c (_gpgme_op_verify_start): Likewise. * encrypt.c (gpgme_op_encrypt): Remove hack that returns invalid no recipient if no data was returned. * encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns no recipient if no data was returned. * encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns no recipient if no data was returned. * engine.c (_gpgme_engine_op_verify): Add new argument to differentiate detached from normal signatures. * engine.h (_gpgme_engine_op_verify): Likewise for prototype. * engine-gpgsm.c (_gpgme_gpgsm_op_verify): Likewise. Don't check mode of data argument. * engine-gpgsm.h (_gpgme_gpgsm_op_verify): Likewise for prototype. * gpgme.h (gpgme_op_verify_start): Likewise for prototype. (gpgme_op_verify): Likewise for prototype. * rungpg.c (_gpgme_gpg_op_verify): Likewise. * rungpg.h (_gpgme_gpg_op_verify): Likewise for prototype. * verify.c (_gpgme_op_verify_start): Likewise. (gpgme_op_verify_start): Likewise. (gpgme_op_verify): Likewise. * rungpg.c (struct arg_and_data_s): New member INBOUND to hold direction of data object. (_gpgme_gpg_add_data): Add new argument INBOUND. Use it to determine direction of data object. (_gpgme_gpg_add_pm_data, _gpgme_gpg_set_command_handler, _gpgme_gpg_op_decrypt, _gpgme_gpg_op_edit, _gpgme_gpg_op_encrypt, _gpgme_gpg_op_encrypt_sign, _gpgme_gpg_op_export, _gpgme_gpg_op_genkey, _gpgme_gpg_op_import, _gpgme_gpg_op_sign, _gpgme_gpg_op_verify): Add new argument to _gpgme_gpg_add_data invocation. (build_argv): Use new member INBOUND to determine direction of file descriptor. Don't check the data type. * rungpg.h (_gpgme_gpg_add_data): Add new argument to prototype. * gpgme.c (gpgme_get_op_info): Don't call _gpgme_data_get_as_string if CTX->op_info is NULL. * version.c (gpgme_check_engine): Function removed. tests/ 2002-10-09 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c (print_data): Update to new gpgme_data_read interface, and use gpgme_engine_check_version instead gpgme_check_version. * gpg/t-decrypt-verify.c (print_data): Likewise. * gpg/t-edit.c (main): Likewise. * gpg/t-encrypt.c (print_data): Likewise. * gpg/t-encrypt-sign.c (print_data): Likewise. * gpg/t-encrypt-sym.c (print_data): Likewise. * gpg/t-eventloop.c (print_data): Likewise. * gpg/t-export.c (print_data): Likewise. * gpg/t-sign.c (print_data): Likewise. * gpg/t-signers.c (print_data): Likewise. * gpgsm/t-decrypt.c (print_data): Likewise. * gpgsm/t-encrypt.c (print_data): Likewise. * gpgsm/t-export.c (print_data): Likewise. * gpgsm/t-sign.c (print_data): Likewise. * gpg/t-verify.c (main): Likewise for gpgme_op_verify. * gpgsm/t-verify.c (main): Likewise for gpgme_op_verify. * t-data.c (read_once_test): Likewise. (write_test): Update for new behaviour of data objects. (main): Remove type test.
2002-10-09 00:16:38 +00:00
if (!plain)
return gpg_error (GPG_ERR_INV_VALUE);
2000-11-16 13:15:48 +00:00
2001-11-21 Marcus Brinkmann <marcus@g10code.de> * context.h: Do not include rungpg.h, but engine.h. (struct gpgme_context_s): Replace member gpg with engine. * gpgme.c (gpgme_release): Release engine, not gpg. * recipient.c (_gpgme_append_gpg_args_from_recifgpients): Function moved ... * rungpg.c (_gpgme_append_gpg_args_from_recipients): ... here. Make static, change order of arguments, and return an error value. * ops.h (_gpgme_append_gpg_args_from_recipients): Removed prototype. * rungpg.h (_gpgme_gpg_op_verify): Add prototype. (_gpgme_gpg_op_encrypt): Likewise. (_gpgme_gpg_op_decrypt): Likewise. (_gpgme_gpg_op_delete): Likewise. (_gpgme_gpg_op_export): Likewise. (_gpgme_gpg_op_genkey): Likewise. (_gpgme_gpg_op_import): Likewise. (_gpgme_gpg_op_keylist): Likewise. (_gpgme_gpg_op_sign): Likewise. (_gpgme_gpg_op_trustlist): Likewise. * rungpg.c (_gpgme_gpg_op_verify): New function. (_gpgme_gpg_op_encrypt): Likewise. (_gpgme_gpg_op_decrypt): Likewise. (_gpgme_gpg_op_delete): Likewise. (_gpgme_gpg_op_export): Likewise. (_gpgme_gpg_op_genkey): Likewise. (_gpgme_gpg_op_import): Likewise. (_gpgme_gpg_op_keylist): Likewise. (_gpgme_gpg_op_sign): Likewise. (_gpgme_gpg_op_trustlist): Likewise. * engine.h (_gpgme_engine_set_status_handler): Add prototype. (_gpgme_engine_set_command_handler): Likewise. (_gpgme_engine_set_colon_line_handler): Likewise. (_gpgme_engine_op_decrypt): Likewise. (_gpgme_engine_op_delete): Likewise. (_gpgme_engine_op_encrypt): Likewise. (_gpgme_engine_op_export): Likewise. (_gpgme_engine_op_genkey): Likewise. (_gpgme_engine_op_import): Likewise. (_gpgme_engine_op_keylist): Likewise. (_gpgme_engine_op_sign): Likewise. (_gpgme_engine_op_trustlist): Likewise. (_gpgme_engine_op_verify): Likewise. (_gpgme_engine_start): Likewise. * engine.c (_gpgme_engine_set_status_handler): New function. (_gpgme_engine_set_command_handler): Likewise. (_gpgme_engine_set_colon_line_handler): Likewise. (_gpgme_engine_op_decrypt): Likewise. (_gpgme_engine_op_delete): Likewise. (_gpgme_engine_op_encrypt): Likewise. (_gpgme_engine_op_export): Likewise. (_gpgme_engine_op_genkey): Likewise. (_gpgme_engine_op_import): Likewise. (_gpgme_engine_op_keylist): Likewise. (_gpgme_engine_op_sign): Likewise. (_gpgme_engine_op_trustlist): Likewise. (_gpgme_engine_op_verify): Likewise. (_gpgme_engine_start): Likewise. * verify.c (gpgme_op_verify_start): Reimplement in terms of above functions. * encrypt.c (gpgme_op_encrypt_start): Likewise. * decrypt.c (_gpgme_decrypt_start): Likewise. * passphrase.c (_gpgme_passphrase_start): Likewise. * keylist.c (gpgme_op_keylist_start): Likewise.
2001-11-21 03:40:17 +00:00
if (err)
return err;
2000-11-16 13:15:48 +00:00
if (ctx->passphrase_cb)
{
2003-05-18 21:08:43 +00:00
err = _gpgme_engine_set_command_handler
(ctx->engine, _gpgme_passphrase_command_handler, ctx);
if (err)
return err;
2000-11-16 13:15:48 +00:00
}
_gpgme_engine_set_status_handler (ctx->engine, decrypt_status_handler, ctx);
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP. * src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const. (gpgme_decrypt_flags_t): New enum. (GPGME_DECRYPT_VERIFY): New const (GPGME_DECRYPT_UNWRAP): New const (gpgme_op_decrypt_ext_start): New func. (gpgme_op_decrypt_ext): New func. * src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New. (gpgme_op_decrypt_ext): New. (decrypt_verify_start): Add arg FLAGS. Replace call to engine_op_decrypt_verify by the plain decrypt with the flag set. (gpgme_op_decrypt_verify_start): Pass the flag. (gpgme_op_decrypt_verify): Pass the flag. * src/decrypt.c (decrypt_start): Rename to ... (_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to engine_op_decrypt. (gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG. (gpgme_op_decrypt_start): Ditto. * src/engine.c (_gpgme_engine_op_decrypt_verify): Remove. (_gpgme_engine_op_decrypt): Add arg FLAGS. * src/gpgme.def, src/libgpgme.vers: Add new functions. * src/engine-backend.h (struct engine_ops): Remove member 'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization. * src/engine-uiserver.c (uiserver_decrypt): Remove. (uiserver_decrypt_verify): Remove. (_uiserver_decrypt): Rename to ... (uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS. * src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP. (gpg_encrypt): Support GPGME_ENCRYPT_WRAP. * tests/run-decrypt.c (main): New option --unwrap. * tests/run-encrypt.c (main): New option --wrap. -- Manual testing of that wrap/unwrap feature can be done this way: ./run-encrypt --verbose --key Alice /etc/motd > x ./run-decrypt --verbose --unwrap x > y ./run-encrypt --verbose --key Bob --wrap y > z 1. The message was first encrypted to Alice. 2. Alice decrypts the message receiving a valid OpenPGP message. 3. Alice encrypt that message to Bob This will also work with encrypted and signed messages; the signature will be kept intact during re-encryption. Requires GnuPG 2.1.12. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 13:36:54 +00:00
return _gpgme_engine_op_decrypt (ctx->engine,
flags,
cipher, plain,
2016-11-15 09:29:48 +00:00
ctx->export_session_keys,
ctx->override_session_key,
ctx->auto_key_retrieve);
2000-11-16 13:15:48 +00:00
}
2002-02-02 Marcus Brinkmann <marcus@g10code.de> This patch has gotten a bit large... mmh. The main thing that happens here is that error values are now not determined in the operation function after gpgme_wait completed, but in the status handler when EOF is received. It should always be the case that either an error is flagged or EOF is received, so that after a gpgme_wait you should never have the situation that no error is flagged and EOF is not received. One problem is that the engine status handlers don't have access to the context, a horrible kludge works around this for now. All errors that happen during a pending operation should be catched and reported in ctx->error, including out-of-core and cancellation. This rounds up neatly a couple of loose ends, and makes it possible to pass up any errors in the communication with the backend as well. As a bonus, there will be a function to access gpgme->wait, so that the operations can truly be implemented with their _start function. * engine-gpgsm.c (gpgsm_status_handler): Horrible kludge to report error back to the context. * rungpg.c (gpg_status_handler): Same horrible kludge applied here. * engine-gpgsm.c (gpgsm_assuan_simple_command): Add error checking. * wait.c (_gpgme_wait_on_condition): If canceled, set CTX->error to a value indication that. * verify.c (add_notation): Set error, not out_of_core. (finish_sig): Likewise. (gpgme_op_verify_start): Don't clear out_of_core. (_gpgme_verify_status_handler): At EOF, clean up the notation data. (gpgme_op_verify): And don't do it here. * trustlist.c (trustlist_status_handler): Check error, not out_of_core. (gpgme_op_trustlist_start): Don't clear out_of_core. (gpgme_op_trustlist_next): Check error, not out_of_core. (gpgme_op_trustlist_end): Likewise. * ops.h (test_and_allocate_result): New macro. (_gpgme_passphrase_result): Remove prototype. * delete.c (gpgme_op_delete): Return error from context. (delete_status_handler): Use macro test_and_allocate_result. Perform error checking at EOF. (gpgme_op_delete_start): Release result. * passphrase.c (_gpgme_passphrase_status_handler): Use macro test_and_allocate_result, and perform error checking here. (_gpgme_passphrase_result): Function removed. * sign.c (gpgme_op_sign_start): Do not set out_of_core to zero. (gpgme_op_sign): Just return the error value from the context. (sign_status_handler): Only progress if no error is set yet. If we process an EOF, set the resulting error value (if any). * decrypt.c (_gpgme_decrypt_result): Function removed. (create_result_struct): Function removed. (_gpgme_decrypt_status_handler): Use macro test_and_allocate_result, caclulate error on EOF, do not progress with errors. (_gpgme_decrypt_start): Do not set out_of_core to zero. (gpgme_op_decrypt): Just return the error value from the context. * encrypt.c (encrypt_status_handler): Perform the error checking here. (gpgme_op_encrypt_start): Do not clear out_of_core. * export.c (export_status_handler): Return if error is set in context. (gpgme_op_export_start): Release result. (gpgme_op_export): Return error from context. * decrypt-verify.c (gpgme_op_decrypt_verify): Return the error in the context. * genkey.c (genkey_status_handler): Use macro test_and_allocate_result. Perform error checking at EOF. (gpgme_op_genkey): Just return the error from context. * import.c (gpgme_op_import): Return the error from context. (import_status_handler): Use macro test_and_allocate_result. * keylist.c (gpgme_op_keylist_start): Do not clear out_of_core. (gpgme_op_keylist_next): Return error of context. (keylist_colon_handler): Set error instead out_of_code. (finish_key): Likewise. * context.h: Remove member out_of_core, add member error. * gpgme.c (_gpgme_release_result): Clear error flag. * engine.h (_gpgme_engine_get_error): New prototype. * engine.c (_gpgme_engine_get_error): New function. * engine-gpgsm.c (_gpgme_gpgsm_get_error): New function. * engine-gpgsm.c (map_assuan_error): New function. (gpgsm_assuan_simple_command): Change return type to GpgmeError, use the new function to map error values. (gpgsm_set_fd): Change return type tp GpgmeError. (_gpgme_gpgsm_op_decrypt): Change type of ERR to GpgmeError. (gpgsm_set_recipients): Likewise. Change type of return value equivalently. Adjust error values. (_gpgme_gpgsm_op_import): Likewise. (_gpgme_gpgsm_op_sign): Likewise. (struct gpgsm_object_s): New member error. (gpgsm_status_handler): Set error if error occurs. Determine error number from ERR line received. If assuan_read_line fails, terminate the connection.
2002-02-02 03:52:59 +00:00
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_error_t
2003-05-18 21:08:43 +00:00
gpgme_op_decrypt_start (gpgme_ctx_t ctx, gpgme_data_t cipher,
gpgme_data_t plain)
{
gpgme_error_t err;
TRACE_BEG2 (DEBUG_CTX, "gpgme_op_decrypt_start", ctx,
"cipher=%p, plain=%p", cipher, plain);
if (!ctx)
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP. * src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const. (gpgme_decrypt_flags_t): New enum. (GPGME_DECRYPT_VERIFY): New const (GPGME_DECRYPT_UNWRAP): New const (gpgme_op_decrypt_ext_start): New func. (gpgme_op_decrypt_ext): New func. * src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New. (gpgme_op_decrypt_ext): New. (decrypt_verify_start): Add arg FLAGS. Replace call to engine_op_decrypt_verify by the plain decrypt with the flag set. (gpgme_op_decrypt_verify_start): Pass the flag. (gpgme_op_decrypt_verify): Pass the flag. * src/decrypt.c (decrypt_start): Rename to ... (_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to engine_op_decrypt. (gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG. (gpgme_op_decrypt_start): Ditto. * src/engine.c (_gpgme_engine_op_decrypt_verify): Remove. (_gpgme_engine_op_decrypt): Add arg FLAGS. * src/gpgme.def, src/libgpgme.vers: Add new functions. * src/engine-backend.h (struct engine_ops): Remove member 'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization. * src/engine-uiserver.c (uiserver_decrypt): Remove. (uiserver_decrypt_verify): Remove. (_uiserver_decrypt): Rename to ... (uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS. * src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP. (gpg_encrypt): Support GPGME_ENCRYPT_WRAP. * tests/run-decrypt.c (main): New option --unwrap. * tests/run-encrypt.c (main): New option --wrap. -- Manual testing of that wrap/unwrap feature can be done this way: ./run-encrypt --verbose --key Alice /etc/motd > x ./run-decrypt --verbose --unwrap x > y ./run-encrypt --verbose --key Bob --wrap y > z 1. The message was first encrypted to Alice. 2. Alice decrypts the message receiving a valid OpenPGP message. 3. Alice encrypt that message to Bob This will also work with encrypted and signed messages; the signature will be kept intact during re-encryption. Requires GnuPG 2.1.12. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 13:36:54 +00:00
err = _gpgme_decrypt_start (ctx, 0, 0, cipher, plain);
return TRACE_ERR (err);
}
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
/* Decrypt ciphertext CIPHER within CTX and store the resulting
plaintext in PLAIN. */
2003-05-18 Marcus Brinkmann <marcus@g10code.de> In all files, replace the Gpgme* type names with the new gpgme_* type names. doc/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Header): Remove Gpgme as namespace prefix. Add _GPGME to namespace prefix. * gpgme.texi (Multi Threading): Add note about link order. gpgme/ 2003-05-18 Marcus Brinkmann <marcus@g10code.de> * gpgme.h: The following types are renamed. The old name is kept as a deprecated typedef. (GpgmeCtx): Rename to gpgme_ctx_t. (GpgmeData): Rename to gpgme_data_t. (GpgmeRecipients): Rename to gpgme_recipients_t. (GpgmeError): Rename to gpgme_error_t. (GpgmeDataEncoding): Rename to gpgme_data_encoding_t. (GpgmePubKeyAlgo): Rename to gpgme_pubkey_algo_t. (GpgmeHashAlgo): Rename to gpgme_hash_algo_t. (GpgmeSigStat): Rename to gpgme_sig_stat_t. (GpgmeSigMode): Rename to gpgme_sig_mode_t. (GpgmeAttr): Rename to gpgme_attr_t. (GpgmeValidity): Rename to gpgme_validity_t. (GpgmeProtocol): Rename to gpgme_protocol_t. (GpgmeStatusCode): Rename to gpgme_status_code_t. (GpgmeEngineInfo): Rename to gpgme_engine_info_t. (GpgmeSubkey): Rename to gpgme_subkey_t. (GpgmeKeySig): Rename to gpgme_keysig_t. (GpgmeUserID): Rename to gpgme_user_id_t. (GpgmePassphraseCb): Rename to gpgme_passphrase_cb_t. (GpgmeProgressCb): Rename to gpgme_progress_cb_t. (GpgmeEditCb): Rename to gpgme_edit_cb_t. (GpgmeIOCb): Rename to gpgme_io_cb_t. (GpgmeRegisterIOCb): Rename to gpgme_register_io_cb_t. (GpgmeRemoveIOCb): Rename to gpgme_remove_io_cb_t. (GpgmeEventIO): Rename to gpgme_event_io_t. (GpgmeEventIOCb): Rename to gpgme_event_io_cb_t. (GpgmeIOCbs): Rename to gpgme_io_cbs. (gpgme_io_cbs_t): New type. (GpgmeDataReadCb): Rename to gpgme_data_read_cb_t. (GpgmeDataWriteCb): Rename to gpgme_data_write_cb_t. (GpgmeDataSeekCb): Rename to gpgme_data_seek_cb_t. (GpgmeDataReleaseCb): Rename to gpgme_data_release_cb_t. (GpgmeDataCbs): Rename to gpgme_data_cbs. (gpgme_data_cbs_t): New type. (GpgmeInvalidUserID): Rename to gpgme_invalid_user_id_t. (GpgmeEncryptResult): Rename to gpgme_encrypt_result_t. (GpgmeDecryptResult): Rename to gpgme_decrypt_result_t. (GpgmeNewSignature): Rename to gpgme_new_signature_t. (GpgmeSignResult): Rename to gpgme_sign_result_t. (GpgmeSigNotation): Rename to gpgme_sig_notation_t. (GpgmeSignature): Rename to gpgme_signature_t. (GpgmeVerifyResult): Rename to gpgme_verify_result_t. (GpgmeImportStatus): Rename to gpgme_import_status_t. (GpgmeImportResult): Rename to gpgme_import_result_t. (GpgmeGenKeyResult): Rename to gpgme_genkey_result_t. (GpgmeKeyListResult): Rename to gpgme_keylist_result_t. (GpgmeTrustItem): Rename to gpgme_trust_item_t. * gpgme.h (gpgme_deprecated_error_t): New type, swallowing macros GPGME_No_Recipients, GPGME_Invalid_Recipient and GPGME_No_Passphrase. * data.h (struct gpgme_data_s): Rename to struct gpgme_data. * context.h (struct gpgme_context_s): Rename to struct gpgme_context. (struct gpgme_recipients_s): Rename to gpgme_recipients.
2003-05-18 20:45:24 +00:00
gpgme_error_t
gpgme_op_decrypt (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain)
2000-11-16 13:15:48 +00:00
{
gpgme_error_t err;
TRACE_BEG2 (DEBUG_CTX, "gpgme_op_decrypt", ctx,
"cipher=%p, plain=%p", cipher, plain);
if (!ctx)
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP. * src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const. (gpgme_decrypt_flags_t): New enum. (GPGME_DECRYPT_VERIFY): New const (GPGME_DECRYPT_UNWRAP): New const (gpgme_op_decrypt_ext_start): New func. (gpgme_op_decrypt_ext): New func. * src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New. (gpgme_op_decrypt_ext): New. (decrypt_verify_start): Add arg FLAGS. Replace call to engine_op_decrypt_verify by the plain decrypt with the flag set. (gpgme_op_decrypt_verify_start): Pass the flag. (gpgme_op_decrypt_verify): Pass the flag. * src/decrypt.c (decrypt_start): Rename to ... (_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to engine_op_decrypt. (gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG. (gpgme_op_decrypt_start): Ditto. * src/engine.c (_gpgme_engine_op_decrypt_verify): Remove. (_gpgme_engine_op_decrypt): Add arg FLAGS. * src/gpgme.def, src/libgpgme.vers: Add new functions. * src/engine-backend.h (struct engine_ops): Remove member 'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization. * src/engine-uiserver.c (uiserver_decrypt): Remove. (uiserver_decrypt_verify): Remove. (_uiserver_decrypt): Rename to ... (uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS. * src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP. (gpg_encrypt): Support GPGME_ENCRYPT_WRAP. * tests/run-decrypt.c (main): New option --unwrap. * tests/run-encrypt.c (main): New option --wrap. -- Manual testing of that wrap/unwrap feature can be done this way: ./run-encrypt --verbose --key Alice /etc/motd > x ./run-decrypt --verbose --unwrap x > y ./run-encrypt --verbose --key Bob --wrap y > z 1. The message was first encrypted to Alice. 2. Alice decrypts the message receiving a valid OpenPGP message. 3. Alice encrypt that message to Bob This will also work with encrypted and signed messages; the signature will be kept intact during re-encryption. Requires GnuPG 2.1.12. Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 13:36:54 +00:00
err = _gpgme_decrypt_start (ctx, 1, 0, cipher, plain);
if (!err)
doc/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Decrypt): Descript gpgme_op_decrypt_result and GpgmeDecryptResult. gpgme 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_op_decrypt_result): New structure. (GpgmeDecryptResult): New type. (gpgme_op_decrypt_result): New prototype. * ops.h (_gpgme_op_decrypt_init_result): New prototype. (_gpgme_decrypt_status_handler): Fix prototype. (_gpgme_decrypt_start): Remove prototype. * decrypt-verify.c: Do not include <stdio.h>, <stdlib.h>, <string.h> and <assert.h>, "util.h" and "context.h", but "gpgme.h". (decrypt_verify_status_handler): Change first argument to void *, and rework error handling. (_gpgme_op_decrypt_verify_start): New function. (gpgme_op_decrypt_verify_start): Rewrite using _gpgme_op_decrypt_verify_start. (gpgme_op_decrypt_verify): Likewise. * decrypt.c: Include <string.h>, "gpgme.h" and "util.h". (struct decrypt_result): Change to typedef op_data_t, rewritten. (is_token): Remove function. (release_op_data): New function. (skip_token): Remove function. (gpgme_op_decrypt_result): New function. (_gpgme_decrypt_status_handler): Change first argument to void *. Rework error handling. (_gpgme_decrypt_start): Rename to ... (decrypt_start): ... this. Call _gpgme_op_decrypt_init_result. (_gpgme_op_decrypt_init_result): New function. (gpgme_op_decrypt_start): Use decrypt_start. (gpgme_op_decrypt): Likewise. tests/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c: Rewritten.
2003-04-28 21:17:15 +00:00
err = _gpgme_wait_one (ctx);
ctx->ignore_mdc_error = 0; /* Always reset. */
return TRACE_ERR (err);
2000-11-16 13:15:48 +00:00
}