Commit Graph

20 Commits

Author SHA1 Message Date
Werner Koch
38798fee5b
core: Adjust for TOFU_STATS change in gnupg 2.1.16.
* src/gpgme.h.in (_gpgme_tofu_info): Change 'firstseen' and 'lastseen'
to a timestamp value.
* src/verify.c (parse_tofu_stats): Do not cap these values at UINT_MAX.
--

Using an unsigned long here is okay: We will never get an error and
even on machines where unsigned long is 32 bit (e.g. Windows64) this
allows us to operate until 2106.  By then Windows will be a footnote
in history or Windows128 has changed that type to something larger
than 32 bit ;-)

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-24 20:10:54 +02:00
Werner Koch
1eefc2d43c
core: Set the 'encrcount' field in gpgme_tofu_info_t.
* src/verify.c (parse_tofu_stats): Set ENCRCOUNT field.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-24 16:04:54 +02:00
Werner Koch
2972c44bd7
core: Put the protocol into a TOFU created key object.
* src/verify.c (parse_tofu_user): Add arg 'protocol' and store it in
the KEY.
(_gpgme_verify_status_handler): Pass protocol.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-23 15:55:55 +02:00
Werner Koch
be4ff75d7d
core: Change the way TOFU information are represented.
* src/gpgme.h.in (struct _gpgme_signature): Remove field 'tofu'.  Add
field 'key'.
(struct _gpgme_key): Add field 'fpr'.
(struct _gpgme_user_id): Add field 'tofu'.
(struct _gpgme_tofu_info): Remove fields 'address' and 'fpr'.
* src/key.c (gpgme_key_unref): Release TOFU and FPR.
* src/keylist.c (keylist_colon_handler): Store the fingerprint of the
first subkey also in KEY.
* src/verify.c (release_tofu_info): Remove.
(release_op_data): Release KEY.
(parse_tofu_user): Rewrite for new data structure.
(parse_tofu_stats): Ditto.
(parse_tofu_stats_long): Ditto.
* tests/run-verify.c (print_result): Ditto.
* tests/run-keylist.c (main): Print more fields.
--

TOFU information are now associated with the user ID and not with a
separate object.

Note that this breaks code relying on the former non-released TOFU
feature.  The C++ bindings won't work right now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-23 15:24:10 +02:00
Werner Koch
1cacd7d00a
core: Set notation flags for verify.
* src/gpgme.h.in (GPGME_STATUS_NOTATION_FLAGS): New.
* src/status-table.c (status_table): Add new status.
* src/verify.c (parse_notation): Handle flags.  Also fix NOTATION_DATA
in case gpg would not percent-escape spaces.
(_gpgme_verify_status_handler): Handle flags.
* tests/run-verify.c (print_result): Print notaion data.
--

Note that this does only work with the soon to be released GnuPG
2.1.13.
2016-06-01 11:11:04 +02:00
Werner Koch
10df06ee8f
api: Return Tofu info for signatures.
* src/gpgme.h.in (gpgme_tofu_policy_t): New.
(gpgme_status_code_t): Add status codes for TOFU.
(struct _gpgme_tofu_info, gpgme_tofu_info_t): New.
(struct _gpgme_signature): Add field 'tofu'.
* src/status-table.c (status_table): Add new codes.
* src/verify.c: Include limits.h.
(release_tofu_info): New.
(release_op_data): Call that.
(parse_tofu_user): New.
(parse_tofu_stats): New.
(parse_tofu_stats_long): New.
(_gpgme_verify_status_handler): Handle TOFU status lines.

* tests/run-verify.c (print_description): New.
(print_result): print tofu info.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 10:32:51 +02:00
Werner Koch
5aa8e588e1
api: Remove arbitrary restriction from gpgme_op_verify.
* src/verify.c (verify_start): Do not return GPG_ERR_INV_VALUES when
when SIGNED_TEXT is not given.
--

The original idea behind this restriction probably was that it is
useless to verify a non-detached signatures without also returning the
signed text.  However, it is sometimes useful to just check the
signature, for example to see who signed it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-19 17:02:13 +02:00
Werner Koch
8ddc5801ad
Improve error return by checking the FAILURE status.
* src/gpgme.h.in (GPGME_STATUS_FAILURE): New.
* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.

* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.

--

This requires GnuPG 2.1.8 to actually make a difference.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 13:23:51 +02:00
Matthew Barnes
87d713ff41
Set GPGME_SIGSUM_KEY_REVOKED also for gpg.
* src/verify.c (calc_sig_summary): Handle GPG_ERR_CERT_REVOKED.

--

parse_new_sig() handles a revoked key by setting sig->status to
GPG_ERR_CERT_REVOKED, but then later calc_sig_summary() expects that
code in sig->validity_reason.

Additional comments added by wk.
2015-06-05 14:58:06 +02:00
Werner Koch
d5fb92cdae Map public key algos returned by gpg to gpgme values.
* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
algo.
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.

* src/gpgme.h.in (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.
--

This affects only the not yet released ECC code of GnuPG 2.1.
2014-05-08 14:11:58 +02:00
Werner Koch
bd24feaa86 Trace the use of GPG_ERR_INV_ENGINE.
* src/debug.h: Include "gpgme.h"
(_gpgme_trace_gpgme_error): New.
(trace_gpg_error): New macro.  Use it in all files where we return
GPG_ERR_INV_ENGINE; also "include debug.h" as needed.
--

This is a pretty common error code but often it is hard to figure out
the actual cause.  With debug level 4 we now print the file name and
line number where this error code is generated by gpgme.  Along with
the git revision printed in the first log lines, this should give us
an easier way to track down the problems related to this error code.
2012-10-19 11:23:39 +02:00
Werner Koch
d6402b888f Update signature summary for the case of missing X.509 keys.
* src/verify.c (gpgme_op_verify_result): Update summary field.
--

This is actually a hack to solve the problem that GPGME currently does
not emit ERRSIG for a missing public key.
2012-05-02 10:30:09 +02:00
Werner Koch
22de98b7a6 Remove trailing white space
--
2012-04-30 17:42:53 +02:00
Marcus Brinkmann
b34add3fe4 Check context pointers for null pointer on entry points. 2011-05-26 16:01:26 +02:00
Marcus Brinkmann
749325d6c1 2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Require libgpg-error 1.8.

src/
2010-05-06  Marcus Brinkmann  <marcus@g10code.de>

	* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
	decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
	data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
	gpg_error_from_syserror instead gpg_error_from_errno, and use
	gpg_err_set_errno to set error number.
	* setenv.c: Include <gpg-error.h> and define __set_errno to use
	gpg_err_set_errno.
	* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
	mapped in Windows CE) instead of E2BIG (which is not).
	(gt_import_keys): Initialize err.
2010-05-06 13:39:55 +00:00
Marcus Brinkmann
65ecec1abe 2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* decrypt.c (gpgme_op_decrypt_start): Fix use of debug macro.
	* decrypt-verify.c (gpgme_op_decrypt_verify_start): Likewise.
	* delete.c (gpgme_op_delete_start): Likewise.
	* edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start):
	Likewise.
	* encrypt.c (gpgme_op_encrypt_start): Likewise.
	* encrypt-sign.c (gpgme_op_encrypt_sign_start): Likewise.
	* export.c (gpgme_op_export_start, gpgme_op_export_ext_start)
	(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
	* genkey.c (gpgme_op_genkey_start): Likewise.
	* getauditlog.c (gpgme_op_getauditlog_start): Likewise.
	* import.c (gpgme_op_import_start, gpgme_op_import_keys_start):
	Likewise.
	* opassuan.c (gpgme_op_assuan_transact_start): Likewise.
	* sign.c (gpgme_op_sign_start): Likewise.
	* verify.c (gpgme_op_verify_start): Likewise.
	* vfs-create.c (gpgme_op_vfs_create): Likewise.
	* vfs-mount.c (gpgme_op_vfs_mount): Likewise.
2009-11-05 02:17:07 +00:00
Werner Koch
fc0fd88d7f Prepare for a new protocol.
Comment clarification.
2009-11-03 20:27:35 +00:00
Marcus Brinkmann
36e2c1a9d1 2009-10-27 Marcus Brinkmann <marcus@g10code.de>
* edit.c (gpgme_op_edit_start, gpgme_op_edit)
	(gpgme_op_card_edit_start, gpgme_op_card_edit): Add debug output.
	* encrypt-sign.c (gpgme_op_encrypt_sign_start)
	(gpgme_op_encrypt_sign): Likewise.
	* encrypt.c (gpgme_op_encrypt_start, gpgme_op_encrypt)
	(gpgme_op_encrypt_result): Likewise.
	* export.c (gpgme_op_export_start, gpgme_op_export)
	(gpgme_op_export_ext_start, gpgme_op_export_ext)
	(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
	* genkey.c (gpgme_op_genkey_start, gpgme_op_genkey)
	(gpgme_op_genkey_result): Likewise.
	* getauditlog.c (gpgme_op_getauditlog_start)
	(gpgme_op_getauditlog): Likewise.
	* import.c (gpgme_op_import_result, gpgme_op_import_start)
	(gpgme_op_import): Likewise.
	* keylist.c (gpgme_op_keylist_result, keylist_colon_handler)
	(gpgme_op_keylist_start, gpgme_op_keylist_ext_start)
	(gpgme_op_keylist_next, gpgme_op_keylist_end, gpgme_get_key): Likewise.
	* opassuan.c (gpgme_op_assuan_transact_start)
	(gpgme_op_assuan_transact_ext, gpgme_op_assuan_result)
	(gpgme_op_assuan_transact): Likewise.
	* signers.c (gpgme_signers_add, gpgme_signers_clear): Likewise.
	* trustlist.c (gpgme_op_trustlist_start)
	(gpgme_op_trustlist_next, gpgme_op_trustlist_end): Likewise.
	* verify.c (gpgme_op_verify_start, gpgme_op_verify)
	(gpgme_op_verify_result): Likewise.
2009-10-27 19:23:56 +00:00
Marcus Brinkmann
ca67902311 2009-10-26 Marcus Brinkmann <marcus@g10code.de>
* debug.h (DEBUG_GLOBAL): New debug level.
	* conversion.c (gnupg_errors, _gpgme_map_gnupg_error): Removed.
	* data-user.c (gpgme_data_new_from_cbs): Add debug output.
	* data-fd.c (gpgme_data_new_from_fd): Likewise.
	* data-stream.c (gpgme_data_new_from_stream): Likewise.
	* decrypt.c (gpgme_op_decrypt_result, gpgme_op_decrypt_start)
	(gpgme_op_decrypt): Likewise.
	* delete.c (gpgme_op_delete_start, gpgme_op_delete): Likewise.
	* decrypt-verify.c (gpgme_op_decrypt_verify_start)
	(gpgme_op_decrypt_verify): Likewise.
	* sign.c (gpgme_op_sign_result): Fix debug message.
	* data-mem.c (gpgme_data_new): Improve debug output.
	* verify.c (parse_trust): Use atoi instead of
	_gpgme_map_gnupg_error.
	* decrypt.c (_gpgme_decrypt_status_handler): Likewise.
2009-10-26 17:38:39 +00:00
Marcus Brinkmann
66d0fa1973 008-11-03 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Replace gpgme paths with src.
        * gpgme: Move to ...
        * src: ... this new directory.

assuan/
2008-11-03  Marcus Brinkmann  <marcus@g10code.com>

	* Makefile.am (INCLUDES): Replace gpgme path with src.

tests/
2008-11-03  Marcus Brinkmann  <marcus@g10code.com>

        * gpgsm/Makefile.am (INCLUDES, LDADD): Replace gpgme path with src.
        * gpg/Makefile.am (INCLUDES, LDADD, t_thread1_LDADD): Likewise.
	* Makefile.am (LDADD): Likewise.
2008-11-03 17:24:09 +00:00