* import.c (gpgsm_import): Try to identify the type of input and

handle certs-only messages. * maperror.c (map_gcry_err): Add libgcrypt's new S-expression errors. (map_ksba_err): Add a few mappings. * configure.ac: We now require libgcrypt 1.1.7 and libksba 0.4.2.
2025-07-03 22:56:33 +02:00 · 2002-05-21 08:29:17 +00:00 · 2002-05-21 08:29:17 +00:00 · 4f7330e0bb
commit 4f7330e0bb
parent c7ceb874c2
4 changed files with 123 additions and 21 deletions
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@ -1,3 +1,8 @@
+2002-05-21  Werner Koch  <wk@gnupg.org>
+
+	* import.c (gpgsm_import): Try to identify the type of input and
+	handle certs-only messages.
+
 2002-05-14  Werner Koch  <wk@gnupg.org>

 	* gpgsm.c: New option --faked-system-time
--- a/sm/import.c
+++ b/sm/import.c
@ -43,7 +43,9 @@ gpgsm_import (CTRL ctrl, int in_fd)
  Base64Context b64reader = NULL;
  KsbaReader reader;
  KsbaCert cert = NULL;
+  KsbaCMS cms = NULL;
  FILE *fp = NULL;
+  KsbaContentType ct;

  fp = fdopen ( dup (in_fd), "rb");
  if (!fp)
@ -60,30 +62,94 @@ gpgsm_import (CTRL ctrl, int in_fd)
      goto leave;
    }

-  cert = ksba_cert_new ();
-  if (!cert)
-    {
-      rc = seterr (Out_Of_Core);
-      goto leave;
-    }
+  ct = ksba_cms_identify (reader);
+  if (ct == KSBA_CT_SIGNED_DATA)
+    { /* This is probably a signed-only message - import the certs */
+      KsbaStopReason stopreason;
+      int i;

-  rc = ksba_cert_read_der (cert, reader);
-  if (rc)
-    {
-      rc = map_ksba_err (rc);
-      goto leave;
-    }
-
-  if ( !gpgsm_basic_cert_check (cert) )
-    {
-      if (!keydb_store_cert (cert))
+      cms = ksba_cms_new ();
+      if (!cms)
        {
-          if (opt.verbose)
-            log_info ("certificate imported\n");
+          rc = seterr (Out_Of_Core);
+          goto leave;
+        }
+
+      rc = ksba_cms_set_reader_writer (cms, reader, NULL);
+      if (rc)
+        {
+          log_error ("ksba_cms_set_reader_writer failed: %s\n",
+                     ksba_strerror (rc));
+          rc = map_ksba_err (rc);
+          goto leave;
+        }
+
+
+      do 
+        {
+          rc = ksba_cms_parse (cms, &stopreason);
+          if (rc)
+            {
+              log_error ("ksba_cms_parse failed: %s\n", ksba_strerror (rc));
+              rc = map_ksba_err (rc);
+              goto leave;
+            }
+
+          if (stopreason == KSBA_SR_BEGIN_DATA)
+              log_info ("not a certs-only message\n");
+        }
+      while (stopreason != KSBA_SR_READY);   
+      
+      for (i=0; (cert=ksba_cms_get_cert (cms, i)); i++)
+        {
+          if ( !gpgsm_basic_cert_check (cert) )
+            {
+              if (!keydb_store_cert (cert))
+                {
+                  if (opt.verbose)
+                    log_info ("certificate imported\n");
+                }
+            }
+          ksba_cert_release (cert); 
+          cert = NULL;
+        }
+
+    }
+  else if (ct == KSBA_CT_NONE)
+    { /* Failed to identify this message - assume a certificate */
+
+      cert = ksba_cert_new ();
+      if (!cert)
+        {
+          rc = seterr (Out_Of_Core);
+          goto leave;
+        }
+
+      rc = ksba_cert_read_der (cert, reader);
+      if (rc)
+        {
+          rc = map_ksba_err (rc);
+          goto leave;
+        }
+      
+      if ( !gpgsm_basic_cert_check (cert) )
+        {
+          if (!keydb_store_cert (cert))
+            {
+              if (opt.verbose)
+                log_info ("certificate imported\n");
+            }
        }
    }
-      
+  else
+    {
+      log_error ("can't extract certificates from input\n");
+      rc = GNUPG_No_Data;
+    }
+   
+
 leave:
+  ksba_cms_release (cms);
  ksba_cert_release (cert);
  gpgsm_destroy_reader (b64reader);
  if (fp)