|
Packit |
d7e8d0 |
/* sign.c - Signing function.
|
|
Packit |
d7e8d0 |
Copyright (C) 2000 Werner Koch (dd9jn)
|
|
Packit |
d7e8d0 |
Copyright (C) 2001, 2002, 2003, 2004, 2007 g10 Code GmbH
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
This file is part of GPGME.
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
GPGME is free software; you can redistribute it and/or modify it
|
|
Packit |
d7e8d0 |
under the terms of the GNU Lesser General Public License as
|
|
Packit |
d7e8d0 |
published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
d7e8d0 |
the License, or (at your option) any later version.
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
GPGME is distributed in the hope that it will be useful, but
|
|
Packit |
d7e8d0 |
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
d7e8d0 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
d7e8d0 |
Lesser General Public License for more details.
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
You should have received a copy of the GNU Lesser General Public
|
|
Packit |
d7e8d0 |
License along with this program; if not, write to the Free Software
|
|
Packit |
d7e8d0 |
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
|
|
Packit |
d7e8d0 |
02111-1307, USA. */
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
#if HAVE_CONFIG_H
|
|
Packit |
d7e8d0 |
#include <config.h>
|
|
Packit |
d7e8d0 |
#endif
|
|
Packit |
d7e8d0 |
#include <stdlib.h>
|
|
Packit |
d7e8d0 |
#include <string.h>
|
|
Packit |
d7e8d0 |
#include <errno.h>
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* Suppress warning for accessing deprecated member "class". */
|
|
Packit |
d7e8d0 |
#define _GPGME_IN_GPGME 1
|
|
Packit |
d7e8d0 |
#include "gpgme.h"
|
|
Packit |
d7e8d0 |
#include "context.h"
|
|
Packit |
d7e8d0 |
#include "ops.h"
|
|
Packit |
d7e8d0 |
#include "util.h"
|
|
Packit |
d7e8d0 |
#include "debug.h"
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
typedef struct
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
struct _gpgme_op_sign_result result;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* The error code from a FAILURE status line or 0. */
|
|
Packit |
d7e8d0 |
gpg_error_t failure_code;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* The fingerprint from the last KEY_CONSIDERED status line. */
|
|
Packit |
d7e8d0 |
char *kc_fpr;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* The flags from the last KEY_CONSIDERED status line. */
|
|
Packit |
d7e8d0 |
unsigned int kc_flags;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* A pointer to the next pointer of the last invalid signer in
|
|
Packit |
d7e8d0 |
the list. This makes appending new invalid signers painless
|
|
Packit |
d7e8d0 |
while preserving the order. */
|
|
Packit |
d7e8d0 |
gpgme_invalid_key_t *last_signer_p;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* Likewise for signature information. */
|
|
Packit |
d7e8d0 |
gpgme_new_signature_t *last_sig_p;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* Flags used while processing the status lines. */
|
|
Packit |
d7e8d0 |
unsigned int ignore_inv_recp:1;
|
|
Packit |
d7e8d0 |
unsigned int inv_sgnr_seen:1;
|
|
Packit |
d7e8d0 |
unsigned int sig_created_seen:1;
|
|
Packit |
d7e8d0 |
} *op_data_t;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
static void
|
|
Packit |
d7e8d0 |
release_signatures (gpgme_new_signature_t sig)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
while (sig)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_new_signature_t next = sig->next;
|
|
Packit |
d7e8d0 |
free (sig->fpr);
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
sig = next;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
static void
|
|
Packit |
d7e8d0 |
release_op_data (void *hook)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
op_data_t opd = (op_data_t) hook;
|
|
Packit |
d7e8d0 |
gpgme_invalid_key_t invalid_signer = opd->result.invalid_signers;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
while (invalid_signer)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_invalid_key_t next = invalid_signer->next;
|
|
Packit |
d7e8d0 |
if (invalid_signer->fpr)
|
|
Packit |
d7e8d0 |
free (invalid_signer->fpr);
|
|
Packit |
d7e8d0 |
free (invalid_signer);
|
|
Packit |
d7e8d0 |
invalid_signer = next;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
release_signatures (opd->result.signatures);
|
|
Packit |
d7e8d0 |
free (opd->kc_fpr);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
gpgme_sign_result_t
|
|
Packit |
d7e8d0 |
gpgme_op_sign_result (gpgme_ctx_t ctx)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
void *hook;
|
|
Packit |
d7e8d0 |
op_data_t opd;
|
|
Packit |
d7e8d0 |
gpgme_error_t err;
|
|
Packit |
d7e8d0 |
gpgme_invalid_key_t inv_key, key;
|
|
Packit |
d7e8d0 |
gpgme_new_signature_t sig;
|
|
Packit |
d7e8d0 |
unsigned int inv_signers = 0;
|
|
Packit |
d7e8d0 |
unsigned int signatures = 0;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
TRACE_BEG (DEBUG_CTX, "gpgme_op_sign_result", ctx);
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = _gpgme_op_data_lookup (ctx, OPDATA_SIGN, &hook, -1, NULL);
|
|
Packit |
d7e8d0 |
opd = hook;
|
|
Packit |
d7e8d0 |
if (err || !opd)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
TRACE_SUC0 ("result=(null)");
|
|
Packit |
d7e8d0 |
return NULL;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
for (inv_key = opd->result.invalid_signers; inv_key; inv_key = inv_key->next)
|
|
Packit |
d7e8d0 |
inv_signers++;
|
|
Packit |
d7e8d0 |
for (sig = opd->result.signatures; sig; sig = sig->next)
|
|
Packit |
d7e8d0 |
signatures++;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (gpgme_signers_count (ctx)
|
|
Packit |
d7e8d0 |
&& signatures + inv_signers != gpgme_signers_count (ctx))
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
/* In this case at least one signatures was not created perhaps
|
|
Packit |
d7e8d0 |
due to a bad passphrase etc. Thus the entire message is
|
|
Packit |
d7e8d0 |
broken and should not be used. We add the already created
|
|
Packit |
d7e8d0 |
signatures to the invalid signers list and thus this case can
|
|
Packit |
d7e8d0 |
be detected. */
|
|
Packit |
d7e8d0 |
TRACE_LOG3 ("result: invalid signers: %u, signatures: %u, count: %u",
|
|
Packit |
d7e8d0 |
inv_signers, signatures, gpgme_signers_count (ctx));
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
for (sig = opd->result.signatures; sig; sig = sig->next)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
key = calloc (1, sizeof *key);
|
|
Packit |
d7e8d0 |
if (!key)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
TRACE_SUC0 ("out of core; result=(null)");
|
|
Packit |
d7e8d0 |
return NULL;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
if (sig->fpr)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
key->fpr = strdup (sig->fpr);
|
|
Packit |
d7e8d0 |
if (!key->fpr)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
free (key);
|
|
Packit |
d7e8d0 |
TRACE_SUC0 ("out of core; result=(null)");
|
|
Packit |
d7e8d0 |
return NULL;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
key->reason = GPG_ERR_GENERAL;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
inv_key = opd->result.invalid_signers;
|
|
Packit |
d7e8d0 |
if (inv_key)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
for (; inv_key->next; inv_key = inv_key->next)
|
|
Packit |
d7e8d0 |
;
|
|
Packit |
d7e8d0 |
inv_key->next = key;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
else
|
|
Packit |
d7e8d0 |
opd->result.invalid_signers = key;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
release_signatures (opd->result.signatures);
|
|
Packit |
d7e8d0 |
opd->result.signatures = NULL;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (_gpgme_debug_trace())
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
TRACE_LOG2 ("result: invalid signers: %i, signatures: %i",
|
|
Packit |
d7e8d0 |
inv_signers, signatures);
|
|
Packit |
d7e8d0 |
for (inv_key=opd->result.invalid_signers; inv_key; inv_key=inv_key->next)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
TRACE_LOG3 ("result: invalid signer: fpr=%s, reason=%s <%s>",
|
|
Packit |
d7e8d0 |
inv_key->fpr, gpgme_strerror (inv_key->reason),
|
|
Packit |
d7e8d0 |
gpgme_strsource (inv_key->reason));
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
for (sig = opd->result.signatures; sig; sig = sig->next)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
TRACE_LOG6 ("result: signature: type=%i, pubkey_algo=%i, "
|
|
Packit |
d7e8d0 |
"hash_algo=%i, timestamp=%li, fpr=%s, sig_class=%i",
|
|
Packit |
d7e8d0 |
sig->type, sig->pubkey_algo, sig->hash_algo,
|
|
Packit |
d7e8d0 |
sig->timestamp, sig->fpr, sig->sig_class);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
TRACE_SUC1 ("result=%p", &opd->result);
|
|
Packit |
d7e8d0 |
return &opd->result;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
static gpgme_error_t
|
|
Packit |
d7e8d0 |
parse_sig_created (char *args, gpgme_new_signature_t *sigp,
|
|
Packit |
d7e8d0 |
gpgme_protocol_t protocol)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_new_signature_t sig;
|
|
Packit |
d7e8d0 |
char *tail;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
sig = malloc (sizeof (*sig));
|
|
Packit |
d7e8d0 |
if (!sig)
|
|
Packit |
d7e8d0 |
return gpg_error_from_syserror ();
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
sig->next = NULL;
|
|
Packit |
d7e8d0 |
switch (*args)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
case 'S':
|
|
Packit |
d7e8d0 |
sig->type = GPGME_SIG_MODE_NORMAL;
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case 'D':
|
|
Packit |
d7e8d0 |
sig->type = GPGME_SIG_MODE_DETACH;
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case 'C':
|
|
Packit |
d7e8d0 |
sig->type = GPGME_SIG_MODE_CLEAR;
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
default:
|
|
Packit |
d7e8d0 |
/* The backend engine is not behaving. */
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
args++;
|
|
Packit |
d7e8d0 |
if (*args != ' ')
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
gpg_err_set_errno (0);
|
|
Packit |
d7e8d0 |
sig->pubkey_algo = _gpgme_map_pk_algo (strtol (args, &tail, 0), protocol);
|
|
Packit |
d7e8d0 |
if (errno || args == tail || *tail != ' ')
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
/* The crypto backend does not behave. */
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
args = tail;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
sig->hash_algo = strtol (args, &tail, 0);
|
|
Packit |
d7e8d0 |
if (errno || args == tail || *tail != ' ')
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
/* The crypto backend does not behave. */
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
args = tail;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
sig->sig_class = strtol (args, &tail, 0);
|
|
Packit |
d7e8d0 |
sig->class = sig->sig_class;
|
|
Packit |
d7e8d0 |
sig->_obsolete_class = sig->sig_class;
|
|
Packit |
d7e8d0 |
if (errno || args == tail || *tail != ' ')
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
/* The crypto backend does not behave. */
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
args = tail;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
sig->timestamp = _gpgme_parse_timestamp (args, &tail);
|
|
Packit |
d7e8d0 |
if (sig->timestamp == -1 || args == tail || *tail != ' ')
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
/* The crypto backend does not behave. */
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
args = tail;
|
|
Packit |
d7e8d0 |
while (*args == ' ')
|
|
Packit |
d7e8d0 |
args++;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (!*args)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
/* The crypto backend does not behave. */
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return trace_gpg_error (GPG_ERR_INV_ENGINE);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
tail = strchr (args, ' ');
|
|
Packit |
d7e8d0 |
if (tail)
|
|
Packit |
d7e8d0 |
*tail = '\0';
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
sig->fpr = strdup (args);
|
|
Packit |
d7e8d0 |
if (!sig->fpr)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
free (sig);
|
|
Packit |
d7e8d0 |
return gpg_error_from_syserror ();
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
*sigp = sig;
|
|
Packit |
d7e8d0 |
return 0;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
gpgme_error_t
|
|
Packit |
d7e8d0 |
_gpgme_sign_status_handler (void *priv, gpgme_status_code_t code, char *args)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_ctx_t ctx = (gpgme_ctx_t) priv;
|
|
Packit |
d7e8d0 |
gpgme_error_t err;
|
|
Packit |
d7e8d0 |
void *hook;
|
|
Packit |
d7e8d0 |
op_data_t opd;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = _gpgme_passphrase_status_handler (priv, code, args);
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = _gpgme_op_data_lookup (ctx, OPDATA_SIGN, &hook, -1, NULL);
|
|
Packit |
d7e8d0 |
opd = hook;
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
switch (code)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_SIG_CREATED:
|
|
Packit |
d7e8d0 |
opd->sig_created_seen = 1;
|
|
Packit |
d7e8d0 |
err = parse_sig_created (args, opd->last_sig_p, ctx->protocol);
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
opd->last_sig_p = &(*opd->last_sig_p)->next;
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_KEY_CONSIDERED:
|
|
Packit |
d7e8d0 |
/* This is emitted during gpg's key lookup to give information
|
|
Packit |
d7e8d0 |
* about the lookup results. We store the last one so it can be
|
|
Packit |
d7e8d0 |
* used in connection with INV_RECP. */
|
|
Packit |
d7e8d0 |
free (opd->kc_fpr);
|
|
Packit |
d7e8d0 |
opd->kc_fpr = NULL;
|
|
Packit |
d7e8d0 |
err = _gpgme_parse_key_considered (args, &opd->kc_fpr, &opd->kc_flags);
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_INV_RECP:
|
|
Packit |
d7e8d0 |
if (opd->inv_sgnr_seen && opd->ignore_inv_recp)
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
/* FALLTROUGH */
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_INV_SGNR:
|
|
Packit |
d7e8d0 |
if (code == GPGME_STATUS_INV_SGNR)
|
|
Packit |
d7e8d0 |
opd->inv_sgnr_seen = 1;
|
|
Packit |
d7e8d0 |
free (opd->kc_fpr);
|
|
Packit |
d7e8d0 |
opd->kc_fpr = NULL;
|
|
Packit |
d7e8d0 |
err = _gpgme_parse_inv_recp (args, 1, opd->kc_fpr, opd->kc_flags,
|
|
Packit |
d7e8d0 |
opd->last_signer_p);
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
opd->last_signer_p = &(*opd->last_signer_p)->next;
|
|
Packit |
d7e8d0 |
free (opd->kc_fpr);
|
|
Packit |
d7e8d0 |
opd->kc_fpr = NULL;
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_FAILURE:
|
|
Packit |
d7e8d0 |
opd->failure_code = _gpgme_parse_failure (args);
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_EOF:
|
|
Packit |
d7e8d0 |
/* The UI server does not send information about the created
|
|
Packit |
d7e8d0 |
signature. This is irrelevant for this protocol and thus we
|
|
Packit |
d7e8d0 |
should not check for that. */
|
|
Packit |
d7e8d0 |
if (opd->result.invalid_signers)
|
|
Packit |
d7e8d0 |
err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
|
|
Packit |
d7e8d0 |
else if (!opd->sig_created_seen
|
|
Packit |
d7e8d0 |
&& ctx->protocol != GPGME_PROTOCOL_UISERVER)
|
|
Packit |
d7e8d0 |
err = opd->failure_code? opd->failure_code:gpg_error (GPG_ERR_GENERAL);
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
case GPGME_STATUS_INQUIRE_MAXLEN:
|
|
Packit |
d7e8d0 |
if (ctx->status_cb && !ctx->full_status)
|
|
Packit |
d7e8d0 |
err = ctx->status_cb (ctx->status_cb_value, "INQUIRE_MAXLEN", args);
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
default:
|
|
Packit |
d7e8d0 |
break;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
static gpgme_error_t
|
|
Packit |
d7e8d0 |
sign_status_handler (void *priv, gpgme_status_code_t code, char *args)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_error_t err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = _gpgme_progress_status_handler (priv, code, args);
|
|
Packit |
d7e8d0 |
if (!err)
|
|
Packit |
d7e8d0 |
err = _gpgme_sign_status_handler (priv, code, args);
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
static gpgme_error_t
|
|
Packit |
d7e8d0 |
sign_init_result (gpgme_ctx_t ctx, int ignore_inv_recp)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_error_t err;
|
|
Packit |
d7e8d0 |
void *hook;
|
|
Packit |
d7e8d0 |
op_data_t opd;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = _gpgme_op_data_lookup (ctx, OPDATA_SIGN, &hook,
|
|
Packit |
d7e8d0 |
sizeof (*opd), release_op_data);
|
|
Packit |
d7e8d0 |
opd = hook;
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
opd->failure_code = 0;
|
|
Packit |
d7e8d0 |
opd->last_signer_p = &opd->result.invalid_signers;
|
|
Packit |
d7e8d0 |
opd->last_sig_p = &opd->result.signatures;
|
|
Packit |
d7e8d0 |
opd->ignore_inv_recp = !!ignore_inv_recp;
|
|
Packit |
d7e8d0 |
opd->inv_sgnr_seen = 0;
|
|
Packit |
d7e8d0 |
opd->sig_created_seen = 0;
|
|
Packit |
d7e8d0 |
return 0;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
gpgme_error_t
|
|
Packit |
d7e8d0 |
_gpgme_op_sign_init_result (gpgme_ctx_t ctx)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
return sign_init_result (ctx, 0);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
static gpgme_error_t
|
|
Packit |
d7e8d0 |
sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_data_t plain,
|
|
Packit |
d7e8d0 |
gpgme_data_t sig, gpgme_sig_mode_t mode)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_error_t err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = _gpgme_op_reset (ctx, synchronous);
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* If we are using the CMS protocol, we ignore the INV_RECP status
|
|
Packit |
d7e8d0 |
code if a newer GPGSM is in use. GPGMS does not support combined
|
|
Packit |
d7e8d0 |
sign+encrypt and thus this can't harm. */
|
|
Packit |
d7e8d0 |
err = sign_init_result (ctx, (ctx->protocol == GPGME_PROTOCOL_CMS));
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (mode != GPGME_SIG_MODE_NORMAL && mode != GPGME_SIG_MODE_DETACH
|
|
Packit |
d7e8d0 |
&& mode != GPGME_SIG_MODE_CLEAR)
|
|
Packit |
d7e8d0 |
return gpg_error (GPG_ERR_INV_VALUE);
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (!plain)
|
|
Packit |
d7e8d0 |
return gpg_error (GPG_ERR_NO_DATA);
|
|
Packit |
d7e8d0 |
if (!sig)
|
|
Packit |
d7e8d0 |
return gpg_error (GPG_ERR_INV_VALUE);
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (ctx->passphrase_cb)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
err = _gpgme_engine_set_command_handler
|
|
Packit |
d7e8d0 |
(ctx->engine, _gpgme_passphrase_command_handler, ctx, NULL);
|
|
Packit |
d7e8d0 |
if (err)
|
|
Packit |
d7e8d0 |
return err;
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
_gpgme_engine_set_status_handler (ctx->engine, sign_status_handler,
|
|
Packit |
d7e8d0 |
ctx);
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
return _gpgme_engine_op_sign (ctx->engine, plain, sig, mode, ctx->use_armor,
|
|
Packit |
d7e8d0 |
ctx->use_textmode, ctx->include_certs,
|
|
Packit |
d7e8d0 |
ctx /* FIXME */);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* Sign the plaintext PLAIN and store the signature in SIG. */
|
|
Packit |
d7e8d0 |
gpgme_error_t
|
|
Packit |
d7e8d0 |
gpgme_op_sign_start (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig,
|
|
Packit |
d7e8d0 |
gpgme_sig_mode_t mode)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpg_error_t err;
|
|
Packit |
d7e8d0 |
TRACE_BEG3 (DEBUG_CTX, "gpgme_op_sign_start", ctx,
|
|
Packit |
d7e8d0 |
"plain=%p, sig=%p, mode=%i", plain, sig, mode);
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (!ctx)
|
|
Packit |
d7e8d0 |
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = sign_start (ctx, 0, plain, sig, mode);
|
|
Packit |
d7e8d0 |
return TRACE_ERR (err);
|
|
Packit |
d7e8d0 |
}
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
/* Sign the plaintext PLAIN and store the signature in SIG. */
|
|
Packit |
d7e8d0 |
gpgme_error_t
|
|
Packit |
d7e8d0 |
gpgme_op_sign (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig,
|
|
Packit |
d7e8d0 |
gpgme_sig_mode_t mode)
|
|
Packit |
d7e8d0 |
{
|
|
Packit |
d7e8d0 |
gpgme_error_t err;
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
TRACE_BEG3 (DEBUG_CTX, "gpgme_op_sign", ctx,
|
|
Packit |
d7e8d0 |
"plain=%p, sig=%p, mode=%i", plain, sig, mode);
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
if (!ctx)
|
|
Packit |
d7e8d0 |
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
|
|
Packit |
d7e8d0 |
|
|
Packit |
d7e8d0 |
err = sign_start (ctx, 1, plain, sig, mode);
|
|
Packit |
d7e8d0 |
if (!err)
|
|
Packit |
d7e8d0 |
err = _gpgme_wait_one (ctx);
|
|
Packit |
d7e8d0 |
return TRACE_ERR (err);
|
|
Packit |
d7e8d0 |
}
|