1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00

common: Remove gpgsm dependencies from ksba-io-support.

* common/ksba-io-support.c: Include ksba-io-support.h instead of
../sm/gpgsm.h.  Include util.h.
(writer_cb_parm_s): Remove const from 'pem_name'.
(gpgsm_destroy_writer): Free 'pem_name'.
(gpgsm_create_reader): Rename to ...
(gnupg_ksba_create_reader): this.  Replace args CTRL and
ALLOW_MULTI_PEM by a new arg FLAGS.  Change the code to evaluate
FLAGS.  Change all callers to pass the FLAGS.
(gpgsm_create_writer): Rename to ...
(gnupg_ksba_create_writer): this.  Replace arg CTRL by new arg FLAGS.
Add arg PEM_NAME.  Evaluate FLAGS.  Store a copy of PEM_NAME.  Change
all callers to pass the FLAGS and PEM_NAME.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-02-16 15:16:48 +01:00
parent 919e76b407
commit 28c31524be
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
10 changed files with 150 additions and 62 deletions

View File

@ -36,13 +36,12 @@
#include <unistd.h> #include <unistd.h>
#include <time.h> #include <time.h>
#include <assert.h> #include <assert.h>
#include "../sm/gpgsm.h"
#include <ksba.h> #include <ksba.h>
#include "util.h"
#include "i18n.h" #include "i18n.h"
#include "ksba-io-support.h"
#ifdef HAVE_DOSISH_SYSTEM #ifdef HAVE_DOSISH_SYSTEM
#define LF "\r\n" #define LF "\r\n"
@ -50,6 +49,7 @@
#define LF "\n" #define LF "\n"
#endif #endif
/* Data used by the reader callbacks. */ /* Data used by the reader callbacks. */
struct reader_cb_parm_s struct reader_cb_parm_s
{ {
@ -87,7 +87,7 @@ struct writer_cb_parm_s
{ {
estream_t stream; /* Output stream. */ estream_t stream; /* Output stream. */
const char *pem_name; char *pem_name; /* Malloced. */
int wrote_begin; int wrote_begin;
int did_finish; int did_finish;
@ -550,17 +550,29 @@ base64_finish_write (struct writer_cb_parm_s *parm)
/* Create a reader for the given file descriptor. Depending on the /* Create a reader for the stream FP. FLAGS can be used to specify
control information an input decoding is automagically chosen. * the expected input encoding.
The function returns a Base64Context object which must be passed to *
the gpgme_destroy_reader function. The created KsbaReader object * The function returns a Base64Context object which must be passed to
is also returned, but the caller must not call the * the gpgme_destroy_reader function. The created ksba_reader_t
ksba_reader_release function on. If ALLOW_MULTI_PEM is true, the * object is stored at R_READER - the caller must not call the
reader expects that the caller uses ksba_reader_clear after EOF * ksba_reader_release function on.
until no more objects were found. */ *
int * The supported flags are:
gpgsm_create_reader (Base64Context *ctx, *
ctrl_t ctrl, estream_t fp, int allow_multi_pem, * GNUPG_KSBA_IO_PEM - Assume the input is PEM encoded
* GNUPG_KSBA_IO_BASE64 - Assume the input is Base64 encoded.
* GNUPG_KSBA_IO_AUTODETECT - The reader tries to detect the encoding.
* GNUPG_KSBA_IO_MULTIPEM - The reader expects that the caller uses
* ksba_reader_clear after EOF until no more
* objects were found.
*
* Note that the PEM flag has a higher priority than the BASE64 flag
* which in turn has a gight priority than the AUTODETECT flag.
*/
gpg_error_t
gnupg_ksba_create_reader (Base64Context *ctx,
unsigned int flags, estream_t fp,
ksba_reader_t *r_reader) ksba_reader_t *r_reader)
{ {
int rc; int rc;
@ -570,7 +582,7 @@ gpgsm_create_reader (Base64Context *ctx,
*ctx = xtrycalloc (1, sizeof **ctx); *ctx = xtrycalloc (1, sizeof **ctx);
if (!*ctx) if (!*ctx)
return out_of_core (); return out_of_core ();
(*ctx)->u.rparm.allow_multi_pem = allow_multi_pem; (*ctx)->u.rparm.allow_multi_pem = !!(flags & GNUPG_KSBA_IO_MULTIPEM);
rc = ksba_reader_new (&r); rc = ksba_reader_new (&r);
if (rc) if (rc)
@ -580,18 +592,18 @@ gpgsm_create_reader (Base64Context *ctx,
} }
(*ctx)->u.rparm.fp = fp; (*ctx)->u.rparm.fp = fp;
if (ctrl->is_pem) if ((flags & GNUPG_KSBA_IO_PEM))
{ {
(*ctx)->u.rparm.assume_pem = 1; (*ctx)->u.rparm.assume_pem = 1;
(*ctx)->u.rparm.assume_base64 = 1; (*ctx)->u.rparm.assume_base64 = 1;
rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm); rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm);
} }
else if (ctrl->is_base64) else if ((flags & GNUPG_KSBA_IO_BASE64))
{ {
(*ctx)->u.rparm.assume_base64 = 1; (*ctx)->u.rparm.assume_base64 = 1;
rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm); rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm);
} }
else if (ctrl->autodetect_encoding) else if ((flags & GNUPG_KSBA_IO_AUTODETECT))
{ {
(*ctx)->u.rparm.autodetect = 1; (*ctx)->u.rparm.autodetect = 1;
rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm); rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm);
@ -630,14 +642,26 @@ gpgsm_destroy_reader (Base64Context ctx)
/* Create a writer for the given STREAM. Depending on /* Create a writer for the given STREAM. Depending on FLAGS an output
the control information an output encoding is automagically * encoding is chosen. In PEM mode PEM_NAME is used for the header
chosen. The function returns a Base64Context object which must be * and footer lines; if PEM_NAME is NULL the string "CMS OBJECT" is
passed to the gpgme_destroy_writer function. The created * used.
KsbaWriter object is also returned, but the caller must not call *
the ksba_reader_release function on it. */ * The function returns a Base64Context object which must be passed to
int * the gpgme_destroy_writer function. The created ksba_writer_t
gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream, * object is stored at R_WRITER - the caller must not call the
* ksba_reader_release function on it.
*
* The supported flags are:
*
* GNUPG_KSBA_IO_PEM - Write output as PEM
* GNUPG_KSBA_IO_BASE64 - Write output as plain Base64; note that the PEM
* flag overrides this flag.
*
*/
gpg_error_t
gnupg_ksba_create_writer (Base64Context *ctx, unsigned int flags,
const char *pem_name, estream_t stream,
ksba_writer_t *r_writer) ksba_writer_t *r_writer)
{ {
int rc; int rc;
@ -646,7 +670,7 @@ gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream,
*r_writer = NULL; *r_writer = NULL;
*ctx = xtrycalloc (1, sizeof **ctx); *ctx = xtrycalloc (1, sizeof **ctx);
if (!*ctx) if (!*ctx)
return out_of_core (); return gpg_error_from_syserror ();
rc = ksba_writer_new (&w); rc = ksba_writer_new (&w);
if (rc) if (rc)
@ -655,12 +679,22 @@ gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream,
return rc; return rc;
} }
if (ctrl->create_pem || ctrl->create_base64) if ((flags & GNUPG_KSBA_IO_PEM) || (flags & GNUPG_KSBA_IO_BASE64))
{ {
(*ctx)->u.wparm.stream = stream; (*ctx)->u.wparm.stream = stream;
if (ctrl->create_pem) if ((flags & GNUPG_KSBA_IO_PEM))
(*ctx)->u.wparm.pem_name = ctrl->pem_name? ctrl->pem_name {
: "CMS OBJECT"; (*ctx)->u.wparm.pem_name = xtrystrdup (pem_name
? pem_name
: "CMS OBJECT");
if (!(*ctx)->u.wparm.pem_name)
{
rc = gpg_error_from_syserror ();
ksba_writer_release (w);
xfree (*ctx); *ctx = NULL;
return rc;
}
}
rc = ksba_writer_set_cb (w, base64_writer_cb, &(*ctx)->u.wparm); rc = ksba_writer_set_cb (w, base64_writer_cb, &(*ctx)->u.wparm);
} }
else if (stream) else if (stream)
@ -700,6 +734,7 @@ gpgsm_finish_writer (Base64Context ctx)
return base64_finish_write (parm); return base64_finish_write (parm);
} }
void void
gpgsm_destroy_writer (Base64Context ctx) gpgsm_destroy_writer (Base64Context ctx)
{ {
@ -707,5 +742,6 @@ gpgsm_destroy_writer (Base64Context ctx)
return; return;
ksba_writer_release (ctx->u2.writer); ksba_writer_release (ctx->u2.writer);
xfree (ctx->u.wparm.pem_name);
xfree (ctx); xfree (ctx);
} }

View File

@ -30,4 +30,37 @@
#ifndef GNUPG_KSBA_IO_SUPPORT_H #ifndef GNUPG_KSBA_IO_SUPPORT_H
#define GNUPG_KSBA_IO_SUPPORT_H #define GNUPG_KSBA_IO_SUPPORT_H
/* Flags used with gnupg_ksba_create_reader and
* gnupg_ksba_create_writer. */
#define GNUPG_KSBA_IO_PEM 1 /* X.509 PEM format. */
#define GNUPG_KSBA_IO_BASE64 2 /* Plain Base64 format. */
#define GNUPG_KSBA_IO_AUTODETECT 4 /* Try toautodeect the format. */
#define GNUPG_KSBA_IO_MULTIPEM 8 /* Allow more than one PEM chunk. */
/* Context object. */
typedef struct base64_context_s *Base64Context;
gpg_error_t gnupg_ksba_create_reader (Base64Context *ctx,
unsigned int flags,
estream_t fp,
ksba_reader_t *r_reader);
int gpgsm_reader_eof_seen (Base64Context ctx);
void gpgsm_destroy_reader (Base64Context ctx);
gpg_error_t gnupg_ksba_create_writer (Base64Context *ctx,
unsigned int flags,
const char *pem_name,
estream_t stream,
ksba_writer_t *r_writer);
int gpgsm_finish_writer (Base64Context ctx);
void gpgsm_destroy_writer (Base64Context ctx);
#endif /*GNUPG_KSBA_IO_SUPPORT_H*/ #endif /*GNUPG_KSBA_IO_SUPPORT_H*/

View File

@ -744,7 +744,11 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
create_cert = !!get_parameter_value (para, pSERIAL, 0); create_cert = !!get_parameter_value (para, pSERIAL, 0);
ctrl->pem_name = create_cert? "CERTIFICATE" : "CERTIFICATE REQUEST"; ctrl->pem_name = create_cert? "CERTIFICATE" : "CERTIFICATE REQUEST";
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer);
rc = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
ctrl->pem_name, out_fp, &writer);
if (rc) if (rc)
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));
else else

View File

@ -274,14 +274,21 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
goto leave; goto leave;
} }
rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader); rc = gnupg_ksba_create_reader
(&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
| (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)),
in_fp, &reader);
if (rc) if (rc)
{ {
log_error ("can't create reader: %s\n", gpg_strerror (rc)); log_error ("can't create reader: %s\n", gpg_strerror (rc));
goto leave; goto leave;
} }
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); rc = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
ctrl->pem_name, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));

View File

@ -364,7 +364,10 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
encparm.fp = data_fp; encparm.fp = data_fp;
ctrl->pem_name = "ENCRYPTED MESSAGE"; ctrl->pem_name = "ENCRYPTED MESSAGE";
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); rc = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
ctrl->pem_name, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));

View File

@ -263,7 +263,10 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
if (!b64writer) if (!b64writer)
{ {
ctrl->pem_name = "CERTIFICATE"; ctrl->pem_name = "CERTIFICATE";
rc = gpgsm_create_writer (&b64writer, ctrl, stream, &writer); rc = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 :0)),
ctrl->pem_name, stream, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));
@ -433,7 +436,10 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
ctrl->pem_name = "PRIVATE KEY"; ctrl->pem_name = "PRIVATE KEY";
else else
ctrl->pem_name = "RSA PRIVATE KEY"; ctrl->pem_name = "RSA PRIVATE KEY";
err = gpgsm_create_writer (&b64writer, ctrl, stream, &writer); err = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
ctrl->pem_name, stream, &writer);
if (err) if (err)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (err)); log_error ("can't create writer: %s\n", gpg_strerror (err));

View File

@ -33,6 +33,7 @@
#include "../common/status.h" #include "../common/status.h"
#include "../common/audit.h" #include "../common/audit.h"
#include "../common/session-env.h" #include "../common/session-env.h"
#include "../common/ksba-io-support.h"
#define MAX_DIGEST_LEN 64 #define MAX_DIGEST_LEN 64
@ -205,10 +206,6 @@ struct server_control_s
}; };
/* Data structure used in base64.c. */
typedef struct base64_context_s *Base64Context;
/* An object to keep a list of certificates. */ /* An object to keep a list of certificates. */
struct certlist_s struct certlist_s
{ {
@ -262,19 +259,6 @@ int gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits);
char *gpgsm_get_certid (ksba_cert_t cert); char *gpgsm_get_certid (ksba_cert_t cert);
/*-- base64.c --*/
int gpgsm_create_reader (Base64Context *ctx,
ctrl_t ctrl, estream_t fp, int allow_multi_pem,
ksba_reader_t *r_reader);
int gpgsm_reader_eof_seen (Base64Context ctx);
void gpgsm_destroy_reader (Base64Context ctx);
int gpgsm_create_writer (Base64Context *ctx,
ctrl_t ctrl, estream_t stream,
ksba_writer_t *r_writer);
int gpgsm_finish_writer (Base64Context ctx);
void gpgsm_destroy_writer (Base64Context ctx);
/*-- certdump.c --*/ /*-- certdump.c --*/
void gpgsm_print_serial (estream_t fp, ksba_const_sexp_t p); void gpgsm_print_serial (estream_t fp, ksba_const_sexp_t p);
void gpgsm_print_time (estream_t fp, ksba_isotime_t t); void gpgsm_print_time (estream_t fp, ksba_isotime_t t);

View File

@ -288,7 +288,12 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
goto leave; goto leave;
} }
rc = gpgsm_create_reader (&b64reader, ctrl, fp, 1, &reader); rc = gnupg_ksba_create_reader
(&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
| (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)
| GNUPG_KSBA_IO_MULTIPEM),
fp, &reader);
if (rc) if (rc)
{ {
log_error ("can't create reader: %s\n", gpg_strerror (rc)); log_error ("can't create reader: %s\n", gpg_strerror (rc));

View File

@ -340,7 +340,10 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
} }
ctrl->pem_name = "SIGNED MESSAGE"; ctrl->pem_name = "SIGNED MESSAGE";
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); rc = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
ctrl->pem_name, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));

View File

@ -125,7 +125,11 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
goto leave; goto leave;
} }
rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader); rc = gnupg_ksba_create_reader
(&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
| (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)),
in_fp, &reader);
if (rc) if (rc)
{ {
log_error ("can't create reader: %s\n", gpg_strerror (rc)); log_error ("can't create reader: %s\n", gpg_strerror (rc));
@ -134,7 +138,10 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
if (out_fp) if (out_fp)
{ {
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); rc = gnupg_ksba_create_writer
(&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)),
ctrl->pem_name, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));