GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: Allow finalization of signature verification of unencrypted data

Browse Source 
* src/decrypt-verify.c (decrypt_verify_status_handler): Call
_gpgme_verify_status_handler on EOF even if
_gpgme_decrypt_status_handler returned NO DATA error.

* tests/gpg/t-decrypt-verify.c (normal_signed_message): New.
(main): Add test with signed, but not encrypted data.
--

This allows the verify status handler to finalize the verification of
the last signature even if the decrypt status handler returned a NO DATA
error because the input data wasn't encrypted.

GnuPG-bug-id: 6368
This commit is contained in:
Ingo Klöcker 2023-02-08 14:44:38 +01:00
parent 3aaed9cfbf
commit 41dc3bd22a
No known key found for this signature in database
GPG Key ID: F5A5D1692277A1E9
2 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/decrypt-verify.c
View File

@ -35,13 +35,17 @@ decrypt_verify_status_handler (void *priv, gpgme_status_code_t code,
char *args) char *args)
{ {
gpgme_error_t err; gpgme_error_t err;
gpgme_error_t err2;
err = _gpgme_progress_status_handler (priv, code, args); err = _gpgme_progress_status_handler (priv, code, args);
if (!err) if (!err)
err = _gpgme_decrypt_status_handler (priv, code, args); err = _gpgme_decrypt_status_handler (priv, code, args);
if (!err) /* Allow finalization of signature verification even if previous handler
err = _gpgme_verify_status_handler (priv, code, args); * returned NO DATA error which just means that the data wasn't encrypted. */
return err; if (!err
|| (code == GPGME_STATUS_EOF && gpg_err_code (err) == GPG_ERR_NO_DATA))
err2 = _gpgme_verify_status_handler (priv, code, args);
return err ? err : err2;
} }

31
tests/gpg/t-decrypt-verify.c
View File

@ -36,6 +36,16 @@
#include "t-support.h" #include "t-support.h"
static const char normal_signed_message[] =
"-----BEGIN PGP MESSAGE-----\n"
"\n"
"owGbwMvMwCSoW1RzPCOz3IRxjXQSR0lqcYleSUWJTZOvjVdpcYmCu1+oQmaJIleH\n"
"GwuDIBMDGysTSIqBi1MApi+nlGGuwDeHao53HBr+FoVGP3xX+kvuu9fCMJvl6IOf\n"
"y1kvP4y+8D5a11ang0udywsA\n"
"=Crq6\n"
"-----END PGP MESSAGE-----\n";
static void static void
check_verify_result (gpgme_verify_result_t result, unsigned int summary, check_verify_result (gpgme_verify_result_t result, unsigned int summary,
const char *fpr, gpgme_error_t status, int validity) const char *fpr, gpgme_error_t status, int validity)
@ -141,6 +151,27 @@ main (int argc, char *argv[])
gpgme_data_release (in); gpgme_data_release (in);
gpgme_data_release (out); gpgme_data_release (out);
/* Checking a signed, but not encrypted message. */
err = gpgme_data_new_from_mem (&in, normal_signed_message, strlen (normal_signed_message), 0);
fail_if_err (err);
err = gpgme_data_new (&out);
fail_if_err (err);
err = gpgme_op_decrypt_verify (ctx, in, out);
/* should have returned "no data" because the message is not encrypted */
if (gpgme_err_code (err) != GPG_ERR_NO_DATA)
{
fprintf (stderr, "%s:%i: Unexpected result of gpgme_op_decrypt_verify: %s\n",
__FILE__, __LINE__, gpgme_strerror (err));
}
verify_result = gpgme_op_verify_result (ctx);
check_verify_result (verify_result, GPGME_SIGSUM_VALID|GPGME_SIGSUM_GREEN,
"A0FF4590BB6122EDEF6E3C542D727CC768697734",
GPG_ERR_NO_ERROR, GPGME_VALIDITY_FULL);
gpgme_data_release (in);
gpgme_data_release (out);
gpgme_release (ctx); gpgme_release (ctx);
return 0; return 0;
} }