From 28f89ad24521ef663a84012f71859d07a3863618 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 30 Apr 2004 15:24:33 +0000
Subject: [PATCH] * protect-tool.c: New option --enable-status-msg.
 (store_private_key): Print status messages for imported keys.
 (read_and_unprotect): Ditto for bad passphrase.

* import.c (check_and_store): Do not update the stats for hidden
imports of issuer certs.
(popen_protect_tool): Request statusmessages from the protect-tool.
(parse_p12): Detect status messages. Add new arg STATS and update them.
(print_imported_summary): Include secret key stats.
---
 agent/ChangeLog      |  4 +++
 agent/protect-tool.c | 11 +++++++
 sm/ChangeLog         |  3 ++
 sm/import.c          | 71 ++++++++++++++++++++++++++++++++++++--------
 4 files changed, 77 insertions(+), 12 deletions(-)

diff --git a/agent/ChangeLog b/agent/ChangeLog
index a76199961..2f2b1e410 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,5 +1,9 @@
 2004-04-30  Werner Koch  <wk@gnupg.org>
 
+	* protect-tool.c: New option --enable-status-msg.
+	(store_private_key): Print status messages for imported keys.
+	(read_and_unprotect): Ditto for bad passphrase.
+
 	* gpg-agent.c (parse_rereadable_options): New arg REREAD.  Allow
 	changing oLogFile.
 	(current_logfile): New.
diff --git a/agent/protect-tool.c b/agent/protect-tool.c
index c62c649ad..c33d21094 100644
--- a/agent/protect-tool.c
+++ b/agent/protect-tool.c
@@ -58,6 +58,7 @@ enum cmd_and_opt_values
   oNoFailOnExist,
   oHomedir,
   oPrompt,
+  oStatusMsg, 
 
 aTest };
 
@@ -80,6 +81,7 @@ static int opt_no_fail_on_exist;
 static int opt_have_cert;
 static const char *opt_passphrase;
 static char *opt_prompt;
+static int opt_status_msg;
 
 static char *get_passphrase (int promptno);
 static void release_passphrase (char *pw);
@@ -108,6 +110,7 @@ static ARGPARSE_OPTS opts[] = {
   { oNoFailOnExist, "no-fail-on-exist", 0, "@" },
   { oHomedir, "homedir", 2, "@" }, 
   { oPrompt,  "prompt", 2, "|ESCSTRING|use ESCSTRING as prompt in pinentry"}, 
+  { oStatusMsg, "enable-status-msg", 0, "@"},
   {0}
 };
 
@@ -384,6 +387,8 @@ read_and_unprotect (const char *fname)
   xfree (key);
   if (rc)
     {
+      if (opt_status_msg)
+        log_info ("[PROTECT-TOOL:] bad-passphrase\n");
       log_error ("unprotecting the key failed: %s\n", gpg_strerror (rc));
       return;
     }
@@ -1076,6 +1081,7 @@ main (int argc, char **argv )
         case oNoFailOnExist: opt_no_fail_on_exist = 1; break;
         case oHaveCert: opt_have_cert = 1; break;
         case oPrompt: opt_prompt = pargs.r.ret_str; break;
+        case oStatusMsg: opt_status_msg = 1; break;
           
         default : pargs.err = 2; break;
 	}
@@ -1185,6 +1191,8 @@ store_private_key (const unsigned char *grip,
     {
       if (!access (fname, F_OK))
       {
+        if (opt_status_msg)
+          log_info ("[PROTECT-TOOL:] secretkey-exists\n");
         if (opt_no_fail_on_exist)
           log_info ("secret key file `%s' already exists\n", fname);
         else
@@ -1221,6 +1229,9 @@ store_private_key (const unsigned char *grip,
     }
   log_info ("secret key stored as `%s'\n", fname);
 
+  if (opt_status_msg)
+    log_info ("[PROTECT-TOOL:] secretkey-stored\n");
+
   xfree (fname);
   return 0;
 }
diff --git a/sm/ChangeLog b/sm/ChangeLog
index 08f0212d2..9e29d0c92 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -2,6 +2,9 @@
 
 	* import.c (check_and_store): Do not update the stats for hidden
 	imports of issuer certs.
+	(popen_protect_tool): Request statusmessages from the protect-tool.
+	(parse_p12): Detect status messages. Add new arg STATS and update them.
+	(print_imported_summary): Include secret key stats.
 
 2004-04-28  Werner Koch  <wk@gnupg.org>
 
diff --git a/sm/import.c b/sm/import.c
index bbaa83b86..c5581eb64 100644
--- a/sm/import.c
+++ b/sm/import.c
@@ -49,10 +49,14 @@ struct stats_s {
   unsigned long imported;
   unsigned long unchanged;
   unsigned long not_imported;
-};
+  unsigned long secret_read;
+  unsigned long secret_imported;
+  unsigned long secret_dups;
+ };
 
 
-static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp);
+static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp,
+                              struct stats_s *stats);
 
 
 
@@ -119,16 +123,32 @@ print_imported_summary (CTRL ctrl, struct stats_s *stats)
 	}
       if (stats->unchanged)
         log_info (_("             unchanged: %lu\n"), stats->unchanged);
+      if (stats->secret_read)
+        log_info (_("      secret keys read: %lu\n"), stats->secret_read );
+      if (stats->secret_imported)
+        log_info (_("  secret keys imported: %lu\n"), stats->secret_imported );
+      if (stats->secret_dups)
+        log_info (_(" secret keys unchanged: %lu\n"), stats->secret_dups );
       if (stats->not_imported)
         log_info (_("          not imported: %lu\n"), stats->not_imported);
     }
 
-  sprintf (buf, "%lu 0 %lu 0 %lu 0 0 0 0 0 0 0 0 %lu",
-           stats->count,
-           stats->imported,
-           stats->unchanged,
-           stats->not_imported
-           );
+  sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
+          stats->count,
+          0l /*stats->no_user_id*/,
+          stats->imported,
+          0l /*stats->imported_rsa*/,
+          stats->unchanged,
+          0l /*stats->n_uids*/,
+          0l /*stats->n_subk*/,
+          0l /*stats->n_sigs*/,
+          0l /*stats->n_revoc*/,
+          stats->secret_read,
+          stats->secret_imported,
+          stats->secret_dups,
+          0l /*stats->skipped_new_keys*/,
+          stats->not_imported
+          );
   gpgsm_status (ctrl, STATUS_IMPORT_RES, buf);
 }
 
@@ -315,7 +335,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
           Base64Context b64p12rdr;
           ksba_reader_t p12rdr;
           
-          rc = parse_p12 (reader, &certfp);
+          rc = parse_p12 (reader, &certfp, stats);
           if (!rc)
             {
               any = 1;
@@ -512,6 +532,7 @@ popen_protect_tool (const char *pgmname,
               "--p12-import",
               "--store", 
               "--no-fail-on-exist",
+              "--enable-status-msg",
               "--",
               NULL);
       /* No way to print anything, as we have closed all streams. */
@@ -540,7 +561,7 @@ popen_protect_tool (const char *pgmname,
    certificates. On success RETFP returns a temporary file with
    certificates. */
 static gpg_error_t
-parse_p12 (ksba_reader_t reader, FILE **retfp)
+parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats)
 {
   const char *pgmname;
   gpg_error_t err = 0, child_err = 0;
@@ -613,13 +634,39 @@ parse_p12 (ksba_reader_t reader, FILE **retfp)
          protect tool to figure out better error codes for
          CHILD_ERR. */
       buffer[pos++] = c;
-      if (pos >= 5 /*sizeof buffer - 1*/ || c == '\n')
+      if (pos >= sizeof buffer - 5 || c == '\n')
         {
           buffer[pos - (c == '\n')] = 0;
           if (cont_line)
             log_printf ("%s", buffer);
           else
-            log_info ("%s", buffer);
+            {
+              if (!strncmp (buffer, "gpg-protect-tool: [PROTECT-TOOL:] ",34))
+                {
+                  char *p, *pend;
+
+                  p = buffer + 34;
+                  pend = strchr (p, ' ');
+                  if (pend)
+                    *pend = 0;
+                  if ( !strcmp (p, "secretkey-stored"))
+                    {
+                      stats->count++;
+                      stats->secret_read++;
+                      stats->secret_imported++;
+                    }
+                  else if ( !strcmp (p, "secretkey-exists"))
+                    {
+                      stats->count++;
+                      stats->secret_read++;
+                      stats->secret_dups++;
+                    }
+                  else if ( !strcmp (p, "bad-passphrase"))
+                    ;
+                }
+              else
+                log_info ("%s", buffer);
+            }
           pos = 0;
           cont_line = (c != '\n');
         }