core: Detect bad passphrase error on certificate import

* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.

* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.

* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--

When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.

GnuPG-bug-id: 5713
This commit is contained in:
Ingo Klöcker 2021-12-22 12:13:23 +01:00
parent 0636e229d7
commit 305d8668ca
4 changed files with 63 additions and 7 deletions

View File

@ -5115,7 +5115,9 @@ This is a pointer to the next status structure in the linked list, or
@code{NULL} if this is the last element.
@item char *fpr
This is the fingerprint of the key that was considered.
This is the fingerprint of the key that was considered, or @code{NULL}
if the fingerprint of the key is not known, e.g. because the key to
import was encrypted and decryption failed.
@item gpgme_error_t result
If the import was not successful, this is the error value that caused

View File

@ -103,7 +103,7 @@ gpgme_op_import_result (gpgme_ctx_t ctx)
while (impstat)
{
TRACE_LOG ("import[%i] for %s = 0x%x (%s)",
i, impstat->fpr, impstat->status,
i, impstat->fpr ? impstat->fpr : "null", impstat->status,
gpgme_strerror (impstat->result));
impstat = impstat->next;
i++;
@ -223,6 +223,49 @@ parse_import_res (char *args, gpgme_import_result_t result)
}
/* Parses an error on a status line and adds a corresponding import status.
Currently, only supports "import.parsep12 11". */
static gpgme_error_t
parse_error (char *args, gpgme_import_status_t *import_status)
{
gpgme_import_status_t import;
char *tail;
long int nr;
tail = strchr (args, ' ');
if (!tail)
return 0;
*tail = '\0';
if (strcmp( args, "import.parsep12" ))
return 0;
args = tail + 1;
gpg_err_set_errno (0);
nr = strtol (args, &tail, 0);
if (errno || args == tail || !(*tail == ' ' || !*tail))
{
/* The crypto backend does not behave. */
return trace_gpg_error (GPG_ERR_INV_ENGINE);
}
if (nr != GPG_ERR_BAD_PASSPHRASE)
return 0;
import = malloc (sizeof (*import));
if (!import)
return gpg_error_from_syserror ();
import->next = NULL;
import->result = gpg_error (GPG_ERR_BAD_PASSPHRASE);
import->status = 0;
import->fpr = 0;
*import_status = import;
return 0;
}
static gpgme_error_t
import_status_handler (void *priv, gpgme_status_code_t code, char *args)
{
@ -252,6 +295,15 @@ import_status_handler (void *priv, gpgme_status_code_t code, char *args)
err = parse_import_res (args, &opd->result);
break;
case GPGME_STATUS_ERROR:
err = parse_error (args, opd->lastp);
if (err)
return err;
if (*opd->lastp)
opd->lastp = &(*opd->lastp)->next;
break;
default:
break;
}

View File

@ -149,16 +149,17 @@ check_result (gpgme_import_result_t result, const char *fpr, int secret)
exit (1);
}
}
if (strcmp (fpr, result->imports->fpr))
if (!result->imports->fpr || strcmp (fpr, result->imports->fpr))
{
fprintf (stderr, "Unexpected fingerprint %s\n",
result->imports->fpr);
result->imports->fpr ? result->imports->fpr : "null");
exit (1);
}
if (result->imports->next && strcmp (fpr, result->imports->next->fpr))
if (result->imports->next
&& (!result->imports->next->fpr || strcmp (fpr, result->imports->next->fpr)))
{
fprintf (stderr, "Unexpected fingerprint on second status %s\n",
result->imports->next->fpr);
result->imports->next->fpr ? result->imports->next->fpr : "null");
exit (1);
}
if (result->imports->result != 0)

View File

@ -517,7 +517,8 @@ delete_impres (gpgme_import_result_t r, gpgme_protocol_t proto)
for (st=r->imports; st; st = st->next)
{
delete_fpr (st->fpr, proto);
if (st->fpr)
delete_fpr (st->fpr, proto);
}
}