From 305d8668ca724982c50fe4e05315c48a20cc33e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de>
Date: Wed, 22 Dec 2021 12:13:23 +0100
Subject: core: Detect bad passphrase error on certificate import

* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.

* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.

* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--

When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.

GnuPG-bug-id: 5713
---
 src/import.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

(limited to 'src/import.c')

diff --git a/src/import.c b/src/import.c
index 9874b698..ae7b972a 100644
--- a/src/import.c
+++ b/src/import.c
@@ -103,7 +103,7 @@ gpgme_op_import_result (gpgme_ctx_t ctx)
       while (impstat)
 	{
 	  TRACE_LOG  ("import[%i] for %s = 0x%x (%s)",
-		      i, impstat->fpr, impstat->status,
+		      i, impstat->fpr ? impstat->fpr : "null", impstat->status,
                       gpgme_strerror (impstat->result));
 	  impstat = impstat->next;
 	  i++;
@@ -223,6 +223,49 @@ parse_import_res (char *args, gpgme_import_result_t result)
 }
 
 
+/* Parses an error on a status line and adds a corresponding import status.
+   Currently, only supports "import.parsep12 11".  */
+static gpgme_error_t
+parse_error (char *args, gpgme_import_status_t *import_status)
+{
+  gpgme_import_status_t import;
+  char *tail;
+  long int nr;
+
+  tail = strchr (args, ' ');
+  if (!tail)
+    return 0;
+
+  *tail = '\0';
+  if (strcmp( args, "import.parsep12" ))
+    return 0;
+
+  args = tail + 1;
+
+  gpg_err_set_errno (0);
+  nr = strtol (args, &tail, 0);
+  if (errno || args == tail || !(*tail == ' ' || !*tail))
+    {
+      /* The crypto backend does not behave.  */
+      return trace_gpg_error (GPG_ERR_INV_ENGINE);
+    }
+  if (nr != GPG_ERR_BAD_PASSPHRASE)
+    return 0;
+
+  import = malloc (sizeof (*import));
+  if (!import)
+    return gpg_error_from_syserror ();
+  import->next = NULL;
+
+  import->result = gpg_error (GPG_ERR_BAD_PASSPHRASE);
+  import->status = 0;
+  import->fpr = 0;
+
+  *import_status = import;
+  return 0;
+}
+
+
 static gpgme_error_t
 import_status_handler (void *priv, gpgme_status_code_t code, char *args)
 {
@@ -252,6 +295,15 @@ import_status_handler (void *priv, gpgme_status_code_t code, char *args)
       err = parse_import_res (args, &opd->result);
       break;
 
+    case GPGME_STATUS_ERROR:
+      err = parse_error (args, opd->lastp);
+      if (err)
+        return err;
+
+      if (*opd->lastp)
+        opd->lastp = &(*opd->lastp)->next;
+      break;
+
     default:
       break;
     }
-- 
cgit v1.2.3