From 478d1650bbef84958ccce439fac982ef57b16cd0 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 12 Apr 2018 20:26:00 +0200 Subject: core: For a failed verification return the sig's fingerprint. * src/verify.c (parse_new_sig): Parse the new ERRSIG fpr. -- This works only when the signatures features an ISSUER_FPR sub-packet and with GnuPG >= 2.2.7. If that is not the case the keyid is kept in the FPR field. Signed-off-by: Werner Koch --- src/verify.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'src/verify.c') diff --git a/src/verify.c b/src/verify.c index ee730a34..4eab902b 100644 --- a/src/verify.c +++ b/src/verify.c @@ -284,6 +284,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, gpgme_signature_t sig; char *end = strchr (args, ' '); char *tail; + int got_fpr = 0; if (end) { @@ -370,7 +371,23 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, if (!*end) goto parse_err_sig_fail; - sig->status = strtoul (end, NULL, 10); + gpg_err_set_errno (0); + sig->status = strtoul (end, &tail, 10); + if (errno || end == tail || (*tail && *tail != ' ')) + goto parse_err_sig_fail; + if (!*tail) + goto parse_err_sig_ok; + end = tail; + while (*end == ' ') + end++; + + /* Parse the new fingerprint (from the ISSUER_FPR subpacket). */ + if (!*end || (*end == '-' && (end[1] == ' ' || !end[1]))) + goto parse_err_sig_ok; /* Okay (just trailing spaces). */ + sig->fpr = strdup (end); + if (!sig->fpr) + return gpg_error_from_syserror (); + got_fpr = 1; goto parse_err_sig_ok; parse_err_sig_fail: @@ -382,7 +399,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, return gpg_error (GPG_ERR_GENERAL); } - if (*args) + if (*args && !got_fpr) { sig->fpr = strdup (args); if (!sig->fpr) -- cgit v1.2.3 From 23177e4410d05d590c0f2e1675dc645bbb4ad62c Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 18 Apr 2018 14:41:50 +0200 Subject: core: Fix possible compliance mode detection error. * src/verify.c (_gpgme_verify_status_handler): Insert missing break. -- Before the insertion of the compliance status checking the break in the default clause was used by the STATUS_PLAINTEXT code. That got lost. I don't see any actual harm due to different values currently in use for the compliance status. Fixes-commit: 05fa2a9c7764b28fdac35eb72631439df948ca0e Signed-off-by: Werner Koch --- src/verify.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/verify.c') diff --git a/src/verify.c b/src/verify.c index 4eab902b..c3afdef2 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1094,6 +1094,7 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) err = _gpgme_parse_plaintext (args, &opd->result.file_name); if (err) return err; + break; case GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE: PARSE_COMPLIANCE_FLAGS (args, opd->current_sig); -- cgit v1.2.3 From 65479fe7b871ad6237d5a8959b73afcc7db784da Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 18 Apr 2018 15:20:35 +0200 Subject: core: Add 'is_mime' flags to the verify and decrypt results. * src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime. * src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag. * src/verify.c (_gpgme_verify_status_handler): Ditto. * src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime' and '_unused'. (gpgme_op_decrypt_result_t): New field 'is_mime'. Shrink '_unused'. * tests/run-decrypt.c (print_result): Print MIME flag. * tests/run-verify.c (print_result): Ditto. -- Note that this flag (Liternal Data packet's 'm' mode) is only specified in RFC-4880bis. To use it you currently need to add "rfc4880bis" to the the gpg.conf. Signed-off-by: Werner Koch --- src/verify.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'src/verify.c') diff --git a/src/verify.c b/src/verify.c index c3afdef2..bd437c9a 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1091,9 +1091,14 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) case GPGME_STATUS_PLAINTEXT: if (++opd->plaintext_seen > 1) return gpg_error (GPG_ERR_BAD_DATA); - err = _gpgme_parse_plaintext (args, &opd->result.file_name); - if (err) - return err; + { + int mime = 0; + err = _gpgme_parse_plaintext (args, &opd->result.file_name, &mime); + if (err) + return err; + gpgrt_log_debug ("verify.c: setting mime to %d\n", mime); + opd->result.is_mime = !!mime; + } break; case GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE: -- cgit v1.2.3 From b52a91f5a6818db6b3dd7ce86c01b5d5f6700d0d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 19 Apr 2018 10:34:32 +0200 Subject: core: Remove leftover debug output. * src/verify.c (_gpgme_verify_status_handler): Remove debug output. -- Actually this is a real bug because it uses a debug function available only in the new libgpg-error versions. Time to call Jenkins back from vacation; there are rumors that he has been seen in the city looking for a new Ryzen tail coat. Signed-off-by: Werner Koch --- src/verify.c | 1 - 1 file changed, 1 deletion(-) (limited to 'src/verify.c') diff --git a/src/verify.c b/src/verify.c index bd437c9a..26b205aa 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1096,7 +1096,6 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) err = _gpgme_parse_plaintext (args, &opd->result.file_name, &mime); if (err) return err; - gpgrt_log_debug ("verify.c: setting mime to %d\n", mime); opd->result.is_mime = !!mime; } break; -- cgit v1.2.3