* src/cJSON.c, src/gpgme-json.c (CALLOC_ONLY): New define
to change xmalloc / xtrymalloc to use calloc.
--
Some people consider malloc dangerous as it might allow an
information leak.
* src/gpgme-json.c (encode_and_chunk): Don't error out
if no chunksize is provided.
--
This fixes 82e4b900a9 which
caused every call without chunksize to error out.
* src/gpgme-json.c (create_keylist_patterns): Use CNT as first arg for
xcalloc.
(process_request): s/strdup/xtrystrdup/.
--
calloc takes two arguments so to be able to detect integer overflow.
Thus if we switch from malloc to calloc we should utilize that.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme-json.c (native_messaging_repl): Free request and
response after each loop.
--
If we only accept once request we should not loop. If we loop
we should do it properly.
* src/gpgme-json.c (native_messaging_repl): Ensure that the
request is NULL terminated.
--
This avoids potential memory leaks and access to unmapped memory
in case the request was not terminated.
Other request functions use es_read_line which gurantees NULL
termination.
* src/gpgme-json.c (encode_and_chunk): Try to always
return at least an error.
(process_request): Double check that it does not return NULL.
--
If process_request returns NULL the following strlen on it
would crash.
* src/gpgme-json.c (create_keylist_patterns): Reserve two
pointers more then linefeeds.
(create_keylist_patterns): Fix loop to count linebreaks.
(create_keylist_patterns): Use calloc for good measure.
--
This fixes crashes and memory corruption as cnt did not
match i.
* src/gpgme-json.c (process_request): Init res. Check for
json object before encode and chunk.
--
If json is invalid we can't read chunksize and would crash
in encode and chunk.
* src/gpgme-json.c (add_secret_fprs): New helper.
(op_export, hlp_export): Extend for with-sec fprs.
--
This is a request from Mailvelope, to import an export
they need the information for which keys from the export
a secret key is also available. For simplicity it is
much preferred to get this information in a single call
without the need to do and parse a keylisting additionally
in a second native-messaging call.
So we make it optional to include that info in the export.
* src/gpgme-json.c (op_keylist, hlp_keylist): Add locate.
--
The same rationale for the KEYLIST_MODE_LOCATE in GPGME
also applies here. It makes the API a little less magic.
* src/gpgme-json.c (main): Add possibilty to set log file.
--
This is similar to how GPGME_DEBUG works. It takes ; on
Windows as seperator and : on linux. Followed by a file name.
For Linux it might make sense to use a different seperator
to allow setting a socket explicitly. But this is better
in line with the current GPGME_DEBUG behavior.
The change helps on Windows where we don't have a
log socket.
* src/gpgme-json.c (hlp_createkey, op_createkey): New.
(process_request, hlp_help): Add it.
--
This uses an unrestricted context for now until
GnuPG-Bug-Id: T4010
is implemented in GnuPG.
* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): Lower value to
new real minimum.
(DEF_REPLY_CHUNK_SIZE): Don't chunk by default.
(pending_data): Remove type and base64.
(make_data_object): Remove chunksize handling as this is now
generic.
(encode_and_chunk): Setup the pending_data buffer for chunking
if required.
(op_getmore): Changed to generically work on a response.
(hlp_getmore): Update accordingly.
(hlp_help): Document chunksize as generic parameter for all commands.
(process_request): Use encode_and_chunk on the response.
(hlp_encrypt, op_encrypt, hlp_decrypt, op_decrypt),
(hlp_verify, op_verify, hlp_sign, op_sign),
(op_keylist, hlp_keylist, hlp_export, op_export): Update accordingly.
--
To include handling for json properties e.g. in a keylist in
the chunk mechanism the mechanism is now more general.
If the chunksize property is provided the response will
always look exactly like a "getmore" response. E.g.
e.g.:
{
"op": "keylist",
"chunksize": 64
}
Results in:
{
"more": true,
"base64": true,
"response": "ewoJImtleXMiOglbewoJCQkicmV2b2tlZCI6"
}
For simplicity this is even true if the chunksize is larger
then the response.
The client has to combine all "response" chunks and base64
decode them to get valid json.
The complete response (including json) is never larger then
the chunksize but might be smaller. Except for interactive
use due to additional format characters.
* src/gpgme-json.c (sigsum_to_json): Add bool repr.
(signature_to_json, verify_result_to_json): Extend and follow better
pattern.
(hlp_decrypt, hlp_verify): Expand doc.
--
This should make it more clear which values are mapped as
the naming is more direct and clear and help to use
the gpgme documentation to understand the verify_result values.
* src/gpgme-json.c (op_config_opt, hlp_config_opt): New operation.
(process_request, hlp_help): Add it.
--
This is more conveniant API for most query operations where
a single option is required.
An example would be:
{
"op": "config_opt",
"component": "gpg",
"option": "default-key"
}
Which results in:
{
"option": {
"name": "default-key",
"description": "use NAME as default secret key",
"argname": "NAME",
"flags": 0,
"level": 0,
"type": 1,
"alt_type": 1,
"value": [{
"string": "F462B6B1",
"is_none": false
}]
}
}
* src/gpgme-json.c (op_export, op_delete): Return GPG_ERR_FORBIDDEN if
"secret" is used.
--
This should not be possible from a browser and we need to make this
fully clear. Actually gpg-agent won't allow that anyway but having
this explicitly is better.
If that is ever needed a dedicated command line option may enable
this, for example when used by regular programs and not by the browser.
But that requires other changes as well.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme-json.c (create_onetime_context): New.
(release_onetime_context): New.
(op_sign): Use the new fucntions to create a separate context.
(op_encrypt): Use a separate context for key listings.
(create_keylist_patterns): Remove unneeded cast.
--
get_context retruns a static per-process context and can thus not be
used as a separate context. Use dedicated fucntions for this.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme-json.c (op_encrypt): Add optional signing_keys param.
(get_keys, create_keylist_patterns): Add param for json object name.
--
If the optional parameter signing_keys is provided to encrypt
it becomes an encrypt-sign operation.
* src/gpgme-json.c (add_summary_to_object): Changed to:
sigsum_to_json.
(add_signature_to_object): Changed to signature_to_json.
(add_signatures_to_object): Changed to verify_result_to_json.
(add_ei_to_object): Changed to engine_info_to_json.
(op_decrypt, op_verify, op_version): Use new functions.
--
This pattern of gpgme_type to json object conversion
is much cleaner then the error returning "add to object"
functions.
* src/gpgme-json.c (xjson_AddStringToObject0)
(xjson_AddItemToObject): New helpers.
(sig_notation_to_json, key_sig_to_json, tofu_to_json)
(uid_to_json, subkey_to_json, key_to_json): New
GPGME to JSON functions.
(op_keylist): New.
(process_request): Add op_keylist.
--
The conversion from GPGME data structures to
JSON follow the same pattern for the keylist
functions using the xjson wrappers instead
of error checking every cJSON call.
For large keylists the keylist command also
needs a data / getmore handling somehow.
* gpgme-json.c (get_string_data): New.
(op_verify, op_sign, op_decrypt, op_encrypt): Use it.
--
This handles the common base64 decoding and creation of the
gpgme_data object.
* src/gpgme-json.c (gpg_error_object): New.
(error_object_v): Extend to take error.
--
Having the error code is helpful, especially as
the strerrors are localized. E.g. to detect
an ERROR_CANCELED.
* src/gpgme-json.c (op_verify): New.
(hlp_help): Add verify.
(process_request): Add verify.
--
Mostly works, except for detached, base64 encoded signatures,
they are somehow not yet written to gpgme.
* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.
--
That is what happens if you edit code while reviewing changes,
without testing it again,..
* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): New const.
(DEF_REPLY_CHUNK_SIZE): New const.
(MAX_REPLY_CHUNK_SIZE): New const.
(pending_data): New var.
(add_base64_to_object): Chnage to take a plain data pointer.
(get_chunksize): New.
(make_data_object): New.
(op_encrypt): Get chunksize and use make_data_object.
(op_getmore): New.
(process_request): Release pending data for all commands but "getmore"
and "help".
--
Native messaging has a limit on the data it may receive in one
request. Thus the caller needs to watch for the "more" flag and
request the remaining data using "getmore" in a loop.
Signed-off-by: Werner Koch <wk@gnupg.org>
