diff --git a/NEWS b/NEWS index ef5654d2..0fc99f54 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,12 @@ Noteworthy changes in version 1.2.1 (unreleased) * (none yet) + * Interface changes relative to the 1.1.7 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GPGME_STATUS_INV_SGNR NEW. + GPGME_STATUS_NO_SGNR NEW. + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + Noteworthy changes in version 1.2.0 (2009-06-18) ------------------------------------------------ diff --git a/doc/ChangeLog b/doc/ChangeLog index 5772e682..34f30bd0 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2009-07-21 Werner Koch + + * uiserver.texi (UI Server Encrypt): Add --expect-sign option to + PREP_ENCRYPT. + 2009-06-16 Marcus Brinkmann * gpgme.texi (Result Management): New section. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index a0bc20e8..3b1c10fa 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -4777,7 +4777,7 @@ of a @code{gpgme_op_sign} operation. The pointer is only valid if the last operation on the context was a @code{gpgme_op_sign}, @code{gpgme_op_sign_start}, @code{gpgme_op_encrypt_sign} or @code{gpgme_op_encrypt_sign_start} operation. If that operation -failed, the function might return a @code{NULL} pointer, The returned +failed, the function might return a @code{NULL} pointer. The returned pointer is only valid until the next operation is started on the context. @end deftypefun diff --git a/doc/uiserver.texi b/doc/uiserver.texi index 7c0a1e9a..c6da5ad4 100644 --- a/doc/uiserver.texi +++ b/doc/uiserver.texi @@ -118,7 +118,7 @@ Use the CMS (PKCS#7) protocol (RFC-3852). To support automagically selection of the protocol depending on the selected keys, the server MAY implement the command: -@deffn Command PREP_ENCRYPT [-@w{}-protocol=@var{name}] +@deffn Command PREP_ENCRYPT [-@w{}-protocol=@var{name}] [-@w{}-expect-sign] This commands considers all recipients set so far and decides whether it is able to take input and start the actual decryption. This is kind of @@ -129,8 +129,15 @@ command is send. The @option{--protocol} option is optional; if it is not given, the server should allow the user to select the protocol to be used based on the recipients given or by any other means. +If @option{--expect-sign} is given the server should expect that the +message will also be signed and use this hint to present a unified +recipient and signer selection dialog if possible and desired. A +selected signer should then be cached for the expected SIGN command +(which is expected in the same session but possible on another +connection). + If this command is given again before a successful @command{ENCRYPT} -command, the second one takes effect. +command, the second one takes effect. Before sending the OK response the server shall tell the client the protocol to be used (either the one given by the argument or the one diff --git a/src/ChangeLog b/src/ChangeLog index feebbdc9..33019498 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,16 @@ +2009-08-06 Werner Koch + + * op-support.c (_gpgme_parse_inv_recp): Allow for no fingerprint. + + * engine-gpgsm.c (gpgsm_sign): Hook up the status func for the + SIGNER command. + * gpgme.h.in (GPGME_STATUS_INV_SGNR, GPGME_STATUS_NO_SGNR): New. + * sign.c (op_data_t): Add fields IGNORE_INV_RECP and INV_SGNR_SEEN. + (_gpgme_op_sign_init_result): Factor code out to ... + (sign_init_result): .. new. Init new fields. + (sign_start): Use sign_init_result. + (_gpgme_sign_status_handler): Take care of the new INV_SGNR. + 2009-07-07 Werner Koch * engine-gpgsm.c (struct engine_gpgsm): Add fields diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c index 4067b99b..647fd931 100644 --- a/src/engine-gpgsm.c +++ b/src/engine-gpgsm.c @@ -1870,7 +1870,7 @@ gpgsm_sign (void *engine, gpgme_data_t in, gpgme_data_t out, if (asprintf (&assuan_cmd, "OPTION include-certs %i", include_certs) < 0) return gpg_error_from_errno (errno); err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, assuan_cmd, - NULL, NULL); + NULL, NULL); free (assuan_cmd); if (err) return err; @@ -1885,7 +1885,8 @@ gpgsm_sign (void *engine, gpgme_data_t in, gpgme_data_t out, strcpy (stpcpy (buf, "SIGNER "), s); err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, buf, - NULL, NULL); + gpgsm->status.fnc, + gpgsm->status.fnc_value); } else err = gpg_error (GPG_ERR_INV_VALUE); diff --git a/src/gpgme.h.in b/src/gpgme.h.in index b9f76f56..0b42798c 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -485,7 +485,9 @@ typedef enum GPGME_STATUS_PKA_TRUST_BAD = 79, GPGME_STATUS_PKA_TRUST_GOOD = 80, - GPGME_STATUS_PLAINTEXT = 81 + GPGME_STATUS_PLAINTEXT = 81, + GPGME_STATUS_INV_SGNR = 82, + GPGME_STATUS_NO_SGNR = 83 } gpgme_status_code_t; diff --git a/src/op-support.c b/src/op-support.c index c3ba7785..90e1283e 100644 --- a/src/op-support.c +++ b/src/op-support.c @@ -162,8 +162,8 @@ _gpgme_op_reset (gpgme_ctx_t ctx, int type) } -/* Parse the INV_RECP status line in ARGS and return the result in - KEY. */ +/* Parse the INV_RECP or INV-SNDR status line in ARGS and return the + result in KEY. */ gpgme_error_t _gpgme_parse_inv_recp (char *args, gpgme_invalid_key_t *key) { @@ -177,7 +177,7 @@ _gpgme_parse_inv_recp (char *args, gpgme_invalid_key_t *key) inv_key->next = NULL; errno = 0; reason = strtol (args, &tail, 0); - if (errno || args == tail || *tail != ' ') + if (errno || args == tail || (*tail && *tail != ' ')) { /* The crypto backend does not behave. */ free (inv_key); @@ -236,7 +236,7 @@ _gpgme_parse_inv_recp (char *args, gpgme_invalid_key_t *key) break; } - while (*tail == ' ') + while (*tail && *tail == ' ') tail++; if (*tail) { diff --git a/src/sign.c b/src/sign.c index 03007bdf..1d3716fd 100644 --- a/src/sign.c +++ b/src/sign.c @@ -46,6 +46,10 @@ typedef struct /* Likewise for signature information. */ gpgme_new_signature_t *last_sig_p; + + /* Flags used while processing the status lines. */ + unsigned int ignore_inv_recp:1; + unsigned int inv_sgnr_seen:1; } *op_data_t; @@ -266,6 +270,12 @@ _gpgme_sign_status_handler (void *priv, gpgme_status_code_t code, char *args) break; case GPGME_STATUS_INV_RECP: + if (opd->inv_sgnr_seen && opd->ignore_inv_recp) + break; + /* FALLTROUGH */ + case GPGME_STATUS_INV_SGNR: + if (code == GPGME_STATUS_INV_SGNR) + opd->inv_sgnr_seen = 1; err = _gpgme_parse_inv_recp (args, opd->last_signer_p); if (err) return err; @@ -297,8 +307,8 @@ sign_status_handler (void *priv, gpgme_status_code_t code, char *args) } -gpgme_error_t -_gpgme_op_sign_init_result (gpgme_ctx_t ctx) +static gpgme_error_t +sign_init_result (gpgme_ctx_t ctx, int ignore_inv_recp) { gpgme_error_t err; void *hook; @@ -311,9 +321,17 @@ _gpgme_op_sign_init_result (gpgme_ctx_t ctx) return err; opd->last_signer_p = &opd->result.invalid_signers; opd->last_sig_p = &opd->result.signatures; + opd->ignore_inv_recp = !!ignore_inv_recp; + opd->inv_sgnr_seen = 0; return 0; } +gpgme_error_t +_gpgme_op_sign_init_result (gpgme_ctx_t ctx) +{ + return sign_init_result (ctx, 0); +} + static gpgme_error_t sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_data_t plain, @@ -325,7 +343,10 @@ sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_data_t plain, if (err) return err; - err = _gpgme_op_sign_init_result (ctx); + /* If we are using the CMS protocol, we ignore the INV_RECP status + code if a newer GPGSM is in use. GPGMS does not support combined + sign+encrypt and thus this can't harm. */ + err = sign_init_result (ctx, (ctx->protocol == GPGME_PROTOCOL_CMS)); if (err) return err; diff --git a/tests/ChangeLog b/tests/ChangeLog index 926771ab..e6b53d79 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,7 @@ +2009-08-06 Werner Koch + + * run-sign.c: New. + 2009-07-07 Werner Koch * run-keylist.c (main): Add options --cms and --openpgp. diff --git a/tests/Makefile.am b/tests/Makefile.am index 81d7e548..3e7b414b 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -32,7 +32,7 @@ LDADD = ../src/libgpgme.la @GPG_ERROR_LIBS@ noinst_HEADERS = run-support.h -noinst_PROGRAMS = $(TESTS) run-keylist run-export run-import +noinst_PROGRAMS = $(TESTS) run-keylist run-export run-import run-sign if RUN_GPG_TESTS diff --git a/tests/gpg/t-sign.c b/tests/gpg/t-sign.c index 3b71dc48..bdd3323b 100644 --- a/tests/gpg/t-sign.c +++ b/tests/gpg/t-sign.c @@ -102,6 +102,17 @@ main (int argc, char **argv) gpgme_set_textmode (ctx, 1); gpgme_set_armor (ctx, 1); + +#if 0 + { + gpgme_key_t akey; + err = gpgme_get_key (ctx, "0x68697734", &akey, 0); + fail_if_err (err); + err = gpgme_signers_add (ctx, akey); + fail_if_err (err); + gpgme_key_unref (akey); + } +#endif err = gpgme_data_new_from_mem (&in, "Hallo Leute\n", 12, 0); fail_if_err (err); diff --git a/tests/run-sign.c b/tests/run-sign.c new file mode 100644 index 00000000..7c3d51d7 --- /dev/null +++ b/tests/run-sign.c @@ -0,0 +1,187 @@ +/* run-sign.c - Helper to perform a sign operation + Copyright (C) 2009 g10 Code GmbH + + This file is part of GPGME. + + GPGME is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + GPGME is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . +*/ + +/* We need to include config.h so that we know whether we are building + with large file system (LFS) support. */ +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include + +#include + +#define PGM "run-sign" + +#include "run-support.h" + + +static int verbose; + + +static void +print_result (gpgme_sign_result_t result, gpgme_sig_mode_t type) +{ + gpgme_invalid_key_t invkey; + gpgme_new_signature_t sig; + + for (invkey = result->invalid_signers; invkey; invkey = invkey->next) + printf ("Signing key `%s' not used: %s <%s>\n", + nonnull (invkey->fpr), + gpg_strerror (invkey->reason), gpg_strsource (invkey->reason)); + + for (sig = result->signatures; sig; sig = sig->next) + { + printf ("Key fingerprint: %s\n", nonnull (sig->fpr)); + printf ("Signature type : %d\n", sig->type); + printf ("Public key algo: %d\n", sig->pubkey_algo); + printf ("Hash algo .....: %d\n", sig->hash_algo); + printf ("Creation time .: %ld\n", sig->timestamp); + printf ("Sig class .....: 0x%u\n", sig->sig_class); + } +} + + + +static int +show_usage (int ex) +{ + fputs ("usage: " PGM " [options] FILE\n\n" + "Options:\n" + " --verbose run in verbose mode\n" + " --openpgp use the OpenPGP protocol (default)\n" + " --cms use the CMS protocol\n" + " --key NAME use key NAME for signing\n" + , stderr); + exit (ex); +} + + +int +main (int argc, char **argv) +{ + int last_argc = -1; + gpgme_error_t err; + gpgme_ctx_t ctx; + const char *key_string = NULL; + gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP; + gpgme_sig_mode_t sigmode = GPGME_SIG_MODE_NORMAL; + gpgme_data_t in, out; + gpgme_sign_result_t result; + + if (argc) + { argc--; argv++; } + + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--help")) + show_usage (0); + else if (!strcmp (*argv, "--verbose")) + { + verbose = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--openpgp")) + { + protocol = GPGME_PROTOCOL_OpenPGP; + argc--; argv++; + } + else if (!strcmp (*argv, "--cms")) + { + protocol = GPGME_PROTOCOL_CMS; + argc--; argv++; + } + else if (!strcmp (*argv, "--key")) + { + argc--; argv++; + if (!argc) + show_usage (1); + key_string = *argv; + argc--; argv++; + } + else if (!strncmp (*argv, "--", 2)) + show_usage (1); + + } + + if (argc != 1) + show_usage (1); + + init_gpgme (protocol); + + err = gpgme_new (&ctx); + fail_if_err (err); + gpgme_set_protocol (ctx, protocol); + gpgme_set_armor (ctx, 1); + + if (key_string) + { + gpgme_key_t akey; + + err = gpgme_get_key (ctx, key_string, &akey, 1); + if (err) + { + fprintf (stderr, PGM ": error getting key `%s': %s\n", + key_string, gpg_strerror (err)); + exit (1); + } + err = gpgme_signers_add (ctx, akey); + fail_if_err (err); + gpgme_key_unref (akey); + } + + err = gpgme_data_new_from_file (&in, *argv, 1); + if (err) + { + fprintf (stderr, PGM ": error reading `%s': %s\n", + *argv, gpg_strerror (err)); + exit (1); + } + + err = gpgme_data_new (&out); + fail_if_err (err); + + err = gpgme_op_sign (ctx, in, out, sigmode); + result = gpgme_op_sign_result (ctx); + if (result) + print_result (result, sigmode); + if (err) + { + fprintf (stderr, PGM ": signing failed: %s\n", gpg_strerror (err)); + exit (1); + } + + fputs ("Begin Output:\n", stdout); + print_data (out); + fputs ("End Output.\n", stdout); + gpgme_data_release (out); + + gpgme_data_release (in); + + gpgme_release (ctx); + return 0; +}