aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2001-12-05 23:48:01 +0000
committerWerner Koch <[email protected]>2001-12-05 23:48:01 +0000
commite8676a0871990934ef2e14e527e7ff3d2edae169 (patch)
tree89111ca49210ac09036afb966687db07f2be10f6
parentNew error codes and another mapping fnc. (diff)
downloadgnupg-e8676a0871990934ef2e14e527e7ff3d2edae169.tar.gz
gnupg-e8676a0871990934ef2e14e527e7ff3d2edae169.zip
Started with decryption stuff
Diffstat (limited to '')
-rw-r--r--sm/ChangeLog7
-rw-r--r--sm/Makefile.am1
-rw-r--r--sm/call-agent.c463
-rw-r--r--sm/decrypt.c223
-rw-r--r--sm/fingerprint.c4
-rw-r--r--sm/gpgsm.c25
-rw-r--r--sm/gpgsm.h6
-rw-r--r--sm/server.c1
-rw-r--r--sm/sign.c9
9 files changed, 372 insertions, 367 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog
index 9ca988635..171d2b04a 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,10 @@
+2001-12-04 Werner Koch <[email protected]>
+
+ * call-agent.c (read_from_agent): Check for inquire responses.
+ (request_reply): Handle them using a new callback arg, changed all
+ callers.
+ (gpgsm_agent_pkdecrypt): New.
+
2001-11-27 Werner Koch <[email protected]>
* base64.c: New. Changed all other functions to use this instead
diff --git a/sm/Makefile.am b/sm/Makefile.am
index fbfe31af4..48257ce83 100644
--- a/sm/Makefile.am
+++ b/sm/Makefile.am
@@ -39,6 +39,7 @@ gpgsm_SOURCES = \
verify.c \
sign.c \
encrypt.c \
+ decrypt.c \
import.c
diff --git a/sm/call-agent.c b/sm/call-agent.c
index 714021787..0c0b48bf3 100644
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@@ -46,21 +46,13 @@
#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
-static pid_t agent_pid = -1;
-/* fixme: replace this code by calling assuna functions */
-static int inbound_fd = -1;
-static int outbound_fd = -1;
-static struct {
- int eof;
- char line[LINELENGTH];
- int linelen; /* w/o CR, LF - might not be the same as
- strlen(line) due to embedded nuls. However a nul
- is always written at this pos */
- struct {
- char line[LINELENGTH];
- int linelen ;
- } attic;
-} inbound;
+static ASSUAN_CONTEXT agent_ctx = NULL;
+
+struct cipher_parm_s {
+ ASSUAN_CONTEXT ctx;
+ const char *ciphertext;
+ size_t ciphertextlen;
+};
struct membuf {
@@ -133,162 +125,6 @@ get_membuf (struct membuf *mb, size_t *len)
-static int
-writen (int fd, const void *buf, size_t nbytes)
-{
- size_t nleft = nbytes;
- int nwritten;
-
- while (nleft > 0)
- {
- nwritten = write (fd, buf, nleft);
- if (nwritten < 0)
- {
- if (errno == EINTR)
- nwritten = 0;
- else
- {
- log_error ("write() failed: %s\n", strerror (errno));
- return seterr (Write_Error);
- }
- }
- nleft -= nwritten;
- buf = (const char*)buf + nwritten;
- }
-
- return 0;
-}
-
-
-
-/* read an entire line */
-static int
-readline (int fd, char *buf, size_t buflen, int *r_nread, int *eof)
-{
- size_t nleft = buflen;
- int n;
- char *p;
-
- *eof = 0;
- *r_nread = 0;
- while (nleft > 0)
- {
- do
- n = read (fd, buf, nleft);
- while (n < 0 && errno == EINTR);
- if (n < 0)
- {
- log_error ("read() error: %s\n", strerror (errno) );
- return seterr (Read_Error);
- }
-
- if (!n)
- {
- *eof = 1;
- break; /* allow incomplete lines */
- }
- p = buf;
- nleft -= n;
- buf += n;
- *r_nread += n;
-
- for (; n && *p != '\n'; n--, p++)
- ;
- if (n)
- break; /* at least one full line available - that's enough for now */
- }
-
- return 0;
-}
-
-
-static int
-read_from_agent (int *okay)
-{
- char *line = inbound.line;
- int n, nread;
- int rc;
-
- *okay = 0;
- restart:
- if (inbound.eof)
- return -1;
-
- if (inbound.attic.linelen)
- {
- memcpy (line, inbound.attic.line, inbound.attic.linelen);
- nread = inbound.attic.linelen;
- inbound.attic.linelen = 0;
- for (n=0; n < nread && line[n] != '\n'; n++)
- ;
- if (n < nread)
- rc = 0; /* found another line in the attic */
- else
- { /* read the rest */
- n = nread;
- assert (n < LINELENGTH);
- rc = readline (inbound_fd, line + n, LINELENGTH - n,
- &nread, &inbound.eof);
- }
- }
- else
- rc = readline (inbound_fd, line, LINELENGTH,
- &nread, &inbound.eof);
- if (rc)
- return seterr(Read_Error);
- if (!nread)
- {
- assert (inbound.eof);
- return -1; /* eof */
- }
-
- for (n=0; n < nread; n++)
- {
- if (line[n] == '\n')
- {
- if (n+1 < nread)
- {
- n++;
- /* we have to copy the rest because the handlers are
- allowed to modify the passed buffer */
- memcpy (inbound.attic.line, line+n, nread-n);
- inbound.attic.linelen = nread-n;
- n--;
- }
- if (n && line[n-1] == '\r')
- n--;
- line[n] = 0;
- inbound.linelen = n;
- if (n && *line == '#')
- goto restart;
-
- rc = 0;
- if (n >= 1
- && line[0] == 'D' && line[1] == ' ')
- *okay = 2; /* data line */
- else if (n >= 2
- && line[0] == 'O' && line[1] == 'K'
- && (line[2] == '\0' || line[2] == ' '))
- *okay = 1;
- else if (n >= 3
- && line[0] == 'E' && line[1] == 'R' && line[2] == 'R'
- && (line[3] == '\0' || line[3] == ' '))
- *okay = 0;
- else
- rc = seterr (Invalid_Response);
- return rc;
- }
- }
-
- *line = 0;
- inbound.linelen = 0;
- return inbound.eof? seterr (Incomplete_Line):seterr (Invalid_Response);
-}
-
-
-
-
-
/* Try to connect to the agent via socket or fork it off and work by
pipes. Handle the server's initial greeting */
static int
@@ -296,16 +132,18 @@ start_agent (void)
{
int rc;
char *infostr, *p;
- int okay;
- if (agent_pid != -1)
- return 0;
+ if (agent_ctx)
+ return 0; /* fixme: We need a context for each thread or serialize
+ the access to the agent (which is suitable given that
+ the agent is not MT */
infostr = getenv ("GPG_AGENT_INFO");
if (!infostr)
{
- pid_t pid;
- int inpipe[2], outpipe[2];
+ const char *pgmname;
+ ASSUAN_CONTEXT ctx;
+ const char *argv[3];
log_info (_("no running gpg-agent - starting one\n"));
@@ -315,86 +153,25 @@ start_agent (void)
return seterr (Write_Error);
}
- if (pipe (inpipe))
- {
- log_error ("error creating pipe: %s\n", strerror (errno));
- return seterr (General_Error);
- }
- if (pipe (outpipe))
+ if (!opt.agent_program || !*opt.agent_program)
+ opt.agent_program = "../agent/gpg-agent";
+ if ( !(pgmname = strrchr (opt.agent_program, '/')))
+ pgmname = opt.agent_program;
+ else
+ pgmname++;
+
+ argv[0] = pgmname;
+ argv[1] = "--server";
+ argv[2] = NULL;
+
+ /* connect to the agent and perform initial handshaking */
+ rc = assuan_pipe_connect (&ctx, opt.agent_program, (char**)argv);
+ if (rc)
{
- log_error ("error creating pipe: %s\n", strerror (errno));
- close (inpipe[0]);
- close (inpipe[1]);
- return seterr (General_Error);
+ log_error ("can't connect to the agent: %s\n", assuan_strerror (rc));
+ return seterr (No_Agent);
}
-
- pid = fork ();
- if (pid == -1)
- return seterr (General_Error);
-
- if (!pid)
- { /* child */
- int i, n;
- char errbuf[512];
- int log_fd = log_get_fd ();
- const char *pgmname;
-
- /* close all files which will not be duped but keep stderr
- and log_stream for now */
- n = sysconf (_SC_OPEN_MAX);
- if (n < 0)
- n = MAX_OPEN_FDS;
- for (i=0; i < n; i++)
- {
- if (i != fileno (stderr) && i != log_fd
- && i != inpipe[1] && i != outpipe[0])
- close(i);
- }
- errno = 0;
-
- if (inpipe[1] != 1)
- {
- if (dup2 (inpipe[1], 1) == -1)
- {
- log_error ("dup2 failed in child: %s\n", strerror (errno));
- _exit (4);
- }
- close (inpipe[1]);
- }
- if (outpipe[0] != 0)
- {
- if (dup2 (outpipe[0], 0) == -1)
- {
- log_error ("dup2 failed in child: %s\n", strerror (errno));
- _exit (4);
- }
- close (outpipe[0]);
- }
-
- /* and start it */
- if (!opt.agent_program || !*opt.agent_program)
- opt.agent_program = "../agent/gpg-agent";
- if ( !(pgmname = strrchr (opt.agent_program, '/')))
- pgmname = opt.agent_program;
- else
- pgmname++;
- execl (opt.agent_program, pgmname, "--server", NULL);
- /* oops - tell the parent about it */
- snprintf (errbuf, DIM(errbuf)-1, "ERR %d can't exec `%s': %.50s\n",
- ASSUAN_Problem_Starting_Server, opt.agent_program,
- strerror (errno));
- errbuf[DIM(errbuf)-1] = 0;
- writen (1, errbuf, strlen (errbuf));
- _exit (4);
- } /* end child */
-
- agent_pid = pid;
-
- inbound_fd = inpipe[0];
- close (inpipe[1]);
-
- close (outpipe[0]);
- outbound_fd = outpipe[1];
+ agent_ctx = ctx;
}
else
{
@@ -411,89 +188,26 @@ start_agent (void)
return seterr (Not_Implemented);
}
- inbound.eof = 0;
- inbound.linelen = 0;
- inbound.attic.linelen = 0;
+ log_debug ("connection to agent established\n");
+
+ log_debug ("waiting for debugger .....\n");
+ getchar ();
+ log_debug ("okay\n");
- /* The server is available - read the greeting */
- rc = read_from_agent (&okay);
- if (rc)
- {
- log_error ("can't connect to the agent: %s\n", gnupg_strerror (rc));
- }
- else if (!okay)
- {
- log_error ("can't connect to the agent: %s\n", inbound.line);
- rc = seterr (No_Agent);
- }
- else
- log_debug ("connection to agent established\n");
return 0;
}
-static int
-request_reply (const char *line, struct membuf *membuf)
+static AssuanError
+membuf_data_cb (void *opaque, const void *buffer, size_t length)
{
- int rc, okay;
-
- if (DBG_AGENT)
- log_debug ("agent-request=`%.*s'", (int)(*line? strlen(line)-1:0), line);
- rc = writen (outbound_fd, line, strlen (line));
- if (rc)
- return rc;
- again:
- rc = read_from_agent (&okay);
- if (rc)
- log_error ("error reading from agent: %s\n", gnupg_strerror (rc));
- else if (!okay)
- {
- log_error ("got error from agent: %s\n", inbound.line);
- rc = seterr (Agent_Error);
- }
- else if (okay == 2 && !membuf)
- {
- log_error ("got unexpected data line\n");
- rc = seterr (Agent_Error);
- }
- else
- {
- if (DBG_AGENT)
- log_debug ("agent-reply=`%s'", inbound.line);
- }
-
- if (!rc && okay == 2 && inbound.linelen >= 2)
- { /* handle data line */
- unsigned char *buf = inbound.line;
- size_t len = inbound.linelen;
- unsigned char *p;
-
- buf += 2;
- len -= 2;
+ struct membuf *data = opaque;
- p = buf;
- while (len)
- {
- for (;len && *p != '%'; len--, p++)
- ;
- put_membuf (membuf, buf, p-buf);
- if (len>2)
- { /* handle escaping */
- unsigned char tmp[1];
- p++;
- *tmp = xtoi_2 (p);
- p += 2;
- len -= 3;
- put_membuf (membuf, tmp, 1);
- }
- buf = p;
- }
- goto again;
- }
- return rc;
+ put_membuf (data, buffer, length);
+ return 0;
}
-
+
@@ -517,48 +231,97 @@ gpgsm_agent_pksign (const char *keygrip,
if (digestlen*2 + 50 > DIM(line))
return seterr (General_Error);
- rc = request_reply ("RESET\n", NULL);
+ rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL);
if (rc)
- return rc;
+ return map_assuan_err (rc);
- snprintf (line, DIM(line)-1, "SIGKEY %s\n", keygrip);
+ snprintf (line, DIM(line)-1, "SIGKEY %s", keygrip);
line[DIM(line)-1] = 0;
- rc = request_reply (line, NULL);
+ rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL);
if (rc)
- return rc;
+ return map_assuan_err (rc);
sprintf (line, "SETHASH %d ", digestalgo);
p = line + strlen (line);
for (i=0; i < digestlen ; i++, p += 2 )
sprintf (p, "%02X", digest[i]);
- strcpy (p, "\n");
- rc = request_reply (line, NULL);
+ rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL);
if (rc)
- return rc;
+ return map_assuan_err (rc);
init_membuf (&data, 1024);
- rc = request_reply ("PKSIGN\n", &data);
+ rc = assuan_transact (agent_ctx, "PKSIGN",
+ membuf_data_cb, &data, NULL, NULL);
if (rc)
{
xfree (get_membuf (&data, &len));
- return rc;
+ return map_assuan_err (rc);
}
*r_buf = get_membuf (&data, r_buflen);
-/* if (DBG_AGENT && *r_buf) */
-/* { */
-/* FILE *fp; */
-/* char fname[100]; */
-
-/* memcpy (fname, keygrip, 40); */
-/* strcpy (fname+40, "_pksign-dump.tmp"); */
-/* fp = fopen (fname, "wb"); */
-/* fwrite (*r_buf, *r_buflen, 1, fp); */
-/* fclose (fp); */
-/* } */
-
return *r_buf? 0 : GNUPG_Out_Of_Core;
}
+
+/* Handle a CIPHERTEXT inquiry. Note, we only send the data,
+ assuan_transact talkes care of flushing and writing the end */
+static AssuanError
+inq_ciphertext_cb (void *opaque, const char *keyword)
+{
+ struct cipher_parm_s *parm = opaque;
+ AssuanError rc;
+
+ rc = assuan_send_data (parm->ctx, parm->ciphertext, parm->ciphertextlen);
+ return rc;
+}
+
+
+/* Call the agent to do a decrypt operation using the key identified by
+ the hex string KEYGRIP. */
+int
+gpgsm_agent_pkdecrypt (const char *keygrip,
+ const char *ciphertext, size_t ciphertextlen,
+ char **r_buf, size_t *r_buflen )
+{
+ int rc;
+ char line[LINELENGTH];
+ struct membuf data;
+ struct cipher_parm_s cipher_parm;
+ size_t len;
+
+ if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
+ return GNUPG_Invalid_Value;
+ *r_buf = NULL;
+
+ rc = start_agent ();
+ if (rc)
+ return rc;
+
+ rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL);
+ if (rc)
+ return map_assuan_err (rc);
+
+ assert ( DIM(line) >= 50 );
+ snprintf (line, DIM(line)-1, "SETKEY %s", keygrip);
+ line[DIM(line)-1] = 0;
+ rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL);
+ if (rc)
+ return map_assuan_err (rc);
+
+ init_membuf (&data, 1024);
+ cipher_parm.ctx = agent_ctx;
+ cipher_parm.ciphertext = ciphertext;
+ cipher_parm.ciphertextlen = ciphertextlen;
+ rc = assuan_transact (agent_ctx, "PKDECRYPT",
+ membuf_data_cb, &data,
+ inq_ciphertext_cb, &cipher_parm);
+ if (rc)
+ {
+ xfree (get_membuf (&data, &len));
+ return map_assuan_err (rc);
+ }
+ *r_buf = get_membuf (&data, r_buflen);
+ return *r_buf? 0 : GNUPG_Out_Of_Core;
+}
diff --git a/sm/decrypt.c b/sm/decrypt.c
new file mode 100644
index 000000000..6748b2ad1
--- /dev/null
+++ b/sm/decrypt.c
@@ -0,0 +1,223 @@
+/* decrypt.c - Decrypt a message
+ * Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <unistd.h>
+#include <time.h>
+#include <assert.h>
+
+#include <gcrypt.h>
+#include <ksba.h>
+
+#include "gpgsm.h"
+#include "keydb.h"
+#include "i18n.h"
+
+static void
+print_integer (unsigned char *p)
+{
+ unsigned long len;
+
+ if (!p)
+ log_printf ("none");
+ else
+ {
+ len = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
+ for (p+=4; len; len--, p++)
+ log_printf ("%02X", *p);
+ }
+}
+
+
+
+
+/* Perform a decrypt operation. */
+int
+gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
+{
+ int rc;
+ KsbaError err;
+ Base64Context b64reader = NULL;
+ Base64Context b64writer = NULL;
+ KsbaReader reader;
+ KsbaWriter writer;
+ KsbaCMS cms = NULL;
+ KsbaStopReason stopreason;
+ KEYDB_HANDLE kh;
+ int recp;
+ FILE *in_fp = NULL;
+
+ kh = keydb_new (0);
+ if (!kh)
+ {
+ log_error (_("failed to allocated keyDB handle\n"));
+ rc = GNUPG_General_Error;
+ goto leave;
+ }
+
+
+ in_fp = fdopen ( dup (in_fd), "rb");
+ if (!in_fp)
+ {
+ log_error ("fdopen() failed: %s\n", strerror (errno));
+ rc = seterr (IO_Error);
+ goto leave;
+ }
+
+ rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, &reader);
+ if (rc)
+ {
+ log_error ("can't create reader: %s\n", gnupg_strerror (rc));
+ goto leave;
+ }
+
+ rc = gpgsm_create_writer (&b64reader, ctrl, out_fp, &writer);
+ if (rc)
+ {
+ log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ goto leave;
+ }
+
+ cms = ksba_cms_new ();
+ if (!cms)
+ {
+ rc = seterr (Out_Of_Core);
+ goto leave;
+ }
+
+ err = ksba_cms_set_reader_writer (cms, reader, writer);
+ if (err)
+ {
+ log_debug ("ksba_cms_set_reader_writer failed: %s\n",
+ ksba_strerror (err));
+ rc = map_ksba_err (err);
+ goto leave;
+ }
+
+ /* parser loop */
+ do
+ {
+ err = ksba_cms_parse (cms, &stopreason);
+ if (err)
+ {
+ log_debug ("ksba_cms_parse failed: %s\n", ksba_strerror (err));
+ rc = map_ksba_err (err);
+ goto leave;
+ }
+ log_debug ("ksba_cms_parse - stop reason %d\n", stopreason);
+
+ if (stopreason == KSBA_SR_BEGIN_DATA
+ || stopreason == KSBA_SR_DETACHED_DATA)
+ {
+ for (recp=0; recp < 1; recp++)
+ {
+ char *issuer;
+ unsigned char *serial;
+ char *enc_val;
+ char *hexkeygrip = NULL;
+
+ err = ksba_cms_get_issuer_serial (cms, recp, &issuer, &serial);
+ if (err)
+ log_error ("recp %d - error getting info: %s\n",
+ recp, ksba_strerror (err));
+ else
+ {
+ KsbaCert cert = NULL;
+
+ log_debug ("recp %d - issuer: `%s'\n",
+ recp, issuer? issuer:"[NONE]");
+ log_debug ("recp %d - serial: ", recp);
+ print_integer (serial);
+ log_printf ("\n");
+
+ keydb_search_reset (kh);
+ rc = keydb_search_issuer_sn (kh, issuer, serial);
+ if (rc)
+ {
+ log_debug ("failed to find the certificate: %s\n",
+ gnupg_strerror(rc));
+ goto oops;
+ }
+
+ rc = keydb_get_cert (kh, &cert);
+ if (rc)
+ {
+ log_debug ("failed to get cert: %s\n", gnupg_strerror (rc));
+ goto oops;
+ }
+
+ hexkeygrip = gpgsm_get_keygrip_hexstring (cert);
+
+ oops:
+ xfree (issuer);
+ xfree (serial);
+ ksba_cert_release (cert);
+ }
+
+ enc_val = ksba_cms_get_enc_val (cms, recp);
+ if (!enc_val)
+ log_error ("recp %d - error getting encrypted session key\n",
+ recp);
+ else
+ {
+ char *seskey;
+ size_t seskeylen;
+
+ log_debug ("recp %d - enc-val: `%s'\n",
+ recp, enc_val);
+
+ rc = gpgsm_agent_pkdecrypt (hexkeygrip,
+ enc_val, strlen (enc_val),
+ &seskey, &seskeylen);
+ if (rc)
+ log_debug ("problem: %s\n", gnupg_strerror (rc));
+ else
+ {
+ unsigned char *p;
+ log_debug ("plaintext=");
+ for (p=seskey; seskeylen; seskeylen--, p++)
+ log_printf (" %02X", *p);
+ log_printf ("\n");
+ }
+ xfree (enc_val);
+ }
+ }
+ }
+
+
+
+ }
+ while (stopreason != KSBA_SR_READY);
+
+ leave:
+ ksba_cms_release (cms);
+ gpgsm_destroy_reader (b64reader);
+ gpgsm_destroy_writer (b64writer);
+ keydb_release (kh);
+ if (in_fp)
+ fclose (in_fp);
+ return rc;
+}
+
+
diff --git a/sm/fingerprint.c b/sm/fingerprint.c
index 29023c2ce..ead5cec50 100644
--- a/sm/fingerprint.c
+++ b/sm/fingerprint.c
@@ -141,7 +141,7 @@ gpgsm_get_keygrip (KsbaCert cert, char *array)
return NULL; /* oops */
if (DBG_X509)
- log_debug ("get_keygrip, public key: %s\n", p);
+ log_debug ("get_keygrip for public key: %s\n", p);
rc = gcry_sexp_sscan ( &s_pkey, NULL, p, strlen(p));
if (rc)
{
@@ -161,6 +161,8 @@ gpgsm_get_keygrip (KsbaCert cert, char *array)
gcry_md_hash_buffer (GCRY_MD_SHA1, array, buf, len);
xfree (buf);
+ if (DBG_X509)
+ log_printhex ("keygrip=", array, 20);
return array;
}
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 78d1a435f..9379a4b92 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -523,7 +523,7 @@ main ( int argc, char **argv)
/* Please note that we may running SUID(ROOT), so be very CAREFUL
when adding any stuff between here and the call to secmem_init()
somewhere after the option parsing */
- /* FIXME: log_set_name ("gpgsm");*/
+ log_set_prefix ("gpgsm", 1);
/* check that the libraries are suitable. Do it here because the
option parse may need services of the library */
if (!gcry_check_version ( "1.1.4" ) )
@@ -885,14 +885,13 @@ main ( int argc, char **argv)
break;
case aEncr: /* encrypt the given file */
-#if 0
- if (argc > 1)
- wrong_args(_("--encrypt [filename]"));
- if ((rc = encode_crypt(fname,remusr)) )
- log_error ("%s: encryption failed: %s\n",
- print_fname_stdin(fname), gpg_errstr(rc) );
+ if (!argc)
+ gpgsm_encrypt (&ctrl, 0, stdout); /* from stdin */
+ else if (argc == 1)
+ gpgsm_encrypt (&ctrl, open_read (*argv), stdout); /* from file */
+ else
+ wrong_args (_("--encrypt [datafile]"));
break;
-#endif
case aSign: /* sign the given file */
/* FIXME: we can only do detached sigs for now and we don't
@@ -974,10 +973,12 @@ main ( int argc, char **argv)
break;
case aDecrypt:
-/* if (argc > 1) */
-/* wrong_args (_("--decrypt [filename]")); */
-/* if ((rc = decrypt_message( fname ) )) */
-/* log_error ("decrypt_message failed: %s\n", gpg_errstr(rc) ); */
+ if (!argc)
+ gpgsm_decrypt (&ctrl, 0, stdout); /* from stdin */
+ else if (argc == 1)
+ gpgsm_decrypt (&ctrl, open_read (*argv), stdout); /* from file */
+ else
+ wrong_args (_("--decrypt [filename]"));
break;
case aDeleteKey:
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 7655eae47..14c5683a6 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -146,7 +146,6 @@ int gpgsm_validate_path (KsbaCert cert);
/*-- keylist.c --*/
void gpgsm_list_keys (CTRL ctrl, STRLIST names, FILE *fp);
-
/*-- import.c --*/
int gpgsm_import (CTRL ctrl, int in_fd);
@@ -156,6 +155,11 @@ int gpgsm_verify (CTRL ctrl, int in_fd, int data_fd);
/*-- sign.c --*/
int gpgsm_sign (CTRL ctrl, int data_fd, int detached, FILE *out_fp);
+/*-- encrypt.c --*/
+int gpgsm_encrypt (CTRL ctrl, int in_fd, FILE *out_fp);
+
+/*-- decrypt.c --*/
+int gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp);
/*-- call-agent.c --*/
int gpgsm_agent_pksign (const char *keygrip,
diff --git a/sm/server.c b/sm/server.c
index f4bb409f5..5ac14bd2d 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -59,6 +59,7 @@ rc_to_assuan_status (int rc)
case GNUPG_Agent_Error: rc = ASSUAN_Agent_Error; break;
case GNUPG_No_Public_Key: rc = ASSUAN_No_Public_Key; break;
case GNUPG_No_Secret_Key: rc = ASSUAN_No_Secret_Key; break;
+ case GNUPG_Invalid_Data: rc = ASSUAN_Invalid_Data; break;
case GNUPG_Read_Error:
case GNUPG_Write_Error:
diff --git a/sm/sign.c b/sm/sign.c
index 3101892f7..4adffe613 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -64,7 +64,10 @@ hash_data (int fd, GCRY_MD_HD md)
static KsbaCert
get_default_signer (void)
{
- const char key[] = "1.2.840.113549.1.9.1=#7472757374407765622E6465#,CN=WEB.DE TrustCenter,OU=TrustCenter,O=WEB.DE AG,L=D-76227 Karlsruhe,C=DE";
+ // const char key[] = "1.2.840.113549.1.9.1=#7472757374407765622E6465#,CN=WEB.DE TrustCenter,OU=TrustCenter,O=WEB.DE AG,L=D-76227 Karlsruhe,C=DE";
+ const char key[] =
+ "CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=#44FC7373656C646F7266#,C=DE";
+
KsbaCert cert = NULL;
KEYDB_HANDLE kh = NULL;
int rc;
@@ -248,7 +251,7 @@ gpgsm_sign (CTRL ctrl, int data_fd, int detached, FILE *out_fp)
goto leave;
}
}
-
+#if 0
err = ksba_cms_set_signing_time (cms, signer, 0 /*now*/);
if (err)
{
@@ -257,7 +260,7 @@ gpgsm_sign (CTRL ctrl, int data_fd, int detached, FILE *out_fp)
rc = map_ksba_err (err);
goto leave;
}
-
+#endif
do
{
err = ksba_cms_build (cms, &stopreason);
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 03:00:07 +0000