* base64.c: New. Changed all other functions to use this instead

of direct creation of ksba_reader/writer.
* gpgsm.c (main): Set ctrl.auto_encoding unless --no-armor is used.
This way we can feed PEM encoded stuff to --verify.

1 files changed, 256 insertions, 0 deletions

diff --git a/sm/encrypt.c b/sm/encrypt.c
new file mode 100644
index 000000000..2b30463bb
--- /dev/null
+++ b/sm/encrypt.c
@@ -0,0 +1,256 @@
+/* encrypt.c - Encrypt a message
+ *	Copyright (C) 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <unistd.h> 
+#include <time.h>
+#include <assert.h>
+
+#include <gcrypt.h>
+#include <ksba.h>
+
+#include "gpgsm.h"
+#include "keydb.h"
+#include "i18n.h"
+
+
+KsbaCert
+get_default_recipient (void)
+{
+  return NULL;
+}
+
+
+
+/* Perform an encrypt operation.  
+
+   Encrypt the data received on DATA-FD and write it to OUT_FP.  The
+   recipients are hardwired for now. */
+int
+gpgsm_encrypt (CTRL ctrl, int data_fd, FILE *out_fp)
+{
+  int i, rc;
+  Base64Context b64reader = NULL;
+  Base64Context b64writer = NULL;
+  KsbaError err;
+  KsbaWriter writer;
+  KsbaReader reader;
+  KsbaCMS cms = NULL;
+  KsbaStopReason stopreason;
+  KsbaCert cert;
+  KEYDB_HANDLE kh = NULL;
+  GCRY_MD_HD data_md = NULL;
+  int signer;
+  const char *algoid;
+  FILE *data_fp = NULL;
+  int algo;
+
+
+  kh = keydb_new (0);
+  if (!kh)
+    {
+      log_error (_("failed to allocated keyDB handle\n"));
+      rc = GNUPG_General_Error;
+      goto leave;
+    }
+
+  data_fp = fdopen ( dup (data_fd), "rb");
+  if (!data_fp)
+    {
+      log_error ("fdopen() failed: %s\n", strerror (errno));
+      rc = seterr (IO_Error);
+      goto leave;
+    }
+
+  rc = gpgsm_create_reader (&b64reader, ctrl, data_fp, &reader);
+  if (rc)
+    {
+      log_error ("can't create reader: %s\n", gnupg_strerror (rc));
+      goto leave;
+    }
+
+  rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
+  if (rc)
+    {
+      log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+      goto leave;
+    }
+
+  cms = ksba_cms_new ();
+  if (!cms)
+    {
+      rc = seterr (Out_Of_Core);
+      goto leave;
+    }
+
+  err = ksba_cms_set_reader_writer (cms, reader, writer);
+  if (err)
+    {
+      log_debug ("ksba_cms_set_reader_writer failed: %s\n",
+                 ksba_strerror (err));
+      rc = map_ksba_err (err);
+      goto leave;
+    }
+
+  /* We are going to create signed data with data as encap. content */
+  err = ksba_cms_set_content_type (cms, 0, KSBA_CT_ENVELOPED_DATA);
+  if (!err)
+    err = ksba_cms_set_content_type (cms, 1, KSBA_CT_ENCRYPTED_DATA);
+  if (err)
+    {
+      log_debug ("ksba_cms_set_content_type failed: %s\n",
+                 ksba_strerror (err));
+      rc = map_ksba_err (err);
+      goto leave;
+    }
+
+
+  /* gather certificates of recipients and store them in the CMS object */
+  cert = get_default_recipient ();
+  if (!cert)
+    {
+      log_error ("no default recipient found\n");
+      rc = seterr (General_Error);
+      goto leave;
+    }
+/*    err = ksba_cms_add_signer (cms, cert); */
+/*    if (err) */
+/*      { */
+/*        log_debug ("ksba_cms_add_signer failed: %s\n",  ksba_strerror (err)); */
+/*        rc = map_ksba_err (err); */
+/*        goto leave; */
+/*      } */
+  cert = NULL; /* cms does now own the certificate */
+
+  /* Set the hash algorithm we are going to use */
+  err = ksba_cms_add_digest_algo (cms, "1.3.14.3.2.26" /*SHA-1*/);
+  if (err)
+    {
+      log_debug ("ksba_cms_add_digest_algo failed: %s\n", ksba_strerror (err));
+      rc = map_ksba_err (err);
+      goto leave;
+    }
+
+  /* Prepare hashing (actually we are figuring out what we have set above)*/
+  data_md = gcry_md_open (0, 0);
+  if (!data_md)
+    {
+      rc = map_gcry_err (gcry_errno());
+      log_error ("md_open failed: %s\n", gcry_strerror (-1));
+      goto leave;
+    }
+  for (i=0; (algoid=ksba_cms_get_digest_algo_list (cms, i)); i++)
+    {
+      algo = gcry_md_map_name (algoid);
+      if (!algo)
+        {
+          log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?");
+          rc = GNUPG_Bug;
+          goto leave;
+        }
+      gcry_md_enable (data_md, algo);
+    }
+
+  signer = 0;
+  do 
+    {
+      err = ksba_cms_build (cms, &stopreason);
+      if (err)
+        {
+          log_debug ("ksba_cms_build failed: %s\n", ksba_strerror (err));
+          rc = map_ksba_err (err);
+          goto leave;
+        }
+      log_debug ("ksba_cms_build - stop reason %d\n", stopreason);
+
+      if (stopreason == KSBA_SR_BEGIN_DATA)
+        { 
+        }
+      else if (stopreason == KSBA_SR_NEED_SIG)
+        { /* calculate the signature for all signers */
+          GCRY_MD_HD md;
+
+          algo = GCRY_MD_SHA1;
+          signer = 0;
+          md = gcry_md_open (algo, 0);
+          if (!md)
+            {
+              log_error ("md_open failed: %s\n", gcry_strerror (-1));
+              goto leave;
+            }
+          ksba_cms_set_hash_function (cms, HASH_FNC, md);
+          rc = ksba_cms_hash_signed_attrs (cms, signer);
+          if (rc)
+            {
+              log_debug ("hashing signed attrs failed: %s\n",
+                         ksba_strerror (rc));
+              gcry_md_close (md);
+              goto leave;
+            }
+          
+          { /* This is all an temporary hack */
+            char *sigval;
+
+            cert = NULL;
+            if (!cert)
+              {
+                log_error ("oops - failed to get cert again\n");
+                rc = seterr (General_Error);
+                goto leave;
+              }
+
+            sigval = NULL;
+            rc = gpgsm_create_cms_signature (cert, md, algo, &sigval);
+            if (rc)
+              {
+                ksba_cert_release (cert);
+                goto leave;
+              }
+
+            err = ksba_cms_set_sig_val (cms, signer, sigval);
+            xfree (sigval);
+            if (err)
+              {
+                log_error ("failed to store the signature: %s\n",
+                           ksba_strerror (err));
+                rc = map_ksba_err (err);
+                goto leave;
+              }
+          }
+        }
+    }
+  while (stopreason != KSBA_SR_READY);   
+
+  log_info ("signature created\n");
+
+ leave:
+  ksba_cms_release (cms);
+  gpgsm_destroy_writer (b64writer);
+  gpgsm_destroy_reader (b64reader);
+  keydb_release (kh); 
+  gcry_md_close (data_md);
+  if (data_fp)
+    fclose (data_fp);
+  return rc;
+}