From cf6910f69dd23214ea2016bbd46c580268646aae Mon Sep 17 00:00:00 2001 From: Marcus Brinkmann Date: Fri, 21 May 2004 15:51:53 +0000 Subject: [PATCH] doc/ 2004-05-21 Marcus Brinkmann * gpgme.texi (Decrypt): Add note about new field wrong_key_usage of gpgme_decrypt_result_t. gpgme/ 2004-05-21 Marcus Brinkmann * gpgme.h (struct _gpgme_decrypt_result): New fields wrong_key_usage and _unused. * decrypt.c (_gpgme_decrypt_status_handler): Don't skip over character after a matched string, as in a protocol error this could skip over the trailing binary zero. Handle decrypt.keyusage error notifications. --- NEWS | 5 +++++ TODO | 2 ++ doc/ChangeLog | 3 +++ doc/gpgme.texi | 7 +++++-- gpgme/ChangeLog | 7 +++++++ gpgme/decrypt.c | 24 +++++++++++++++++++----- gpgme/gpgme.h | 7 +++++++ 7 files changed, 48 insertions(+), 7 deletions(-) diff --git a/NEWS b/NEWS index 7fd510ce..092f13ba 100644 --- a/NEWS +++ b/NEWS @@ -4,8 +4,13 @@ Noteworthy changes in version 0.9.0 (unreleased) * The type gpgme_key_t has now a new field keylist_mode that contains the keylist mode that was active at the time the key was retrieved. + * The type gpgme_decrypt_result_t has a new field "wrong_key_usage" + that contains a flag indicating that the key should not have been + used for encryption. + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_key_t EXTENDED: New field keylist_mode. +gpgme_decrypt_result_t EXTENDED: New field wrong_key_usage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/TODO b/TODO index f8ddae4f..11d5028e 100644 --- a/TODO +++ b/TODO @@ -96,6 +96,8 @@ Hey Emacs, this is -*- outline -*- mode! password is required by crypto engine. !! ** Verify must not fail on NODATA premature if auto-key-retrieval failed. It should not fail silently if it knows there is an error. !!! +** decrypt-verify sets wrong_key_usage even if not "verify.keyusage" is + encountered, but "decrypt.keyusage". Is this correct? !! ** All operations: Better error reporting. !! ** Export status handler need much more work. !!! ** Import should return a useful error when one happened. diff --git a/doc/ChangeLog b/doc/ChangeLog index c472cc04..db19a3be 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,5 +1,8 @@ 2004-05-21 Marcus Brinkmann + * gpgme.texi (Decrypt): Add note about new field wrong_key_usage + of gpgme_decrypt_result_t. + * gpgme.texi (Key Management): Add note about new field keylist_mode of gpgme_key_t. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 5f9501b1..be8f1da3 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -3523,6 +3523,9 @@ members: @item char *unsupported_algorithm If an unsupported algorithm was encountered, this string describes the algorithm that is not supported. + +@item unsigned int wrong_key_usage : 1 +This is true if the key was not used according to its policy. @end table @end deftp @@ -3608,7 +3611,7 @@ following members: This is a pointer to the next new signature structure in the linked list, or @code{NULL} if this is the last element. -@item gpgme_sigsum_t summary; +@item gpgme_sigsum_t summary This is a bit vector giving a summary of the signature status. It provides an easy interface to a defined semantic of the signature status. Checking just one bit is sufficient to see whether a @@ -3701,7 +3704,7 @@ The creation timestamp of this signature. The expiration timestamp of this signature, or 0 if the signature does not expire. -@item unsigned int wrong_key_usage : 1; +@item unsigned int wrong_key_usage : 1 This is true if the key was not used according to its policy. @item gpgme_validity_t validity diff --git a/gpgme/ChangeLog b/gpgme/ChangeLog index 60eeb43a..c67ded22 100644 --- a/gpgme/ChangeLog +++ b/gpgme/ChangeLog @@ -1,5 +1,12 @@ 2004-05-21 Marcus Brinkmann + * gpgme.h (struct _gpgme_decrypt_result): New fields + wrong_key_usage and _unused. + * decrypt.c (_gpgme_decrypt_status_handler): Don't skip over + character after a matched string, as in a protocol error this + could skip over the trailing binary zero. + Handle decrypt.keyusage error notifications. + * gpgme.h (struct _gpgme_key): New member keylist_mode. * keylist.c (keylist_colon_handler): Set the keylist_mode of KEY. diff --git a/gpgme/decrypt.c b/gpgme/decrypt.c index 1d106c13..f14b72fa 100644 --- a/gpgme/decrypt.c +++ b/gpgme/decrypt.c @@ -1,6 +1,6 @@ /* decrypt.c - Decrypt function. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002, 2003 g10 Code GmbH + Copyright (C) 2001, 2002, 2003, 2004 g10 Code GmbH This file is part of GPGME. @@ -105,14 +105,16 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, case GPGME_STATUS_ERROR: /* Note that this is an informational status code which should - not lead to an erro retunr unless it is something not related - to the backend. */ + not lead to an error return unless it is something not + related to the backend. */ { const char d_alg[] = "decrypt.algorithm"; const char u_alg[] = "Unsupported_Algorithm"; + const char k_alg[] = "decrypt.keyusage"; + if (!strncmp (args, d_alg, sizeof (d_alg) - 1)) { - args += sizeof (d_alg); + args += sizeof (d_alg) - 1; while (*args == ' ') args++; @@ -120,7 +122,7 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, { char *end; - args += sizeof (u_alg); + args += sizeof (u_alg) - 1; while (*args == ' ') args++; @@ -136,6 +138,18 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, } } } + else if (!strncmp (args, k_alg, sizeof (k_alg) - 1)) + { + gpgme_error_t err; + + args += sizeof (k_alg) - 1; + while (*args == ' ') + args++; + + err = _gpgme_map_gnupg_error (args); + if (gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE) + opd->result.wrong_key_usage = 1; + } } break; diff --git a/gpgme/gpgme.h b/gpgme/gpgme.h index 2604677d..34d836fa 100644 --- a/gpgme/gpgme.h +++ b/gpgme/gpgme.h @@ -1063,6 +1063,12 @@ gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], struct _gpgme_op_decrypt_result { char *unsupported_algorithm; + + /* Key should not have been used for encryption. */ + unsigned int wrong_key_usage : 1; + + /* Internal to GPGME, do not use. */ + int _unused : 31; }; typedef struct _gpgme_op_decrypt_result *gpgme_decrypt_result_t; @@ -1192,6 +1198,7 @@ struct _gpgme_signature /* Signature exipration time or 0. */ unsigned long exp_timestamp; + /* Key should not have been used for signing. */ unsigned int wrong_key_usage : 1; /* Internal to GPGME, do not use. */