aboutsummaryrefslogtreecommitdiffstats
path: root/sm
diff options
context:
space:
mode:
Diffstat (limited to 'sm')
-rw-r--r--sm/ChangeLog11
-rw-r--r--sm/call-agent.c88
-rw-r--r--sm/call-dirmngr.c6
-rw-r--r--sm/certchain.c10
-rw-r--r--sm/certcheck.c52
-rw-r--r--sm/certdump.c2
-rw-r--r--sm/certlist.c2
-rw-r--r--sm/certreqgen.c26
-rw-r--r--sm/decrypt.c44
-rw-r--r--sm/delete.c10
-rw-r--r--sm/encrypt.c42
-rw-r--r--sm/export.c10
-rw-r--r--sm/fingerprint.c16
-rw-r--r--sm/gpgsm.c6
-rw-r--r--sm/gpgsm.h6
-rw-r--r--sm/import.c2
-rw-r--r--sm/keydb.c8
-rw-r--r--sm/keylist.c9
-rw-r--r--sm/server.c11
-rw-r--r--sm/sign.c36
-rw-r--r--sm/verify.c50
21 files changed, 204 insertions, 243 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog
index e0ba197d9..20b02a194 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,14 @@
+2003-06-24 Werner Koch <[email protected]>
+
+ * server.c (gpgsm_status_with_err_code): New.
+ * verify.c (gpgsm_verify): Use it here instead of the old
+ tokenizing version.
+
+ * verify.c (strtimestamp): Renamed to strtimestamp_r
+
+ Adjusted for changes in the libgcrypt API. Some more fixes for the
+ libgpg-error stuff.
+
2003-06-04 Werner Koch <[email protected]>
* call-agent.c (init_membuf,put_membuf,get_membuf): Removed.
diff --git a/sm/call-agent.c b/sm/call-agent.c
index 31d9ba71c..4d26e3450 100644
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@@ -26,15 +26,17 @@
#include <unistd.h>
#include <time.h>
#include <assert.h>
-#include <gcrypt.h>
#ifdef HAVE_LOCALE_H
#include <locale.h>
#endif
-#include <assuan.h>
#include "gpgsm.h"
+#include <gcrypt.h>
+#include <assuan.h>
#include "i18n.h"
#include "keydb.h" /* fixme: Move this to import.c */
+#include "../common/membuf.h"
+
static ASSUAN_CONTEXT agent_ctx = NULL;
static int force_pipe_server = 0;
@@ -54,77 +56,9 @@ struct genkey_parm_s {
struct learn_parm_s {
int error;
ASSUAN_CONTEXT ctx;
- struct membuf *data;
+ membuf_t *data;
};
-struct membuf {
- size_t len;
- size_t size;
- char *buf;
- int out_of_core;
-};
-
-
-
-/* A simple implemnation of a dynamic buffer. Use init_membuf() to
- create a buffer, put_membuf to append bytes and get_membuf to
- release and return the buffer. Allocation errors are detected but
- only returned at the final get_membuf(), this helps not to clutter
- the code with out of core checks. */
-
-static void
-init_membuf (struct membuf *mb, int initiallen)
-{
- mb->len = 0;
- mb->size = initiallen;
- mb->out_of_core = 0;
- mb->buf = xtrymalloc (initiallen);
- if (!mb->buf)
- mb->out_of_core = 1;
-}
-
-static void
-put_membuf (struct membuf *mb, const void *buf, size_t len)
-{
- if (mb->out_of_core)
- return;
-
- if (mb->len + len >= mb->size)
- {
- char *p;
-
- mb->size += len + 1024;
- p = xtryrealloc (mb->buf, mb->size);
- if (!p)
- {
- mb->out_of_core = 1;
- return;
- }
- mb->buf = p;
- }
- memcpy (mb->buf + mb->len, buf, len);
- mb->len += len;
-}
-
-static void *
-get_membuf (struct membuf *mb, size_t *len)
-{
- char *p;
-
- if (mb->out_of_core)
- {
- xfree (mb->buf);
- mb->buf = NULL;
- return NULL;
- }
-
- p = mb->buf;
- *len = mb->len;
- mb->buf = NULL;
- mb->out_of_core = 1; /* don't allow a reuse */
- return p;
-}
-
/* Try to connect to the agent via socket or fork it off and work by
@@ -354,7 +288,7 @@ start_agent (void)
static AssuanError
membuf_data_cb (void *opaque, const void *buffer, size_t length)
{
- struct membuf *data = opaque;
+ membuf_t *data = opaque;
if (buffer)
put_membuf (data, buffer, length);
@@ -373,7 +307,7 @@ gpgsm_agent_pksign (const char *keygrip,
{
int rc, i;
char *p, line[ASSUAN_LINELENGTH];
- struct membuf data;
+ membuf_t data;
size_t len;
*r_buf = NULL;
@@ -448,7 +382,7 @@ gpgsm_agent_pkdecrypt (const char *keygrip,
{
int rc;
char line[ASSUAN_LINELENGTH];
- struct membuf data;
+ membuf_t data;
struct cipher_parm_s cipher_parm;
size_t n, len;
char *buf, *endp;
@@ -534,7 +468,7 @@ gpgsm_agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey)
{
int rc;
struct genkey_parm_s gk_parm;
- struct membuf data;
+ membuf_t data;
size_t len;
char *buf;
@@ -710,7 +644,7 @@ learn_cb (void *opaque, const void *buffer, size_t length)
keydb_store_cert (cert, 1, NULL);
}
else if (rc)
- log_error ("invalid certificate: %s\n", gnupg_strerror (rc));
+ log_error ("invalid certificate: %s\n", gpg_strerror (rc));
else
{
int existed;
@@ -735,7 +669,7 @@ gpgsm_agent_learn ()
{
int rc;
struct learn_parm_s learn_parm;
- struct membuf data;
+ membuf_t data;
size_t len;
rc = start_agent ();
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 611240771..b182b246c 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -28,10 +28,10 @@
#include <assert.h>
#include <ctype.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <assuan.h>
-#include "gpgsm.h"
#include "i18n.h"
struct membuf {
@@ -263,7 +263,7 @@ inq_certificate (void *opaque, const char *line)
err = gpgsm_find_cert (line, &cert);
if (err)
{
- log_error ("certificate not found: %s\n", gnupg_strerror (err));
+ log_error ("certificate not found: %s\n", gpg_strerror (err));
rc = ASSUAN_Inquire_Error;
}
else
@@ -533,7 +533,7 @@ run_command_inq_cb (void *opaque, const char *line)
err = gpgsm_find_cert (line, &cert);
if (err)
{
- log_error ("certificate not found: %s\n", gnupg_strerror (err));
+ log_error ("certificate not found: %s\n", gpg_strerror (err));
rc = ASSUAN_Inquire_Error;
}
else
diff --git a/sm/certchain.c b/sm/certchain.c
index 2a2582dac..6323c725e 100644
--- a/sm/certchain.c
+++ b/sm/certchain.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
@@ -302,7 +302,7 @@ find_up (KEYDB_HANDLE kh, KsbaCert cert, const char *issuer)
log_info (_("number of issuers matching: %d\n"), count);
if (rc)
{
- log_error ("external key lookup failed: %s\n", gnupg_strerror (rc));
+ log_error ("external key lookup failed: %s\n", gpg_strerror (rc));
rc = -1;
}
else if (!count)
@@ -585,7 +585,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
else
{
log_error (_("checking the trust list failed: %s\n"),
- gnupg_strerror (rc));
+ gpg_strerror (rc));
}
break; /* okay, a self-signed certicate is an end-point */
@@ -655,8 +655,10 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
rc = gpgsm_cert_use_cert_p (issuer_cert);
if (rc)
{
+ char numbuf[50];
+ sprintf (numbuf, "%d", rc);
gpgsm_status2 (ctrl, STATUS_ERROR, "certcert.issuer.keyusage",
- gnupg_error_token (rc), NULL);
+ numbuf, NULL);
rc = 0;
}
diff --git a/sm/certcheck.c b/sm/certcheck.c
index 93c0becc5..b83783813 100644
--- a/sm/certcheck.c
+++ b/sm/certcheck.c
@@ -27,17 +27,17 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
static int
-do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits,
- GCRY_MPI *r_val)
+do_encode_md (gcry_md_hd_t md, int algo, unsigned int nbits,
+ gcry_mpi_t *r_val)
{
int nframe = (nbits+7) / 8;
byte *frame;
@@ -104,12 +104,12 @@ int
gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
{
const char *algoid;
- GCRY_MD_HD md;
+ gcry_md_hd_t md;
int rc, algo;
- GCRY_MPI frame;
+ gcry_mpi_t frame;
KsbaSexp p;
size_t n;
- GCRY_SEXP s_sig, s_hash, s_pkey;
+ gcry_sexp_t s_sig, s_hash, s_pkey;
algo = gcry_md_map_name ( (algoid=ksba_cert_get_digest_algo (cert)));
if (!algo)
@@ -117,11 +117,11 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?");
return gpg_error (GPG_ERR_GENERAL);
}
- md = gcry_md_open (algo, 0);
- if (!md)
+ rc = gcry_md_open (&md, algo, 0);
+ if (rc)
{
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
- return gpg_error (GPG_ERR_GENERAL);
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
+ return rc;
}
if (DBG_HASHING)
gcry_md_start_debug (md, "hash.cert");
@@ -157,9 +157,9 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
ksba_free (p);
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
gcry_md_close (md);
- return map_gcry_err (rc);
+ return rc;
}
p = ksba_cert_get_public_key (issuer_cert);
@@ -176,10 +176,10 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
ksba_free (p);
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
gcry_md_close (md);
gcry_sexp_release (s_sig);
- return map_gcry_err (rc);
+ return rc;
}
rc = do_encode_md (md, algo, gcry_pk_get_nbits (s_pkey), &frame);
@@ -199,24 +199,24 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
if (DBG_CRYPTO)
- log_debug ("gcry_pk_verify: %s\n", gcry_strerror (rc));
+ log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
gcry_md_close (md);
gcry_sexp_release (s_sig);
gcry_sexp_release (s_hash);
gcry_sexp_release (s_pkey);
- return map_gcry_err (rc);
+ return rc;
}
int
gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
- GCRY_MD_HD md, int algo)
+ gcry_md_hd_t md, int algo)
{
int rc;
KsbaSexp p;
- GCRY_MPI frame;
- GCRY_SEXP s_sig, s_hash, s_pkey;
+ gcry_mpi_t frame;
+ gcry_sexp_t s_sig, s_hash, s_pkey;
size_t n;
n = gcry_sexp_canon_len (sigval, 0, NULL, NULL);
@@ -228,8 +228,8 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
rc = gcry_sexp_sscan (&s_sig, NULL, sigval, n);
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
- return map_gcry_err (rc);
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
+ return rc;
}
p = ksba_cert_get_public_key (cert);
@@ -248,9 +248,9 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
ksba_free (p);
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
gcry_sexp_release (s_sig);
- return map_gcry_err (rc);
+ return rc;
}
@@ -268,17 +268,17 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
if (DBG_CRYPTO)
- log_debug ("gcry_pk_verify: %s\n", gcry_strerror (rc));
+ log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
gcry_sexp_release (s_sig);
gcry_sexp_release (s_hash);
gcry_sexp_release (s_pkey);
- return map_gcry_err (rc);
+ return rc;
}
int
-gpgsm_create_cms_signature (KsbaCert cert, GCRY_MD_HD md, int mdalgo,
+gpgsm_create_cms_signature (KsbaCert cert, gcry_md_hd_t md, int mdalgo,
char **r_sigval)
{
int rc;
diff --git a/sm/certdump.c b/sm/certdump.c
index 9afb1154d..703e07186 100644
--- a/sm/certdump.c
+++ b/sm/certdump.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
diff --git a/sm/certlist.c b/sm/certlist.c
index 7224625a2..eedc99025 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 716cfcdeb..0dd4fdde9 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -96,10 +96,10 @@ EOF
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
@@ -489,7 +489,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl)
{
r = get_parameter (para, pKEYTYPE);
log_error ("line %d: key generation failed: %s\n",
- r->lnr, gnupg_strerror (rc));
+ r->lnr, gpg_strerror (rc));
return rc;
}
@@ -508,7 +508,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
{
KsbaCertreq cr;
KsbaError err;
- GCRY_MD_HD md;
+ gcry_md_hd_t md;
KsbaStopReason stopreason;
int rc = 0;
const char *s;
@@ -517,11 +517,10 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
if (!cr)
return gpg_error (GPG_ERR_ENOMEM);
- md = gcry_md_open (GCRY_MD_SHA1, 0);
- if (!md)
+ rc = gcry_md_open (&md, GCRY_MD_SHA1, 0);
+ if (rc)
{
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
- rc = map_gcry_err (gcry_errno ());
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
goto leave;
}
if (DBG_HASHING)
@@ -585,7 +584,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
}
if (stopreason == KSBA_SR_NEED_SIG)
{
- GCRY_SEXP s_pkey;
+ gcry_sexp_t s_pkey;
size_t n;
unsigned char grip[20], hexgrip[41];
char *sigval;
@@ -601,8 +600,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
rc = gcry_sexp_sscan (&s_pkey, NULL, public, n);
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
- rc = map_gcry_err (rc);
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
goto leave;
}
if ( !gcry_pk_get_keygrip (s_pkey, grip) )
@@ -623,7 +621,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
&sigval, &siglen);
if (rc)
{
- log_error ("signing failed: %s\n", gnupg_strerror (rc));
+ log_error ("signing failed: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -671,7 +669,7 @@ gpgsm_genkey (CTRL ctrl, int in_fd, FILE *out_fp)
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
if (rc)
{
- log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -679,14 +677,14 @@ gpgsm_genkey (CTRL ctrl, int in_fd, FILE *out_fp)
if (rc)
{
log_error ("error creating certificate request: %s\n",
- gnupg_strerror (rc));
+ gpg_strerror (rc));
goto leave;
}
rc = gpgsm_finish_writer (b64writer);
if (rc)
{
- log_error ("write failed: %s\n", gnupg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 04682f777..17483aa49 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
@@ -38,7 +38,7 @@ struct decrypt_filter_parm_s {
int algo;
int mode;
int blklen;
- GCRY_CIPHER_HD hd;
+ gcry_cipher_hd_t hd;
char iv[16];
size_t ivlen;
int any_data; /* dod we push anything through the filter at all? */
@@ -65,7 +65,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
&seskey, &seskeylen);
if (rc)
{
- log_error ("error decrypting session key: %s\n", gnupg_strerror (rc));
+ log_error ("error decrypting session key: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -113,17 +113,15 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
if (DBG_CRYPTO)
log_printhex ("session key:", seskey+n, seskeylen-n);
- parm->hd = gcry_cipher_open (parm->algo, parm->mode, 0);
- if (!parm->hd)
+ rc = gcry_cipher_open (&parm->hd, parm->algo, parm->mode, 0);
+ if (rc)
{
- rc = gcry_errno ();
- log_error ("error creating decryptor: %s\n", gcry_strerror (rc));
- rc = map_gcry_err (rc);
+ log_error ("error creating decryptor: %s\n", gpg_strerror (rc));
goto leave;
}
rc = gcry_cipher_setkey (parm->hd, seskey+n, seskeylen-n);
- if (rc == GCRYERR_WEAK_KEY)
+ if (gpg_err_code (rc) == GPG_ERR_WEAK_KEY)
{
log_info (_("WARNING: message was encrypted with "
"a weak key in the symmetric cipher.\n"));
@@ -131,8 +129,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
}
if (rc)
{
- log_error("key setup failed: %s\n", gcry_strerror(rc) );
- rc = map_gcry_err (rc);
+ log_error("key setup failed: %s\n", gpg_strerror(rc) );
goto leave;
}
@@ -277,14 +274,14 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, &reader);
if (rc)
{
- log_error ("can't create reader: %s\n", gnupg_strerror (rc));
+ log_error ("can't create reader: %s\n", gpg_strerror (rc));
goto leave;
}
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
if (rc)
{
- log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -334,8 +331,13 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
else if (!algoid)
log_info (_("(this does not seem to be an encrypted"
" message)\n"));
- gpgsm_status2 (ctrl, STATUS_ERROR, "decrypt.algorithm",
- gnupg_error_token (rc), algoid?algoid:"?", NULL);
+ {
+ char numbuf[50];
+ sprintf (numbuf, "%d", rc);
+ gpgsm_status2 (ctrl, STATUS_ERROR, "decrypt.algorithm",
+ numbuf, algoid?algoid:"?", NULL);
+ }
+
goto leave;
}
dfparm.algo = algo;
@@ -383,14 +385,14 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
if (rc)
{
log_error ("failed to find the certificate: %s\n",
- gnupg_strerror(rc));
+ gpg_strerror(rc));
goto oops;
}
rc = keydb_get_cert (kh, &cert);
if (rc)
{
- log_error ("failed to get cert: %s\n", gnupg_strerror (rc));
+ log_error ("failed to get cert: %s\n", gpg_strerror (rc));
goto oops;
}
/* Just in case there is a problem with the own
@@ -399,8 +401,10 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
rc = gpgsm_cert_use_decrypt_p (cert);
if (rc)
{
+ char numbuf[50];
+ sprintf (numbuf, "%d", rc);
gpgsm_status2 (ctrl, STATUS_ERROR, "decrypt.keyusage",
- gnupg_error_token (rc), NULL);
+ numbuf, NULL);
rc = 0;
}
@@ -424,7 +428,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
if (rc)
{
log_debug ("decrypting session key failed: %s\n",
- gnupg_strerror (rc));
+ gpg_strerror (rc));
}
else
{ /* setup the bulk decrypter */
@@ -479,7 +483,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
rc = gpgsm_finish_writer (b64writer);
if (rc)
{
- log_error ("write failed: %s\n", gnupg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
gpgsm_status (ctrl, STATUS_DECRYPTION_OKAY, NULL);
diff --git a/sm/delete.c b/sm/delete.c
index 5ec5b1ad5..53eff864c 100644
--- a/sm/delete.c
+++ b/sm/delete.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
@@ -49,7 +49,7 @@ delete_one (CTRL ctrl, const char *username)
if (rc)
{
log_error (_("certificate `%s' not found: %s\n"),
- username, gnupg_strerror (rc));
+ username, gpg_strerror (rc));
gpgsm_status2 (ctrl, STATUS_DELETE_PROBLEM, "1", NULL);
goto leave;
}
@@ -100,7 +100,7 @@ delete_one (CTRL ctrl, const char *username)
if (rc == -1)
rc = gpg_error (GPG_ERR_NO_PUBKEY);
log_error (_("certificate `%s' not found: %s\n"),
- username, gnupg_strerror (rc));
+ username, gpg_strerror (rc));
gpgsm_status2 (ctrl, STATUS_DELETE_PROBLEM, "3", NULL);
goto leave;
}
@@ -113,7 +113,7 @@ delete_one (CTRL ctrl, const char *username)
if (rc)
{
log_error ("problem re-searching certificate: %s\n",
- gnupg_strerror (rc));
+ gpg_strerror (rc));
goto leave;
}
@@ -156,7 +156,7 @@ gpgsm_delete (CTRL ctrl, STRLIST names)
if (rc)
{
log_error (_("deleting certificate \"%s\" failed: %s\n"),
- names->d, gnupg_strerror (rc) );
+ names->d, gpg_strerror (rc) );
return rc;
}
}
diff --git a/sm/encrypt.c b/sm/encrypt.c
index 3713a7d15..dfc905454 100644
--- a/sm/encrypt.c
+++ b/sm/encrypt.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
@@ -38,7 +38,7 @@
struct dek_s {
const char *algoid;
int algo;
- GCRY_CIPHER_HD chd;
+ gcry_cipher_hd_t chd;
char key[32];
int keylen;
char iv[32];
@@ -89,37 +89,37 @@ init_dek (DEK dek)
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
}
- dek->chd = gcry_cipher_open (dek->algo, mode, GCRY_CIPHER_SECURE);
- if (!dek->chd)
+ rc = gcry_cipher_open (&dek->chd, dek->algo, mode, GCRY_CIPHER_SECURE);
+ if (rc)
{
- log_error ("failed to create cipher context: %s\n", gcry_strerror (-1));
- return gpg_error (GPG_ERR_GENERAL);
+ log_error ("failed to create cipher context: %s\n", gpg_strerror (rc));
+ return rc;
}
for (i=0; i < 8; i++)
{
gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM );
rc = gcry_cipher_setkey (dek->chd, dek->key, dek->keylen);
- if (rc != GCRYERR_WEAK_KEY)
+ if (gpg_err_code (rc) != GPG_ERR_WEAK_KEY)
break;
log_info(_("weak key created - retrying\n") );
}
if (rc)
{
- log_error ("failed to set the key: %s\n", gcry_strerror (rc));
+ log_error ("failed to set the key: %s\n", gpg_strerror (rc));
gcry_cipher_close (dek->chd);
dek->chd = NULL;
- return map_gcry_err (rc);
+ return rc;
}
gcry_randomize (dek->iv, dek->ivlen, GCRY_STRONG_RANDOM);
rc = gcry_cipher_setiv (dek->chd, dek->iv, dek->ivlen);
if (rc)
{
- log_error ("failed to set the IV: %s\n", gcry_strerror (rc));
+ log_error ("failed to set the IV: %s\n", gpg_strerror (rc));
gcry_cipher_close (dek->chd);
dek->chd = NULL;
- return map_gcry_err (rc);
+ return rc;
}
return 0;
@@ -129,14 +129,14 @@ init_dek (DEK dek)
/* Encode the session key. NBITS is the number of bits which should be
used for packing the session key. returns: An mpi with the session
key (caller must free) */
-static GCRY_MPI
+static gcry_mpi_t
encode_session_key (DEK dek, unsigned int nbits)
{
int nframe = (nbits+7) / 8;
byte *p;
byte *frame;
int i,n;
- MPI a;
+ gcry_mpi_t a;
if (dek->keylen + 7 > nframe || !nframe)
log_bug ("can't encode a %d bit key in a %d bits frame\n",
@@ -206,7 +206,7 @@ encode_session_key (DEK dek, unsigned int nbits)
static int
encrypt_dek (const DEK dek, KsbaCert cert, char **encval)
{
- GCRY_SEXP s_ciph, s_data, s_pkey;
+ gcry_sexp_t s_ciph, s_data, s_pkey;
int rc;
KsbaSexp buf;
size_t len;
@@ -230,14 +230,14 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval)
xfree (buf); buf = NULL;
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
- return map_gcry_err (rc);
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
+ return rc;
}
/* put the encoded cleartext into a simple list */
{
/* fixme: actually the pkcs-1 encoding should go into libgcrypt */
- GCRY_MPI data = encode_session_key (dek, gcry_pk_get_nbits (s_pkey));
+ gcry_mpi_t data = encode_session_key (dek, gcry_pk_get_nbits (s_pkey));
if (!data)
{
gcry_mpi_release (data);
@@ -404,7 +404,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
if (rc)
{
- log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -449,7 +449,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
if (rc)
{
log_error ("failed to create the session key: %s\n",
- gnupg_strerror (rc));
+ gpg_strerror (rc));
goto leave;
}
@@ -482,7 +482,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
if (rc)
{
log_error ("encryption failed for recipient no. %d: %s\n",
- recpno, gnupg_strerror (rc));
+ recpno, gpg_strerror (rc));
goto leave;
}
@@ -532,7 +532,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
rc = gpgsm_finish_writer (b64writer);
if (rc)
{
- log_error ("write failed: %s\n", gnupg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
log_info ("encrypted data created\n");
diff --git a/sm/export.c b/sm/export.c
index d4b05816f..93a55debc 100644
--- a/sm/export.c
+++ b/sm/export.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
static void print_short_info (KsbaCert cert, FILE *fp);
@@ -85,7 +85,7 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp)
if (rc)
{
log_error ("key `%s' not found: %s\n",
- sl->d, gnupg_strerror (rc));
+ sl->d, gpg_strerror (rc));
rc = 0;
}
else
@@ -121,7 +121,7 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp)
rc = keydb_get_cert (hd, &cert);
if (rc)
{
- log_error ("keydb_get_cert failed: %s\n", gnupg_strerror (rc));
+ log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -147,7 +147,7 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp)
rc = gpgsm_create_writer (&b64writer, ctrl, fp, &writer);
if (rc)
{
- log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (rc));
goto leave;
}
}
@@ -176,7 +176,7 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp)
cert = NULL;
}
if (rc && rc != -1)
- log_error ("keydb_search failed: %s\n", gnupg_strerror (rc));
+ log_error ("keydb_search failed: %s\n", gpg_strerror (rc));
else if (b64writer)
{
rc = gpgsm_finish_writer (b64writer);
diff --git a/sm/fingerprint.c b/sm/fingerprint.c
index 6e458cf76..028c08aab 100644
--- a/sm/fingerprint.c
+++ b/sm/fingerprint.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
-#include <gcrypt.h>
-#include <ksba.h>
#include "gpgsm.h"
+#include <gcrypt.h>
+#include <ksba.h>
/* Return the fingerprint of the certificate (we can't put this into
libksba because we need libgcrypt support). The caller must
@@ -45,7 +45,7 @@
char *
gpgsm_get_fingerprint (KsbaCert cert, int algo, char *array, int *r_len)
{
- GCRY_MD_HD md;
+ gcry_md_hd_t md;
int rc, len;
if (!algo)
@@ -59,10 +59,10 @@ gpgsm_get_fingerprint (KsbaCert cert, int algo, char *array, int *r_len)
if (r_len)
*r_len = len;
- md = gcry_md_open (algo, 0);
- if (!md)
+ rc = gcry_md_open (&md, algo, 0);
+ if (rc)
{
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
memset (array, 0xff, len); /* better return an invalid fpr than NULL */
return array;
}
@@ -143,7 +143,7 @@ gpgsm_get_short_fingerprint (KsbaCert cert)
char *
gpgsm_get_keygrip (KsbaCert cert, char *array)
{
- GCRY_SEXP s_pkey;
+ gcry_sexp_t s_pkey;
int rc;
KsbaSexp p;
size_t n;
@@ -164,7 +164,7 @@ gpgsm_get_keygrip (KsbaCert cert, char *array)
xfree (p);
if (rc)
{
- log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
+ log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
return NULL;
}
array = gcry_pk_get_keygrip (s_pkey, array);
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 8aebb1c1d..5157874a3 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -27,10 +27,10 @@
#include <unistd.h>
#include <fcntl.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <assuan.h> /* malloc hooks */
-#include "gpgsm.h"
#include "../kbx/keybox.h" /* malloc hooks */
#include "i18n.h"
#include "keydb.h"
@@ -1095,7 +1095,7 @@ main ( int argc, char **argv)
if (rc)
{
log_error (_("can't sign using `%s': %s\n"),
- sl->d, gnupg_strerror (rc));
+ sl->d, gpg_strerror (rc));
gpgsm_status2 (&ctrl, STATUS_INV_RECP,
gpg_err_code (rc) == -1? "1":
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
@@ -1117,7 +1117,7 @@ main ( int argc, char **argv)
if (rc)
{
log_error (_("can't encrypt to `%s': %s\n"),
- sl->d, gnupg_strerror (rc));
+ sl->d, gpg_strerror (rc));
gpgsm_status2 (&ctrl, STATUS_INV_RECP,
gpg_err_code (rc) == -1? "1":
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 72abccac9..f996d578c 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -152,6 +152,8 @@ void gpgsm_init_default_ctrl (struct server_control_s *ctrl);
void gpgsm_server (void);
void gpgsm_status (CTRL ctrl, int no, const char *text);
void gpgsm_status2 (CTRL ctrl, int no, ...);
+void gpgsm_status_with_err_code (CTRL ctrl, int no, const char *text,
+ gpg_err_code_t ec);
/*-- fingerprint --*/
char *gpgsm_get_fingerprint (KsbaCert cert, int algo, char *array, int *r_len);
@@ -188,9 +190,9 @@ void gpgsm_dump_string (const char *string);
/*-- certcheck.c --*/
int gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert);
int gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
- GCRY_MD_HD md, int hash_algo);
+ gcry_md_hd_t md, int hash_algo);
/* fixme: move create functions to another file */
-int gpgsm_create_cms_signature (KsbaCert cert, GCRY_MD_HD md, int mdalgo,
+int gpgsm_create_cms_signature (KsbaCert cert, gcry_md_hd_t md, int mdalgo,
char **r_sigval);
diff --git a/sm/import.c b/sm/import.c
index 12788ea46..17dc3d66c 100644
--- a/sm/import.c
+++ b/sm/import.c
@@ -27,10 +27,10 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
diff --git a/sm/keydb.c b/sm/keydb.c
index 7f8117d71..fe6556549 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -231,7 +231,7 @@ keydb_add_resource (const char *url, int force, int secret)
leave:
if (rc)
- log_error ("keyblock resource `%s': %s\n", filename, gnupg_strerror(rc));
+ log_error ("keyblock resource `%s': %s\n", filename, gpg_strerror(rc));
else if (secret)
any_secret = 1;
else
@@ -1255,14 +1255,14 @@ keydb_store_cert (KsbaCert cert, int ephemeral, int *existed)
return 0; /* okay */
}
log_error (_("problem looking for existing certificate: %s\n"),
- gnupg_strerror (rc));
+ gpg_strerror (rc));
return rc;
}
rc = keydb_locate_writable (kh, 0);
if (rc)
{
- log_error (_("error finding writable keyDB: %s\n"), gnupg_strerror (rc));
+ log_error (_("error finding writable keyDB: %s\n"), gpg_strerror (rc));
keydb_release (kh);
return rc;
}
@@ -1270,7 +1270,7 @@ keydb_store_cert (KsbaCert cert, int ephemeral, int *existed)
rc = keydb_insert_cert (kh, cert);
if (rc)
{
- log_error (_("error storing certificate: %s\n"), gnupg_strerror (rc));
+ log_error (_("error storing certificate: %s\n"), gpg_strerror (rc));
keydb_release (kh);
return rc;
}
diff --git a/sm/keylist.c b/sm/keylist.c
index 46a4e3806..634bda292 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -1,5 +1,5 @@
/* keylist.c
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -27,10 +27,11 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
+
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
@@ -460,7 +461,7 @@ list_internal_keys (CTRL ctrl, STRLIST names, FILE *fp, unsigned int mode)
if (rc)
{
log_error ("key `%s' not found: %s\n",
- sl->d, gnupg_strerror (rc));
+ sl->d, gpg_strerror (rc));
rc = 0;
}
else
@@ -535,7 +536,7 @@ list_internal_keys (CTRL ctrl, STRLIST names, FILE *fp, unsigned int mode)
cert = NULL;
}
if (rc && rc != -1)
- log_error ("keydb_search failed: %s\n", gnupg_strerror (rc));
+ log_error ("keydb_search failed: %s\n", gpg_strerror (rc));
leave:
ksba_cert_release (cert);
diff --git a/sm/server.c b/sm/server.c
index 60f553bee..dda150964 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -991,7 +991,18 @@ gpgsm_status (CTRL ctrl, int no, const char *text)
gpgsm_status2 (ctrl, no, text, NULL);
}
+void
+gpgsm_status_with_err_code (CTRL ctrl, int no, const char *text,
+ gpg_err_code_t ec)
+{
+ char buf[30];
+ sprintf (buf, "%u", (unsigned int)ec);
+ if (text)
+ gpgsm_status2 (ctrl, no, text, buf, NULL);
+ else
+ gpgsm_status2 (ctrl, no, buf, NULL);
+}
#if 0
/*
diff --git a/sm/sign.c b/sm/sign.c
index b77c672ba..0afb52b62 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -27,16 +27,16 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
static void
-hash_data (int fd, GCRY_MD_HD md)
+hash_data (int fd, gcry_md_hd_t md)
{
FILE *fp;
char buffer[4096];
@@ -61,7 +61,7 @@ hash_data (int fd, GCRY_MD_HD md)
}
static int
-hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer)
+hash_and_copy_data (int fd, gcry_md_hd_t md, KsbaWriter writer)
{
KsbaError err;
FILE *fp;
@@ -203,7 +203,7 @@ get_default_signer (void)
rc = keydb_classify_name (opt.local_user, &desc);
if (rc)
{
- log_error ("failed to find default signer: %s\n", gnupg_strerror (rc));
+ log_error ("failed to find default signer: %s\n", gpg_strerror (rc));
return NULL;
}
@@ -302,7 +302,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
KsbaCMS cms = NULL;
KsbaStopReason stopreason;
KEYDB_HANDLE kh = NULL;
- GCRY_MD_HD data_md = NULL;
+ gcry_md_hd_t data_md = NULL;
int signer;
const char *algoid;
int algo;
@@ -322,7 +322,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
if (rc)
{
- log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -394,7 +394,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
if (rc)
{
log_error ("failed to store list of certificates: %s\n",
- gnupg_strerror(rc));
+ gpg_strerror(rc));
goto leave;
}
/* Set the hash algorithm we are going to use */
@@ -409,11 +409,10 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
}
/* Prepare hashing (actually we are figuring out what we have set above)*/
- data_md = gcry_md_open (0, 0);
- if (!data_md)
+ rc = gcry_md_open (&data_md, 0, 0);
+ if (rc)
{
- rc = map_gcry_err (gcry_errno());
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
goto leave;
}
if (DBG_HASHING)
@@ -524,18 +523,17 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
}
else if (stopreason == KSBA_SR_NEED_SIG)
{ /* calculate the signature for all signers */
- GCRY_MD_HD md;
+ gcry_md_hd_t md;
algo = GCRY_MD_SHA1;
- md = gcry_md_open (algo, 0);
- if (DBG_HASHING)
- gcry_md_start_debug (md, "sign.attr");
-
- if (!md)
+ rc = gcry_md_open (&md, algo, 0);
+ if (rc)
{
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
goto leave;
}
+ if (DBG_HASHING)
+ gcry_md_start_debug (md, "sign.attr");
ksba_cms_set_hash_function (cms, HASH_FNC, md);
for (cl=signerlist,signer=0; cl; cl = cl->next, signer++)
{
@@ -605,7 +603,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
rc = gpgsm_finish_writer (b64writer);
if (rc)
{
- log_error ("write failed: %s\n", gnupg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
diff --git a/sm/verify.c b/sm/verify.c
index 569af8b84..6dd4f4e5b 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -27,16 +27,15 @@
#include <time.h>
#include <assert.h>
+#include "gpgsm.h"
#include <gcrypt.h>
#include <ksba.h>
-#include "gpgsm.h"
#include "keydb.h"
#include "i18n.h"
-/* fixme: Move this to jnlib */
static char *
-strtimestamp (time_t atime)
+strtimestamp_r (time_t atime)
{
char *buffer = xmalloc (15);
@@ -59,7 +58,7 @@ strtimestamp (time_t atime)
/* Hash the data for a detached signature */
static void
-hash_data (int fd, GCRY_MD_HD md)
+hash_data (int fd, gcry_md_hd_t md)
{
FILE *fp;
char buffer[4096];
@@ -102,7 +101,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
KsbaStopReason stopreason;
KsbaCert cert;
KEYDB_HANDLE kh;
- GCRY_MD_HD data_md = NULL;
+ gcry_md_hd_t data_md = NULL;
int signer;
const char *algoid;
int algo;
@@ -130,7 +129,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
rc = gpgsm_create_reader (&b64reader, ctrl, fp, &reader);
if (rc)
{
- log_error ("can't create reader: %s\n", gnupg_strerror (rc));
+ log_error ("can't create reader: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -139,7 +138,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
if (rc)
{
- log_error ("can't create writer: %s\n", gnupg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (rc));
goto leave;
}
}
@@ -160,11 +159,10 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
goto leave;
}
- data_md = gcry_md_open (0, 0);
- if (!data_md)
+ rc = gcry_md_open (&data_md, 0, 0);
+ if (rc)
{
- rc = map_gcry_err (gcry_errno());
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
goto leave;
}
if (DBG_HASHING)
@@ -225,7 +223,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
rc = gpgsm_finish_writer (b64writer);
if (rc)
{
- log_error ("write failed: %s\n", gnupg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
}
@@ -364,7 +362,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
}
else
log_error ("failed to find the certificate: %s\n",
- gnupg_strerror(rc));
+ gpg_strerror(rc));
{
char numbuf[50];
sprintf (numbuf, "%d", rc);
@@ -380,7 +378,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
rc = keydb_get_cert (kh, &cert);
if (rc)
{
- log_error ("failed to get cert: %s\n", gnupg_strerror (rc));
+ log_error ("failed to get cert: %s\n", gpg_strerror (rc));
goto next_signer;
}
@@ -395,7 +393,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
if (msgdigest)
{ /* Signed attributes are available. */
- GCRY_MD_HD md;
+ gcry_md_hd_t md;
unsigned char *s;
/* check that the message digest in the signed attributes
@@ -415,10 +413,10 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
goto next_signer;
}
- md = gcry_md_open (algo, 0);
- if (!md)
+ rc = gcry_md_open (&md, algo, 0);
+ if (rc)
{
- log_error ("md_open failed: %s\n", gcry_strerror (-1));
+ log_error ("md_open failed: %s\n", gpg_strerror (rc));
goto next_signer;
}
if (DBG_HASHING)
@@ -445,7 +443,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
{
char *fpr;
- log_error ("invalid signature: %s\n", gnupg_strerror (rc));
+ log_error ("invalid signature: %s\n", gpg_strerror (rc));
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
gpgsm_status (ctrl, STATUS_BADSIG, fpr);
xfree (fpr);
@@ -454,8 +452,8 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
rc = gpgsm_cert_use_verify_p (cert); /*(this displays an info message)*/
if (rc)
{
- gpgsm_status2 (ctrl, STATUS_ERROR, "verify.keyusage",
- gnupg_error_token (rc), NULL);
+ gpgsm_status_with_err_code (ctrl, STATUS_ERROR, "verify.keyusage",
+ gpg_err_code (rc));
rc = 0;
}
@@ -474,7 +472,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
char *buf, *fpr, *tstr;
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
- tstr = strtimestamp (sigtime);
+ tstr = strtimestamp_r (sigtime);
buf = xmalloc ( strlen(fpr) + strlen (tstr) + 120);
sprintf (buf, "%s %s %lu %lu", fpr, tstr,
(unsigned long)sigtime, (unsigned long)keyexptime );
@@ -486,14 +484,16 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
if (rc) /* of validate_chain */
{
- log_error ("invalid certification chain: %s\n", gnupg_strerror (rc));
+ log_error ("invalid certification chain: %s\n", gpg_strerror (rc));
if (gpg_err_code (rc) == GPG_ERR_BAD_CERT_CHAIN
|| gpg_err_code (rc) == GPG_ERR_BAD_CERT
|| gpg_err_code (rc) == GPG_ERR_BAD_CA_CERT
|| gpg_err_code (rc) == GPG_ERR_CERT_REVOKED)
- gpgsm_status (ctrl, STATUS_TRUST_NEVER, gnupg_error_token (rc));
+ gpgsm_status_with_err_code (ctrl, STATUS_TRUST_NEVER, NULL,
+ gpg_err_code (rc));
else
- gpgsm_status (ctrl, STATUS_TRUST_UNDEFINED, gnupg_error_token (rc));
+ gpgsm_status_with_err_code (ctrl, STATUS_TRUST_UNDEFINED, NULL,
+ gpg_err_code (rc));
goto next_signer;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 18:19:29 +0000