2002-11-21 13:48:41 +00:00
|
|
|
|
/* decrypt.c - Decrypt function.
|
|
|
|
|
Copyright (C) 2000 Werner Koch (dd9jn)
|
2004-05-21 15:51:53 +00:00
|
|
|
|
Copyright (C) 2001, 2002, 2003, 2004 g10 Code GmbH
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2002-11-21 13:48:41 +00:00
|
|
|
|
This file is part of GPGME.
|
2011-02-03 19:49:41 +00:00
|
|
|
|
|
2002-11-21 13:48:41 +00:00
|
|
|
|
GPGME is free software; you can redistribute it and/or modify it
|
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README: Refer to COPYING.LESSER and "each file" instead of
COPYING.
* COPYING.LESSER: New file.
* gpgme.spec.in (%doc): Add COPYING.LESSER.
* acinclude.m4, configure.ac, Makefile.am: Change license to LGPL
2.1 or later.
* TODO: Add copyright notice.
* README.CVS: Likewise.
assuan/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README.1st: Add copyright notice.
doc/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am: Change license to LGPL.
(gpgme_TEXINFOS): Replace gpl.texi with lesser.texi.
* gpgme.texi: Change license to LGPL (also for documentation of
GPGME's license).
* lesser.texi: New file.
* gpl.texi: File removed.
gpgme/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* putc_unlocked.c, funopen.c: I just claim copyright on these
files and change their license to LGPL, because they are totally
trivial wrapper functions.
* isascii.c: Change copyright notice to the one from ctype/ctype.h
in the GNU C Library (CVS Head 2004-10-10), where isascii is
defined as a macro doing exactly the same as the function in this
file.
* memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06).
* stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10).
* ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c,
ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c,
data.c, data-compat.c, data-fd.c, data.h, data-mem.c,
data-stream.c, data-user.c, debug.c, debug.h, decrypt.c,
decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c,
engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c,
export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h,
key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c,
passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c,
rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c,
util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c,
wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change
license to LGPL.
tests/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* gpg/mkdemodirs: Add copyright notice.
* gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c,
gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c,
gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c,
gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c,
gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c,
gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c,
gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c,
gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c,
gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c,
gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c,
t-version.c: Change license to LGPL.
2004-12-07 21:13:39 +00:00
|
|
|
|
under the terms of the GNU Lesser General Public License as
|
|
|
|
|
published by the Free Software Foundation; either version 2.1 of
|
|
|
|
|
the License, or (at your option) any later version.
|
2011-02-03 19:49:41 +00:00
|
|
|
|
|
2002-11-21 13:48:41 +00:00
|
|
|
|
GPGME is distributed in the hope that it will be useful, but
|
|
|
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README: Refer to COPYING.LESSER and "each file" instead of
COPYING.
* COPYING.LESSER: New file.
* gpgme.spec.in (%doc): Add COPYING.LESSER.
* acinclude.m4, configure.ac, Makefile.am: Change license to LGPL
2.1 or later.
* TODO: Add copyright notice.
* README.CVS: Likewise.
assuan/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README.1st: Add copyright notice.
doc/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am: Change license to LGPL.
(gpgme_TEXINFOS): Replace gpl.texi with lesser.texi.
* gpgme.texi: Change license to LGPL (also for documentation of
GPGME's license).
* lesser.texi: New file.
* gpl.texi: File removed.
gpgme/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* putc_unlocked.c, funopen.c: I just claim copyright on these
files and change their license to LGPL, because they are totally
trivial wrapper functions.
* isascii.c: Change copyright notice to the one from ctype/ctype.h
in the GNU C Library (CVS Head 2004-10-10), where isascii is
defined as a macro doing exactly the same as the function in this
file.
* memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06).
* stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10).
* ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c,
ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c,
data.c, data-compat.c, data-fd.c, data.h, data-mem.c,
data-stream.c, data-user.c, debug.c, debug.h, decrypt.c,
decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c,
engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c,
export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h,
key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c,
passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c,
rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c,
util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c,
wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change
license to LGPL.
tests/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* gpg/mkdemodirs: Add copyright notice.
* gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c,
gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c,
gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c,
gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c,
gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c,
gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c,
gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c,
gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c,
gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c,
gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c,
t-version.c: Change license to LGPL.
2004-12-07 21:13:39 +00:00
|
|
|
|
Lesser General Public License for more details.
|
2011-02-03 19:49:41 +00:00
|
|
|
|
|
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README: Refer to COPYING.LESSER and "each file" instead of
COPYING.
* COPYING.LESSER: New file.
* gpgme.spec.in (%doc): Add COPYING.LESSER.
* acinclude.m4, configure.ac, Makefile.am: Change license to LGPL
2.1 or later.
* TODO: Add copyright notice.
* README.CVS: Likewise.
assuan/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README.1st: Add copyright notice.
doc/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am: Change license to LGPL.
(gpgme_TEXINFOS): Replace gpl.texi with lesser.texi.
* gpgme.texi: Change license to LGPL (also for documentation of
GPGME's license).
* lesser.texi: New file.
* gpl.texi: File removed.
gpgme/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* putc_unlocked.c, funopen.c: I just claim copyright on these
files and change their license to LGPL, because they are totally
trivial wrapper functions.
* isascii.c: Change copyright notice to the one from ctype/ctype.h
in the GNU C Library (CVS Head 2004-10-10), where isascii is
defined as a macro doing exactly the same as the function in this
file.
* memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06).
* stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10).
* ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c,
ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c,
data.c, data-compat.c, data-fd.c, data.h, data-mem.c,
data-stream.c, data-user.c, debug.c, debug.h, decrypt.c,
decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c,
engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c,
export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h,
key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c,
passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c,
rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c,
util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c,
wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change
license to LGPL.
tests/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* gpg/mkdemodirs: Add copyright notice.
* gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c,
gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c,
gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c,
gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c,
gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c,
gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c,
gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c,
gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c,
gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c,
gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c,
t-version.c: Change license to LGPL.
2004-12-07 21:13:39 +00:00
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
License along with this program; if not, write to the Free Software
|
|
|
|
|
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
|
|
|
|
|
02111-1307, USA. */
|
2002-11-21 13:48:41 +00:00
|
|
|
|
|
|
|
|
|
#if HAVE_CONFIG_H
|
2000-11-16 13:15:48 +00:00
|
|
|
|
#include <config.h>
|
2002-11-21 13:48:41 +00:00
|
|
|
|
#endif
|
2000-11-16 13:15:48 +00:00
|
|
|
|
#include <stdlib.h>
|
2003-04-28 21:17:15 +00:00
|
|
|
|
#include <string.h>
|
2003-06-05 23:20:29 +00:00
|
|
|
|
#include <errno.h>
|
2017-03-24 13:36:54 +00:00
|
|
|
|
#include <assert.h>
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2009-10-26 17:38:39 +00:00
|
|
|
|
#include "debug.h"
|
2003-04-28 21:17:15 +00:00
|
|
|
|
#include "gpgme.h"
|
|
|
|
|
#include "util.h"
|
2000-11-16 13:15:48 +00:00
|
|
|
|
#include "context.h"
|
|
|
|
|
#include "ops.h"
|
2011-02-03 19:49:41 +00:00
|
|
|
|
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
|
|
|
|
|
typedef struct
|
2001-11-15 21:32:09 +00:00
|
|
|
|
{
|
2003-04-28 21:17:15 +00:00
|
|
|
|
struct _gpgme_op_decrypt_result result;
|
|
|
|
|
|
2015-08-25 11:22:43 +00:00
|
|
|
|
/* The error code from a FAILURE status line or 0. */
|
|
|
|
|
gpg_error_t failure_code;
|
|
|
|
|
|
2001-11-15 21:32:09 +00:00
|
|
|
|
int okay;
|
2017-07-12 15:55:43 +00:00
|
|
|
|
|
|
|
|
|
/* A flag telling that the a decryption failed and an optional error
|
|
|
|
|
* code to further specify the failure. */
|
2001-11-15 21:32:09 +00:00
|
|
|
|
int failed;
|
2017-07-12 15:55:43 +00:00
|
|
|
|
gpg_error_t pkdecrypt_failed;
|
2011-02-03 19:49:41 +00:00
|
|
|
|
|
2005-06-03 00:42:08 +00:00
|
|
|
|
/* A pointer to the next pointer of the last recipient in the list.
|
|
|
|
|
This makes appending new invalid signers painless while
|
|
|
|
|
preserving the order. */
|
|
|
|
|
gpgme_recipient_t *last_recipient_p;
|
2003-04-28 21:17:15 +00:00
|
|
|
|
} *op_data_t;
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2002-02-02 Marcus Brinkmann <marcus@g10code.de>
This patch has gotten a bit large... mmh. The main thing that
happens here is that error values are now not determined in the
operation function after gpgme_wait completed, but in the status
handler when EOF is received. It should always be the case that
either an error is flagged or EOF is received, so that after a
gpgme_wait you should never have the situation that no error is
flagged and EOF is not received. One problem is that the engine
status handlers don't have access to the context, a horrible
kludge works around this for now. All errors that happen during a
pending operation should be catched and reported in ctx->error,
including out-of-core and cancellation. This rounds up neatly a
couple of loose ends, and makes it possible to pass up any errors
in the communication with the backend as well. As a bonus, there
will be a function to access gpgme->wait, so that the operations
can truly be implemented with their _start function.
* engine-gpgsm.c (gpgsm_status_handler): Horrible kludge to report
error back to the context.
* rungpg.c (gpg_status_handler): Same horrible kludge applied here.
* engine-gpgsm.c (gpgsm_assuan_simple_command): Add error checking.
* wait.c (_gpgme_wait_on_condition): If canceled, set CTX->error
to a value indication that.
* verify.c (add_notation): Set error, not out_of_core.
(finish_sig): Likewise.
(gpgme_op_verify_start): Don't clear out_of_core.
(_gpgme_verify_status_handler): At EOF, clean up the notation data.
(gpgme_op_verify): And don't do it here.
* trustlist.c (trustlist_status_handler): Check error, not out_of_core.
(gpgme_op_trustlist_start): Don't clear out_of_core.
(gpgme_op_trustlist_next): Check error, not out_of_core.
(gpgme_op_trustlist_end): Likewise.
* ops.h (test_and_allocate_result): New macro.
(_gpgme_passphrase_result): Remove prototype.
* delete.c (gpgme_op_delete): Return error from context.
(delete_status_handler): Use macro test_and_allocate_result.
Perform error checking at EOF.
(gpgme_op_delete_start): Release result.
* passphrase.c (_gpgme_passphrase_status_handler): Use macro
test_and_allocate_result, and perform error checking here.
(_gpgme_passphrase_result): Function removed.
* sign.c (gpgme_op_sign_start): Do not set out_of_core to zero.
(gpgme_op_sign): Just return the error value from the context.
(sign_status_handler): Only progress if no error is set yet. If
we process an EOF, set the resulting error value (if any).
* decrypt.c (_gpgme_decrypt_result): Function removed.
(create_result_struct): Function removed.
(_gpgme_decrypt_status_handler): Use macro test_and_allocate_result,
caclulate error on EOF, do not progress with errors.
(_gpgme_decrypt_start): Do not set out_of_core to zero.
(gpgme_op_decrypt): Just return the error value from the context.
* encrypt.c (encrypt_status_handler): Perform the error checking
here.
(gpgme_op_encrypt_start): Do not clear out_of_core.
* export.c (export_status_handler): Return if error is set in context.
(gpgme_op_export_start): Release result.
(gpgme_op_export): Return error from context.
* decrypt-verify.c (gpgme_op_decrypt_verify): Return the error in
the context.
* genkey.c (genkey_status_handler): Use macro
test_and_allocate_result. Perform error checking at EOF.
(gpgme_op_genkey): Just return the error from context.
* import.c (gpgme_op_import): Return the error from context.
(import_status_handler): Use macro test_and_allocate_result.
* keylist.c (gpgme_op_keylist_start): Do not clear out_of_core.
(gpgme_op_keylist_next): Return error of context.
(keylist_colon_handler): Set error instead out_of_code.
(finish_key): Likewise.
* context.h: Remove member out_of_core, add member error.
* gpgme.c (_gpgme_release_result): Clear error flag.
* engine.h (_gpgme_engine_get_error): New prototype.
* engine.c (_gpgme_engine_get_error): New function.
* engine-gpgsm.c (_gpgme_gpgsm_get_error): New function.
* engine-gpgsm.c (map_assuan_error): New function.
(gpgsm_assuan_simple_command): Change return type to GpgmeError,
use the new function to map error values.
(gpgsm_set_fd): Change return type tp GpgmeError.
(_gpgme_gpgsm_op_decrypt): Change type of ERR to GpgmeError.
(gpgsm_set_recipients): Likewise. Change type of return value
equivalently. Adjust error values.
(_gpgme_gpgsm_op_import): Likewise.
(_gpgme_gpgsm_op_sign): Likewise.
(struct gpgsm_object_s): New member error.
(gpgsm_status_handler): Set error if error occurs. Determine
error number from ERR line received. If assuan_read_line fails,
terminate the connection.
2002-02-02 03:52:59 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
static void
|
|
|
|
|
release_op_data (void *hook)
|
2002-08-19 16:55:08 +00:00
|
|
|
|
{
|
2003-04-28 21:17:15 +00:00
|
|
|
|
op_data_t opd = (op_data_t) hook;
|
2008-03-05 19:58:41 +00:00
|
|
|
|
gpgme_recipient_t recipient = opd->result.recipients;
|
2002-08-19 16:55:08 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
if (opd->result.unsupported_algorithm)
|
|
|
|
|
free (opd->result.unsupported_algorithm);
|
2005-07-27 01:50:08 +00:00
|
|
|
|
|
2005-09-30 13:24:40 +00:00
|
|
|
|
if (opd->result.file_name)
|
|
|
|
|
free (opd->result.file_name);
|
2008-03-05 19:58:41 +00:00
|
|
|
|
|
core: Enable extraction of session keys.
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.
--
gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case. However, session key export is also
useful in other use cases. Two examples from MUA development (where
this functionality would be specifically useful to me right now):
* If the MUA stores a local copy of the session key upon decrypting
the message, it can re-decrypt the message without expensive
asymmetric operations. When rendering a thread with dozens of
encrypted messages, this can represent a significant speedup.
* A user may have expired encryption-capable secret key material,
along with many messages encrypted to that material. If she stores
the session keys for those messages she wants to keep, she can
destroy her secret key material and make any messages she has
deleted completely unrecoverable, even to an attacker who gets her
remaining secret keys in the future.
This patchset makes a two specific implementation decisions that could
have gone in different ways. I welcome feedback on preferred outcomes.
0) session key representation: we currently represent the session key
as an opaque textual string, rather than trying to provide any
sort of in-memory structure. While it wouldn't be hard to parse
the data produced by gpg's --export-session-key, I chose to use
the opaque string rather than lock in a particular data format.
1) API/ABI: i've added a member to gpgme_op_decrypt_result_t. This
has the potential to cause an out-of-bound memory access if
someone uses code compiled against the newer verision, but linked
at runtime against an older version. I've attempted to limit that
risk by documenting that users must verify
gpgme_get_export_session_keys() before accessing this new struct
member -- this means that code expecting this capability will
require the symbol at link-time, and will refuse to link against
older versions.
Another approach to solving this problem would be to avoid
modifying gpgme_op_decrypt_result_t, and to introduce instead a
new function gpgme_op_session_key(), which could be called in the
same places as gpgme_op_decrypt_result(). Depending on the
representation of the session key, this might introduce new
memory-management burdens on the user of the library, and the
session key is certainly part of a decryption result, so it seemed
simpler to go with what i have here.
If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.
Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/
If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.
Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user. Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API. Unless someone tinkers with
the build system, this should never happen. We have added new fields
to result structure may times and I can't remember any problems.
- wk
2016-11-11 07:49:28 +00:00
|
|
|
|
if (opd->result.session_key)
|
|
|
|
|
free (opd->result.session_key);
|
|
|
|
|
|
2008-03-05 19:58:41 +00:00
|
|
|
|
while (recipient)
|
|
|
|
|
{
|
|
|
|
|
gpgme_recipient_t next = recipient->next;
|
|
|
|
|
free (recipient);
|
|
|
|
|
recipient = next;
|
|
|
|
|
}
|
2002-08-19 16:55:08 +00:00
|
|
|
|
}
|
|
|
|
|
|
2002-11-21 13:48:41 +00:00
|
|
|
|
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_decrypt_result_t
|
|
|
|
|
gpgme_op_decrypt_result (gpgme_ctx_t ctx)
|
2002-08-19 16:55:08 +00:00
|
|
|
|
{
|
2003-05-27 02:54:36 +00:00
|
|
|
|
void *hook;
|
2003-04-28 21:17:15 +00:00
|
|
|
|
op_data_t opd;
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_error_t err;
|
2002-08-19 16:55:08 +00:00
|
|
|
|
|
2009-10-26 17:38:39 +00:00
|
|
|
|
TRACE_BEG (DEBUG_CTX, "gpgme_op_decrypt_result", ctx);
|
|
|
|
|
|
2003-05-27 02:54:36 +00:00
|
|
|
|
err = _gpgme_op_data_lookup (ctx, OPDATA_DECRYPT, &hook, -1, NULL);
|
|
|
|
|
opd = hook;
|
2003-04-28 21:17:15 +00:00
|
|
|
|
if (err || !opd)
|
2009-10-26 17:38:39 +00:00
|
|
|
|
{
|
|
|
|
|
TRACE_SUC0 ("result=(null)");
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (_gpgme_debug_trace ())
|
|
|
|
|
{
|
|
|
|
|
gpgme_recipient_t rcp;
|
|
|
|
|
|
|
|
|
|
if (opd->result.unsupported_algorithm)
|
|
|
|
|
{
|
|
|
|
|
TRACE_LOG1 ("result: unsupported_algorithm: %s",
|
|
|
|
|
opd->result.unsupported_algorithm);
|
|
|
|
|
}
|
|
|
|
|
if (opd->result.wrong_key_usage)
|
|
|
|
|
{
|
|
|
|
|
TRACE_LOG ("result: wrong key usage");
|
|
|
|
|
}
|
|
|
|
|
rcp = opd->result.recipients;
|
|
|
|
|
while (rcp)
|
|
|
|
|
{
|
|
|
|
|
TRACE_LOG3 ("result: recipient: keyid=%s, pubkey_algo=%i, "
|
|
|
|
|
"status=%s", rcp->keyid, rcp->pubkey_algo,
|
|
|
|
|
gpg_strerror (rcp->status));
|
|
|
|
|
rcp = rcp->next;
|
|
|
|
|
}
|
|
|
|
|
if (opd->result.file_name)
|
|
|
|
|
{
|
|
|
|
|
TRACE_LOG1 ("result: original file name: %s", opd->result.file_name);
|
|
|
|
|
}
|
|
|
|
|
}
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2009-10-26 17:38:39 +00:00
|
|
|
|
TRACE_SUC1 ("result=%p", &opd->result);
|
2003-04-28 21:17:15 +00:00
|
|
|
|
return &opd->result;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-12 13:59:12 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
|
2017-07-12 13:59:12 +00:00
|
|
|
|
/* Parse the ARGS of an error status line and record some error
|
|
|
|
|
* conditions at OPD. Returns 0 on success. */
|
|
|
|
|
static gpgme_error_t
|
|
|
|
|
parse_status_error (char *args, op_data_t opd)
|
|
|
|
|
{
|
|
|
|
|
gpgme_error_t err;
|
|
|
|
|
char *field[3];
|
|
|
|
|
int nfields;
|
|
|
|
|
|
|
|
|
|
nfields = _gpgme_split_fields (args, field, DIM (field));
|
|
|
|
|
if (nfields < 1)
|
|
|
|
|
return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing. */
|
|
|
|
|
err = nfields < 2 ? 0 : atoi (field[1]);
|
|
|
|
|
|
|
|
|
|
if (!strcmp (field[0], "decrypt.algorithm"))
|
|
|
|
|
{
|
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_UNSUPPORTED_ALGORITHM
|
|
|
|
|
&& nfields > 2
|
|
|
|
|
&& strcmp (field[2], "?"))
|
|
|
|
|
{
|
|
|
|
|
opd->result.unsupported_algorithm = strdup (field[2]);
|
|
|
|
|
if (!opd->result.unsupported_algorithm)
|
|
|
|
|
return gpg_error_from_syserror ();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (!strcmp (field[0], "decrypt.keyusage"))
|
|
|
|
|
{
|
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE)
|
|
|
|
|
opd->result.wrong_key_usage = 1;
|
|
|
|
|
}
|
2017-07-12 15:55:43 +00:00
|
|
|
|
else if (!strcmp (field[0], "pkdecrypt_failed"))
|
|
|
|
|
{
|
|
|
|
|
switch (gpg_err_code (err))
|
|
|
|
|
{
|
|
|
|
|
case GPG_ERR_CANCELED:
|
|
|
|
|
case GPG_ERR_FULLY_CANCELED:
|
|
|
|
|
/* It is better to return with a cancel error code than the
|
|
|
|
|
* general decryption failed error code. */
|
|
|
|
|
opd->pkdecrypt_failed = gpg_err_make (gpg_err_source (err),
|
|
|
|
|
GPG_ERR_CANCELED);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case GPG_ERR_BAD_PASSPHRASE:
|
|
|
|
|
/* A bad passphrase is severe enough that we return this
|
|
|
|
|
* error code. */
|
|
|
|
|
opd->pkdecrypt_failed = err;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
/* For now all other error codes are ignored and the
|
|
|
|
|
* standard DECRYPT_FAILED is returned. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-12 13:59:12 +00:00
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2005-06-03 00:42:08 +00:00
|
|
|
|
static gpgme_error_t
|
2014-05-08 12:03:14 +00:00
|
|
|
|
parse_enc_to (char *args, gpgme_recipient_t *recp, gpgme_protocol_t protocol)
|
2005-06-03 00:42:08 +00:00
|
|
|
|
{
|
|
|
|
|
gpgme_recipient_t rec;
|
|
|
|
|
char *tail;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
rec = malloc (sizeof (*rec));
|
|
|
|
|
if (!rec)
|
2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Require libgpg-error 1.8.
src/
2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
gpg_error_from_syserror instead gpg_error_from_errno, and use
gpg_err_set_errno to set error number.
* setenv.c: Include <gpg-error.h> and define __set_errno to use
gpg_err_set_errno.
* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
mapped in Windows CE) instead of E2BIG (which is not).
(gt_import_keys): Initialize err.
2010-05-06 13:39:55 +00:00
|
|
|
|
return gpg_error_from_syserror ();
|
2005-06-03 00:42:08 +00:00
|
|
|
|
|
|
|
|
|
rec->next = NULL;
|
|
|
|
|
rec->keyid = rec->_keyid;
|
|
|
|
|
rec->status = 0;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < sizeof (rec->_keyid) - 1; i++)
|
|
|
|
|
{
|
|
|
|
|
if (args[i] == '\0' || args[i] == ' ')
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
rec->_keyid[i] = args[i];
|
|
|
|
|
}
|
|
|
|
|
rec->_keyid[i] = '\0';
|
|
|
|
|
|
|
|
|
|
args = &args[i];
|
|
|
|
|
if (*args != '\0' && *args != ' ')
|
|
|
|
|
{
|
|
|
|
|
free (rec);
|
2012-10-19 09:23:39 +00:00
|
|
|
|
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
2005-06-03 00:42:08 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while (*args == ' ')
|
|
|
|
|
args++;
|
|
|
|
|
|
|
|
|
|
if (*args)
|
|
|
|
|
{
|
2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Require libgpg-error 1.8.
src/
2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
gpg_error_from_syserror instead gpg_error_from_errno, and use
gpg_err_set_errno to set error number.
* setenv.c: Include <gpg-error.h> and define __set_errno to use
gpg_err_set_errno.
* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
mapped in Windows CE) instead of E2BIG (which is not).
(gt_import_keys): Initialize err.
2010-05-06 13:39:55 +00:00
|
|
|
|
gpg_err_set_errno (0);
|
2014-05-08 12:03:14 +00:00
|
|
|
|
rec->pubkey_algo = _gpgme_map_pk_algo (strtol (args, &tail, 0), protocol);
|
2005-06-03 00:42:08 +00:00
|
|
|
|
if (errno || args == tail || *tail != ' ')
|
|
|
|
|
{
|
|
|
|
|
/* The crypto backend does not behave. */
|
|
|
|
|
free (rec);
|
2012-10-19 09:23:39 +00:00
|
|
|
|
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
2005-06-03 00:42:08 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* FIXME: The key length is always 0 right now, so no need to parse
|
|
|
|
|
it. */
|
|
|
|
|
|
|
|
|
|
*recp = rec;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_error_t
|
2003-05-18 21:08:43 +00:00
|
|
|
|
_gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code,
|
|
|
|
|
char *args)
|
2000-11-16 13:15:48 +00:00
|
|
|
|
{
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_ctx_t ctx = (gpgme_ctx_t) priv;
|
|
|
|
|
gpgme_error_t err;
|
2003-05-27 02:54:36 +00:00
|
|
|
|
void *hook;
|
2003-04-28 21:17:15 +00:00
|
|
|
|
op_data_t opd;
|
2002-08-19 16:55:08 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
err = _gpgme_passphrase_status_handler (priv, code, args);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
|
2003-05-27 02:54:36 +00:00
|
|
|
|
err = _gpgme_op_data_lookup (ctx, OPDATA_DECRYPT, &hook, -1, NULL);
|
|
|
|
|
opd = hook;
|
doc/
2003-01-29 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (I/O Callback Interface): Document new even
GPGME_EVENT_START.
(Waiting For Completion): Document new possible return values.
(I/O Callback Interface): Document return type of GpgmeIOCb.
gpgme/
2003-01-29 Marcus Brinkmann <marcus@g10code.de>
* context.h (gpgme_context_s): Remove member ERROR.
* types.h (GpgmeStatusHandler): Change return type to GpgmeError.
(GpgmeCommandHandler): Change return type to GpgmeError and add
new argument RESULT.
* gpgme.h (GpgmeIOCb): Change return type to GpgmeError.
(GpgmeEventIO): New event GPGME_EVENT_START.
(GpgmeIdleFunc): Remove type.
(gpgme_register_idle): Remove prototype.
* data.c: Include <assert.h>.
(_gpgme_data_inbound_handler): Change return type to GpgmeError.
Return any error instead ignoring it, don't close file descriptor
on error.
(_gpgme_data_outbound_handler): Likewise.
* decrypt.c: Do not include <stdio.h>, <string.h> and <assert.h>.
(_gpgme_decrypt_status_handler): Change return type to GpgmeError.
Return error instead setting ctx->error. Return success at end of
function.
(gpgme_op_decrypt): Don't work around the old kludge anymore.
* decrypt-verify.c (decrypt_verify_status_handler): Change return
type to GpgmeError. Return possible errors.
* delete.c: Do not include <stdio.h>, <string.h>, <time.h> and
<assert.h>.
(delete_status_handler): Change return type to GpgmeError. Return
error instead setting ctx->error. Return success at end of
function.
* edit.c: Do not include <stdio.h> and <string.h>.
(_gpgme_edit_status_handler): Change type to GpgmeError,
make static and rename to ...
(edit_status_handler): ... this. Return error directly.
(command_handler): Change return type to GpgmeError, add result
argument. Return error directly.
* encrypt.c (status_handler_finish): Remove function.
(_gpgme_encrypt_status_handler): Change return type to GpgmeError.
Return error directly.
(_gpgme_encrypt_sym_status_handler): Likewise.
* encrypt-sign.c (encrypt_sign_status_handler): Likewise.
* engine-gpgsm.c (close_notify_handler): Do not signal done event
anymore.
(status_handler): Change return type to GpgmeError. Diddle things
around a bit to return errors directly.
(start): Send start event.
* export.c: Do not include <stdio.h>, <string.h> and <assert.h>.
(export_status_handler): Change return type to GpgmeError. Don't
check ctx->error.
* genkey.c: Do not include <stdio.h> and <assert.h>.
(genkey_status_handler): Change return type to GpgmeError. Don't
check ctx->error. Return errors directly.
* gpgme.c (_gpgme_release_result): Do not initialize ctx->error.
(_gpgme_op_event_cb): Function removed.
(_gpgme_op_event_cb_user): Likewise.
* import.c: Do not include <stdio.h>, <string.h> and <assert.h>.
(import_status_handler): Change return type to GpgmeError. Don't
check ctx->error.
* keylist.c (keylist_colon_handler, keylist_status_handler, finish_key):
Change return type to GpgmeError, return error directly.
* Makefile (libgpgme_la_SOURCES): Add wait-global.c,
wait-private.c and wait-user.c
* ops.h (test_and_allocate_result): Return error instead setting
ctx->error.
(_gpgme_data_inbound_handler, _gpgme_data_outbound_handler,
_gpgme_verify_status_handler, _gpgme_decrypt_status_handler,
_gpgme_sign_status_handler, _gpgme_encrypt_staus_handler,
_gpgme_passphrase_status_handler, _gpgme_progress_status_handler):
Change return type to GpgmeError.
(_gpgme_passphease_command_handler): Change return type to
GpgmeError and add new argument RESULT.
* op-support.c: Use new callback functions, and change private
data to ctx everywhere.
* passphrase.c (_gpgme_passphrase_status_handler): Change return
type to GpgmeError, return error directly.
(_gpgme_passphrase_command_handler): Change return type to
GpgmeError, add result argument. Return results accordingly.
* progress.c (_gpgme_progress_status_handler): Change return type
to GpgmeError, return errors directly.
* rungpg.c (status_handler): Change return type to GpgmeError.
Return error directly.
(close_notify_handler): Don't send done event.
(colon_line_handler): Change return type to GpgmeError, return
errors directly.
* rungpg.c (start): Send start event.
* sign.c (_gpgme_sign_status_handler): Change return type to
GpgmeError, return errors directly.
* trustlist.c (trustlist_status_handler): Change return type to
GpgmeError. Return 0.
(trustlist_colon_handler): Change return type GpgmeError. Return
errors directly.
* verify.c (add_notation): Change return type to GpgmeError,
return errors directly.
(_gpgme_verify_status_handler): Likewise.
* wait.h (struct fd_table): Remove lock member.
(struct wait_item_s): Moved here from wait.c.
(struct tag): New structure.
(_gpgme_wait_event_cb): Remove prototype.
(_gpgme_wait_private_event_cb, _gpgme_wait_global_event_cb,
_gpgme_wait_user_add_io_cb, _gpgme_wait_user_remove_io_cb,
_gpgme_wait_user_event_io_cb): New prototypes.
* wait.c: Don't include <stdio.h>.
(ftd_global, ctx_done_list, ctx_done_list_size,
ctx_done_list_length, ctx_done_list_lock, idle_function): Remove
global variable.
(gpgme_register_idle, do_select, _gpgme_wait_event_cb): Remove
function.
(gpgme_wait): Move to file wait-global.c.
(_gpgme_add_io_cb): Take ctx as private argument, initialize ctx
member in wait item and tag.
(_gpgme_remove_io_cb): Take ctx from tag. Don't use FDT lock.
(_gpgme_wait_one, _gpgme_wait_on_condition): Move to
wait-private.c.
(gpgme_fd_table_init): Don't initialize FDT->lock.
(gpgme_fd_table_deinit): Don't destroy FDT->lock.
(_gpgme_fd_table_put): Make static and rename to ...
(fd_table_put): ... this function. Don't use FDT->lock.
(struct wait_item_s): Move to wait.h.
* wait-global.c: New file.
* wait-private.c: New file.
* wait-user.c: New file.
2003-01-29 15:20:58 +00:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2001-11-16 00:20:11 +00:00
|
|
|
|
switch (code)
|
|
|
|
|
{
|
2015-08-25 11:22:43 +00:00
|
|
|
|
case GPGME_STATUS_FAILURE:
|
|
|
|
|
opd->failure_code = _gpgme_parse_failure (args);
|
|
|
|
|
break;
|
|
|
|
|
|
2002-07-28 Marcus Brinkmann <marcus@g10code.de>
* data.c (gpgme_data_read): For GPGME_DATA_TYPE_NONE, return EOF
instead an error.
The following changes make it possible to flush an inbound data
pipe before invoking a command handler:
* posix-io.c (_gpgme_io_select): Accept new argument NONBLOCK to
_gpgme_io_select. Set timeout of 0 if this is set.
* w32-io.c (_gpgme_io_select): Likewise.
* io.h: Add new argument NONBLOCK to _gpgme_io_select prototype.
* wait.c (do_select): Add new argument to _gpgme_io_select
invocation.
* rungpg.h (_gpgme_gpg_set_command_handler): Add new argument
linked_data to prototype.
* engine.h (_gpgme_engine_set_command_handler): Likewise.
* engine.c (_gpgme_engine_set_command_handler): Likewise.
* passphrase.c (_gpgme_passphrase_start): Pass NULL as linked_data
argument to _gpgme_engine_set_command_handler.
* rungpg.c (struct gpg_object_s): New members linked_data and
linked_idx in CMD.
(_gpgme_gpg_new): Initialize those new members.
(_gpgme_gpg_set_command_handler): Accept new argument linked_data.
(build_argv): Handle linked_data in the same hack as cb_data.
(read_status): If linked_data is in use, flush the pipe before
activating the command handler.
* gpgme.h: Add prototypes for gpgme_op_edit_start and
gpgme_op_edit.
The next changes export the status codes to the user:
* decrypt.c (_gpgme_decrypt_status_handler): Likewise, also prefix
all STATUS_ with GPGME_.
* delete.c (delete_status_handler): Likewise.
* decrypt-verify.c (decrypt_verify_status_handler): Likewise.
* encrypt.c (_gpgme_encrypt_status_handler): Likewise.
(_gpgme_encrypt_sym_status_handler): Likewise.
* encrypt-sign.c (encrypt_sign_status_handler): Likewise.
* engine-gpgsm.c (parse_status): Likewise.
(gpgsm_status_handler): Likewise.
(gpgsm_set_recipients): Likewise.
* export.c (export_status_handler): Likewise.
* genkey.c (genkey_status_handler): Likewise.
* import.c (append_xml_impinfo): Likewise.
(import_status_handler): Likewise.
* keylist.c (keylist_status_handler): Likewise.
* passphrase.c (_gpgme_passphrase_status_handler): Likewise.
(command_handler): Likewise.
* progress.c (_gpgme_progress_status_handler): Likewise.
* sign.c (_gpgme_sign_status_handler): Likewise.
* trustlist.c (trustlist_status_handler): Likewise.
* verify.c (_gpgme_verify_status_handler): Likewise.
* gpgme.h (GpgmeEditCb): New type.
* rungpg.h (GpgStatusCode): Rename and move to ...
* gpgme.h (GpgmeStatusCode): ... this and here.
* Makefile.am (status-table.h): Run mkstatus on gpgme.h, not rungpg.h.
* mkstatus: Prefix STATUS with GPGME_.
* rungpg.h (GpgStatusHandler, GpgCommandHandler): Change type
accordingly.
* ops.h (_gpgme_verify_status_handler,
_gpgme_decrypt_status_handler, _gpgme_sign_status_handler,
_gpgme_encrypt_status_handler, _gpgme_passphrase_status_handler,
_gpgme_progress_status_handler): Likewise.
* rungpg.c (struct gpg_object_s): Likewise for CMD.code.
These changes add an edit operation to GPGME:
* context.h (struct gpgme_context_s): New member RESULT.edit. *
ops.h: Add prototype for _gpgme_release_edit_result and
_gpgme_passphrase_command_handler.
* passphrase.c (command_handler): Make non-static and rename to ...
(_gpgme_passphrase_command_handler): ... this.
(_gpgme_passphrase_start): Use new name for command handler.
* types.h: Add EditResult type.
* gpgme.c (_gpgme_release_result): Release EDIT result.
* edit.c: New file.
* Makefile.am (libgpgme_la_SOURCES): Add edit.c.
(libgpgme_la_LDADD): Rename to libgpgme_la_LIBADD, and include
assuan_libobjs.
(assuan_libobjs): New variable, set this instead
libgpgme_la_LIBADD.
* engine.h (_gpgme_engine_op_edit): New prototype.
* engine.c (_gpgme_engine_op_edit): New function.
* rungpg.h (_gpgme_gpg_op_edit): New prototype.
* rungpg.c (_gpgme_gpg_op_edit): New function.
2002-07-28 18:41:02 +00:00
|
|
|
|
case GPGME_STATUS_EOF:
|
2003-06-05 23:20:29 +00:00
|
|
|
|
/* FIXME: These error values should probably be attributed to
|
|
|
|
|
the underlying crypto engine (as error source). */
|
2017-07-12 15:55:43 +00:00
|
|
|
|
if (opd->failed && opd->pkdecrypt_failed)
|
|
|
|
|
return opd->pkdecrypt_failed;
|
|
|
|
|
else if (opd->failed)
|
2003-06-05 23:20:29 +00:00
|
|
|
|
return gpg_error (GPG_ERR_DECRYPT_FAILED);
|
2003-04-28 21:17:15 +00:00
|
|
|
|
else if (!opd->okay)
|
2003-06-05 23:20:29 +00:00
|
|
|
|
return gpg_error (GPG_ERR_NO_DATA);
|
2015-08-25 11:22:43 +00:00
|
|
|
|
else if (opd->failure_code)
|
|
|
|
|
return opd->failure_code;
|
2001-11-16 00:20:11 +00:00
|
|
|
|
break;
|
2001-01-11 11:56:34 +00:00
|
|
|
|
|
2011-02-03 19:49:41 +00:00
|
|
|
|
case GPGME_STATUS_DECRYPTION_INFO:
|
|
|
|
|
/* Fixme: Provide a way to return the used symmetric algorithm. */
|
|
|
|
|
break;
|
|
|
|
|
|
2002-07-28 Marcus Brinkmann <marcus@g10code.de>
* data.c (gpgme_data_read): For GPGME_DATA_TYPE_NONE, return EOF
instead an error.
The following changes make it possible to flush an inbound data
pipe before invoking a command handler:
* posix-io.c (_gpgme_io_select): Accept new argument NONBLOCK to
_gpgme_io_select. Set timeout of 0 if this is set.
* w32-io.c (_gpgme_io_select): Likewise.
* io.h: Add new argument NONBLOCK to _gpgme_io_select prototype.
* wait.c (do_select): Add new argument to _gpgme_io_select
invocation.
* rungpg.h (_gpgme_gpg_set_command_handler): Add new argument
linked_data to prototype.
* engine.h (_gpgme_engine_set_command_handler): Likewise.
* engine.c (_gpgme_engine_set_command_handler): Likewise.
* passphrase.c (_gpgme_passphrase_start): Pass NULL as linked_data
argument to _gpgme_engine_set_command_handler.
* rungpg.c (struct gpg_object_s): New members linked_data and
linked_idx in CMD.
(_gpgme_gpg_new): Initialize those new members.
(_gpgme_gpg_set_command_handler): Accept new argument linked_data.
(build_argv): Handle linked_data in the same hack as cb_data.
(read_status): If linked_data is in use, flush the pipe before
activating the command handler.
* gpgme.h: Add prototypes for gpgme_op_edit_start and
gpgme_op_edit.
The next changes export the status codes to the user:
* decrypt.c (_gpgme_decrypt_status_handler): Likewise, also prefix
all STATUS_ with GPGME_.
* delete.c (delete_status_handler): Likewise.
* decrypt-verify.c (decrypt_verify_status_handler): Likewise.
* encrypt.c (_gpgme_encrypt_status_handler): Likewise.
(_gpgme_encrypt_sym_status_handler): Likewise.
* encrypt-sign.c (encrypt_sign_status_handler): Likewise.
* engine-gpgsm.c (parse_status): Likewise.
(gpgsm_status_handler): Likewise.
(gpgsm_set_recipients): Likewise.
* export.c (export_status_handler): Likewise.
* genkey.c (genkey_status_handler): Likewise.
* import.c (append_xml_impinfo): Likewise.
(import_status_handler): Likewise.
* keylist.c (keylist_status_handler): Likewise.
* passphrase.c (_gpgme_passphrase_status_handler): Likewise.
(command_handler): Likewise.
* progress.c (_gpgme_progress_status_handler): Likewise.
* sign.c (_gpgme_sign_status_handler): Likewise.
* trustlist.c (trustlist_status_handler): Likewise.
* verify.c (_gpgme_verify_status_handler): Likewise.
* gpgme.h (GpgmeEditCb): New type.
* rungpg.h (GpgStatusCode): Rename and move to ...
* gpgme.h (GpgmeStatusCode): ... this and here.
* Makefile.am (status-table.h): Run mkstatus on gpgme.h, not rungpg.h.
* mkstatus: Prefix STATUS with GPGME_.
* rungpg.h (GpgStatusHandler, GpgCommandHandler): Change type
accordingly.
* ops.h (_gpgme_verify_status_handler,
_gpgme_decrypt_status_handler, _gpgme_sign_status_handler,
_gpgme_encrypt_status_handler, _gpgme_passphrase_status_handler,
_gpgme_progress_status_handler): Likewise.
* rungpg.c (struct gpg_object_s): Likewise for CMD.code.
These changes add an edit operation to GPGME:
* context.h (struct gpgme_context_s): New member RESULT.edit. *
ops.h: Add prototype for _gpgme_release_edit_result and
_gpgme_passphrase_command_handler.
* passphrase.c (command_handler): Make non-static and rename to ...
(_gpgme_passphrase_command_handler): ... this.
(_gpgme_passphrase_start): Use new name for command handler.
* types.h: Add EditResult type.
* gpgme.c (_gpgme_release_result): Release EDIT result.
* edit.c: New file.
* Makefile.am (libgpgme_la_SOURCES): Add edit.c.
(libgpgme_la_LDADD): Rename to libgpgme_la_LIBADD, and include
assuan_libobjs.
(assuan_libobjs): New variable, set this instead
libgpgme_la_LIBADD.
* engine.h (_gpgme_engine_op_edit): New prototype.
* engine.c (_gpgme_engine_op_edit): New function.
* rungpg.h (_gpgme_gpg_op_edit): New prototype.
* rungpg.c (_gpgme_gpg_op_edit): New function.
2002-07-28 18:41:02 +00:00
|
|
|
|
case GPGME_STATUS_DECRYPTION_OKAY:
|
2003-04-28 21:17:15 +00:00
|
|
|
|
opd->okay = 1;
|
2001-11-16 00:20:11 +00:00
|
|
|
|
break;
|
2000-12-12 13:31:25 +00:00
|
|
|
|
|
2002-07-28 Marcus Brinkmann <marcus@g10code.de>
* data.c (gpgme_data_read): For GPGME_DATA_TYPE_NONE, return EOF
instead an error.
The following changes make it possible to flush an inbound data
pipe before invoking a command handler:
* posix-io.c (_gpgme_io_select): Accept new argument NONBLOCK to
_gpgme_io_select. Set timeout of 0 if this is set.
* w32-io.c (_gpgme_io_select): Likewise.
* io.h: Add new argument NONBLOCK to _gpgme_io_select prototype.
* wait.c (do_select): Add new argument to _gpgme_io_select
invocation.
* rungpg.h (_gpgme_gpg_set_command_handler): Add new argument
linked_data to prototype.
* engine.h (_gpgme_engine_set_command_handler): Likewise.
* engine.c (_gpgme_engine_set_command_handler): Likewise.
* passphrase.c (_gpgme_passphrase_start): Pass NULL as linked_data
argument to _gpgme_engine_set_command_handler.
* rungpg.c (struct gpg_object_s): New members linked_data and
linked_idx in CMD.
(_gpgme_gpg_new): Initialize those new members.
(_gpgme_gpg_set_command_handler): Accept new argument linked_data.
(build_argv): Handle linked_data in the same hack as cb_data.
(read_status): If linked_data is in use, flush the pipe before
activating the command handler.
* gpgme.h: Add prototypes for gpgme_op_edit_start and
gpgme_op_edit.
The next changes export the status codes to the user:
* decrypt.c (_gpgme_decrypt_status_handler): Likewise, also prefix
all STATUS_ with GPGME_.
* delete.c (delete_status_handler): Likewise.
* decrypt-verify.c (decrypt_verify_status_handler): Likewise.
* encrypt.c (_gpgme_encrypt_status_handler): Likewise.
(_gpgme_encrypt_sym_status_handler): Likewise.
* encrypt-sign.c (encrypt_sign_status_handler): Likewise.
* engine-gpgsm.c (parse_status): Likewise.
(gpgsm_status_handler): Likewise.
(gpgsm_set_recipients): Likewise.
* export.c (export_status_handler): Likewise.
* genkey.c (genkey_status_handler): Likewise.
* import.c (append_xml_impinfo): Likewise.
(import_status_handler): Likewise.
* keylist.c (keylist_status_handler): Likewise.
* passphrase.c (_gpgme_passphrase_status_handler): Likewise.
(command_handler): Likewise.
* progress.c (_gpgme_progress_status_handler): Likewise.
* sign.c (_gpgme_sign_status_handler): Likewise.
* trustlist.c (trustlist_status_handler): Likewise.
* verify.c (_gpgme_verify_status_handler): Likewise.
* gpgme.h (GpgmeEditCb): New type.
* rungpg.h (GpgStatusCode): Rename and move to ...
* gpgme.h (GpgmeStatusCode): ... this and here.
* Makefile.am (status-table.h): Run mkstatus on gpgme.h, not rungpg.h.
* mkstatus: Prefix STATUS with GPGME_.
* rungpg.h (GpgStatusHandler, GpgCommandHandler): Change type
accordingly.
* ops.h (_gpgme_verify_status_handler,
_gpgme_decrypt_status_handler, _gpgme_sign_status_handler,
_gpgme_encrypt_status_handler, _gpgme_passphrase_status_handler,
_gpgme_progress_status_handler): Likewise.
* rungpg.c (struct gpg_object_s): Likewise for CMD.code.
These changes add an edit operation to GPGME:
* context.h (struct gpgme_context_s): New member RESULT.edit. *
ops.h: Add prototype for _gpgme_release_edit_result and
_gpgme_passphrase_command_handler.
* passphrase.c (command_handler): Make non-static and rename to ...
(_gpgme_passphrase_command_handler): ... this.
(_gpgme_passphrase_start): Use new name for command handler.
* types.h: Add EditResult type.
* gpgme.c (_gpgme_release_result): Release EDIT result.
* edit.c: New file.
* Makefile.am (libgpgme_la_SOURCES): Add edit.c.
(libgpgme_la_LDADD): Rename to libgpgme_la_LIBADD, and include
assuan_libobjs.
(assuan_libobjs): New variable, set this instead
libgpgme_la_LIBADD.
* engine.h (_gpgme_engine_op_edit): New prototype.
* engine.c (_gpgme_engine_op_edit): New function.
* rungpg.h (_gpgme_gpg_op_edit): New prototype.
* rungpg.c (_gpgme_gpg_op_edit): New function.
2002-07-28 18:41:02 +00:00
|
|
|
|
case GPGME_STATUS_DECRYPTION_FAILED:
|
2003-04-28 21:17:15 +00:00
|
|
|
|
opd->failed = 1;
|
2001-11-16 00:20:11 +00:00
|
|
|
|
break;
|
2002-08-19 16:55:08 +00:00
|
|
|
|
|
|
|
|
|
case GPGME_STATUS_ERROR:
|
2004-04-08 09:53:01 +00:00
|
|
|
|
/* Note that this is an informational status code which should
|
2004-05-21 15:51:53 +00:00
|
|
|
|
not lead to an error return unless it is something not
|
|
|
|
|
related to the backend. */
|
2017-07-12 13:59:12 +00:00
|
|
|
|
err = parse_status_error (args, opd);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2002-08-19 16:55:08 +00:00
|
|
|
|
break;
|
2005-06-03 00:42:08 +00:00
|
|
|
|
|
|
|
|
|
case GPGME_STATUS_ENC_TO:
|
2014-05-08 12:03:14 +00:00
|
|
|
|
err = parse_enc_to (args, opd->last_recipient_p, ctx->protocol);
|
2005-06-03 00:42:08 +00:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
|
|
|
|
|
opd->last_recipient_p = &(*opd->last_recipient_p)->next;
|
|
|
|
|
break;
|
|
|
|
|
|
core: Enable extraction of session keys.
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.
--
gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case. However, session key export is also
useful in other use cases. Two examples from MUA development (where
this functionality would be specifically useful to me right now):
* If the MUA stores a local copy of the session key upon decrypting
the message, it can re-decrypt the message without expensive
asymmetric operations. When rendering a thread with dozens of
encrypted messages, this can represent a significant speedup.
* A user may have expired encryption-capable secret key material,
along with many messages encrypted to that material. If she stores
the session keys for those messages she wants to keep, she can
destroy her secret key material and make any messages she has
deleted completely unrecoverable, even to an attacker who gets her
remaining secret keys in the future.
This patchset makes a two specific implementation decisions that could
have gone in different ways. I welcome feedback on preferred outcomes.
0) session key representation: we currently represent the session key
as an opaque textual string, rather than trying to provide any
sort of in-memory structure. While it wouldn't be hard to parse
the data produced by gpg's --export-session-key, I chose to use
the opaque string rather than lock in a particular data format.
1) API/ABI: i've added a member to gpgme_op_decrypt_result_t. This
has the potential to cause an out-of-bound memory access if
someone uses code compiled against the newer verision, but linked
at runtime against an older version. I've attempted to limit that
risk by documenting that users must verify
gpgme_get_export_session_keys() before accessing this new struct
member -- this means that code expecting this capability will
require the symbol at link-time, and will refuse to link against
older versions.
Another approach to solving this problem would be to avoid
modifying gpgme_op_decrypt_result_t, and to introduce instead a
new function gpgme_op_session_key(), which could be called in the
same places as gpgme_op_decrypt_result(). Depending on the
representation of the session key, this might introduce new
memory-management burdens on the user of the library, and the
session key is certainly part of a decryption result, so it seemed
simpler to go with what i have here.
If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.
Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/
If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.
Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user. Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API. Unless someone tinkers with
the build system, this should never happen. We have added new fields
to result structure may times and I can't remember any problems.
- wk
2016-11-11 07:49:28 +00:00
|
|
|
|
case GPGME_STATUS_SESSION_KEY:
|
|
|
|
|
if (opd->result.session_key)
|
|
|
|
|
free (opd->result.session_key);
|
|
|
|
|
opd->result.session_key = strdup(args);
|
|
|
|
|
break;
|
|
|
|
|
|
2005-06-03 00:42:08 +00:00
|
|
|
|
case GPGME_STATUS_NO_SECKEY:
|
|
|
|
|
{
|
|
|
|
|
gpgme_recipient_t rec = opd->result.recipients;
|
|
|
|
|
|
|
|
|
|
while (rec)
|
|
|
|
|
{
|
|
|
|
|
if (!strcmp (rec->keyid, args))
|
|
|
|
|
{
|
|
|
|
|
rec->status = gpg_error (GPG_ERR_NO_SECKEY);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2005-06-03 14:23:10 +00:00
|
|
|
|
rec = rec->next;
|
2005-06-03 00:42:08 +00:00
|
|
|
|
}
|
|
|
|
|
/* FIXME: Is this ok? */
|
|
|
|
|
if (!rec)
|
2012-10-19 09:23:39 +00:00
|
|
|
|
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
2005-06-03 00:42:08 +00:00
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
2005-07-27 01:50:08 +00:00
|
|
|
|
case GPGME_STATUS_PLAINTEXT:
|
2005-09-30 13:24:40 +00:00
|
|
|
|
err = _gpgme_parse_plaintext (args, &opd->result.file_name);
|
2005-07-27 01:50:08 +00:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2015-04-17 01:05:01 +00:00
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case GPGME_STATUS_INQUIRE_MAXLEN:
|
2016-05-19 15:01:07 +00:00
|
|
|
|
if (ctx->status_cb && !ctx->full_status)
|
2015-04-17 01:05:01 +00:00
|
|
|
|
{
|
|
|
|
|
err = ctx->status_cb (ctx->status_cb_value, "INQUIRE_MAXLEN", args);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
break;
|
2011-02-03 19:49:41 +00:00
|
|
|
|
|
2017-05-30 12:35:57 +00:00
|
|
|
|
case GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE:
|
|
|
|
|
PARSE_COMPLIANCE_FLAGS (args, &opd->result);
|
|
|
|
|
break;
|
|
|
|
|
|
2001-11-16 00:20:11 +00:00
|
|
|
|
default:
|
|
|
|
|
break;
|
2000-12-12 13:31:25 +00:00
|
|
|
|
}
|
doc/
2003-01-29 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (I/O Callback Interface): Document new even
GPGME_EVENT_START.
(Waiting For Completion): Document new possible return values.
(I/O Callback Interface): Document return type of GpgmeIOCb.
gpgme/
2003-01-29 Marcus Brinkmann <marcus@g10code.de>
* context.h (gpgme_context_s): Remove member ERROR.
* types.h (GpgmeStatusHandler): Change return type to GpgmeError.
(GpgmeCommandHandler): Change return type to GpgmeError and add
new argument RESULT.
* gpgme.h (GpgmeIOCb): Change return type to GpgmeError.
(GpgmeEventIO): New event GPGME_EVENT_START.
(GpgmeIdleFunc): Remove type.
(gpgme_register_idle): Remove prototype.
* data.c: Include <assert.h>.
(_gpgme_data_inbound_handler): Change return type to GpgmeError.
Return any error instead ignoring it, don't close file descriptor
on error.
(_gpgme_data_outbound_handler): Likewise.
* decrypt.c: Do not include <stdio.h>, <string.h> and <assert.h>.
(_gpgme_decrypt_status_handler): Change return type to GpgmeError.
Return error instead setting ctx->error. Return success at end of
function.
(gpgme_op_decrypt): Don't work around the old kludge anymore.
* decrypt-verify.c (decrypt_verify_status_handler): Change return
type to GpgmeError. Return possible errors.
* delete.c: Do not include <stdio.h>, <string.h>, <time.h> and
<assert.h>.
(delete_status_handler): Change return type to GpgmeError. Return
error instead setting ctx->error. Return success at end of
function.
* edit.c: Do not include <stdio.h> and <string.h>.
(_gpgme_edit_status_handler): Change type to GpgmeError,
make static and rename to ...
(edit_status_handler): ... this. Return error directly.
(command_handler): Change return type to GpgmeError, add result
argument. Return error directly.
* encrypt.c (status_handler_finish): Remove function.
(_gpgme_encrypt_status_handler): Change return type to GpgmeError.
Return error directly.
(_gpgme_encrypt_sym_status_handler): Likewise.
* encrypt-sign.c (encrypt_sign_status_handler): Likewise.
* engine-gpgsm.c (close_notify_handler): Do not signal done event
anymore.
(status_handler): Change return type to GpgmeError. Diddle things
around a bit to return errors directly.
(start): Send start event.
* export.c: Do not include <stdio.h>, <string.h> and <assert.h>.
(export_status_handler): Change return type to GpgmeError. Don't
check ctx->error.
* genkey.c: Do not include <stdio.h> and <assert.h>.
(genkey_status_handler): Change return type to GpgmeError. Don't
check ctx->error. Return errors directly.
* gpgme.c (_gpgme_release_result): Do not initialize ctx->error.
(_gpgme_op_event_cb): Function removed.
(_gpgme_op_event_cb_user): Likewise.
* import.c: Do not include <stdio.h>, <string.h> and <assert.h>.
(import_status_handler): Change return type to GpgmeError. Don't
check ctx->error.
* keylist.c (keylist_colon_handler, keylist_status_handler, finish_key):
Change return type to GpgmeError, return error directly.
* Makefile (libgpgme_la_SOURCES): Add wait-global.c,
wait-private.c and wait-user.c
* ops.h (test_and_allocate_result): Return error instead setting
ctx->error.
(_gpgme_data_inbound_handler, _gpgme_data_outbound_handler,
_gpgme_verify_status_handler, _gpgme_decrypt_status_handler,
_gpgme_sign_status_handler, _gpgme_encrypt_staus_handler,
_gpgme_passphrase_status_handler, _gpgme_progress_status_handler):
Change return type to GpgmeError.
(_gpgme_passphease_command_handler): Change return type to
GpgmeError and add new argument RESULT.
* op-support.c: Use new callback functions, and change private
data to ctx everywhere.
* passphrase.c (_gpgme_passphrase_status_handler): Change return
type to GpgmeError, return error directly.
(_gpgme_passphrase_command_handler): Change return type to
GpgmeError, add result argument. Return results accordingly.
* progress.c (_gpgme_progress_status_handler): Change return type
to GpgmeError, return errors directly.
* rungpg.c (status_handler): Change return type to GpgmeError.
Return error directly.
(close_notify_handler): Don't send done event.
(colon_line_handler): Change return type to GpgmeError, return
errors directly.
* rungpg.c (start): Send start event.
* sign.c (_gpgme_sign_status_handler): Change return type to
GpgmeError, return errors directly.
* trustlist.c (trustlist_status_handler): Change return type to
GpgmeError. Return 0.
(trustlist_colon_handler): Change return type GpgmeError. Return
errors directly.
* verify.c (add_notation): Change return type to GpgmeError,
return errors directly.
(_gpgme_verify_status_handler): Likewise.
* wait.h (struct fd_table): Remove lock member.
(struct wait_item_s): Moved here from wait.c.
(struct tag): New structure.
(_gpgme_wait_event_cb): Remove prototype.
(_gpgme_wait_private_event_cb, _gpgme_wait_global_event_cb,
_gpgme_wait_user_add_io_cb, _gpgme_wait_user_remove_io_cb,
_gpgme_wait_user_event_io_cb): New prototypes.
* wait.c: Don't include <stdio.h>.
(ftd_global, ctx_done_list, ctx_done_list_size,
ctx_done_list_length, ctx_done_list_lock, idle_function): Remove
global variable.
(gpgme_register_idle, do_select, _gpgme_wait_event_cb): Remove
function.
(gpgme_wait): Move to file wait-global.c.
(_gpgme_add_io_cb): Take ctx as private argument, initialize ctx
member in wait item and tag.
(_gpgme_remove_io_cb): Take ctx from tag. Don't use FDT lock.
(_gpgme_wait_one, _gpgme_wait_on_condition): Move to
wait-private.c.
(gpgme_fd_table_init): Don't initialize FDT->lock.
(gpgme_fd_table_deinit): Don't destroy FDT->lock.
(_gpgme_fd_table_put): Make static and rename to ...
(fd_table_put): ... this function. Don't use FDT->lock.
(struct wait_item_s): Move to wait.h.
* wait-global.c: New file.
* wait-private.c: New file.
* wait-user.c: New file.
2003-01-29 15:20:58 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
return 0;
|
2000-12-12 13:31:25 +00:00
|
|
|
|
}
|
|
|
|
|
|
2002-02-02 Marcus Brinkmann <marcus@g10code.de>
This patch has gotten a bit large... mmh. The main thing that
happens here is that error values are now not determined in the
operation function after gpgme_wait completed, but in the status
handler when EOF is received. It should always be the case that
either an error is flagged or EOF is received, so that after a
gpgme_wait you should never have the situation that no error is
flagged and EOF is not received. One problem is that the engine
status handlers don't have access to the context, a horrible
kludge works around this for now. All errors that happen during a
pending operation should be catched and reported in ctx->error,
including out-of-core and cancellation. This rounds up neatly a
couple of loose ends, and makes it possible to pass up any errors
in the communication with the backend as well. As a bonus, there
will be a function to access gpgme->wait, so that the operations
can truly be implemented with their _start function.
* engine-gpgsm.c (gpgsm_status_handler): Horrible kludge to report
error back to the context.
* rungpg.c (gpg_status_handler): Same horrible kludge applied here.
* engine-gpgsm.c (gpgsm_assuan_simple_command): Add error checking.
* wait.c (_gpgme_wait_on_condition): If canceled, set CTX->error
to a value indication that.
* verify.c (add_notation): Set error, not out_of_core.
(finish_sig): Likewise.
(gpgme_op_verify_start): Don't clear out_of_core.
(_gpgme_verify_status_handler): At EOF, clean up the notation data.
(gpgme_op_verify): And don't do it here.
* trustlist.c (trustlist_status_handler): Check error, not out_of_core.
(gpgme_op_trustlist_start): Don't clear out_of_core.
(gpgme_op_trustlist_next): Check error, not out_of_core.
(gpgme_op_trustlist_end): Likewise.
* ops.h (test_and_allocate_result): New macro.
(_gpgme_passphrase_result): Remove prototype.
* delete.c (gpgme_op_delete): Return error from context.
(delete_status_handler): Use macro test_and_allocate_result.
Perform error checking at EOF.
(gpgme_op_delete_start): Release result.
* passphrase.c (_gpgme_passphrase_status_handler): Use macro
test_and_allocate_result, and perform error checking here.
(_gpgme_passphrase_result): Function removed.
* sign.c (gpgme_op_sign_start): Do not set out_of_core to zero.
(gpgme_op_sign): Just return the error value from the context.
(sign_status_handler): Only progress if no error is set yet. If
we process an EOF, set the resulting error value (if any).
* decrypt.c (_gpgme_decrypt_result): Function removed.
(create_result_struct): Function removed.
(_gpgme_decrypt_status_handler): Use macro test_and_allocate_result,
caclulate error on EOF, do not progress with errors.
(_gpgme_decrypt_start): Do not set out_of_core to zero.
(gpgme_op_decrypt): Just return the error value from the context.
* encrypt.c (encrypt_status_handler): Perform the error checking
here.
(gpgme_op_encrypt_start): Do not clear out_of_core.
* export.c (export_status_handler): Return if error is set in context.
(gpgme_op_export_start): Release result.
(gpgme_op_export): Return error from context.
* decrypt-verify.c (gpgme_op_decrypt_verify): Return the error in
the context.
* genkey.c (genkey_status_handler): Use macro
test_and_allocate_result. Perform error checking at EOF.
(gpgme_op_genkey): Just return the error from context.
* import.c (gpgme_op_import): Return the error from context.
(import_status_handler): Use macro test_and_allocate_result.
* keylist.c (gpgme_op_keylist_start): Do not clear out_of_core.
(gpgme_op_keylist_next): Return error of context.
(keylist_colon_handler): Set error instead out_of_code.
(finish_key): Likewise.
* context.h: Remove member out_of_core, add member error.
* gpgme.c (_gpgme_release_result): Clear error flag.
* engine.h (_gpgme_engine_get_error): New prototype.
* engine.c (_gpgme_engine_get_error): New function.
* engine-gpgsm.c (_gpgme_gpgsm_get_error): New function.
* engine-gpgsm.c (map_assuan_error): New function.
(gpgsm_assuan_simple_command): Change return type to GpgmeError,
use the new function to map error values.
(gpgsm_set_fd): Change return type tp GpgmeError.
(_gpgme_gpgsm_op_decrypt): Change type of ERR to GpgmeError.
(gpgsm_set_recipients): Likewise. Change type of return value
equivalently. Adjust error values.
(_gpgme_gpgsm_op_import): Likewise.
(_gpgme_gpgsm_op_sign): Likewise.
(struct gpgsm_object_s): New member error.
(gpgsm_status_handler): Set error if error occurs. Determine
error number from ERR line received. If assuan_read_line fails,
terminate the connection.
2002-02-02 03:52:59 +00:00
|
|
|
|
|
2003-05-26 21:50:45 +00:00
|
|
|
|
static gpgme_error_t
|
|
|
|
|
decrypt_status_handler (void *priv, gpgme_status_code_t code, char *args)
|
|
|
|
|
{
|
2003-07-29 19:34:03 +00:00
|
|
|
|
gpgme_error_t err;
|
|
|
|
|
|
|
|
|
|
err = _gpgme_progress_status_handler (priv, code, args);
|
|
|
|
|
if (!err)
|
|
|
|
|
err = _gpgme_decrypt_status_handler (priv, code, args);
|
|
|
|
|
return err;
|
2003-05-26 21:50:45 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_error_t
|
|
|
|
|
_gpgme_op_decrypt_init_result (gpgme_ctx_t ctx)
|
2003-04-28 21:17:15 +00:00
|
|
|
|
{
|
2005-06-03 00:42:08 +00:00
|
|
|
|
gpgme_error_t err;
|
2003-05-27 02:54:36 +00:00
|
|
|
|
void *hook;
|
2003-04-28 21:17:15 +00:00
|
|
|
|
op_data_t opd;
|
|
|
|
|
|
2005-06-03 00:42:08 +00:00
|
|
|
|
err = _gpgme_op_data_lookup (ctx, OPDATA_DECRYPT, &hook,
|
|
|
|
|
sizeof (*opd), release_op_data);
|
|
|
|
|
opd = hook;
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
|
|
|
|
|
opd->last_recipient_p = &opd->result.recipients;
|
|
|
|
|
return 0;
|
2003-04-28 21:17:15 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2017-03-24 13:36:54 +00:00
|
|
|
|
gpgme_error_t
|
|
|
|
|
_gpgme_decrypt_start (gpgme_ctx_t ctx, int synchronous,
|
|
|
|
|
gpgme_decrypt_flags_t flags,
|
|
|
|
|
gpgme_data_t cipher, gpgme_data_t plain)
|
2000-11-16 13:15:48 +00:00
|
|
|
|
{
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_error_t err;
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2017-03-24 13:36:54 +00:00
|
|
|
|
assert (!(flags & GPGME_DECRYPT_VERIFY));
|
|
|
|
|
|
2002-06-10 Marcus Brinkmann <marcus@g10code.de>
* engine-gpgsm.c (_gpgme_gpgsm_start): Move the code that sets the
close notification for the status fd to ...
(_gpgme_gpgsm_new): ... here.
* wait.h: Include "sema.h". Remove prototypes of
_gpgme_remove_proc_from_wait_queue and
_gpgme_register_pipe_handler. Add prototypes of
_gpgme_fd_table_init, _gpgme_fd_table_deinit, _gpgme_fd_table_put,
_gpgme_add_io_cb, _gpgme_remove_io_cb, _gpgme_wait_event_cb and
_gpgme_wait_one..
* wait.c: Remove global variables PROC_QUEUE, PROC_QUEUE_LOCK,
FD_TABLE_SIZE, FD_TABLE, FD_TABLE_LOCK. New global variables
FDT_GLOBAL, CTX_DONE_LIST, CTX_DONE_LIST_SIZE,
CTX_DONE_LIST_LENGTH and CTX_DONE_LIST_LOCK. Remove struct
proc_s. Replace struct wait_item_s.
(_gpgme_fd_table_init): New function.
(_gpgme_fd_table_deinit): Likewise.
(_gpgme_fd_table_put): Likewise.
(set_process_done): Remove function.
(do_select): Take argument FDT. Use that to decide which fds to
select on.
(_gpgme_remove_proc_from_wait_queue): Remove function.
(_gpgme_wait_event_cb): New function.
(_gpgme_wait_one): Likewise.
(_gpgme_register_pipe_hanldler): Remove function.
(_gpgme_add_io_cb): New function.
(_gpgme_remove_io_cb): Likewise.
(_gpgme_freeze_fd): Remove function.
(_gpgme_thaw_fd): Remove function.
* rungpg.c (struct fd_data_map_s): Add new member TAG.
(struct gpg_object_s): Likewise for STATUS and COLON. Add member
IDX to CMD. Add new member IO_CBS.
(close_notify_handler): New variables POSSIBLY_DONE and NOT_DONE.
For each I/O callback, check if it should be unregistered. If all
callbacks have been unregistered, trigger GPGME_EVENT_DONE.
Remove member RUNNING.
(_gpgme_gpg_new): Initialize new members.
(_gpgme_gpg_release): Check PID not RUNNING. Don't call
_gpgme_remove_proc_from_wait_queue. Close GPG->CMD.FD if set.
(build_argv): Store away the index instead the file descriptor for
CMD.
(_gpgme_gpg_add_io_cb): New function.
(_gpgme_gpg_spawn): Use _gpgme_gpg_add_io_cb to register IO
callbacks.
(gpg_status_handler): Change return type to void, remove PID
argument, close filedescriptor if EOF or error occurs.
(read_status): Use _gpgme_gpg_add_io_cb instead _gpgme_thaw_fd.
Use IO_CBS->remove instead _gpgme_freeze_fd.
(gpg_colon_line_handler): Change return type to void, remove PID
argument, close filedescriptor if EOF or error occurs.
(command_cb): Use IO_CBS->remove instead _gpgme_freeze_fd.
(_gpgme_gpg_set_io_cbs): New function.
* rungpg.h (_gpgme_gpg_set_io_cbs): Prototype for
_gpgme_gpg_set_io_cbs.
* gpgme.h (GpgmeIOCb): New type.
(GpgmeRegisterIOCb): Likewise.
(GpgmeRemoveIOCb): Likewise.
(GpgmeEventIO): Likewise.
(GpgmeEventIOCb): Likewise.
(struct GpgmeIOCbs): New structure to hold I/O callbacks.
(gpgme_set_op_io_cbs): New prototype.
(gpgme_get_op_io_cbs): Likewise.
* ops.h: New prototype for _gpgme_op_event_cb. Remove prototypes
for _gpgme_freeze_fd and _gpgme_thaw_fd. Remove PID argument from
_gpgme_data_inbound_handler and _gpgme_data_outbound_handler
prototype. Add prototype for _gpgme_op_reset.
Add synchronous argument to _gpgme_decrypt_start prototype.
* io.h: Beautification.
* gpgme.c: Include "wait.h".
(gpgme_new): Initialize FDT.
(gpgme_set_io_cbs): New function.
(gpgme_get_io_cbs): Likewise.
(_gpgme_op_event_cb): Likewise.
* data.c (_gpgme_data_inbound_handler): Change return type to
void. Drop PID argument. Close FD on error and EOF.
(write_mem_data): Don't close FD here ...
(write_cb_data): ... or here ...
(_gpgme_data_outbound_handler): ... but here. Change return type
to void. Drop PID argument.
* context.h: Include "wait.h".
(struct gpgme_context_s): New members FDT and IO_CBS.
* op-support.c: New file.
* Makefile.am (libgpgme_la_SOURCES): Add op-support.c.
* ops.h: Add prototype for _gpgme_op_reset().
* decrypt.c (_gpgme_decrypt_start): New argument SYNCHRONOUS. Use
_gpgme_op_reset.
(gpgme_op_decrypt_start): Add synchronous argument.
(gpgme_op_decrypt): Likewise. Use _gpgme_wait_one instead
gpgme_wait.
* delete.c (gpgme_op_delete_start): Rename to ...
(_gpgme_op_delete_start): ... this. New argument SYNCHRONOUS.
Use _gpgme_op_reset. Make function static.
(gpgme_op_delete_start): Just a wrapper around
_gpgme_op_delete_start now.
(gpgme_op_delete): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* encrypt.c: Include "wait.h".
(ggpgme_op_encrypt_start): Rename to ...
(_gpgme_op_encrypt_start): ... this. New argument SYNCHRONOUS.
Use _gpgme_op_reset. Make function static.
(gpgme_op_encrypt_start): Just a wrapper around
_gpgme_op_encrypt_start now.
(gpgme_op_encrypt): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* encrypt_sign.c (gpgme_op_encrypt_sign_start): Rename to ...
(_gpgme_op_encrypt_sign_start): ... this. New argument
SYNCHRONOUS. Use _gpgme_op_reset. Make function static.
(gpgme_op_encrypt_sign_start): Just a wrapper around
_gpgme_op_encrypt_sign_start now.
(gpgme_op_encrypt_sign): Add synchronous argument. Use
_gpgme_wait_one instead gpgme_wait.
* export.c (gpgme_op_export_start): Rename to ...
(_gpgme_op_export_start): ... this. New argument SYNCHRONOUS.
Use _gpgme_op_reset. Make function static.
(gpgme_op_export_start): Just a wrapper around
_gpgme_op_export_start now.
(gpgme_op_export): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* genkey.c (gpgme_op_genkey_start): Rename to ...
(_gpgme_op_genkey_start): ... this. New argument SYNCHRONOUS.
Use _gpgme_op_reset. Make function static.
(gpgme_op_genkey_start): Just a wrapper around
_gpgme_op_genkey_start now.
(gpgme_op_genkey): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* import.c (gpgme_op_import_start): Rename to ...
(_gpgme_op_import_start): ... this. New argument SYNCHRONOUS.
Use _gpgme_op_reset. Make function static.
(gpgme_op_import_start): Just a wrapper around
_gpgme_op_import_start now.
(gpgme_op_import): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* keylist.c (gpgme_op_keylist_start): Use _gpgme_op_reset.
(gpgme_op_keylist_ext_start): Likewise.
* sign.c (gpgme_op_sign_start): Rename to ...
(_gpgme_op_sign_start): ... this. New argument SYNCHRONOUS. Use
_gpgme_op_reset. Make function static.
(gpgme_op_sign_start): Just a wrapper around _gpgme_op_sign_start
now.
(gpgme_op_sign): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* trustlist.c (gpgme_op_trustlist_start): Use _gpgme_op_reset.
* verify.c (gpgme_op_verify_start): Rename to ...
(_gpgme_op_verify_start): ... this. New argument SYNCHRONOUS.
Use _gpgme_op_reset. Make function static.
(gpgme_op_verify_start): Just a wrapper around
_gpgme_op_verify_start now.
(gpgme_op_verify): Add synchronous argument. Use _gpgme_wait_one
instead gpgme_wait.
* engine-gpgsm.c (iocb_data_t): New type.
(struct gpgsm_object_s): New member status_cb. Replace input_fd
and input_data with input_cb. Replace output_fd and output_data
with output_cb. Replace message_fd and message_data with
message_cb. New member io_cbs.
(_gpgme_gpgsm_new): Initialize all new members (and drop the old
ones).
(close_notify_handler): New variable POSSIBLY_DONE. For each I/O
callback, check if it should be unregistered. If all callbacks
have been unregistered, trigger GPGME_EVENT_DONE.
(_gpgme_gpgsm_release): Remove variable PID. Use new variable
names to close the file descriptors.
(_gpgme_gpgsm_op_decrypt): Use new variable names,
(_gpgme_gpgsm_op_encrypt): Likewise.
(_gpgme_gpgsm_op_genkey): Likewise.
(_gpgme_gpgsm_op_import): Likewise.
(_gpgme_gpgsm_op_keylist): Likewise.
(_gpgme_gpgsm_op_keylist_ext): Likewise.
(_gpgme_gpgsm_op_sign): Likewise.
(_gpgme_gpgsm_op_verify): Likewise.
(gpgsm_status_handler): Drop argument PID. Change return type to
void. Close status pipe before returning because of EOF or error.
(_gpgme_gpgsm_add_io_cb): New function.
(_gpgme_gpgsm_start): Use _gpgme_gpgsm_add_io_cb to register
callback function.
(_gpgme_gpgsm_set_io_cbs): New function.
* engine-gpgsm.h: New prototype for _gpgme_gpgsm_set_io_cbs.
* engine.c (_gpgme_engine_set_io_cbs): New function.
* engine.h: New prototype for _gpgme_engine_set_io_cbs.
2002-06-10 14:13:55 +00:00
|
|
|
|
err = _gpgme_op_reset (ctx, synchronous);
|
2001-11-16 00:20:11 +00:00
|
|
|
|
if (err)
|
2003-04-25 14:24:17 +00:00
|
|
|
|
return err;
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
err = _gpgme_op_decrypt_init_result (ctx);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
|
2003-04-25 14:24:17 +00:00
|
|
|
|
if (!cipher)
|
2003-06-05 23:20:29 +00:00
|
|
|
|
return gpg_error (GPG_ERR_NO_DATA);
|
gpgme/
2002-10-08 Marcus Brinkmann <marcus@g10code.de>
New data object component:
* gpgme.h (GpgmeDataReadCb, GpgmeDataWriteCb, GpgmeDataSeekCb,
GpgmeDataReleaseCb): New types.
(struct GpgmeDataCbs): New structure.
(gpgme_data_read): Changed prototype to match that of read() closely.
(gpgme_data_write): Similar for write().
(gpgme_data_seek, gpgme_data_new_from_cbs, gpgme_data_new_from_fd,
gpgme_data_new_from_stream): New prototypes.
(gpgme_data_get_type, gpgme_check_engine): Prototype removed.
* Makefile.am (libgpgme_la_SOURCES): Add data.h, data-fd.c,
data-stream.c, data-mem.c, data-user.c and data-compat.c.
* data.c: Reimplemented from scratch.
* (data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c,
data-user.c): New file.
* context.h (struct gpgme_data_s): Removed.
* conversion.c: Include <errno.h> and <sys/types.h>.
(_gpgme_data_append): New function.
* data.c (_gpgme_data_append_string): Move to ...
* conversion.c (_gpgme_data_append_string): ... here.
* data.c (_gpgme_data_append_for_xml): Move to ...
* conversion.c (_gpgme_data_append_for_xml): ... here.
* data.c (_gpgme_data_append_string_for_xml): Move to ...
* conversion.c (_gpgme_data_append_string_for_xml): ... here.
* data.c (_gpgme_data_append_percentstring_for_xml): Move to ...
* conversion.c (_gpgme_data_append_percentstring_for_xml): ... here.
* ops.h (_gpgme_data_get_mode, _gpgme_data_set_mode): Prototype
removed.
* types.h (GpgmeDataMode): Type removed.
* decrypt.c (_gpgme_decrypt_start): Don't check data type or mode.
* edit.c (_gpgme_op_edit_start): Likewise.
* encrypt.c (_gpgme_op_encrypt_start): Likewise.
* encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise.
* encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise.
* export.c (_gpgme_op_export_start): Likewise.
* genkey.c (_gpgme_op_genkey_start): Likewise.
* import.c (_gpgme_op_import_start): Likewise.
* sign.c (_gpgme_op_sign_start): Likewise.
* verify.c (_gpgme_op_verify_start): Likewise.
* encrypt.c (gpgme_op_encrypt): Remove hack that returns invalid
no recipient if no data was returned.
* encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns
no recipient if no data was returned.
* encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns
no recipient if no data was returned.
* engine.c (_gpgme_engine_op_verify): Add new argument to
differentiate detached from normal signatures.
* engine.h (_gpgme_engine_op_verify): Likewise for prototype.
* engine-gpgsm.c (_gpgme_gpgsm_op_verify): Likewise. Don't check
mode of data argument.
* engine-gpgsm.h (_gpgme_gpgsm_op_verify): Likewise for prototype.
* gpgme.h (gpgme_op_verify_start): Likewise for prototype.
(gpgme_op_verify): Likewise for prototype.
* rungpg.c (_gpgme_gpg_op_verify): Likewise.
* rungpg.h (_gpgme_gpg_op_verify): Likewise for prototype.
* verify.c (_gpgme_op_verify_start): Likewise.
(gpgme_op_verify_start): Likewise.
(gpgme_op_verify): Likewise.
* rungpg.c (struct arg_and_data_s): New member INBOUND to hold
direction of data object.
(_gpgme_gpg_add_data): Add new argument INBOUND. Use it to
determine direction of data object.
(_gpgme_gpg_add_pm_data, _gpgme_gpg_set_command_handler,
_gpgme_gpg_op_decrypt, _gpgme_gpg_op_edit, _gpgme_gpg_op_encrypt,
_gpgme_gpg_op_encrypt_sign, _gpgme_gpg_op_export,
_gpgme_gpg_op_genkey, _gpgme_gpg_op_import, _gpgme_gpg_op_sign,
_gpgme_gpg_op_verify): Add new argument to _gpgme_gpg_add_data
invocation.
(build_argv): Use new member INBOUND to determine direction of
file descriptor. Don't check the data type.
* rungpg.h (_gpgme_gpg_add_data): Add new argument to prototype.
* gpgme.c (gpgme_get_op_info): Don't call
_gpgme_data_get_as_string if CTX->op_info is NULL.
* version.c (gpgme_check_engine): Function removed.
tests/
2002-10-09 Marcus Brinkmann <marcus@g10code.de>
* gpg/t-decrypt.c (print_data): Update to new gpgme_data_read
interface, and use gpgme_engine_check_version instead
gpgme_check_version.
* gpg/t-decrypt-verify.c (print_data): Likewise.
* gpg/t-edit.c (main): Likewise.
* gpg/t-encrypt.c (print_data): Likewise.
* gpg/t-encrypt-sign.c (print_data): Likewise.
* gpg/t-encrypt-sym.c (print_data): Likewise.
* gpg/t-eventloop.c (print_data): Likewise.
* gpg/t-export.c (print_data): Likewise.
* gpg/t-sign.c (print_data): Likewise.
* gpg/t-signers.c (print_data): Likewise.
* gpgsm/t-decrypt.c (print_data): Likewise.
* gpgsm/t-encrypt.c (print_data): Likewise.
* gpgsm/t-export.c (print_data): Likewise.
* gpgsm/t-sign.c (print_data): Likewise.
* gpg/t-verify.c (main): Likewise for gpgme_op_verify.
* gpgsm/t-verify.c (main): Likewise for gpgme_op_verify.
* t-data.c (read_once_test): Likewise.
(write_test): Update for new behaviour of data objects.
(main): Remove type test.
2002-10-09 00:16:38 +00:00
|
|
|
|
if (!plain)
|
2003-06-05 23:20:29 +00:00
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2001-11-21 03:40:17 +00:00
|
|
|
|
if (err)
|
2003-04-25 14:24:17 +00:00
|
|
|
|
return err;
|
2000-11-16 13:15:48 +00:00
|
|
|
|
|
2003-04-25 14:24:17 +00:00
|
|
|
|
if (ctx->passphrase_cb)
|
2001-11-16 00:20:11 +00:00
|
|
|
|
{
|
2003-05-18 21:08:43 +00:00
|
|
|
|
err = _gpgme_engine_set_command_handler
|
|
|
|
|
(ctx->engine, _gpgme_passphrase_command_handler, ctx, NULL);
|
2003-04-25 14:24:17 +00:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2000-11-16 13:15:48 +00:00
|
|
|
|
}
|
2003-04-25 14:24:17 +00:00
|
|
|
|
|
2003-05-26 21:50:45 +00:00
|
|
|
|
_gpgme_engine_set_status_handler (ctx->engine, decrypt_status_handler, ctx);
|
2003-04-25 14:24:17 +00:00
|
|
|
|
|
2017-03-24 13:36:54 +00:00
|
|
|
|
return _gpgme_engine_op_decrypt (ctx->engine,
|
|
|
|
|
flags,
|
|
|
|
|
cipher, plain,
|
2016-11-15 09:29:48 +00:00
|
|
|
|
ctx->export_session_keys,
|
|
|
|
|
ctx->override_session_key);
|
2000-11-16 13:15:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
2002-02-02 Marcus Brinkmann <marcus@g10code.de>
This patch has gotten a bit large... mmh. The main thing that
happens here is that error values are now not determined in the
operation function after gpgme_wait completed, but in the status
handler when EOF is received. It should always be the case that
either an error is flagged or EOF is received, so that after a
gpgme_wait you should never have the situation that no error is
flagged and EOF is not received. One problem is that the engine
status handlers don't have access to the context, a horrible
kludge works around this for now. All errors that happen during a
pending operation should be catched and reported in ctx->error,
including out-of-core and cancellation. This rounds up neatly a
couple of loose ends, and makes it possible to pass up any errors
in the communication with the backend as well. As a bonus, there
will be a function to access gpgme->wait, so that the operations
can truly be implemented with their _start function.
* engine-gpgsm.c (gpgsm_status_handler): Horrible kludge to report
error back to the context.
* rungpg.c (gpg_status_handler): Same horrible kludge applied here.
* engine-gpgsm.c (gpgsm_assuan_simple_command): Add error checking.
* wait.c (_gpgme_wait_on_condition): If canceled, set CTX->error
to a value indication that.
* verify.c (add_notation): Set error, not out_of_core.
(finish_sig): Likewise.
(gpgme_op_verify_start): Don't clear out_of_core.
(_gpgme_verify_status_handler): At EOF, clean up the notation data.
(gpgme_op_verify): And don't do it here.
* trustlist.c (trustlist_status_handler): Check error, not out_of_core.
(gpgme_op_trustlist_start): Don't clear out_of_core.
(gpgme_op_trustlist_next): Check error, not out_of_core.
(gpgme_op_trustlist_end): Likewise.
* ops.h (test_and_allocate_result): New macro.
(_gpgme_passphrase_result): Remove prototype.
* delete.c (gpgme_op_delete): Return error from context.
(delete_status_handler): Use macro test_and_allocate_result.
Perform error checking at EOF.
(gpgme_op_delete_start): Release result.
* passphrase.c (_gpgme_passphrase_status_handler): Use macro
test_and_allocate_result, and perform error checking here.
(_gpgme_passphrase_result): Function removed.
* sign.c (gpgme_op_sign_start): Do not set out_of_core to zero.
(gpgme_op_sign): Just return the error value from the context.
(sign_status_handler): Only progress if no error is set yet. If
we process an EOF, set the resulting error value (if any).
* decrypt.c (_gpgme_decrypt_result): Function removed.
(create_result_struct): Function removed.
(_gpgme_decrypt_status_handler): Use macro test_and_allocate_result,
caclulate error on EOF, do not progress with errors.
(_gpgme_decrypt_start): Do not set out_of_core to zero.
(gpgme_op_decrypt): Just return the error value from the context.
* encrypt.c (encrypt_status_handler): Perform the error checking
here.
(gpgme_op_encrypt_start): Do not clear out_of_core.
* export.c (export_status_handler): Return if error is set in context.
(gpgme_op_export_start): Release result.
(gpgme_op_export): Return error from context.
* decrypt-verify.c (gpgme_op_decrypt_verify): Return the error in
the context.
* genkey.c (genkey_status_handler): Use macro
test_and_allocate_result. Perform error checking at EOF.
(gpgme_op_genkey): Just return the error from context.
* import.c (gpgme_op_import): Return the error from context.
(import_status_handler): Use macro test_and_allocate_result.
* keylist.c (gpgme_op_keylist_start): Do not clear out_of_core.
(gpgme_op_keylist_next): Return error of context.
(keylist_colon_handler): Set error instead out_of_code.
(finish_key): Likewise.
* context.h: Remove member out_of_core, add member error.
* gpgme.c (_gpgme_release_result): Clear error flag.
* engine.h (_gpgme_engine_get_error): New prototype.
* engine.c (_gpgme_engine_get_error): New function.
* engine-gpgsm.c (_gpgme_gpgsm_get_error): New function.
* engine-gpgsm.c (map_assuan_error): New function.
(gpgsm_assuan_simple_command): Change return type to GpgmeError,
use the new function to map error values.
(gpgsm_set_fd): Change return type tp GpgmeError.
(_gpgme_gpgsm_op_decrypt): Change type of ERR to GpgmeError.
(gpgsm_set_recipients): Likewise. Change type of return value
equivalently. Adjust error values.
(_gpgme_gpgsm_op_import): Likewise.
(_gpgme_gpgsm_op_sign): Likewise.
(struct gpgsm_object_s): New member error.
(gpgsm_status_handler): Set error if error occurs. Determine
error number from ERR line received. If assuan_read_line fails,
terminate the connection.
2002-02-02 03:52:59 +00:00
|
|
|
|
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_error_t
|
2003-05-18 21:08:43 +00:00
|
|
|
|
gpgme_op_decrypt_start (gpgme_ctx_t ctx, gpgme_data_t cipher,
|
|
|
|
|
gpgme_data_t plain)
|
2001-11-16 01:37:06 +00:00
|
|
|
|
{
|
2009-11-05 02:17:07 +00:00
|
|
|
|
gpgme_error_t err;
|
|
|
|
|
|
2009-10-26 17:38:39 +00:00
|
|
|
|
TRACE_BEG2 (DEBUG_CTX, "gpgme_op_decrypt_start", ctx,
|
|
|
|
|
"cipher=%p, plain=%p", cipher, plain);
|
2011-05-26 14:01:26 +00:00
|
|
|
|
|
|
|
|
|
if (!ctx)
|
|
|
|
|
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
|
2012-09-25 13:29:49 +00:00
|
|
|
|
|
2017-03-24 13:36:54 +00:00
|
|
|
|
err = _gpgme_decrypt_start (ctx, 0, 0, cipher, plain);
|
2009-11-05 02:17:07 +00:00
|
|
|
|
return TRACE_ERR (err);
|
2001-11-16 01:37:06 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2003-04-28 21:17:15 +00:00
|
|
|
|
/* Decrypt ciphertext CIPHER within CTX and store the resulting
|
|
|
|
|
plaintext in PLAIN. */
|
2003-05-18 20:45:24 +00:00
|
|
|
|
gpgme_error_t
|
|
|
|
|
gpgme_op_decrypt (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain)
|
2000-11-16 13:15:48 +00:00
|
|
|
|
{
|
2009-10-26 17:38:39 +00:00
|
|
|
|
gpgme_error_t err;
|
|
|
|
|
|
2009-10-27 Marcus Brinkmann <marcus@g10code.de>
* edit.c (gpgme_op_edit_start, gpgme_op_edit)
(gpgme_op_card_edit_start, gpgme_op_card_edit): Add debug output.
* encrypt-sign.c (gpgme_op_encrypt_sign_start)
(gpgme_op_encrypt_sign): Likewise.
* encrypt.c (gpgme_op_encrypt_start, gpgme_op_encrypt)
(gpgme_op_encrypt_result): Likewise.
* export.c (gpgme_op_export_start, gpgme_op_export)
(gpgme_op_export_ext_start, gpgme_op_export_ext)
(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
* genkey.c (gpgme_op_genkey_start, gpgme_op_genkey)
(gpgme_op_genkey_result): Likewise.
* getauditlog.c (gpgme_op_getauditlog_start)
(gpgme_op_getauditlog): Likewise.
* import.c (gpgme_op_import_result, gpgme_op_import_start)
(gpgme_op_import): Likewise.
* keylist.c (gpgme_op_keylist_result, keylist_colon_handler)
(gpgme_op_keylist_start, gpgme_op_keylist_ext_start)
(gpgme_op_keylist_next, gpgme_op_keylist_end, gpgme_get_key): Likewise.
* opassuan.c (gpgme_op_assuan_transact_start)
(gpgme_op_assuan_transact_ext, gpgme_op_assuan_result)
(gpgme_op_assuan_transact): Likewise.
* signers.c (gpgme_signers_add, gpgme_signers_clear): Likewise.
* trustlist.c (gpgme_op_trustlist_start)
(gpgme_op_trustlist_next, gpgme_op_trustlist_end): Likewise.
* verify.c (gpgme_op_verify_start, gpgme_op_verify)
(gpgme_op_verify_result): Likewise.
2009-10-27 19:23:56 +00:00
|
|
|
|
TRACE_BEG2 (DEBUG_CTX, "gpgme_op_decrypt", ctx,
|
2009-10-26 17:38:39 +00:00
|
|
|
|
"cipher=%p, plain=%p", cipher, plain);
|
2011-05-26 14:01:26 +00:00
|
|
|
|
|
|
|
|
|
if (!ctx)
|
|
|
|
|
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
|
2012-09-25 13:29:49 +00:00
|
|
|
|
|
2017-03-24 13:36:54 +00:00
|
|
|
|
err = _gpgme_decrypt_start (ctx, 1, 0, cipher, plain);
|
2001-11-15 21:32:09 +00:00
|
|
|
|
if (!err)
|
2003-04-28 21:17:15 +00:00
|
|
|
|
err = _gpgme_wait_one (ctx);
|
2009-10-26 17:38:39 +00:00
|
|
|
|
return TRACE_ERR (err);
|
2000-11-16 13:15:48 +00:00
|
|
|
|
}
|