Commit Graph

29 Commits

Author SHA1 Message Date
Ingo Klöcker
963ace1f9f
core: Support direct signing of file with gpg
* src/gpgme.h.in (GPGME_SIG_MODE_FILE): New signature mode flag.
* src/engine-gpg.c (gpg_sign): Separate signature mode from additional
flags. Check for incompatible flags. Explicitly set output to stdout if
no output file is used. Pass filename instead of fd to gpg when new flag
is set.
* src/engine-gpgsm.c (gpgsm_sign): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_sign): Ditto.
* src/sign.c (sign_start): Consider new flag on check for invalid flags.

* tests/run-sign.c (show_usage): New options --detach and
--direct-file-io.
(main): Parse new options. Create a detached signature if --detach is
given. Make gpg read the input file itself if --direct-file-io is given.
--

With this change the gpgme_op_sign* functions gain the possibility to
make gpg read the data to sign directly from a file instead of from an
input FD to which it is written by gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:09:33 +01:00
Ingo Klöcker
77e982579c
core: Preserve more specific existing failure code
* src/decrypt.c (_gpgme_decrypt_status_handler): Ignore received failure
code if we already have a specific failure code.
* src/encrypt.c (_gpgme_encrypt_status_handler): Ditto.
* src/export.c (export_status_handler): Ditto.
* src/genkey.c (genkey_status_handler): Ditto.
* src/keylist.c (keylist_status_handler): Ditto.
* src/keysign.c (keysign_status_handler): Ditto.
* src/passwd.c (passwd_status_handler): Ditto.
* src/revsig.c (revsig_status_handler): Ditto.
* src/setexpire.c (setexpire_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.
* src/tofupolicy.c (tofu_policy_status_handler): Ditto.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
--

Usually, a process emits at most one failure code. But some operations
like the creation of an encrypted archive involve multiple chained
processes, so that multiple failure codes can be received. We want to
keep the first specific failure code we received. Further failure codes
are only parsed if we received just an unspecific "general error" so
far.

GnuPG-bug-id: 6575
2023-11-14 13:51:24 +01:00
Ingo Klöcker
57205c1dfa
doc: Fix typos in documentation and source code comments
--

Anonymous contribution

Signed-off-by: Ingo Klöcker <dev@ingo-kloecker.de>
2023-10-13 09:18:12 +02:00
Ingo Klöcker
48b11f5762
core: Use signature modes as flags
* src/engine-backend.h (engine_ops.sign): Rename argument mode to
flags.
* src/engine-gpg.c (gpg_sign): Rename argument mode to flags. Check
for invalid combination of flags.
* src/engine-gpgsm.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine-uiserver.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_sign): Rename argument
mode to flags.
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): Change value to 4.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
* src/sign.c (sign_start): Rename argument mode to flags. Adjust
check for invalid flags.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
--

Using the signature mode constants as flags is more natural, even if
currently all flags are mutually exclusive, because archives are
signed with a normal signature.

GnuPG-bug-id: 6342
2023-01-30 12:49:11 +01:00
Ingo Klöcker
0ca45e48b4
core: Support usage of gpgtar for creating a signed archive
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): New signature mode.
* src/engine-gpg.c (append_args_from_sender,
append_args_from_sig_notations): Use add_gpg_arg_with_value
for gpg-only options with a value.
(gpg_sign): Set use_gpgtar engine flag if GPGME_SIG_MODE_ARCHIVE mode
is set. Check for new enough gpg. Use add_gpg_arg_with_value for
gpg-only options with a value and add_gpg_arg for gpg-only options
without a value. Set extra options for gpgtar and pass input data to
stdin when using gpgtar.
* src/sign.c (sign_start): Add GPGME_SIG_MODE_ARCHIVE as valid mode.

* tests/run-sign.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Sign with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

With this change the gpgme_op_sign* functions get support for
creating a signed archive from files and/or directories passed as
NUL-separated list in the "in" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-19 10:45:04 +01:00
Werner Koch
b1e5f3b183
core: Fix SIG_CREATED status parsing for 0x1F sigs
* src/sign.c (parse_sig_created): Special case the rfc4880 "1F" status.
--

This has always been wrong but we can't simply force strtol to assume
hex.  Patch compiles but has received no specific test.  For details
see
GnuPG-bug-id: 6223
2022-09-29 09:59:27 +02:00
Werner Koch
5857491a2a
core: Simplify the trace maros by using variadics.
* src/debug.h (TRACE_BEG, TRACE_LOG, TRACE_SUC): Use variadic macros
and remove the TRACE_BEG1 et al.  Change all users to always pass a
format string.
(TRACE): Ditto.
* src/debug.c (_gpgme_debugf): New.
* configure.ac <GCC>: Add -Wno-format-zero-length.
--

This makes it easier for use to enable format checks.  The zero-length
format is required to allow for an empty format due to the comman
problematic of __VA_ARGS__.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-16 16:25:49 +01:00
Werner Koch
8d91c0f4cd
Add SPDX identifiers to most source files
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-16 13:27:33 +01:00
Daniel Kahn Gillmor
2557d0ae6f spelling: fix misspellings
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-11-08 12:34:27 +07:00
Werner Koch
e2aa38b56a
core: Remove cruft from the engine-gpg code.
* src/engine-gpg.c (read_status): Remove the handling of
GPGME_STATUS_END_STREAM; this was used only by the former experimental
--pipemode of gpg but that is not even anymore invoked here.
(struct engine_gpg): Remove cmd.linked_data and .linked_idx.
(build_argv): Remove code for linked_data.
(gpg_new): Ditto.
(gpg_set_command_handler): Remove arr linked_data.
* src/engine-backend.h (engine_ops): Remove arg data from
set_command_handler.
* src/engine.c (_gpgme_engine_set_command_handler): Remove arg
linked_data and adjust all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 00:13:53 +02:00
Werner Koch
88f2c1c0d1
api: Add new function gpgme_set_ctx_flag.
* src/gpgme.h.in (gpgme_set_ctx_flag): New prototype.
* src/gpgme.c (gpgme_set_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/context.h (struct gpgme_context): Add FULL_STATUS.
* src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the
  status callback if FULL_STATUS is set.
* src/genkey.c (genkey_status_handler): Ditto.
* src/passphrase.c (_gpgme_passphrase_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

* src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add
adjust all definitions of that variable.
* src/engine.c (_gpgme_engine_set_status_cb): New.
* src/op-support.c (_gpgme_op_reset): Call this function.

* src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and
MON_CB_VALUE.
(gpg_set_status_cb): New.
(_gpgme_engine_ops_gpg): Register that function.
(read_status): Call the monitor callback.

* src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and
MON_CB_VALUE.
(_gpgme_engine_ops_gpgsm): Register that function.
(gpgsm_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB
and MON_CB_VALUE.
(_gpgme_engine_ops_uiserver): Register that function.
(uiserver_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* tests/run-verify.c (status_cb): New.
(print_result): Print algo names.
(main): Add option --status.
--

This new feature is mainly intended for bug tracking.  Having access
to the raw status lines might also be useful for applications, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-19 17:04:54 +02:00
Werner Koch
315fb73d4a
Return dedicated error code for all subkeys expired or revoked.
* src/gpgme.h.in (GPGME_STATUS_KEY_CONSIDERED): New.
(GPGME_SIGSUM_TOFU_CONFLICT): New.
* src/status-table.c (KEY_CONSIDERED): New.
* src/op-support.c (_gpgme_parse_inv_recp): Add argc KC_FPR and
KC_FLAGS.  Use calloc.  Detect all expired or revoked subkeys.
(_gpgme_parse_key_considered): New.
* src/sign.c (op_data_t): Add fields KC_FPR and KC_FLAGS.
(release_op_data): Free KC_FPR.
(_gpgme_sign_status_handler): Handle STATUS_KEY_CONSIDERED.
* src/encrypt.c (op_data_t): Add fields KC_FPR and KC_FLAGS.
(release_op_data): Free KC_FPR.
(_gpgme_encrypt_status_handler): Handle STATUS_KEY_CONSIDERED.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-17 20:23:28 +02:00
Werner Koch
8ddc5801ad
Improve error return by checking the FAILURE status.
* src/gpgme.h.in (GPGME_STATUS_FAILURE): New.
* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.

* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.

--

This requires GnuPG 2.1.8 to actually make a difference.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 13:23:51 +02:00
Ben Kibbey
6dd24c3c61 Parse the INQUIRE_MAXLEN status message.
* src/gpgme.h.in: (gpgme_status_code_t): Add INQUIRE_MAXLEN.
* src/status-table.c (status_table_s): Ditto.
* src/genkey.c (genkey_status_handler): Parse INQUIRE_MAXLEN.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

This status message informs the client of the maximum length of an
inquired line. It is sent from gpg and forwarded to the client via
gpgme_status_cb_t.
2015-08-15 18:19:27 -04:00
Werner Koch
81ce87111f Update the previous commit
* src/sign.c (gpgme_op_sign_result): Reformat and take care of failed
malloc.
--

Although _gpgme_debug_trace() is current always true, the code should
be run always and not just in trace mode.  Also added error checking
to malloc and strdup.  And while at replace some while by for loop for
easier readability.
2014-11-21 21:12:06 +01:00
Ben Kibbey
5942b0c7e0 Fix returning new signatures when there are none.
* src/sign.c (gpgme_op_sign_result): Test that invalid and valid
signatures add up to gpgme_signers_count().
--

When invalid and valid signatures do not equal gpgme_signers_count() it
means that there was a bad passphrase during signing after the first
signer. This leaves the result.signatures from previous signers intact
which isn't correct since gpg will report:

gpg: number of one-pass packets does not match number of signature
packets
gpg: can't handle this ambiguous signature data

during verify. So when this happens append the valid signatures to the
.invalid_signers list with .reason set to GPG_ERR_GENERAL.
2014-11-21 20:25:43 +01:00
Werner Koch
d5fb92cdae Map public key algos returned by gpg to gpgme values.
* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
algo.
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.

* src/gpgme.h.in (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.
--

This affects only the not yet released ECC code of GnuPG 2.1.
2014-05-08 14:11:58 +02:00
Werner Koch
51fd6d8292 Use gpg_error_from_syserror instead of directly accessing errno.
--

Also fixed a couple of minor thing; e.g. save the error before calling
cleanup functions.  Do not save the errno if only free is called
in between.
2013-02-06 17:35:40 +01:00
Werner Koch
bd24feaa86 Trace the use of GPG_ERR_INV_ENGINE.
* src/debug.h: Include "gpgme.h"
(_gpgme_trace_gpgme_error): New.
(trace_gpg_error): New macro.  Use it in all files where we return
GPG_ERR_INV_ENGINE; also "include debug.h" as needed.
--

This is a pretty common error code but often it is hard to figure out
the actual cause.  With debug level 4 we now print the file name and
line number where this error code is generated by gpgme.  Along with
the git revision printed in the first log lines, this should give us
an easier way to track down the problems related to this error code.
2012-10-19 11:23:39 +02:00
Werner Koch
139e798c87 Remove all trailing whitespace from source files
--
Command used:  sed -i 's,[ \t]*$,,' FILE
2012-09-25 15:29:49 +02:00
Marcus Brinkmann
b34add3fe4 Check context pointers for null pointer on entry points. 2011-05-26 16:01:26 +02:00
Marcus Brinkmann
749325d6c1 2010-05-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Require libgpg-error 1.8.

src/
2010-05-06  Marcus Brinkmann  <marcus@g10code.de>

	* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
	decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
	data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
	gpg_error_from_syserror instead gpg_error_from_errno, and use
	gpg_err_set_errno to set error number.
	* setenv.c: Include <gpg-error.h> and define __set_errno to use
	gpg_err_set_errno.
	* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
	mapped in Windows CE) instead of E2BIG (which is not).
	(gt_import_keys): Initialize err.
2010-05-06 13:39:55 +00:00
Werner Koch
1cb08a35a6 Fixes for the UI server engine . 2009-11-17 13:06:05 +00:00
Marcus Brinkmann
65ecec1abe 2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* decrypt.c (gpgme_op_decrypt_start): Fix use of debug macro.
	* decrypt-verify.c (gpgme_op_decrypt_verify_start): Likewise.
	* delete.c (gpgme_op_delete_start): Likewise.
	* edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start):
	Likewise.
	* encrypt.c (gpgme_op_encrypt_start): Likewise.
	* encrypt-sign.c (gpgme_op_encrypt_sign_start): Likewise.
	* export.c (gpgme_op_export_start, gpgme_op_export_ext_start)
	(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
	* genkey.c (gpgme_op_genkey_start): Likewise.
	* getauditlog.c (gpgme_op_getauditlog_start): Likewise.
	* import.c (gpgme_op_import_start, gpgme_op_import_keys_start):
	Likewise.
	* opassuan.c (gpgme_op_assuan_transact_start): Likewise.
	* sign.c (gpgme_op_sign_start): Likewise.
	* verify.c (gpgme_op_verify_start): Likewise.
	* vfs-create.c (gpgme_op_vfs_create): Likewise.
	* vfs-mount.c (gpgme_op_vfs_mount): Likewise.
2009-11-05 02:17:07 +00:00
Marcus Brinkmann
ca67902311 2009-10-26 Marcus Brinkmann <marcus@g10code.de>
* debug.h (DEBUG_GLOBAL): New debug level.
	* conversion.c (gnupg_errors, _gpgme_map_gnupg_error): Removed.
	* data-user.c (gpgme_data_new_from_cbs): Add debug output.
	* data-fd.c (gpgme_data_new_from_fd): Likewise.
	* data-stream.c (gpgme_data_new_from_stream): Likewise.
	* decrypt.c (gpgme_op_decrypt_result, gpgme_op_decrypt_start)
	(gpgme_op_decrypt): Likewise.
	* delete.c (gpgme_op_delete_start, gpgme_op_delete): Likewise.
	* decrypt-verify.c (gpgme_op_decrypt_verify_start)
	(gpgme_op_decrypt_verify): Likewise.
	* sign.c (gpgme_op_sign_result): Fix debug message.
	* data-mem.c (gpgme_data_new): Improve debug output.
	* verify.c (parse_trust): Use atoi instead of
	_gpgme_map_gnupg_error.
	* decrypt.c (_gpgme_decrypt_status_handler): Likewise.
2009-10-26 17:38:39 +00:00
Werner Koch
35b25decde Better detection for signature creation failure. 2009-08-06 19:09:10 +00:00
Werner Koch
0fcf3ee915 Fix detection of invalid signer keys.
Support the new INV_SGNR status code.
2009-08-06 17:17:18 +00:00
Marcus Brinkmann
1c454aee81 2009-06-22 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Add AC_TYPE_UINTPTR_T.

	* assuan/assuan.h [_ASSUAN_IN_GPGME_BUILD_ASSUAN]: Declare
	_gpgme_io_connect.

src/
2009-06-22  Marcus Brinkmann  <marcus@g10code.de>

	* debug.h: Everywhere, use %p instead of 0x%x to print pointer.
	[HAVE_STDINT_H]: Include <stdint.h>.
	(_TRACE, TRACE, TRACE0, TRACE1, TRACE2, TRACE3, TRACE6): Cast tag
	to (uintptr_t) before casting it to (void*) to silence GCC
	warning.

	* gpgme.h.in (_GPGME_DEPRECATED_OUTSIDE_GPGME): New macro.
	* sign.c (_GPGME_IN_GPGME): Define it.
	* keylist.c (_GPGME_IN_GPGME): Define it.

	* debug.c (_gpgme_debug_begin, _gpgme_debug_add): Handle error in
	vasprintf and asprintf.

	* priv-io.h: Include <sys/socket.h>.  Declare _gpgme_io_connect.

tests/
2009-06-22  Marcus Brinkmann  <marcus@g10code.de>

	* gpg/t-support.h (passphrase_cb): Implement write() according to
	the book to silence compiler warning.
	* gpgsm/t-support.h (passphrase_cb): Likewise.
2009-06-22 14:50:17 +00:00
Marcus Brinkmann
66d0fa1973 008-11-03 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Replace gpgme paths with src.
        * gpgme: Move to ...
        * src: ... this new directory.

assuan/
2008-11-03  Marcus Brinkmann  <marcus@g10code.com>

	* Makefile.am (INCLUDES): Replace gpgme path with src.

tests/
2008-11-03  Marcus Brinkmann  <marcus@g10code.com>

        * gpgsm/Makefile.am (INCLUDES, LDADD): Replace gpgme path with src.
        * gpg/Makefile.am (INCLUDES, LDADD, t_thread1_LDADD): Likewise.
	* Makefile.am (LDADD): Likewise.
2008-11-03 17:24:09 +00:00