sm: Use estream for I/O.

* sm/decrypt.c (gpgsm_decrypt): Use estream for the input.
* sm/encrypt.c (gpgsm_encrypt): Likewise.
* sm/gpgsm.c (open_read): Remove.
(main): Use open_es_fread for gpgsm_import_files.  Fix call of
gpgsm_encrypt, gpgsm_sign, gpgsm_verify and gpgsm_decrypt.
(open_es_fread): Use gnupg_check_special_filename and open_stream_nc.
* sm/gpgsm.h: Fix function declarations.
* sm/import.c (import_one): Use estream for the input.
(reimport_one, gpgsm_import, gpgsm_import_files): Likewise.
* sm/server.c (struct server_local_s): Rename MESSAGE_FD to
MESSAGE_FP.
(close_message_fp): Rename from close_message_fd.
(reset_notify): Follow the change of close_message_fp.
(cmd_encrypt, cmd_decrypt, cmd_verify, cmd_sign): Follow the change of
close_message_fp.  Use open_stream_nc to get estream.
(cmd_import): Likewise.
(cmd_export, cmd_delkeys, gpgsm_server): Follow the change of
close_message_fp.
(cmd_message): Setup MESSAGE_FP with open_stream_nc.
* sm/sign.c (hash_data): Use estream for the input.
(hash_and_copy_data): Likewise.
(gpgsm_sign): Likewise.
* sm/verify.c (hash_data): Use estream_t for FP.
(gpgsm_verify): Use estream_t for IN_FP and DATA_FP.

--

GnuPG-bug-id: 6592
Signed-off-by: NIIBE Yutaka <[email protected]>

1 files changed, 11 insertions, 30 deletions

diff --git a/sm/verify.c b/sm/verify.c
index c7f4492ce..de407bf16 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -53,21 +53,12 @@ strtimestamp_r (ksba_isotime_t atime)
 
 /* Hash the data for a detached signature.  Returns 0 on success.  */
 static gpg_error_t
-hash_data (int fd, gcry_md_hd_t md)
+hash_data (estream_t fp, gcry_md_hd_t md)
 {
   gpg_error_t err = 0;
-  estream_t fp;
   char buffer[4096];
   int nread;
 
-  fp = es_fdopen_nc (fd, "rb");
-  if (!fp)
-    {
-      err = gpg_error_from_syserror ();
-      log_error ("fdopen(%d) failed: %s\n", fd, gpg_strerror (err));
-      return err;
-    }
-
   do
     {
       nread = es_fread (buffer, 1, DIM(buffer), fp);
@@ -77,20 +68,20 @@ hash_data (int fd, gcry_md_hd_t md)
   if (es_ferror (fp))
     {
       err = gpg_error_from_syserror ();
-      log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err));
+      log_error ("read error on fp %p: %s\n", fp, gpg_strerror (err));
     }
-  es_fclose (fp);
   return err;
 }
 
 
 
 
-/* Perform a verify operation.  To verify detached signatures, DATA_FD
-   must be different than -1.  With OUT_FP given and a non-detached
+/* Perform a verify operation.  To verify detached signatures, DATA_FP
+   must be different than NULL.  With OUT_FP given and a non-detached
    signature, the signed material is written to that stream.  */
 int
-gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
+gpgsm_verify (ctrl_t ctrl, estream_t in_fp, estream_t data_fp,
+              estream_t out_fp)
 {
   int i, rc;
   gnupg_ksba_io_t b64reader = NULL;
@@ -106,7 +97,6 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
   const char *algoid;
   int algo;
   int is_detached, maybe_detached;
-  estream_t in_fp = NULL;
   char *p;
 
   audit_set_type (ctrl->audit, AUDIT_TYPE_VERIFY);
@@ -114,7 +104,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
   /* Although we detect detached signatures during the parsing phase,
    * we need to know it earlier and thus accept the caller idea of
    * what to verify.  */
-  maybe_detached = (data_fd != -1);
+  maybe_detached = (data_fp != NULL);
 
   kh = keydb_new (ctrl);
   if (!kh)
@@ -125,14 +115,6 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
     }
 
 
-  in_fp = es_fdopen_nc (in_fd, "rb");
-  if (!in_fp)
-    {
-      rc = gpg_error_from_syserror ();
-      log_error ("fdopen() failed: %s\n", strerror (errno));
-      goto leave;
-    }
-
   rc = gnupg_ksba_create_reader
     (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
                   | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
@@ -242,7 +224,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
             }
           if (is_detached)
             {
-              if (data_fd == -1)
+              if (!data_fp)
                 {
                   log_info ("detached signature w/o data "
                             "- assuming certs-only\n");
@@ -250,7 +232,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
                 }
               else
                 audit_log_ok (ctrl->audit, AUDIT_DATA_HASHING,
-                              hash_data (data_fd, data_md));
+                              hash_data (data_fp, data_md));
             }
           else
             {
@@ -275,7 +257,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
         }
     }
 
-  if (data_fd != -1 && !is_detached)
+  if (data_fp && !is_detached)
     {
       log_error ("data given for a non-detached signature\n");
       rc = gpg_error (GPG_ERR_CONFLICT);
@@ -315,7 +297,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
 
       rc = ksba_cms_get_issuer_serial (cms, signer, &issuer, &serial);
       if (!signer && gpg_err_code (rc) == GPG_ERR_NO_DATA
-          && data_fd == -1 && is_detached)
+          && !data_fp && is_detached)
         {
           log_info ("certs-only message accepted\n");
           rc = 0;
@@ -748,7 +730,6 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
   gnupg_ksba_destroy_writer (b64writer);
   keydb_release (kh);
   gcry_md_close (data_md);
-  es_fclose (in_fp);
 
   if (rc)
     {