qt: Support verification of opaque signed data directly to/from files

* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/job.cpp (VerifyOpaqueJob): Move definition of constructor
and destructor and inclusion of the moc file to the corresponding .cpp
file.
* lang/qt/src/verifyopaquejob.cpp: New.
* lang/qt/src/verifyopaquejob.h (VerifyOpaqueJob): Add member
functions setInputFile, inputFile, setOutputFile, outputFile.
* lang/qt/src/verifyopaquejob_p.h: New.
* lang/qt/src/qgpgmeverifyopaquejob.cpp (class
QGpgMEVerifyOpaqueJobPrivate): New.
(QGpgMEVerifyOpaqueJob::QGpgMEVerifyOpaqueJob): Instantiate private
job class.
(verify_from_filename): New.

* lang/qt/tests/Makefile.am: Add new test program.
* lang/qt/tests/run-verifyopaquejob.cpp: New.
--

This makes it possible to tell gpg to read the input and write the
output directly to a specified file bypassing GpgME's Data IO when
verifying an opaque signed (or clear signed) file.

GnuPG-bug-id: 6550
This commit is contained in:
Ingo Klöcker 2023-12-22 10:05:16 +01:00
parent 20b32e0350
commit e77a8ac0cc
No known key found for this signature in database
GPG Key ID: F5A5D1692277A1E9
8 changed files with 399 additions and 10 deletions

View File

@ -69,6 +69,7 @@ qgpgme_sources = \
signjob.cpp \ signjob.cpp \
dn.cpp cryptoconfig.cpp wkdlookupresult.cpp \ dn.cpp cryptoconfig.cpp wkdlookupresult.cpp \
util.cpp \ util.cpp \
verifyopaquejob.cpp \
wkdrefreshjob.cpp wkdrefreshjob.cpp
# If you add one here make sure that you also add one in camelcase # If you add one here make sure that you also add one in camelcase
@ -232,6 +233,7 @@ private_qgpgme_headers = \
signjob_p.h \ signjob_p.h \
threadedjobmixin.h \ threadedjobmixin.h \
util.h \ util.h \
verifyopaquejob_p.h \
wkdrefreshjob_p.h wkdrefreshjob_p.h
qgpgme_moc_sources = \ qgpgme_moc_sources = \

View File

@ -46,7 +46,6 @@
#include "decryptjob.h" #include "decryptjob.h"
#include "signkeyjob.h" #include "signkeyjob.h"
#include "verifydetachedjob.h" #include "verifydetachedjob.h"
#include "verifyopaquejob.h"
#include "keygenerationjob.h" #include "keygenerationjob.h"
#include "importjob.h" #include "importjob.h"
#include "importfromkeyserverjob.h" #include "importfromkeyserverjob.h"
@ -163,7 +162,6 @@ make_job_subclass(ListAllKeysJob)
make_job_subclass(DecryptJob) make_job_subclass(DecryptJob)
make_job_subclass(SignKeyJob) make_job_subclass(SignKeyJob)
make_job_subclass(VerifyDetachedJob) make_job_subclass(VerifyDetachedJob)
make_job_subclass(VerifyOpaqueJob)
make_job_subclass(KeyGenerationJob) make_job_subclass(KeyGenerationJob)
make_job_subclass(AbstractImportJob) make_job_subclass(AbstractImportJob)
make_job_subclass_ext(ImportJob, AbstractImportJob) make_job_subclass_ext(ImportJob, AbstractImportJob)
@ -197,7 +195,6 @@ make_job_subclass(SetPrimaryUserIDJob)
#include "decryptjob.moc" #include "decryptjob.moc"
#include "signkeyjob.moc" #include "signkeyjob.moc"
#include "verifydetachedjob.moc" #include "verifydetachedjob.moc"
#include "verifyopaquejob.moc"
#include "keygenerationjob.moc" #include "keygenerationjob.moc"
#include "abstractimportjob.moc" #include "abstractimportjob.moc"
#include "importjob.moc" #include "importjob.moc"

View File

@ -39,22 +39,51 @@
#include "qgpgmeverifyopaquejob.h" #include "qgpgmeverifyopaquejob.h"
#include "dataprovider.h" #include "dataprovider.h"
#include "util.h"
#include "verifyopaquejob_p.h"
#include "context.h" #include <context.h>
#include "verificationresult.h" #include <data.h>
#include "data.h" #include <verificationresult.h>
#include <QBuffer> #include <QBuffer>
#include <QFile>
#include <cassert> #include <cassert>
using namespace QGpgME; using namespace QGpgME;
using namespace GpgME; using namespace GpgME;
namespace
{
class QGpgMEVerifyOpaqueJobPrivate : public VerifyOpaqueJobPrivate
{
QGpgMEVerifyOpaqueJob *q = nullptr;
public:
QGpgMEVerifyOpaqueJobPrivate(QGpgMEVerifyOpaqueJob *qq)
: q{qq}
{
}
~QGpgMEVerifyOpaqueJobPrivate() override = default;
private:
GpgME::Error startIt() override;
void startNow() override
{
q->run();
}
};
}
QGpgMEVerifyOpaqueJob::QGpgMEVerifyOpaqueJob(Context *context) QGpgMEVerifyOpaqueJob::QGpgMEVerifyOpaqueJob(Context *context)
: mixin_type(context) : mixin_type(context)
{ {
setJobPrivate(this, std::unique_ptr<QGpgMEVerifyOpaqueJobPrivate>{new QGpgMEVerifyOpaqueJobPrivate{this}});
lateInitialization(); lateInitialization();
} }
@ -105,6 +134,41 @@ static QGpgMEVerifyOpaqueJob::result_type verify_opaque_qba(Context *ctx, const
return verify_opaque(ctx, nullptr, buffer, std::shared_ptr<QIODevice>()); return verify_opaque(ctx, nullptr, buffer, std::shared_ptr<QIODevice>());
} }
static QGpgMEVerifyOpaqueJob::result_type verify_from_filename(Context *ctx,
const QString &inputFilePath,
const QString &outputFilePath)
{
Data indata;
#ifdef Q_OS_WIN
indata.setFileName(inputFilePath().toUtf8().constData());
#else
indata.setFileName(QFile::encodeName(inputFilePath).constData());
#endif
PartialFileGuard partFileGuard{outputFilePath};
if (partFileGuard.tempFileName().isEmpty()) {
return std::make_tuple(VerificationResult{Error::fromCode(GPG_ERR_EEXIST)}, QByteArray{}, QString{}, Error{});
}
Data outdata;
#ifdef Q_OS_WIN
outdata.setFileName(partFileGuard.tempFileName().toUtf8().constData());
#else
outdata.setFileName(QFile::encodeName(partFileGuard.tempFileName()).constData());
#endif
const auto verificationResult = ctx->verifyOpaqueSignature(indata, outdata);
if (!verificationResult.error().code()) {
// the operation succeeded -> save the result under the requested file name
partFileGuard.commit();
}
Error ae;
const QString log = _detail::audit_log_as_html(ctx, ae);
return std::make_tuple(verificationResult, QByteArray{}, log, ae);
}
Error QGpgMEVerifyOpaqueJob::start(const QByteArray &signedData) Error QGpgMEVerifyOpaqueJob::start(const QByteArray &signedData)
{ {
run(std::bind(&verify_opaque_qba, std::placeholders::_1, signedData)); run(std::bind(&verify_opaque_qba, std::placeholders::_1, signedData));
@ -124,10 +188,22 @@ GpgME::VerificationResult QGpgME::QGpgMEVerifyOpaqueJob::exec(const QByteArray &
return mResult; return mResult;
} }
//PENDING(marc) implement showErrorDialog()
void QGpgME::QGpgMEVerifyOpaqueJob::resultHook(const result_type &tuple) void QGpgME::QGpgMEVerifyOpaqueJob::resultHook(const result_type &tuple)
{ {
mResult = std::get<0>(tuple); mResult = std::get<0>(tuple);
} }
GpgME::Error QGpgMEVerifyOpaqueJobPrivate::startIt()
{
if (m_inputFilePath.isEmpty() || m_outputFilePath.isEmpty()) {
return Error::fromCode(GPG_ERR_INV_VALUE);
}
q->run([=](Context *ctx) {
return verify_from_filename(ctx, m_inputFilePath, m_outputFilePath);
});
return {};
}
#include "qgpgmeverifyopaquejob.moc" #include "qgpgmeverifyopaquejob.moc"

View File

@ -0,0 +1,74 @@
/*
verifyopaquejob.cpp
This file is part of qgpgme, the Qt API binding for gpgme
Copyright (c) 2023 g10 Code GmbH
Software engineering by Ingo Klöcker <dev@ingo-kloecker.de>
QGpgME is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of the
License, or (at your option) any later version.
QGpgME is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
In addition, as a special exception, the copyright holders give
permission to link the code of this program with any edition of
the Qt library by Trolltech AS, Norway (or with modified versions
of Qt that use the same license as Qt), and distribute linked
combinations including the two. You must obey the GNU General
Public License in all respects for all of the code used other than
Qt. If you modify this file, you may extend this exception to
your version of the file, but you are not obligated to do so. If
you do not wish to do so, delete this exception statement from
your version.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "verifyopaquejob.h"
#include "verifyopaquejob_p.h"
using namespace QGpgME;
VerifyOpaqueJob::VerifyOpaqueJob(QObject *parent)
: Job{parent}
{
}
VerifyOpaqueJob::~VerifyOpaqueJob() = default;
void VerifyOpaqueJob::setInputFile(const QString &path)
{
auto d = jobPrivate<VerifyOpaqueJobPrivate>(this);
d->m_inputFilePath = path;
}
QString VerifyOpaqueJob::inputFile() const
{
auto d = jobPrivate<VerifyOpaqueJobPrivate>(this);
return d->m_inputFilePath;
}
void VerifyOpaqueJob::setOutputFile(const QString &path)
{
auto d = jobPrivate<VerifyOpaqueJobPrivate>(this);
d->m_outputFilePath = path;
}
QString VerifyOpaqueJob::outputFile() const
{
auto d = jobPrivate<VerifyOpaqueJobPrivate>(this);
return d->m_outputFilePath;
}
#include "verifyopaquejob.moc"

View File

@ -61,6 +61,14 @@ namespace QGpgME
VerifyOpaqueJob instance will have scheduled it's own VerifyOpaqueJob instance will have scheduled it's own
destruction with a call to QObject::deleteLater(). destruction with a call to QObject::deleteLater().
Alternatively, the job can be started with startIt() after setting
an input file and an output file. If the job is started this way then
the backend reads the input and writes the output directly from/to the
specified input file and output file. In this case the plainText value of
the result signal will always be empty. This direct IO mode is currently
only supported for OpenPGP. Note that startIt() does not schedule the job's
destruction if starting the job failed.
After result() is emitted, the VerifyOpaqueJob will schedule After result() is emitted, the VerifyOpaqueJob will schedule
it's own destruction by calling QObject::deleteLater(). it's own destruction by calling QObject::deleteLater().
*/ */
@ -70,7 +78,27 @@ class QGPGME_EXPORT VerifyOpaqueJob : public Job
protected: protected:
explicit VerifyOpaqueJob(QObject *parent); explicit VerifyOpaqueJob(QObject *parent);
public: public:
~VerifyOpaqueJob(); ~VerifyOpaqueJob() override;
/**
* Sets the path of the file to verify.
*
* Used if the job is started with startIt().
*/
void setInputFile(const QString &path);
QString inputFile() const;
/**
* Sets the path of the file to write the result to.
*
* Used if the job is started with startIt().
*
* \note If a file with this path exists, then the job will fail, i.e. you
* need to delete an existing file that shall be overwritten before you
* start the job.
*/
void setOutputFile(const QString &path);
QString outputFile() const;
/** /**
Starts the verification operation. \a signature contains the Starts the verification operation. \a signature contains the

View File

@ -0,0 +1,50 @@
/*
verifyopaquejob_p.h
This file is part of qgpgme, the Qt API binding for gpgme
Copyright (c) 2023 g10 Code GmbH
Software engineering by Ingo Klöcker <dev@ingo-kloecker.de>
QGpgME is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of the
License, or (at your option) any later version.
QGpgME is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
In addition, as a special exception, the copyright holders give
permission to link the code of this program with any edition of
the Qt library by Trolltech AS, Norway (or with modified versions
of Qt that use the same license as Qt), and distribute linked
combinations including the two. You must obey the GNU General
Public License in all respects for all of the code used other than
Qt. If you modify this file, you may extend this exception to
your version of the file, but you are not obligated to do so. If
you do not wish to do so, delete this exception statement from
your version.
*/
#ifndef __QGPGME_VERIFYOPAQUEJOB_P_H__
#define __QGPGME_VERIFYOPAQUEJOB_P_H__
#include "job_p.h"
namespace QGpgME
{
struct VerifyOpaqueJobPrivate : public JobPrivate
{
QString m_inputFilePath;
QString m_outputFilePath;
};
}
#endif // __QGPGME_VERIFYOPAQUEJOB_P_H__

View File

@ -100,6 +100,7 @@ run_receivekeysjob_SOURCES = run-receivekeysjob.cpp
run_refreshkeysjob_SOURCES = run-refreshkeysjob.cpp run_refreshkeysjob_SOURCES = run-refreshkeysjob.cpp
run_signarchivejob_SOURCES = run-signarchivejob.cpp run_signarchivejob_SOURCES = run-signarchivejob.cpp
run_signjob_SOURCES = run-signjob.cpp run_signjob_SOURCES = run-signjob.cpp
run_verifyopaquejob_SOURCES = run-verifyopaquejob.cpp
run_wkdrefreshjob_SOURCES = run-wkdrefreshjob.cpp run_wkdrefreshjob_SOURCES = run-wkdrefreshjob.cpp
nodist_t_keylist_SOURCES = $(moc_files) nodist_t_keylist_SOURCES = $(moc_files)
@ -120,6 +121,7 @@ noinst_PROGRAMS = \
run-importjob run-exportjob run-receivekeysjob run-refreshkeysjob \ run-importjob run-exportjob run-receivekeysjob run-refreshkeysjob \
run-signarchivejob \ run-signarchivejob \
run-signjob \ run-signjob \
run-verifyopaquejob \
run-wkdrefreshjob run-wkdrefreshjob

View File

@ -0,0 +1,160 @@
/*
run-verifyopaquejob.cpp
This file is part of QGpgME's test suite.
Copyright (c) 2023 by g10 Code GmbH
Software engineering by Ingo Klöcker <dev@ingo-kloecker.de>
QGpgME is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License,
version 2, as published by the Free Software Foundation.
QGpgME is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
In addition, as a special exception, the copyright holders give
permission to link the code of this program with any edition of
the Qt library by Trolltech AS, Norway (or with modified versions
of Qt that use the same license as Qt), and distribute linked
combinations including the two. You must obey the GNU General
Public License in all respects for all of the code used other than
Qt. If you modify this file, you may extend this exception to
your version of the file, but you are not obligated to do so. If
you do not wish to do so, delete this exception statement from
your version.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <protocol.h>
#include <verifyopaquejob.h>
#include <QCommandLineParser>
#include <QCoreApplication>
#include <QDebug>
#include <QFile>
#include <QTimer>
#include <context.h>
#include <verificationresult.h>
#include <iostream>
using namespace GpgME;
std::ostream &operator<<(std::ostream &os, const QString &s)
{
return os << s.toLocal8Bit().constData();
}
struct CommandLineOptions {
QString inputFile;
QString outputFile;
std::chrono::seconds cancelTimeout{0};
};
CommandLineOptions parseCommandLine(const QStringList &arguments)
{
CommandLineOptions options;
QCommandLineParser parser;
parser.setApplicationDescription("Test program for VerifyOpaqueJob");
parser.addHelpOption();
parser.addOptions({
{{"o", "output"}, "Write output to FILE.", "FILE"},
{"cancel-after", "Cancel the running job after SECONDS seconds.", "SECONDS"},
});
parser.addPositionalArgument("file", "File to verify", "FILE");
parser.process(arguments);
const auto args = parser.positionalArguments();
if (args.size() != 1) {
parser.showHelp(1);
}
options.inputFile = args.front();
options.outputFile = parser.value("output");
if (parser.isSet("cancel-after")) {
bool ok;
options.cancelTimeout = std::chrono::seconds{parser.value("cancel-after").toInt(&ok)};
if (!ok) {
options.cancelTimeout = std::chrono::seconds{-1};
}
}
return options;
}
int main(int argc, char **argv)
{
GpgME::initializeLibrary();
QCoreApplication app{argc, argv};
app.setApplicationName("run-verifyopaquejob");
const auto options = parseCommandLine(app.arguments());
if (options.cancelTimeout.count() < 0) {
std::cerr << "Ignoring invalid timeout for cancel." << std::endl;
}
std::shared_ptr<QFile> output;
if (options.outputFile.isEmpty() || options.outputFile == QLatin1String{"-"}) {
output.reset(new QFile);
output->open(stdout, QIODevice::WriteOnly);
} else {
if (QFile::exists(options.outputFile)) {
qCritical() << "File" << options.outputFile << "exists. Bailing out.";
return 1;
}
}
auto job = QGpgME::openpgp()->verifyOpaqueJob();
if (!job) {
std::cerr << "Error: Could not create job" << std::endl;
return 1;
}
QObject::connect(job,
&QGpgME::VerifyOpaqueJob::result,
&app,
[](const GpgME::VerificationResult &verificationResult,
const QByteArray &,
const QString &auditLog,
const GpgME::Error &) {
std::cerr << "Diagnostics: " << auditLog << std::endl;
std::cerr << "Verification Result: " << verificationResult << std::endl;
qApp->quit();
});
if (options.cancelTimeout.count() > 0) {
QTimer::singleShot(options.cancelTimeout, job, [job]() {
std::cerr << "Canceling job" << std::endl;
job->slotCancel();
});
}
std::shared_ptr<QFile> input;
GpgME::Error err;
if (output) {
input.reset(new QFile{options.inputFile});
input->open(QIODevice::ReadOnly);
job->start(input, output);
} else {
job->setInputFile(options.inputFile);
job->setOutputFile(options.outputFile);
err = job->startIt();
}
if (err) {
std::cerr << "Error: Starting the job failed: " << err.asString() << std::endl;
return 1;
}
return app.exec();
}