* import.c (gpgsm_import): Try to identify the type of input and

handle certs-only messages. * maperror.c (map_gcry_err): Add libgcrypt's new S-expression errors. (map_ksba_err): Add a few mappings. * configure.ac: We now require libgcrypt 1.1.7 and libksba 0.4.2.
2025-01-03 12:11:33 +01:00 · 2002-05-21 08:29:17 +00:00 · 2002-05-21 08:29:17 +00:00 · 4f7330e0bb
commit 4f7330e0bb
parent c7ceb874c2
4 changed files with 123 additions and 21 deletions
--- a/common/ChangeLog
+++ b/common/ChangeLog
@ -1,3 +1,8 @@
 2002-05-21  Werner Koch  <wk@gnupg.org>
 	* maperror.c (map_gcry_err): Add libgcrypt's new S-expression errors.
 	(map_ksba_err): Add a few mappings.
 2002-05-14  Werner Koch  <wk@gnupg.org>
 	* gettime.c: New.
--- a/common/maperror.c
+++ b/common/maperror.c
@ -33,18 +33,28 @@
 #include "../assuan/assuan.h"
 /* Note: we might want to wrap this in a macro to get our hands on
-   the line and file where the error occired */
+   the line and file where the error occured */
 int
 map_ksba_err (int err)
 {
  switch (err)
    {
    case -1:
-    case 0:
+    case 0: 
      break;
    case KSBA_Out_Of_Core: err = GNUPG_Out_Of_Core; break;
    case KSBA_Invalid_Value: err = GNUPG_Invalid_Value; break;
    case KSBA_Not_Implemented: err = GNUPG_Not_Implemented; break;
    case KSBA_Conflict: err = GNUPG_Conflict; break;
    case KSBA_Read_Error: err = GNUPG_Read_Error; break;
    case KSBA_Write_Error: err = GNUPG_Write_Error; break;
    case KSBA_No_Data: err = GNUPG_No_Data; break;
    case KSBA_Bug: err = GNUPG_Bug; break;
    case KSBA_Unsupported_Algorithm: err = GNUPG_Unsupported_Algorithm; break;
    case KSBA_Invalid_Index: err = GNUPG_Invalid_Index; break;
    case KSBA_Invalid_Sexp: err = GNUPG_Invalid_Sexp; break;
    case KSBA_Unknown_Sexp: err = GNUPG_Unknown_Sexp; break;
    default:
      err = seterr (General_Error);
@ -94,6 +104,22 @@ map_gcry_err (int err)
      err = GNUPG_Bug;
      break;
    case GCRYERR_SEXP_INV_LEN_SPEC    :
    case GCRYERR_SEXP_STRING_TOO_LONG :
    case GCRYERR_SEXP_UNMATCHED_PAREN :
    case GCRYERR_SEXP_NOT_CANONICAL   :
    case GCRYERR_SEXP_BAD_CHARACTER   :
    case GCRYERR_SEXP_BAD_QUOTATION   :
    case GCRYERR_SEXP_ZERO_PREFIX     :
    case GCRYERR_SEXP_NESTED_DH       :
    case GCRYERR_SEXP_UNMATCHED_DH    :
    case GCRYERR_SEXP_UNEXPECTED_PUNC :
    case GCRYERR_SEXP_BAD_HEX_CHAR    :
    case GCRYERR_SEXP_ODD_HEX_NUMBERS :
    case GCRYERR_SEXP_BAD_OCT_CHAR    :
      err = GNUPG_Invalid_Sexp;
      break;
    case GCRYERR_NO_MEM: err = GNUPG_Out_Of_Core; break;
    case GCRYERR_NOT_IMPL:  err = GNUPG_Not_Implemented; break;
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@ -1,3 +1,8 @@
 2002-05-21  Werner Koch  <wk@gnupg.org>
 	* import.c (gpgsm_import): Try to identify the type of input and
 	handle certs-only messages.
 2002-05-14  Werner Koch  <wk@gnupg.org>
 	* gpgsm.c: New option --faked-system-time
--- a/sm/import.c
+++ b/sm/import.c
@ -43,7 +43,9 @@ gpgsm_import (CTRL ctrl, int in_fd)
  Base64Context b64reader = NULL;
  KsbaReader reader;
  KsbaCert cert = NULL;
  KsbaCMS cms = NULL;
  FILE *fp = NULL;
  KsbaContentType ct;
  fp = fdopen ( dup (in_fd), "rb");
  if (!fp)
@ -60,30 +62,94 @@ gpgsm_import (CTRL ctrl, int in_fd)
      goto leave;
    }
-  cert = ksba_cert_new ();
+  ct = ksba_cms_identify (reader);
-  if (!cert)
+  if (ct == KSBA_CT_SIGNED_DATA)
-    {
+    { /* This is probably a signed-only message - import the certs */
-      rc = seterr (Out_Of_Core);
+      KsbaStopReason stopreason;
-      goto leave;
+      int i;
    }
-  rc = ksba_cert_read_der (cert, reader);
+      cms = ksba_cms_new ();
-  if (rc)
+      if (!cms)
    {
      rc = map_ksba_err (rc);
      goto leave;
    }
  if ( !gpgsm_basic_cert_check (cert) )
    {
      if (!keydb_store_cert (cert))
        {
-          if (opt.verbose)
+          rc = seterr (Out_Of_Core);
-            log_info ("certificate imported\n");
+          goto leave;
        }
      rc = ksba_cms_set_reader_writer (cms, reader, NULL);
      if (rc)
        {
          log_error ("ksba_cms_set_reader_writer failed: %s\n",
                     ksba_strerror (rc));
          rc = map_ksba_err (rc);
          goto leave;
        }
      do 
        {
          rc = ksba_cms_parse (cms, &stopreason);
          if (rc)
            {
              log_error ("ksba_cms_parse failed: %s\n", ksba_strerror (rc));
              rc = map_ksba_err (rc);
              goto leave;
            }
          if (stopreason == KSBA_SR_BEGIN_DATA)
              log_info ("not a certs-only message\n");
        }
      while (stopreason != KSBA_SR_READY);   
      for (i=0; (cert=ksba_cms_get_cert (cms, i)); i++)
        {
          if ( !gpgsm_basic_cert_check (cert) )
            {
              if (!keydb_store_cert (cert))
                {
                  if (opt.verbose)
                    log_info ("certificate imported\n");
                }
            }
          ksba_cert_release (cert); 
          cert = NULL;
        }
    }
  else if (ct == KSBA_CT_NONE)
    { /* Failed to identify this message - assume a certificate */
      cert = ksba_cert_new ();
      if (!cert)
        {
          rc = seterr (Out_Of_Core);
          goto leave;
        }
      rc = ksba_cert_read_der (cert, reader);
      if (rc)
        {
          rc = map_ksba_err (rc);
          goto leave;
        }
      if ( !gpgsm_basic_cert_check (cert) )
        {
          if (!keydb_store_cert (cert))
            {
              if (opt.verbose)
                log_info ("certificate imported\n");
            }
        }
    }
-      
+  else
    {
      log_error ("can't extract certificates from input\n");
      rc = GNUPG_No_Data;
    }
 leave:
  ksba_cms_release (cms);
  ksba_cert_release (cert);
  gpgsm_destroy_reader (b64reader);
  if (fp)