Commit Graph

37 Commits

Author SHA1 Message Date
Ingo Klöcker
e21c3b559d core: Return BAD_PASSPHRASE error code on symmetric decryption.
* src/decrypt.c (op_data_t): Add field symdecrypt_failed.
(parse_status_error): Handle BAD_PASSPHRASE error code.
(_gpgme_decrypt_status_handler): Consult new field.
--

Return a bad passphrase error if the failure during symmetric decryption
is likely caused by the user entering a wrong passphrase. The special
error code of a failed public key decryption takes precedence.

GnuPG-bug-id: 5939
2022-04-25 12:14:42 +02:00
Werner Koch
5857491a2a
core: Simplify the trace maros by using variadics.
* src/debug.h (TRACE_BEG, TRACE_LOG, TRACE_SUC): Use variadic macros
and remove the TRACE_BEG1 et al.  Change all users to always pass a
format string.
(TRACE): Ditto.
* src/debug.c (_gpgme_debugf): New.
* configure.ac <GCC>: Add -Wno-format-zero-length.
--

This makes it easier for use to enable format checks.  The zero-length
format is required to allow for an empty format due to the comman
problematic of __VA_ARGS__.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-16 16:25:49 +01:00
Werner Koch
8d91c0f4cd
Add SPDX identifiers to most source files
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-16 13:27:33 +01:00
Werner Koch
085cdeddef
core: Blank out the plaintext after decryption failure.
* src/data.h (data_prop_t): New enum.
(struct gpgme_data): Add field propidx.
* src/data.c (property_t): New.
(property_table, property_table_size, property_table_lock): New.
(insert_into_property_table): New.
(remove_from_property_table): New.
(_gpgme_data_get_dserial): New.
(_gpgme_data_set_prop): New.
(_gpgme_data_get_prop): New.
(_gpgme_data_new): Connect new object to property_table.
(_gpgme_data_release): Remove from property_table.
(gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer.
* src/data-mem.c (gpgme_data_release_and_get_mem): Likewise.
* src/decrypt.c (struct op_data): Add field plaintext_dserial.
(_gpgme_op_decrypt_init_result): Add arg plaintext and init new field.
(_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption
failure.
(_gpgme_decrypt_start): Pass PLAIN to the init function.
* src/decrypt-verify.c (decrypt_verify_start): Ditto.
* configure.ac: Check for stdint.h and bail out if uint64_t is not
available.
--

This is a best effort feature to not output plaintext after a
decryption failure (e.g. due to no or broken authenticated
encryption).  It always work when using a memory object and reading it
after the decryption but it can't work reliable when the user is
reading from the data object while the decryption process is still
running.

This is quite a large change because the data objects and the context
objects are allowed to be owned by different threads.  Thus a
synchronization is needed and we do this with a global table of all
data objects to which the context objects can do soft-linking via a
unique data object serial number.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 17:39:09 +02:00
Werner Koch
2c4c569247
core: Return a better error code on certain decryption failures.
* src/decrypt.c (op_data_t): Add field first_status_error.
(parse_status_error): Set it.
(_gpgme_decrypt_status_handler): Prefer an ERROR code over a
NO_SECKEY.
--

GnuPG-bug-id: 3983
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-06 16:20:27 +02:00
Werner Koch
662604c5bc
core: New context flag "ignore-mdc-error".
* src/context.h (gpgme_context): Add field ignore_mdc_error.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Set/get it.
* src/engine-gpg.c (engine_gpg): Add flags.ignore_mdc_error.
(gpg_set_engine_flags): Set it.
(build_argv): Pass option to gpg.
* src/decrypt.c (_gpgme_decrypt_status_handler): Take care of flag.
(gpgme_op_decrypt_result): Clear flag.
(gpgme_op_decrypt): Clear flag.
* src/decrypt-verify.c (gpgme_op_decrypt_verify): Clear flag
(gpgme_op_decrypt_ext): Clear flag.

* tests/run-decrypt.c (show_usage): Add option --ignore-mdc-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 01:29:34 +02:00
Werner Koch
dd19cabe81
core: New decryption result flag 'legacy_cipher_nomdc'.
* src/gpgme.h.in (_gpgme_op_decrypt_result): Add flag
legacy_cipher_nomdc.
* src/decrypt.c (parse_status_error): Set this flag.
* tests/run-decrypt.c (print_result): print it.
(main): Print the result even on error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 01:01:08 +02:00
Werner Koch
e2aa38b56a
core: Remove cruft from the engine-gpg code.
* src/engine-gpg.c (read_status): Remove the handling of
GPGME_STATUS_END_STREAM; this was used only by the former experimental
--pipemode of gpg but that is not even anymore invoked here.
(struct engine_gpg): Remove cmd.linked_data and .linked_idx.
(build_argv): Remove code for linked_data.
(gpg_new): Ditto.
(gpg_set_command_handler): Remove arr linked_data.
* src/engine-backend.h (engine_ops): Remove arg data from
set_command_handler.
* src/engine.c (_gpgme_engine_set_command_handler): Remove arg
linked_data and adjust all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 00:13:53 +02:00
Werner Koch
8a0c8c5251
core: Always fail if an OpenPG message is not integrity protected.
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this.  Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--

This extra check makes sure that a missing or stripped MDC in
 - gpg < 2.1
 - or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure.  gpg 2.3 will always fail in this
case.  Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.

Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered.  If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.

GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-17 09:16:05 +02:00
Werner Koch
f779362ffb
core: Remove another debug output leftover.
* src/decrypt.c (_gpgme_decrypt_status_handler): Remove log debug.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-20 10:32:52 +02:00
Werner Koch
65479fe7b8
core: Add 'is_mime' flags to the verify and decrypt results.
* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
* src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime'
and '_unused'.
(gpgme_op_decrypt_result_t): New field 'is_mime'.  Shrink '_unused'.

* tests/run-decrypt.c (print_result): Print MIME flag.
* tests/run-verify.c (print_result): Ditto.
--

Note that this flag (Liternal Data packet's 'm' mode) is only
specified in RFC-4880bis.  To use it you currently need to add
"rfc4880bis" to the the gpg.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:20:35 +02:00
Werner Koch
01435da498
core: Extend decryption result with symkey_algo.
* src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'.
* src/decrypt.c (release_op_data): Free SYMKEY_ALGO.
(gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL.
(parse_decryption_info): New.
(_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status.
* src/conversion.c (_gpgme_cipher_algo_name): New.
(_gpgme_cipher_mode_name): New.

* tests/run-decrypt.c (print_result): Print SYMKEY_ALGO

* src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 13:48:56 +02:00
Werner Koch
47f61df070
core: New context flag "auto-key-retrieve"
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag
"auto-key-retrieve".
* src/context.h (gpgme_context): New field auto_key_retrieve.
* src/engine-backend.h (struct engine_ops): Add arg auto_key_retrieve
to field 'decrypt'.
* src/engine-gpg.c (gpg_decrypt): Add arg auto_key_retrieve and pass
option --auto-key-retrieve to gpg.  Adjust all callers.
(gpg_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Add dummy arg auto_key_retrieve.
* src/engine-uiserver.c (uiserver_decrypt): Ditto.
* tests/run-verify.c (main): Add option --auto-key-retrieve.
--

This makes the --auto-key-retrieve option available in the GPGME API.

Test plan:
Run

  GPGME_DEBUG=9:out tests/run-verify SIGNEDFILE

with and without its new option --auto-key-retrieve and check in the
trace stored in "out" whether --auto-key-retrieve was passed to gpg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-24 17:17:11 +02:00
Andre Heinecke
d3796e4504
core: Fix status parsing for decrypt + verify
* src/decrypt.c (parse_status_error): Don't modify args.

--
Otherwise chained status handlers will not see the full args
which resulted in a parse error in the verify status handler.

GnuPG-Bug-Id: T3310
2017-07-27 14:23:25 +02:00
Werner Koch
ad0c5ab4cd
core: Return NO_SECKEY error code on decryption
* src/decrypt.c (op_data_t): Add flag any_no_seckey.
(_gpgme_decrypt_status_handler): Consult that flag.
(_gpgme_decrypt_status_handler): Set that flag.
--

The NO_SECKEY is emitted instead of an "S ERROR pkdecrypt_failed" if
gpg knowns that a key has been encrypted to that key (cf. "S ENC_TO").
it is not fool proffof but in the majority of cases we can provide a
better error message than just DECRYPTION_FAILED.

GnuPG-bug-id: 3270
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-12 18:30:49 +02:00
Werner Koch
d37bc7e025
core: Return CANCELED and BAD_PASSPHRASE error code on decryption.
* src/decrypt.c (op_data_t): Add field pkdecrypt_failed.
(_gpgme_decrypt_status_handler): Consult new field.
(parse_status_error): Handle some error codes.
--

The idea is to return only a limited set of error codes because a user
won't be able to understand the more esoteric codes.

GnuPG-bug-id: 3270
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-12 17:55:43 +02:00
Werner Koch
87703dbb86
core: Simplify parsing of STATUS_ERROR in decrypt.c
* src/decrypt.c (_gpgme_decrypt_status_handler): Factor some code out
to ...
(parse_status_error): new.  Modernize parsing.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-12 15:59:12 +02:00
Justus Winter
05fa2a9c77
Add flag 'is_de_vs' to decryption results and signatures.
* NEWS: Update.
* lang/cpp/src/decryptionresult.cpp (DecryptionResult::isDeVs): New
function.
* lang/cpp/src/decryptionresult.h (DecryptionResult::isDeVs): New
prototype.
* lang/cpp/src/verificationresult.cpp (Signature::isDeVs): New
function.
* lang/cpp/src/verificationresult.h (Signature::isDeVs): New
prototype.
* lang/python/src/results.py (DecryptResult): Turn field 'is_de_vs'
into a boolean.
(Signature): Likewise.
* src/decrypt.c (_gpgme_decrypt_status_handler): Handle the new
compliance status line.
* src/verify.c (_gpgme_verify_status_handler): Likewise.
* src/gpgme.h.in (gpgme_status_code_t): Add new status codes for the
new status lines.
* src/keylist.c (parse_pub_field18): Move function to 'util.h'.
(keylist_colon_handler): Adapt callsites.
* src/status-table.c (status_table): Add new status lines.
* src/util.h (PARSE_COMPLIANCE_FLAGS): New macro.  This used to be
'parse_pub_field18', but turned into a macro to make it polymorphic.
--

When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD.  This information can the be presented to the user.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 14:16:11 +02:00
Werner Koch
6ac1f2cded
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP.
* src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const.
(gpgme_decrypt_flags_t): New enum.
(GPGME_DECRYPT_VERIFY): New const
(GPGME_DECRYPT_UNWRAP): New const
(gpgme_op_decrypt_ext_start): New func.
(gpgme_op_decrypt_ext): New func.
* src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New.
(gpgme_op_decrypt_ext): New.
(decrypt_verify_start): Add arg FLAGS.  Replace call to
engine_op_decrypt_verify by the plain decrypt with the flag set.
(gpgme_op_decrypt_verify_start): Pass the flag.
(gpgme_op_decrypt_verify): Pass the flag.
* src/decrypt.c (decrypt_start): Rename to ...
(_gpgme_decrypt_start): this.  Add arg FLAGS.  Pass FLAGS to
engine_op_decrypt.
(gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG.
(gpgme_op_decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt_verify): Remove.
(_gpgme_engine_op_decrypt): Add arg FLAGS.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-backend.h (struct engine_ops): Remove member
'decrypt_verify'.  Add FLAGS to 'decrypt'.  Adjust all initialization.
* src/engine-uiserver.c (uiserver_decrypt): Remove.
(uiserver_decrypt_verify): Remove.
(_uiserver_decrypt): Rename to ...
(uiserver_decrypt): this.  Replace arg VERIFY by new arg FLAGS.
* src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP.
(gpg_encrypt): Support GPGME_ENCRYPT_WRAP.

* tests/run-decrypt.c (main): New option --unwrap.
* tests/run-encrypt.c (main): New option --wrap.
--

Manual testing of that wrap/unwrap feature can be done this way:

 ./run-encrypt --verbose --key Alice /etc/motd > x
 ./run-decrypt --verbose --unwrap x > y
 ./run-encrypt --verbose --key Bob --wrap y > z

1. The message was first encrypted to Alice.
2. Alice decrypts the message receiving a valid OpenPGP message.
3. Alice encrypt that message to Bob

This will also work with encrypted and signed messages; the signature
will be kept intact during re-encryption.  Requires GnuPG 2.1.12.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 15:17:23 +01:00
Werner Koch
7659d42468
core: Implement context flag "override-session-key".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.

* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.

--

To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.

The patch also implements the --override-session-key feature.

GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 10:34:13 +01:00
Daniel Kahn Gillmor
cad1210fb8
core: Enable extraction of session keys.
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.

--

gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case.  However, session key export is also
useful in other use cases.  Two examples from MUA development (where
this functionality would be specifically useful to me right now):

 * If the MUA stores a local copy of the session key upon decrypting
   the message, it can re-decrypt the message without expensive
   asymmetric operations.  When rendering a thread with dozens of
   encrypted messages, this can represent a significant speedup.

 * A user may have expired encryption-capable secret key material,
   along with many messages encrypted to that material.  If she stores
   the session keys for those messages she wants to keep, she can
   destroy her secret key material and make any messages she has
   deleted completely unrecoverable, even to an attacker who gets her
   remaining secret keys in the future.

This patchset makes a two specific implementation decisions that could
have gone in different ways.  I welcome feedback on preferred outcomes.

 0) session key representation: we currently represent the session key
    as an opaque textual string, rather than trying to provide any
    sort of in-memory structure.  While it wouldn't be hard to parse
    the data produced by gpg's --export-session-key, I chose to use
    the opaque string rather than lock in a particular data format.

 1) API/ABI: i've added a member to gpgme_op_decrypt_result_t.  This
    has the potential to cause an out-of-bound memory access if
    someone uses code compiled against the newer verision, but linked
    at runtime against an older version.  I've attempted to limit that
    risk by documenting that users must verify
    gpgme_get_export_session_keys() before accessing this new struct
    member -- this means that code expecting this capability will
    require the symbol at link-time, and will refuse to link against
    older versions.

    Another approach to solving this problem would be to avoid
    modifying gpgme_op_decrypt_result_t, and to introduce instead a
    new function gpgme_op_session_key(), which could be called in the
    same places as gpgme_op_decrypt_result().  Depending on the
    representation of the session key, this might introduce new
    memory-management burdens on the user of the library, and the
    session key is certainly part of a decryption result, so it seemed
    simpler to go with what i have here.

If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.

Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/

If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.

Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user.  Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API.  Unless someone tinkers with
the build system, this should never happen.  We have added new fields
to result structure may times and I can't remember any problems.

 - wk
2016-11-15 08:52:06 +01:00
Werner Koch
88f2c1c0d1
api: Add new function gpgme_set_ctx_flag.
* src/gpgme.h.in (gpgme_set_ctx_flag): New prototype.
* src/gpgme.c (gpgme_set_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/context.h (struct gpgme_context): Add FULL_STATUS.
* src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the
  status callback if FULL_STATUS is set.
* src/genkey.c (genkey_status_handler): Ditto.
* src/passphrase.c (_gpgme_passphrase_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

* src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add
adjust all definitions of that variable.
* src/engine.c (_gpgme_engine_set_status_cb): New.
* src/op-support.c (_gpgme_op_reset): Call this function.

* src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and
MON_CB_VALUE.
(gpg_set_status_cb): New.
(_gpgme_engine_ops_gpg): Register that function.
(read_status): Call the monitor callback.

* src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and
MON_CB_VALUE.
(_gpgme_engine_ops_gpgsm): Register that function.
(gpgsm_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB
and MON_CB_VALUE.
(_gpgme_engine_ops_uiserver): Register that function.
(uiserver_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* tests/run-verify.c (status_cb): New.
(print_result): Print algo names.
(main): Add option --status.
--

This new feature is mainly intended for bug tracking.  Having access
to the raw status lines might also be useful for applications, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-19 17:04:54 +02:00
Werner Koch
8ddc5801ad
Improve error return by checking the FAILURE status.
* src/gpgme.h.in (GPGME_STATUS_FAILURE): New.
* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.

* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.

--

This requires GnuPG 2.1.8 to actually make a difference.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 13:23:51 +02:00
Ben Kibbey
6dd24c3c61 Parse the INQUIRE_MAXLEN status message.
* src/gpgme.h.in: (gpgme_status_code_t): Add INQUIRE_MAXLEN.
* src/status-table.c (status_table_s): Ditto.
* src/genkey.c (genkey_status_handler): Parse INQUIRE_MAXLEN.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

This status message informs the client of the maximum length of an
inquired line. It is sent from gpg and forwarded to the client via
gpgme_status_cb_t.
2015-08-15 18:19:27 -04:00
Werner Koch
d5fb92cdae Map public key algos returned by gpg to gpgme values.
* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
algo.
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.

* src/gpgme.h.in (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.
--

This affects only the not yet released ECC code of GnuPG 2.1.
2014-05-08 14:11:58 +02:00
Werner Koch
bd24feaa86 Trace the use of GPG_ERR_INV_ENGINE.
* src/debug.h: Include "gpgme.h"
(_gpgme_trace_gpgme_error): New.
(trace_gpg_error): New macro.  Use it in all files where we return
GPG_ERR_INV_ENGINE; also "include debug.h" as needed.
--

This is a pretty common error code but often it is hard to figure out
the actual cause.  With debug level 4 we now print the file name and
line number where this error code is generated by gpgme.  Along with
the git revision printed in the first log lines, this should give us
an easier way to track down the problems related to this error code.
2012-10-19 11:23:39 +02:00
Werner Koch
139e798c87 Remove all trailing whitespace from source files
--
Command used:  sed -i 's,[ \t]*$,,' FILE
2012-09-25 15:29:49 +02:00
Marcus Brinkmann
885243e054 Rework status table to be less dynamically generated.
* src/Makefile.am (EXTRA_DIST): Remove mkstatus.
(BUILT_SOURCE, MOSTLYCLEANFILES): Remove.
(main_sources): Remove status-table.h, extra-stati.h.
Add status-table.c.
(status-table.h): Remove rules for built source.
* src/decrypt.c: Don't include extra-stati.h.
* src/engine-gpg.c: Don't include status-table.h.
(status_cmp): Remove function.
(read_status): Use _gpgme_parse_status.
* src/engine-gpgsm.c: Don't include status-table.h.
(status_cmp, parse_status): Remove function.
(gpgsm_assuan_simple_command, status_handler): Use _gpgme_parse_status.
* src/engine-uiserver.c: Don't include status-table.h.
(status_cmp, parse_status): Remove function.
(uiserver_assuan_simple_command, status_handler): Use
_gpgme_parse_status.
* src/gpgme.h.in (gpgme_status_code_t): Add
GPGME_STATUS_DECRYPTION_INFO.
* src/util.h (_gpgme_status_init,_gpgme_parse_status): New declaration.
* src/status-table.c: New file.
* src/extra-stati.h, src/mkstatus: Files removed.
* version.c (do_subsystem_inits): Call _gpgme_status_init.
2012-02-14 13:34:44 +01:00
Marcus Brinkmann
b34add3fe4 Check context pointers for null pointer on entry points. 2011-05-26 16:01:26 +02:00
Werner Koch
55ad4d80e2 Add support for non-API GnuPG status codes.
As an example stub code for DECRYTPION_INFO has been added.  Note
that the status codes in gpgme.h do only make sense for the edit
interactor interface and thus certain codes don't need to be part of
the public interface.
2011-02-03 20:49:41 +01:00
Marcus Brinkmann
749325d6c1 2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Require libgpg-error 1.8.

src/
2010-05-06  Marcus Brinkmann  <marcus@g10code.de>

	* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
	decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
	data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
	gpg_error_from_syserror instead gpg_error_from_errno, and use
	gpg_err_set_errno to set error number.
	* setenv.c: Include <gpg-error.h> and define __set_errno to use
	gpg_err_set_errno.
	* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
	mapped in Windows CE) instead of E2BIG (which is not).
	(gt_import_keys): Initialize err.
2010-05-06 13:39:55 +00:00
Marcus Brinkmann
65ecec1abe 2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* decrypt.c (gpgme_op_decrypt_start): Fix use of debug macro.
	* decrypt-verify.c (gpgme_op_decrypt_verify_start): Likewise.
	* delete.c (gpgme_op_delete_start): Likewise.
	* edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start):
	Likewise.
	* encrypt.c (gpgme_op_encrypt_start): Likewise.
	* encrypt-sign.c (gpgme_op_encrypt_sign_start): Likewise.
	* export.c (gpgme_op_export_start, gpgme_op_export_ext_start)
	(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
	* genkey.c (gpgme_op_genkey_start): Likewise.
	* getauditlog.c (gpgme_op_getauditlog_start): Likewise.
	* import.c (gpgme_op_import_start, gpgme_op_import_keys_start):
	Likewise.
	* opassuan.c (gpgme_op_assuan_transact_start): Likewise.
	* sign.c (gpgme_op_sign_start): Likewise.
	* verify.c (gpgme_op_verify_start): Likewise.
	* vfs-create.c (gpgme_op_vfs_create): Likewise.
	* vfs-mount.c (gpgme_op_vfs_mount): Likewise.
2009-11-05 02:17:07 +00:00
Marcus Brinkmann
490661821a 2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* debug.h (_gpgme_debug_buffer): Make TAG argument const const.
	* debug.c (_gpgme_debug_buffer): Likewise.
	* gpgme-tool.c (input_notify, output_notify): Adjust type to new
	assuan interface.
	* decrypt.c (gpgme_op_decrypt_result): Remove unused variable.
	* opassuan.c (gpgme_op_assuan_transact): Fix return value.
2009-11-02 17:18:48 +00:00
Marcus Brinkmann
36e2c1a9d1 2009-10-27 Marcus Brinkmann <marcus@g10code.de>
* edit.c (gpgme_op_edit_start, gpgme_op_edit)
	(gpgme_op_card_edit_start, gpgme_op_card_edit): Add debug output.
	* encrypt-sign.c (gpgme_op_encrypt_sign_start)
	(gpgme_op_encrypt_sign): Likewise.
	* encrypt.c (gpgme_op_encrypt_start, gpgme_op_encrypt)
	(gpgme_op_encrypt_result): Likewise.
	* export.c (gpgme_op_export_start, gpgme_op_export)
	(gpgme_op_export_ext_start, gpgme_op_export_ext)
	(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
	* genkey.c (gpgme_op_genkey_start, gpgme_op_genkey)
	(gpgme_op_genkey_result): Likewise.
	* getauditlog.c (gpgme_op_getauditlog_start)
	(gpgme_op_getauditlog): Likewise.
	* import.c (gpgme_op_import_result, gpgme_op_import_start)
	(gpgme_op_import): Likewise.
	* keylist.c (gpgme_op_keylist_result, keylist_colon_handler)
	(gpgme_op_keylist_start, gpgme_op_keylist_ext_start)
	(gpgme_op_keylist_next, gpgme_op_keylist_end, gpgme_get_key): Likewise.
	* opassuan.c (gpgme_op_assuan_transact_start)
	(gpgme_op_assuan_transact_ext, gpgme_op_assuan_result)
	(gpgme_op_assuan_transact): Likewise.
	* signers.c (gpgme_signers_add, gpgme_signers_clear): Likewise.
	* trustlist.c (gpgme_op_trustlist_start)
	(gpgme_op_trustlist_next, gpgme_op_trustlist_end): Likewise.
	* verify.c (gpgme_op_verify_start, gpgme_op_verify)
	(gpgme_op_verify_result): Likewise.
2009-10-27 19:23:56 +00:00
Marcus Brinkmann
ca67902311 2009-10-26 Marcus Brinkmann <marcus@g10code.de>
* debug.h (DEBUG_GLOBAL): New debug level.
	* conversion.c (gnupg_errors, _gpgme_map_gnupg_error): Removed.
	* data-user.c (gpgme_data_new_from_cbs): Add debug output.
	* data-fd.c (gpgme_data_new_from_fd): Likewise.
	* data-stream.c (gpgme_data_new_from_stream): Likewise.
	* decrypt.c (gpgme_op_decrypt_result, gpgme_op_decrypt_start)
	(gpgme_op_decrypt): Likewise.
	* delete.c (gpgme_op_delete_start, gpgme_op_delete): Likewise.
	* decrypt-verify.c (gpgme_op_decrypt_verify_start)
	(gpgme_op_decrypt_verify): Likewise.
	* sign.c (gpgme_op_sign_result): Fix debug message.
	* data-mem.c (gpgme_data_new): Improve debug output.
	* verify.c (parse_trust): Use atoi instead of
	_gpgme_map_gnupg_error.
	* decrypt.c (_gpgme_decrypt_status_handler): Likewise.
2009-10-26 17:38:39 +00:00
Werner Koch
92394f92d4 Fix SIGPIPE ignoring regression.
Fix unsupported algorithm detection.
2008-11-18 11:12:36 +00:00
Marcus Brinkmann
66d0fa1973 008-11-03 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Replace gpgme paths with src.
        * gpgme: Move to ...
        * src: ... this new directory.

assuan/
2008-11-03  Marcus Brinkmann  <marcus@g10code.com>

	* Makefile.am (INCLUDES): Replace gpgme path with src.

tests/
2008-11-03  Marcus Brinkmann  <marcus@g10code.com>

        * gpgsm/Makefile.am (INCLUDES, LDADD): Replace gpgme path with src.
        * gpg/Makefile.am (INCLUDES, LDADD, t_thread1_LDADD): Likewise.
	* Makefile.am (LDADD): Likewise.
2008-11-03 17:24:09 +00:00