summaryrefslogtreecommitdiff
path: root/sm
diff options
context:
space:
mode:
authorDongHun Kwak <dh0128.kwak@samsung.com>2021-02-09 16:00:19 +0900
committerDongHun Kwak <dh0128.kwak@samsung.com>2021-02-09 16:00:19 +0900
commitd9787447fe6a57e39113b60305b4ab672b9ba897 (patch)
tree6c925adf6340a1a5ab43d9048ca4b27eae819cd6 /sm
parentf77eedfaad1525168ca8593a3eb43ef157cd2891 (diff)
downloadgpg2-d9787447fe6a57e39113b60305b4ab672b9ba897.tar.gz
gpg2-d9787447fe6a57e39113b60305b4ab672b9ba897.tar.bz2
gpg2-d9787447fe6a57e39113b60305b4ab672b9ba897.zip
Imported Upstream version 2.1.19upstream/2.1.19
Diffstat (limited to 'sm')
-rw-r--r--sm/Makefile.am1
-rw-r--r--sm/base64.c700
-rw-r--r--sm/call-dirmngr.c2
-rw-r--r--sm/certchain.c2
-rw-r--r--sm/certdump.c4
-rw-r--r--sm/certlist.c2
-rw-r--r--sm/certreqgen-ui.c24
-rw-r--r--sm/certreqgen.c12
-rw-r--r--sm/decrypt.c21
-rw-r--r--sm/encrypt.c11
-rw-r--r--sm/export.c28
-rw-r--r--sm/gpgsm.h18
-rw-r--r--sm/import.c13
-rw-r--r--sm/keydb.c2
-rw-r--r--sm/keylist.c2
-rw-r--r--sm/sign.c11
-rw-r--r--sm/verify.c21
17 files changed, 94 insertions, 780 deletions
diff --git a/sm/Makefile.am b/sm/Makefile.am
index a9c67a8..4cfb246 100644
--- a/sm/Makefile.am
+++ b/sm/Makefile.am
@@ -38,7 +38,6 @@ gpgsm_SOURCES = \
call-agent.c \
call-dirmngr.c \
fingerprint.c \
- base64.c \
certlist.c \
certdump.c \
certcheck.c \
diff --git a/sm/base64.c b/sm/base64.c
deleted file mode 100644
index f3c7def..0000000
--- a/sm/base64.c
+++ /dev/null
@@ -1,700 +0,0 @@
-/* base64.c
- * Copyright (C) 2001, 2003, 2010 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, see <https://www.gnu.org/licenses/>.
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <unistd.h>
-#include <time.h>
-#include <assert.h>
-
-#include "gpgsm.h"
-
-
-#include <ksba.h>
-
-#include "i18n.h"
-
-#ifdef HAVE_DOSISH_SYSTEM
- #define LF "\r\n"
-#else
- #define LF "\n"
-#endif
-
-/* Data used by the reader callbacks. */
-struct reader_cb_parm_s
-{
- estream_t fp;
-
- unsigned char line[1024];
- int linelen;
- int readpos;
- int have_lf;
- unsigned long line_counter;
-
- int allow_multi_pem; /* Allow processing of multiple PEM objects. */
- int autodetect; /* Try to detect the input encoding. */
- int assume_pem; /* Assume input encoding is PEM. */
- int assume_base64; /* Assume input is base64 encoded. */
-
- int identified;
- int is_pem;
- int is_base64;
- int stop_seen;
- int might_be_smime;
-
- int eof_seen;
-
- struct {
- int idx;
- unsigned char val;
- int stop_seen;
- } base64;
-};
-
-
-/* Data used by the writer callbacks. */
-struct writer_cb_parm_s
-{
- estream_t stream; /* Output stream. */
-
- const char *pem_name;
-
- int wrote_begin;
- int did_finish;
-
- struct {
- int idx;
- int quad_count;
- unsigned char radbuf[4];
- } base64;
-
-};
-
-
-/* context for this module's functions */
-struct base64_context_s {
- union {
- struct reader_cb_parm_s rparm;
- struct writer_cb_parm_s wparm;
- } u;
-
- union {
- ksba_reader_t reader;
- ksba_writer_t writer;
- } u2;
-};
-
-
-/* The base-64 character list */
-static char bintoasc[64] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "abcdefghijklmnopqrstuvwxyz"
- "0123456789+/";
-/* The reverse base-64 list */
-static unsigned char asctobin[256] = {
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
- 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
- 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24,
- 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30,
- 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff
-};
-
-
-static int
-has_only_base64 (const unsigned char *line, int linelen)
-{
- if (linelen < 20)
- return 0;
- for (; linelen; line++, linelen--)
- {
- if (*line == '\n' || (linelen > 1 && *line == '\r' && line[1] == '\n'))
- break;
- if ( !strchr (bintoasc, *line) )
- return 0;
- }
- return 1; /* yes */
-}
-
-static int
-is_empty_line (const unsigned char *line, int linelen)
-{
- if (linelen >= 2 && *line == '\r' && line[1] == '\n')
- return 1;
- if (linelen >= 1 && *line == '\n')
- return 1;
- return 0;
-}
-
-
-static int
-base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
-{
- struct reader_cb_parm_s *parm = cb_value;
- size_t n;
- int c, c2;
-
- *nread = 0;
- if (!buffer)
- return -1; /* not supported */
-
- next:
- if (!parm->linelen)
- {
- /* read an entire line or up to the size of the buffer */
- parm->line_counter++;
- parm->have_lf = 0;
- for (n=0; n < DIM(parm->line);)
- {
- c = es_getc (parm->fp);
- if (c == EOF)
- {
- parm->eof_seen = 1;
- if (es_ferror (parm->fp))
- return -1;
- break;
- }
- parm->line[n++] = c;
- if (c == '\n')
- {
- parm->have_lf = 1;
- /* Fixme: we need to skip overlong lines while detecting
- the dashed lines */
- break;
- }
- }
- parm->linelen = n;
- if (!n)
- return -1; /* eof */
- parm->readpos = 0;
- }
-
- if (!parm->identified)
- {
- if (!parm->autodetect)
- {
- if (parm->assume_pem)
- {
- /* wait for the header line */
- parm->linelen = parm->readpos = 0;
- if (!parm->have_lf
- || strncmp ((char*)parm->line, "-----BEGIN ", 11)
- || !strncmp ((char*)parm->line+11, "PGP ", 4))
- goto next;
- parm->is_pem = 1;
- }
- else if (parm->assume_base64)
- parm->is_base64 = 1;
- }
- else if (parm->line_counter == 1 && !parm->have_lf)
- {
- /* first line too long - assume DER encoding */
- parm->is_pem = 0;
- }
- else if (parm->line_counter == 1 && parm->linelen && *parm->line == 0x30)
- {
- /* the very first byte does pretty much look like a SEQUENCE tag*/
- parm->is_pem = 0;
- }
- else if ( parm->have_lf
- && !strncmp ((char*)parm->line, "-----BEGIN ", 11)
- && strncmp ((char *)parm->line+11, "PGP ", 4) )
- {
- /* Fixme: we must only compare if the line really starts at
- the beginning */
- parm->is_pem = 1;
- parm->linelen = parm->readpos = 0;
- }
- else if ( parm->have_lf && parm->line_counter == 1
- && parm->linelen >= 13
- && !ascii_memcasecmp (parm->line, "Content-Type:", 13))
- { /* might be a S/MIME body */
- parm->might_be_smime = 1;
- parm->linelen = parm->readpos = 0;
- goto next;
- }
- else if (parm->might_be_smime == 1
- && is_empty_line (parm->line, parm->linelen))
- {
- parm->might_be_smime = 2;
- parm->linelen = parm->readpos = 0;
- goto next;
- }
- else if (parm->might_be_smime == 2)
- {
- parm->might_be_smime = 0;
- if ( !has_only_base64 (parm->line, parm->linelen))
- {
- parm->linelen = parm->readpos = 0;
- goto next;
- }
- parm->is_pem = 1;
- }
- else
- {
- parm->linelen = parm->readpos = 0;
- goto next;
- }
- parm->identified = 1;
- parm->base64.stop_seen = 0;
- parm->base64.idx = 0;
- }
-
-
- n = 0;
- if (parm->is_pem || parm->is_base64)
- {
- if (parm->is_pem && parm->have_lf
- && !strncmp ((char*)parm->line, "-----END ", 9))
- {
- parm->identified = 0;
- parm->linelen = parm->readpos = 0;
-
- /* If the caller want to read multiple PEM objects from one
- file, we have to reset our internal state and return a
- EOF immediately. The caller is the expected to use
- ksba_reader_clear to clear the EOF condition and continue
- to read. If we don't want to do that we just return 0
- bytes which will force the ksba_reader to skip until
- EOF. */
- if (parm->allow_multi_pem)
- {
- parm->identified = 0;
- parm->autodetect = 0;
- parm->assume_pem = 1;
- parm->stop_seen = 0;
- return -1; /* Send EOF now. */
- }
- }
- else if (parm->stop_seen)
- { /* skip the rest of the line */
- parm->linelen = parm->readpos = 0;
- }
- else
- {
- int idx = parm->base64.idx;
- unsigned char val = parm->base64.val;
-
- while (n < count && parm->readpos < parm->linelen )
- {
- c = parm->line[parm->readpos++];
- if (c == '\n' || c == ' ' || c == '\r' || c == '\t')
- continue;
- if (c == '=')
- { /* pad character: stop */
- if (idx == 1)
- buffer[n++] = val;
- parm->stop_seen = 1;
- break;
- }
- if( (c = asctobin[(c2=c)]) == 255 )
- {
- log_error (_("invalid radix64 character %02x skipped\n"),
- c2);
- continue;
- }
- switch (idx)
- {
- case 0:
- val = c << 2;
- break;
- case 1:
- val |= (c>>4)&3;
- buffer[n++] = val;
- val = (c<<4)&0xf0;
- break;
- case 2:
- val |= (c>>2)&15;
- buffer[n++] = val;
- val = (c<<6)&0xc0;
- break;
- case 3:
- val |= c&0x3f;
- buffer[n++] = val;
- break;
- }
- idx = (idx+1) % 4;
- }
- if (parm->readpos == parm->linelen)
- parm->linelen = parm->readpos = 0;
-
- parm->base64.idx = idx;
- parm->base64.val = val;
- }
- }
- else
- { /* DER encoded */
- while (n < count && parm->readpos < parm->linelen)
- buffer[n++] = parm->line[parm->readpos++];
- if (parm->readpos == parm->linelen)
- parm->linelen = parm->readpos = 0;
- }
-
- *nread = n;
- return 0;
-}
-
-
-
-static int
-simple_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
-{
- struct reader_cb_parm_s *parm = cb_value;
- size_t n;
- int c = 0;
-
- *nread = 0;
- if (!buffer)
- return -1; /* not supported */
-
- for (n=0; n < count; n++)
- {
- c = es_getc (parm->fp);
- if (c == EOF)
- {
- parm->eof_seen = 1;
- if (es_ferror (parm->fp))
- return -1;
- if (n)
- break; /* Return what we have before an EOF. */
- return -1;
- }
- *(byte *)buffer++ = c;
- }
-
- *nread = n;
- return 0;
-}
-
-
-
-
-static int
-base64_writer_cb (void *cb_value, const void *buffer, size_t count)
-{
- struct writer_cb_parm_s *parm = cb_value;
- unsigned char radbuf[4];
- int i, c, idx, quad_count;
- const unsigned char *p;
- estream_t stream = parm->stream;
-
- if (!count)
- return 0;
-
- if (!parm->wrote_begin)
- {
- if (parm->pem_name)
- {
- es_fputs ("-----BEGIN ", stream);
- es_fputs (parm->pem_name, stream);
- es_fputs ("-----\n", stream);
- }
- parm->wrote_begin = 1;
- parm->base64.idx = 0;
- parm->base64.quad_count = 0;
- }
-
- idx = parm->base64.idx;
- quad_count = parm->base64.quad_count;
- for (i=0; i < idx; i++)
- radbuf[i] = parm->base64.radbuf[i];
-
- for (p=buffer; count; p++, count--)
- {
- radbuf[idx++] = *p;
- if (idx > 2)
- {
- idx = 0;
- c = bintoasc[(*radbuf >> 2) & 077];
- es_putc (c, stream);
- c = bintoasc[(((*radbuf<<4)&060)|((radbuf[1] >> 4)&017))&077];
- es_putc (c, stream);
- c = bintoasc[(((radbuf[1]<<2)&074)|((radbuf[2]>>6)&03))&077];
- es_putc (c, stream);
- c = bintoasc[radbuf[2]&077];
- es_putc (c, stream);
- if (++quad_count >= (64/4))
- {
- es_fputs (LF, stream);
- quad_count = 0;
- }
- }
- }
- for (i=0; i < idx; i++)
- parm->base64.radbuf[i] = radbuf[i];
- parm->base64.idx = idx;
- parm->base64.quad_count = quad_count;
-
- return es_ferror (stream)? gpg_error_from_syserror () : 0;
-}
-
-
-/* This callback is only used in stream mode. Hiowever, we don't
- restrict it to this. */
-static int
-plain_writer_cb (void *cb_value, const void *buffer, size_t count)
-{
- struct writer_cb_parm_s *parm = cb_value;
- estream_t stream = parm->stream;
-
- if (!count)
- return 0;
-
- es_write (stream, buffer, count, NULL);
-
- return es_ferror (stream)? gpg_error_from_syserror () : 0;
-}
-
-
-static int
-base64_finish_write (struct writer_cb_parm_s *parm)
-{
- unsigned char *radbuf;
- int c, idx, quad_count;
- estream_t stream = parm->stream;
-
- if (!parm->wrote_begin)
- return 0; /* Nothing written or we are not called in base-64 mode. */
-
- /* flush the base64 encoding */
- idx = parm->base64.idx;
- quad_count = parm->base64.quad_count;
- if (idx)
- {
- radbuf = parm->base64.radbuf;
-
- c = bintoasc[(*radbuf>>2)&077];
- es_putc (c, stream);
- if (idx == 1)
- {
- c = bintoasc[((*radbuf << 4) & 060) & 077];
- es_putc (c, stream);
- es_putc ('=', stream);
- es_putc ('=', stream);
- }
- else
- {
- c = bintoasc[(((*radbuf<<4)&060)|((radbuf[1]>>4)&017))&077];
- es_putc (c, stream);
- c = bintoasc[((radbuf[1] << 2) & 074) & 077];
- es_putc (c, stream);
- es_putc ('=', stream);
-
- }
- if (++quad_count >= (64/4))
- {
- es_fputs (LF, stream);
- quad_count = 0;
- }
- }
-
- if (quad_count)
- es_fputs (LF, stream);
-
- if (parm->pem_name)
- {
- es_fputs ("-----END ", stream);
- es_fputs (parm->pem_name, stream);
- es_fputs ("-----\n", stream);
- }
-
- return es_ferror (stream)? gpg_error_from_syserror () : 0;
-}
-
-
-
-
-/* Create a reader for the given file descriptor. Depending on the
- control information an input decoding is automagically chosen.
- The function returns a Base64Context object which must be passed to
- the gpgme_destroy_reader function. The created KsbaReader object
- is also returned, but the caller must not call the
- ksba_reader_release function on. If ALLOW_MULTI_PEM is true, the
- reader expects that the caller uses ksba_reader_clear after EOF
- until no more objects were found. */
-int
-gpgsm_create_reader (Base64Context *ctx,
- ctrl_t ctrl, estream_t fp, int allow_multi_pem,
- ksba_reader_t *r_reader)
-{
- int rc;
- ksba_reader_t r;
-
- *r_reader = NULL;
- *ctx = xtrycalloc (1, sizeof **ctx);
- if (!*ctx)
- return out_of_core ();
- (*ctx)->u.rparm.allow_multi_pem = allow_multi_pem;
-
- rc = ksba_reader_new (&r);
- if (rc)
- {
- xfree (*ctx); *ctx = NULL;
- return rc;
- }
-
- (*ctx)->u.rparm.fp = fp;
- if (ctrl->is_pem)
- {
- (*ctx)->u.rparm.assume_pem = 1;
- (*ctx)->u.rparm.assume_base64 = 1;
- rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm);
- }
- else if (ctrl->is_base64)
- {
- (*ctx)->u.rparm.assume_base64 = 1;
- rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm);
- }
- else if (ctrl->autodetect_encoding)
- {
- (*ctx)->u.rparm.autodetect = 1;
- rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm);
- }
- else
- rc = ksba_reader_set_cb (r, simple_reader_cb, &(*ctx)->u.rparm);
-
- if (rc)
- {
- ksba_reader_release (r);
- xfree (*ctx); *ctx = NULL;
- return rc;
- }
-
- (*ctx)->u2.reader = r;
- *r_reader = r;
- return 0;
-}
-
-
-int
-gpgsm_reader_eof_seen (Base64Context ctx)
-{
- return ctx && ctx->u.rparm.eof_seen;
-}
-
-void
-gpgsm_destroy_reader (Base64Context ctx)
-{
- if (!ctx)
- return;
-
- ksba_reader_release (ctx->u2.reader);
- xfree (ctx);
-}
-
-
-
-/* Create a writer for the given STREAM. Depending on
- the control information an output encoding is automagically
- chosen. The function returns a Base64Context object which must be
- passed to the gpgme_destroy_writer function. The created
- KsbaWriter object is also returned, but the caller must not call
- the ksba_reader_release function on it. */
-int
-gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream,
- ksba_writer_t *r_writer)
-{
- int rc;
- ksba_writer_t w;
-
- *r_writer = NULL;
- *ctx = xtrycalloc (1, sizeof **ctx);
- if (!*ctx)
- return out_of_core ();
-
- rc = ksba_writer_new (&w);
- if (rc)
- {
- xfree (*ctx); *ctx = NULL;
- return rc;
- }
-
- if (ctrl->create_pem || ctrl->create_base64)
- {
- (*ctx)->u.wparm.stream = stream;
- if (ctrl->create_pem)
- (*ctx)->u.wparm.pem_name = ctrl->pem_name? ctrl->pem_name
- : "CMS OBJECT";
- rc = ksba_writer_set_cb (w, base64_writer_cb, &(*ctx)->u.wparm);
- }
- else if (stream)
- {
- (*ctx)->u.wparm.stream = stream;
- rc = ksba_writer_set_cb (w, plain_writer_cb, &(*ctx)->u.wparm);
- }
- else
- rc = gpg_error (GPG_ERR_INV_ARG);
-
- if (rc)
- {
- ksba_writer_release (w);
- xfree (*ctx); *ctx = NULL;
- return rc;
- }
-
- (*ctx)->u2.writer = w;
- *r_writer = w;
- return 0;
-}
-
-
-int
-gpgsm_finish_writer (Base64Context ctx)
-{
- struct writer_cb_parm_s *parm;
-
- if (!ctx)
- return gpg_error (GPG_ERR_INV_VALUE);
- parm = &ctx->u.wparm;
- if (parm->did_finish)
- return 0; /* Already done. */
- parm->did_finish = 1;
- if (!parm->stream)
- return 0; /* Callback was not used. */
- return base64_finish_write (parm);
-}
-
-void
-gpgsm_destroy_writer (Base64Context ctx)
-{
- if (!ctx)
- return;
-
- ksba_writer_release (ctx->u2.writer);
- xfree (ctx);
-}
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index d025063..45303e8 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -430,7 +430,7 @@ inq_certificate (void *opaque, const char *line)
}
-/* Take a 20 byte hexencoded string and put it into the the provided
+/* Take a 20 byte hexencoded string and put it into the provided
20 byte buffer FPR in binary format. */
static int
unhexify_fpr (const char *hexstr, unsigned char *fpr)
diff --git a/sm/certchain.c b/sm/certchain.c
index 083c3ad..b3e8656 100644
--- a/sm/certchain.c
+++ b/sm/certchain.c
@@ -2120,7 +2120,7 @@ get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen)
}
/* If this is a German signature law issued certificate, we store
- additional additional information. */
+ additional information. */
if (!gpgsm_is_in_qualified_list (NULL, array[depth-1], country)
&& !strcmp (country, "de"))
{
diff --git a/sm/certdump.c b/sm/certdump.c
index e47251e..bd37da4 100644
--- a/sm/certdump.c
+++ b/sm/certdump.c
@@ -1,5 +1,5 @@
/* certdump.c - Dump a certificate for debugging
- * Copyright (C) 2001, 2004, 2007 Free Software Foundation, Inc.
+ * Copyright (C) 2001-2010, 2014-2015 g10 Code GmbH
*
* This file is part of GnuPG.
*
@@ -492,7 +492,7 @@ print_dn_part (estream_t stream,
{
/* Forward to the last multi-valued RDN, so that we can
print them all in reverse in the correct order. Note
- that this overrides the the standard sequence but that
+ that this overrides the standard sequence but that
seems to a reasonable thing to do with multi-valued
RDNs. */
while (dn->multivalued && dn[1].key)
diff --git a/sm/certlist.c b/sm/certlist.c
index 7baec65..bfc35ce 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -336,7 +336,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
{
if (!first_subject)
{
- /* Save the the subject and the issuer for key usage
+ /* Save the subject and the issuer for key usage
and ambiguous name tests. */
first_subject = ksba_cert_get_subject (cert, 0);
first_issuer = ksba_cert_get_issuer (cert, 0);
diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c
index ece8668..b50d338 100644
--- a/sm/certreqgen-ui.c
+++ b/sm/certreqgen-ui.c
@@ -95,7 +95,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
gpg_error_t err;
ksba_sexp_t public;
size_t publiclen;
- const char *algostr;
+ int algo;
if (hexgrip[0] == '&')
hexgrip++;
@@ -105,21 +105,17 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
return NULL;
publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL);
- get_pk_algo_from_canon_sexp (public, publiclen, &algostr);
+ algo = get_pk_algo_from_canon_sexp (public, publiclen);
xfree (public);
- if (!algostr)
- return NULL;
- else if (!strcmp (algostr, "rsa"))
- return "RSA";
- else if (!strcmp (algostr, "dsa"))
- return "DSA";
- else if (!strcmp (algostr, "elg"))
- return "ELG";
- else if (!strcmp (algostr, "ecdsa"))
- return "ECDSA";
- else
- return NULL;
+ switch (algo)
+ {
+ case GCRY_PK_RSA: return "RSA";
+ case GCRY_PK_DSA: return "DSA";
+ case GCRY_PK_ELG: return "ELG";
+ case GCRY_PK_EDDSA: return "ECDSA";
+ default: return NULL;
+ }
}
diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 9b4ffc9..fe35ea8 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -737,14 +737,18 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
if (!outctrl->dryrun)
{
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
ksba_writer_t writer;
int create_cert ;
create_cert = !!get_parameter_value (para, pSERIAL, 0);
ctrl->pem_name = create_cert? "CERTIFICATE" : "CERTIFICATE REQUEST";
- rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
+
+ rc = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
+ ctrl->pem_name, out_fp, &writer);
if (rc)
log_error ("can't create writer: %s\n", gpg_strerror (rc));
else
@@ -752,7 +756,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
rc = create_request (ctrl, para, cardkeyid, public, sigkey, writer);
if (!rc)
{
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
log_error ("write failed: %s\n", gpg_strerror (rc));
else
@@ -762,7 +766,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
create_cert?"":" request");
}
}
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
}
}
diff --git a/sm/decrypt.c b/sm/decrypt.c
index a2907f6..cda4d29 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -243,8 +243,8 @@ int
gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
{
int rc;
- Base64Context b64reader = NULL;
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64reader = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
ksba_reader_t reader;
ksba_writer_t writer;
ksba_cms_t cms = NULL;
@@ -274,14 +274,21 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
goto leave;
}
- rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader);
+ rc = gnupg_ksba_create_reader
+ (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
+ | (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)),
+ in_fp, &reader);
if (rc)
{
log_error ("can't create reader: %s\n", gpg_strerror (rc));
goto leave;
}
- rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
+ rc = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
+ ctrl->pem_name, out_fp, &writer);
if (rc)
{
log_error ("can't create writer: %s\n", gpg_strerror (rc));
@@ -557,7 +564,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
}
while (stopreason != KSBA_SR_READY);
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
@@ -575,8 +582,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
gpg_strerror (rc), gpg_strsource (rc));
}
ksba_cms_release (cms);
- gpgsm_destroy_reader (b64reader);
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_reader (b64reader);
+ gnupg_ksba_destroy_writer (b64writer);
keydb_release (kh);
es_fclose (in_fp);
if (dfparm.hd)
diff --git a/sm/encrypt.c b/sm/encrypt.c
index 2c664f8..3a7d4bb 100644
--- a/sm/encrypt.c
+++ b/sm/encrypt.c
@@ -299,7 +299,7 @@ int
gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
{
int rc = 0;
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
gpg_error_t err;
ksba_writer_t writer;
ksba_reader_t reader = NULL;
@@ -364,7 +364,10 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
encparm.fp = data_fp;
ctrl->pem_name = "ENCRYPTED MESSAGE";
- rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
+ rc = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
+ ctrl->pem_name, out_fp, &writer);
if (rc)
{
log_error ("can't create writer: %s\n", gpg_strerror (rc));
@@ -499,7 +502,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
}
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
@@ -510,7 +513,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
leave:
ksba_cms_release (cms);
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
ksba_reader_release (reader);
keydb_release (kh);
xfree (dek);
diff --git a/sm/export.c b/sm/export.c
index a32414e..d721d52 100644
--- a/sm/export.c
+++ b/sm/export.c
@@ -133,7 +133,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
KEYDB_HANDLE hd = NULL;
KEYDB_SEARCH_DESC *desc = NULL;
int ndesc;
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
ksba_writer_t writer;
strlist_t sl;
ksba_cert_t cert = NULL;
@@ -263,7 +263,10 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
if (!b64writer)
{
ctrl->pem_name = "CERTIFICATE";
- rc = gpgsm_create_writer (&b64writer, ctrl, stream, &writer);
+ rc = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 :0)),
+ ctrl->pem_name, stream, &writer);
if (rc)
{
log_error ("can't create writer: %s\n", gpg_strerror (rc));
@@ -281,13 +284,13 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
if (ctrl->create_pem)
{
/* We want one certificate per PEM block */
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave;
}
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
b64writer = NULL;
}
}
@@ -299,7 +302,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
log_error ("keydb_search failed: %s\n", gpg_strerror (rc));
else if (b64writer)
{
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
@@ -308,7 +311,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
}
leave:
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
ksba_cert_release (cert);
xfree (desc);
keydb_release (hd);
@@ -328,7 +331,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
gpg_error_t err = 0;
KEYDB_HANDLE hd;
KEYDB_SEARCH_DESC *desc = NULL;
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
ksba_writer_t writer;
ksba_cert_t cert = NULL;
const unsigned char *image;
@@ -433,7 +436,10 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
ctrl->pem_name = "PRIVATE KEY";
else
ctrl->pem_name = "RSA PRIVATE KEY";
- err = gpgsm_create_writer (&b64writer, ctrl, stream, &writer);
+ err = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
+ ctrl->pem_name, stream, &writer);
if (err)
{
log_error ("can't create writer: %s\n", gpg_strerror (err));
@@ -457,13 +463,13 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
if (ctrl->create_pem)
{
/* We want one certificate per PEM block */
- err = gpgsm_finish_writer (b64writer);
+ err = gnupg_ksba_finish_writer (b64writer);
if (err)
{
log_error ("write failed: %s\n", gpg_strerror (err));
goto leave;
}
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
b64writer = NULL;
}
@@ -471,7 +477,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
cert = NULL;
leave:
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
ksba_cert_release (cert);
xfree (desc);
keydb_release (hd);
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 76ff327..df96770 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -33,6 +33,7 @@
#include "../common/status.h"
#include "../common/audit.h"
#include "../common/session-env.h"
+#include "../common/ksba-io-support.h"
#define MAX_DIGEST_LEN 64
@@ -205,10 +206,6 @@ struct server_control_s
};
-/* Data structure used in base64.c. */
-typedef struct base64_context_s *Base64Context;
-
-
/* An object to keep a list of certificates. */
struct certlist_s
{
@@ -262,19 +259,6 @@ int gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits);
char *gpgsm_get_certid (ksba_cert_t cert);
-/*-- base64.c --*/
-int gpgsm_create_reader (Base64Context *ctx,
- ctrl_t ctrl, estream_t fp, int allow_multi_pem,
- ksba_reader_t *r_reader);
-int gpgsm_reader_eof_seen (Base64Context ctx);
-void gpgsm_destroy_reader (Base64Context ctx);
-int gpgsm_create_writer (Base64Context *ctx,
- ctrl_t ctrl, estream_t stream,
- ksba_writer_t *r_writer);
-int gpgsm_finish_writer (Base64Context ctx);
-void gpgsm_destroy_writer (Base64Context ctx);
-
-
/*-- certdump.c --*/
void gpgsm_print_serial (estream_t fp, ksba_const_sexp_t p);
void gpgsm_print_time (estream_t fp, ksba_isotime_t t);
diff --git a/sm/import.c b/sm/import.c
index 4a8ecf7..b284b51 100644
--- a/sm/import.c
+++ b/sm/import.c
@@ -272,7 +272,7 @@ static int
import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
{
int rc;
- Base64Context b64reader = NULL;
+ gnupg_ksba_io_t b64reader = NULL;
ksba_reader_t reader;
ksba_cert_t cert = NULL;
ksba_cms_t cms = NULL;
@@ -288,7 +288,12 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
goto leave;
}
- rc = gpgsm_create_reader (&b64reader, ctrl, fp, 1, &reader);
+ rc = gnupg_ksba_create_reader
+ (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
+ | (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)
+ | GNUPG_KSBA_IO_MULTIPEM),
+ fp, &reader);
if (rc)
{
log_error ("can't create reader: %s\n", gpg_strerror (rc));
@@ -375,14 +380,14 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
ksba_reader_clear (reader, NULL, NULL);
}
- while (!gpgsm_reader_eof_seen (b64reader));
+ while (!gnupg_ksba_reader_eof_seen (b64reader));
leave:
if (any && gpg_err_code (rc) == GPG_ERR_EOF)
rc = 0;
ksba_cms_release (cms);
ksba_cert_release (cert);
- gpgsm_destroy_reader (b64reader);
+ gnupg_ksba_destroy_reader (b64reader);
es_fclose (fp);
return rc;
}
diff --git a/sm/keydb.c b/sm/keydb.c
index 44dd9ca..75f83ee 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -265,7 +265,7 @@ keydb_add_resource (ctrl_t ctrl, const char *url, int force, int *auto_created)
/* Do we have an URL?
gnupg-kbx:filename := this is a plain keybox
- filename := See what is is, but create as plain keybox.
+ filename := See what it is, but create as plain keybox.
*/
if (strlen (resname) > 10)
{
diff --git a/sm/keylist.c b/sm/keylist.c
index 88a9c4f..6db42e3 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -1280,7 +1280,7 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
}
-/* Same as standard mode mode list all certifying certs too. */
+/* Same as standard mode list all certifying certs too. */
static void
list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd,
ksba_cert_t cert, int raw_mode,
diff --git a/sm/sign.c b/sm/sign.c
index 9153d58..0ca575b 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -316,7 +316,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
{
int i, rc;
gpg_error_t err;
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
ksba_writer_t writer;
ksba_cms_t cms = NULL;
ksba_stop_reason_t stopreason;
@@ -340,7 +340,10 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
}
ctrl->pem_name = "SIGNED MESSAGE";
- rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
+ rc = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
+ ctrl->pem_name, out_fp, &writer);
if (rc)
{
log_error ("can't create writer: %s\n", gpg_strerror (rc));
@@ -760,7 +763,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
}
while (stopreason != KSBA_SR_READY);
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
@@ -778,7 +781,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (release_signerlist)
gpgsm_release_certlist (signerlist);
ksba_cms_release (cms);
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_writer (b64writer);
keydb_release (kh);
gcry_md_close (data_md);
return rc;
diff --git a/sm/verify.c b/sm/verify.c
index a046883..1ac97cb 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -90,8 +90,8 @@ int
gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
{
int i, rc;
- Base64Context b64reader = NULL;
- Base64Context b64writer = NULL;
+ gnupg_ksba_io_t b64reader = NULL;
+ gnupg_ksba_io_t b64writer = NULL;
ksba_reader_t reader;
ksba_writer_t writer = NULL;
ksba_cms_t cms = NULL;
@@ -125,7 +125,11 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
goto leave;
}
- rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader);
+ rc = gnupg_ksba_create_reader
+ (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
+ | (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)),
+ in_fp, &reader);
if (rc)
{
log_error ("can't create reader: %s\n", gpg_strerror (rc));
@@ -134,7 +138,10 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
if (out_fp)
{
- rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
+ rc = gnupg_ksba_create_writer
+ (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
+ | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
+ ctrl->pem_name, out_fp, &writer);
if (rc)
{
log_error ("can't create writer: %s\n", gpg_strerror (rc));
@@ -246,7 +253,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
if (b64writer)
{
- rc = gpgsm_finish_writer (b64writer);
+ rc = gnupg_ksba_finish_writer (b64writer);
if (rc)
{
log_error ("write failed: %s\n", gpg_strerror (rc));
@@ -643,8 +650,8 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
leave:
ksba_cms_release (cms);
- gpgsm_destroy_reader (b64reader);
- gpgsm_destroy_writer (b64writer);
+ gnupg_ksba_destroy_reader (b64reader);
+ gnupg_ksba_destroy_writer (b64writer);
keydb_release (kh);
gcry_md_close (data_md);
es_fclose (in_fp);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-16 07:08:07 +0000