agent: Minor cleanup (mostly for documentation).

* agent/command.c (cmd_pksign): Change var name 'rc' to 'err'. * agent/findkey.c (read_key_file): Ditto. Change return type to gpg_error_t. On es_fessk failure return a correct error code. (agent_key_from_file): Change var name 'rc' to 'err'. * agent/pksign.c (agent_pksign_do): Ditto. Change return type to gpg_error_t. Return a valid erro code on malloc failure. (agent_pksign): Ditto. Change return type to gpg_error_t. replace xmalloc by xtrymalloc. * agent/protect.c (calculate_mic): Change return type to gpg_error_t. (do_decryption): Ditto. Do not init RC. (merge_lists): Change return type to gpg_error_t. (agent_unprotect): Ditto. (agent_get_shadow_info): Ditto. -- While code starring for bug 3266 I found two glitches and also changed var name for easier reading. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-01-03 12:11:33 +01:00 · 2017-07-28 10:37:33 +02:00 · 2017-07-28 10:37:33 +02:00 · 5516ef47a2
commit 5516ef47a2
parent 6502bb0d2a
5 changed files with 173 additions and 161 deletions
--- a/agent/agent.h
+++ b/agent/agent.h
@ -450,12 +450,12 @@ void agent_store_cache_hit (const char *key);
 /*-- pksign.c --*/
-int agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
+gpg_error_t agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
                             const char *desc_text,
                             gcry_sexp_t *signature_sexp,
                             cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
                             const void *overridedata, size_t overridedatalen);
-int agent_pksign (ctrl_t ctrl, const char *cache_nonce,
+gpg_error_t agent_pksign (ctrl_t ctrl, const char *cache_nonce,
                          const char *desc_text,
                          membuf_t *outbuf, cache_mode_t cache_mode);
@ -482,7 +482,7 @@ unsigned char get_standard_s2k_count_rfc4880 (void);
 int agent_protect (const unsigned char *plainkey, const char *passphrase,
                   unsigned char **result, size_t *resultlen,
 		   unsigned long s2k_count, int use_ocb);
-int agent_unprotect (ctrl_t ctrl,
+gpg_error_t agent_unprotect (ctrl_t ctrl,
                     const unsigned char *protectedkey, const char *passphrase,
                     gnupg_isotime_t protected_at,
                     unsigned char **result, size_t *resultlen);
@ -491,7 +491,7 @@ unsigned char *make_shadow_info (const char *serialno, const char *idstring);
 int agent_shadow_key (const unsigned char *pubkey,
                      const unsigned char *shadow_info,
                      unsigned char **result);
-int agent_get_shadow_info (const unsigned char *shadowkey,
+gpg_error_t agent_get_shadow_info (const unsigned char *shadowkey,
                                   unsigned char const **shadow_info);
 gpg_error_t parse_shadow_info (const unsigned char *shadow_info,
                               char **r_hexsn, char **r_idstr, int *r_pinlen);
--- a/agent/command.c
+++ b/agent/command.c
@ -782,7 +782,7 @@ static const char hlp_pksign[] =
 static gpg_error_t
 cmd_pksign (assuan_context_t ctx, char *line)
 {
-  int rc;
+  gpg_error_t err;
  cache_mode_t cache_mode = CACHE_MODE_NORMAL;
  ctrl_t ctrl = assuan_get_pointer (ctx);
  membuf_t outbuf;
@ -804,17 +804,17 @@ cmd_pksign (assuan_context_t ctx, char *line)
  init_membuf (&outbuf, 512);
-  rc = agent_pksign (ctrl, cache_nonce, ctrl->server_local->keydesc,
+  err = agent_pksign (ctrl, cache_nonce, ctrl->server_local->keydesc,
                      &outbuf, cache_mode);
-  if (rc)
+  if (err)
    clear_outbuf (&outbuf);
  else
-    rc = write_and_clear_outbuf (ctx, &outbuf);
+    err = write_and_clear_outbuf (ctx, &outbuf);
  xfree (cache_nonce);
  xfree (ctrl->server_local->keydesc);
  ctrl->server_local->keydesc = NULL;
-  return leave_cmd (ctx, rc);
+  return leave_cmd (ctx, err);
 }
--- a/agent/findkey.c
+++ b/agent/findkey.c
@ -488,7 +488,7 @@ agent_modify_description (const char *in, const char *comment,
   passphrase (entered or from the cache) is stored there; if not NULL
   will be stored.  The caller needs to free the returned
   passphrase. */
-static int
+static gpg_error_t
 unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
           unsigned char **keybuf, const unsigned char *grip,
           cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
@ -690,7 +690,7 @@ unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
 static gpg_error_t
 read_key_file (const unsigned char *grip, gcry_sexp_t *result)
 {
-  int rc;
+  gpg_error_t err;
  char *fname;
  estream_t fp;
  struct stat st;
@ -710,30 +710,30 @@ read_key_file (const unsigned char *grip, gcry_sexp_t *result)
  fp = es_fopen (fname, "rb");
  if (!fp)
    {
-      rc = gpg_error_from_syserror ();
+      err = gpg_error_from_syserror ();
-      if (gpg_err_code (rc) != GPG_ERR_ENOENT)
+      if (gpg_err_code (err) != GPG_ERR_ENOENT)
-        log_error ("can't open '%s': %s\n", fname, strerror (errno));
+        log_error ("can't open '%s': %s\n", fname, gpg_strerror (err));
      xfree (fname);
-      return rc;
+      return err;
    }
  if (es_fread (&first, 1, 1, fp) != 1)
    {
-      rc = gpg_error_from_syserror ();
+      err = gpg_error_from_syserror ();
      log_error ("error reading first byte from '%s': %s\n",
-                 fname, strerror (errno));
+                 fname, gpg_strerror (err));
      xfree (fname);
      es_fclose (fp);
-      return rc;
+      return err;
    }
-  rc = es_fseek (fp, 0, SEEK_SET);
+  if (es_fseek (fp, 0, SEEK_SET))
  if (rc)
    {
-      log_error ("error seeking in '%s': %s\n", fname, strerror (errno));
+      err = gpg_error_from_syserror ();
      log_error ("error seeking in '%s': %s\n", fname, gpg_strerror (err));
      xfree (fname);
      es_fclose (fp);
-      return rc;
+      return err;
    }
  if (first != '(')
@ -742,69 +742,69 @@ read_key_file (const unsigned char *grip, gcry_sexp_t *result)
      nvc_t pk;
      int line;
-      rc = nvc_parse_private_key (&pk, &line, fp);
+      err = nvc_parse_private_key (&pk, &line, fp);
      es_fclose (fp);
-      if (rc)
+      if (err)
        log_error ("error parsing '%s' line %d: %s\n",
-                   fname, line, gpg_strerror (rc));
+                   fname, line, gpg_strerror (err));
      else
        {
-          rc = nvc_get_private_key (pk, result);
+          err = nvc_get_private_key (pk, result);
          nvc_release (pk);
-          if (rc)
+          if (err)
            log_error ("error getting private key from '%s': %s\n",
-                       fname, gpg_strerror (rc));
+                       fname, gpg_strerror (err));
        }
      xfree (fname);
-      return rc;
+      return err;
    }
  if (fstat (es_fileno (fp), &st))
    {
-      rc = gpg_error_from_syserror ();
+      err = gpg_error_from_syserror ();
-      log_error ("can't stat '%s': %s\n", fname, strerror (errno));
+      log_error ("can't stat '%s': %s\n", fname, gpg_strerror (err));
      xfree (fname);
      es_fclose (fp);
-      return rc;
+      return err;
    }
  buflen = st.st_size;
  buf = xtrymalloc (buflen+1);
  if (!buf)
    {
-      rc = gpg_error_from_syserror ();
+      err = gpg_error_from_syserror ();
      log_error ("error allocating %zu bytes for '%s': %s\n",
-                 buflen, fname, strerror (errno));
+                 buflen, fname, gpg_strerror (err));
      xfree (fname);
      es_fclose (fp);
      xfree (buf);
-      return rc;
+      return err;
    }
  if (es_fread (buf, buflen, 1, fp) != 1)
    {
-      rc = gpg_error_from_syserror ();
+      err = gpg_error_from_syserror ();
      log_error ("error reading %zu bytes from '%s': %s\n",
-                 buflen, fname, strerror (errno));
+                 buflen, fname, gpg_strerror (err));
      xfree (fname);
      es_fclose (fp);
      xfree (buf);
-      return rc;
+      return err;
    }
  /* Convert the file into a gcrypt S-expression object.  */
-  rc = gcry_sexp_sscan (&s_skey, &erroff, (char*)buf, buflen);
+  err = gcry_sexp_sscan (&s_skey, &erroff, (char*)buf, buflen);
  xfree (fname);
  es_fclose (fp);
  xfree (buf);
-  if (rc)
+  if (err)
    {
      log_error ("failed to build S-Exp (off=%u): %s\n",
-                 (unsigned int)erroff, gpg_strerror (rc));
+                 (unsigned int)erroff, gpg_strerror (err));
-      return rc;
+      return err;
    }
  *result = s_skey;
  return 0;
@ -852,7 +852,7 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
                     cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
                     gcry_sexp_t *result, char **r_passphrase)
 {
-  int rc;
+  gpg_error_t err;
  unsigned char *buf;
  size_t len, buflen, erroff;
  gcry_sexp_t s_skey;
@ -863,20 +863,20 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
  if (r_passphrase)
    *r_passphrase = NULL;
-  rc = read_key_file (grip, &s_skey);
+  err = read_key_file (grip, &s_skey);
-  if (rc)
+  if (err)
    {
-      if (gpg_err_code (rc) == GPG_ERR_ENOENT)
+      if (gpg_err_code (err) == GPG_ERR_ENOENT)
-        rc = gpg_error (GPG_ERR_NO_SECKEY);
+        err = gpg_error (GPG_ERR_NO_SECKEY);
-      return rc;
+      return err;
    }
  /* For use with the protection functions we also need the key as an
     canonical encoded S-expression in a buffer.  Create this buffer
     now.  */
-  rc = make_canon_sexp (s_skey, &buf, &len);
+  err = make_canon_sexp (s_skey, &buf, &len);
-  if (rc)
+  if (err)
-    return rc;
+    return err;
  switch (agent_private_key_type (buf))
    {
@ -887,10 +887,10 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
        unsigned char *buf_new;
        size_t buf_newlen;
-        rc = agent_unprotect (ctrl, buf, "", NULL, &buf_new, &buf_newlen);
+        err = agent_unprotect (ctrl, buf, "", NULL, &buf_new, &buf_newlen);
-        if (rc)
+        if (err)
          log_error ("failed to convert unprotected openpgp key: %s\n",
-                     gpg_strerror (rc));
+                     gpg_strerror (err));
        else
          {
            xfree (buf);
@ -917,17 +917,17 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
        desc_text_final = NULL;
 	if (desc_text)
-          rc = agent_modify_description (desc_text, comment, s_skey,
+          err = agent_modify_description (desc_text, comment, s_skey,
                                          &desc_text_final);
        gcry_free (comment);
-	if (!rc)
+	if (!err)
 	  {
-	    rc = unprotect (ctrl, cache_nonce, desc_text_final, &buf, grip,
+	    err = unprotect (ctrl, cache_nonce, desc_text_final, &buf, grip,
                            cache_mode, lookup_ttl, r_passphrase);
-	    if (rc)
+	    if (err)
 	      log_error ("failed to unprotect the secret key: %s\n",
-			 gpg_strerror (rc));
+			 gpg_strerror (err));
 	  }
 	xfree (desc_text_final);
@ -939,34 +939,34 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
          const unsigned char *s;
          size_t n;
-          rc = agent_get_shadow_info (buf, &s);
+          err = agent_get_shadow_info (buf, &s);
-          if (!rc)
+          if (!err)
            {
              n = gcry_sexp_canon_len (s, 0, NULL,NULL);
-              assert (n);
+              log_assert (n);
              *shadow_info = xtrymalloc (n);
              if (!*shadow_info)
-                rc = out_of_core ();
+                err = out_of_core ();
              else
                {
                  memcpy (*shadow_info, s, n);
-                  rc = 0;
+                  err = 0;
                }
            }
-          if (rc)
+          if (err)
-            log_error ("get_shadow_info failed: %s\n", gpg_strerror (rc));
+            log_error ("get_shadow_info failed: %s\n", gpg_strerror (err));
        }
      else
-        rc = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
+        err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
      break;
    default:
      log_error ("invalid private key format\n");
-      rc = gpg_error (GPG_ERR_BAD_SECKEY);
+      err = gpg_error (GPG_ERR_BAD_SECKEY);
      break;
    }
  gcry_sexp_release (s_skey);
  s_skey = NULL;
-  if (rc)
+  if (err)
    {
      xfree (buf);
      if (r_passphrase)
@ -974,23 +974,23 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
          xfree (*r_passphrase);
          *r_passphrase = NULL;
        }
-      return rc;
+      return err;
    }
  buflen = gcry_sexp_canon_len (buf, 0, NULL, NULL);
-  rc = gcry_sexp_sscan (&s_skey, &erroff, (char*)buf, buflen);
+  err = gcry_sexp_sscan (&s_skey, &erroff, (char*)buf, buflen);
  wipememory (buf, buflen);
  xfree (buf);
-  if (rc)
+  if (err)
    {
      log_error ("failed to build S-Exp (off=%u): %s\n",
-                 (unsigned int)erroff, gpg_strerror (rc));
+                 (unsigned int)erroff, gpg_strerror (err));
      if (r_passphrase)
        {
          xfree (*r_passphrase);
          *r_passphrase = NULL;
        }
-      return rc;
+      return err;
    }
  *result = s_skey;
--- a/agent/pksign.c
+++ b/agent/pksign.c
@ -271,26 +271,26 @@ do_encode_raw_pkcs1 (const byte *md, size_t mdlen, unsigned int nbits,
 /* SIGN whatever information we have accumulated in CTRL and return
-   the signature S-expression.  LOOKUP is an optional function to
+ * the signature S-expression.  LOOKUP is an optional function to
-   provide a way for lower layers to ask for the caching TTL.  If a
+ * provide a way for lower layers to ask for the caching TTL.  If a
-   CACHE_NONCE is given that cache item is first tried to get a
+ * CACHE_NONCE is given that cache item is first tried to get a
-   passphrase.  If OVERRIDEDATA is not NULL, OVERRIDEDATALEN bytes
+ * passphrase.  If OVERRIDEDATA is not NULL, OVERRIDEDATALEN bytes
-   from this buffer are used instead of the data in CTRL.  The
+ * from this buffer are used instead of the data in CTRL.  The
-   override feature is required to allow the use of Ed25519 with ssh
+ * override feature is required to allow the use of Ed25519 with ssh
-   because Ed25519 does the hashing itself.  */
+ * because Ed25519 does the hashing itself.  */
-int
+gpg_error_t
 agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
                 const char *desc_text,
 		 gcry_sexp_t *signature_sexp,
                 cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
                 const void *overridedata, size_t overridedatalen)
 {
  gpg_error_t err = 0;
  gcry_sexp_t s_skey = NULL;
  gcry_sexp_t s_sig  = NULL;
  gcry_sexp_t s_hash = NULL;
  gcry_sexp_t s_pkey = NULL;
  unsigned char *shadow_info = NULL;
  unsigned int rc = 0;		/* FIXME: gpg-error? */
  const unsigned char *data;
  int datalen;
  int check_signature = 0;
@ -309,12 +309,12 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
  if (!ctrl->have_keygrip)
    return gpg_error (GPG_ERR_NO_SECKEY);
-  rc = agent_key_from_file (ctrl, cache_nonce, desc_text, ctrl->keygrip,
+  err = agent_key_from_file (ctrl, cache_nonce, desc_text, ctrl->keygrip,
                             &shadow_info, cache_mode, lookup_ttl,
                             &s_skey, NULL);
-  if (rc)
+  if (err)
    {
-      if (gpg_err_code (rc) != GPG_ERR_NO_SECKEY)
+      if (gpg_err_code (err) != GPG_ERR_NO_SECKEY)
        log_error ("failed to read the secret key\n");
      goto leave;
    }
@ -329,8 +329,8 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
      int is_ECDSA = 0;
      int is_EdDSA = 0;
-      rc = agent_public_key_from_file (ctrl, ctrl->keygrip, &s_pkey);
+      err = agent_public_key_from_file (ctrl, ctrl->keygrip, &s_pkey);
-      if (rc)
+      if (err)
        {
          log_error ("failed to read the public key\n");
          goto leave;
@ -353,15 +353,15 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
        if (desc_text)
          agent_modify_description (desc_text, NULL, s_skey, &desc2);
-        rc = divert_pksign (ctrl, desc2? desc2 : desc_text,
+        err = divert_pksign (ctrl, desc2? desc2 : desc_text,
                             data, datalen,
                             ctrl->digest.algo,
                             shadow_info, &buf, &len);
        xfree (desc2);
      }
-      if (rc)
+      if (err)
        {
-          log_error ("smartcard signing failed: %s\n", gpg_strerror (rc));
+          log_error ("smartcard signing failed: %s\n", gpg_strerror (err));
          goto leave;
        }
@ -379,12 +379,12 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
              *buf = 0;
            }
-          rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%b)))",
+          err = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%b)))",
                                 (int)len, buf);
        }
      else if (is_EdDSA)
        {
-          rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(eddsa(r%b)(s%b)))",
+          err = gcry_sexp_build (&s_sig, NULL, "(sig-val(eddsa(r%b)(s%b)))",
                                 (int)len/2, buf, (int)len/2, buf + len/2);
        }
      else if (is_ECDSA)
@ -401,7 +401,10 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
              r_buflen++;
              r_buf_allocated = xtrymalloc (r_buflen);
              if (!r_buf_allocated)
                {
                  err = gpg_error_from_syserror ();
                  goto leave;
                }
              r_buf = r_buf_allocated;
              memcpy (r_buf + 1, buf, len/2);
@ -416,6 +419,7 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
              s_buf_allocated = xtrymalloc (s_buflen);
              if (!s_buf_allocated)
                {
                  err = gpg_error_from_syserror ();
                  xfree (r_buf_allocated);
                  goto leave;
                }
@ -427,20 +431,20 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
          else
            s_buf = buf + len/2;
-          rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(ecdsa(r%b)(s%b)))",
+          err = gcry_sexp_build (&s_sig, NULL, "(sig-val(ecdsa(r%b)(s%b)))",
                                 r_buflen, r_buf,
                                 s_buflen, s_buf);
          xfree (r_buf_allocated);
          xfree (s_buf_allocated);
        }
      else
-        rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+        err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
      xfree (buf);
-      if (rc)
+      if (err)
 	{
 	  log_error ("failed to convert sigbuf returned by divert_pksign "
-		     "into S-Exp: %s", gpg_strerror (rc));
+		     "into S-Exp: %s", gpg_strerror (err));
 	  goto leave;
 	}
    }
@ -451,27 +455,29 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
      /* Put the hash into a sexp */
      if (agent_is_eddsa_key (s_skey))
-        rc = do_encode_eddsa (data, datalen,
+        err = do_encode_eddsa (data, datalen,
                               &s_hash);
      else if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
-        rc = do_encode_raw_pkcs1 (data, datalen,
+        err = do_encode_raw_pkcs1 (data, datalen,
                                   gcry_pk_get_nbits (s_skey),
                                   &s_hash);
      else if ( (dsaalgo = agent_is_dsa_key (s_skey)) )
-        rc = do_encode_dsa (data, datalen,
+        err = do_encode_dsa (data, datalen,
                             dsaalgo, s_skey,
                             &s_hash);
      else
-        rc = do_encode_md (data, datalen,
+        err = do_encode_md (data, datalen,
                            ctrl->digest.algo,
                            &s_hash,
                            ctrl->digest.raw_value);
-      if (rc)
+      if (err)
        goto leave;
      if (dsaalgo == 0 && GCRYPT_VERSION_NUMBER < 0x010700)
        {
          /* It's RSA and Libgcrypt < 1.7 */
          check_signature = 1;
        }
      if (DBG_CRYPTO)
        {
@ -480,10 +486,10 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
        }
      /* sign */
-      rc = gcry_pk_sign (&s_sig, s_hash, s_skey);
+      err = gcry_pk_sign (&s_sig, s_hash, s_skey);
-      if (rc)
+      if (err)
        {
-          log_error ("signing failed: %s\n", gpg_strerror (rc));
+          log_error ("signing failed: %s\n", gpg_strerror (err));
          goto leave;
        }
@ -502,20 +508,20 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
      if (s_hash == NULL)
        {
          if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
-            rc = do_encode_raw_pkcs1 (data, datalen,
+            err = do_encode_raw_pkcs1 (data, datalen,
                                       gcry_pk_get_nbits (sexp_key), &s_hash);
          else
-            rc = do_encode_md (data, datalen, ctrl->digest.algo, &s_hash,
+            err = do_encode_md (data, datalen, ctrl->digest.algo, &s_hash,
                                ctrl->digest.raw_value);
        }
-      if (! rc)
+      if (!err)
-        rc = gcry_pk_verify (s_sig, s_hash, sexp_key);
+        err = gcry_pk_verify (s_sig, s_hash, sexp_key);
-      if (rc)
+      if (err)
        {
          log_error (_("checking created signature failed: %s\n"),
-                     gpg_strerror (rc));
+                     gpg_strerror (err));
          gcry_sexp_release (s_sig);
          s_sig = NULL;
        }
@ -530,37 +536,42 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
  gcry_sexp_release (s_hash);
  xfree (shadow_info);
-  return rc;
+  return err;
 }
 /* SIGN whatever information we have accumulated in CTRL and write it
-   back to OUTFP.  If a CACHE_NONCE is given that cache item is first
+ * back to OUTFP.  If a CACHE_NONCE is given that cache item is first
-   tried to get a passphrase.  */
+ * tried to get a passphrase.  */
-int
+gpg_error_t
 agent_pksign (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
              membuf_t *outbuf, cache_mode_t cache_mode)
 {
  gpg_error_t err;
  gcry_sexp_t s_sig = NULL;
  char *buf = NULL;
  size_t len = 0;
  int rc = 0;
-  rc = agent_pksign_do (ctrl, cache_nonce, desc_text, &s_sig, cache_mode, NULL,
+  err = agent_pksign_do (ctrl, cache_nonce, desc_text, &s_sig, cache_mode,
-                        NULL, 0);
+                         NULL, NULL, 0);
-  if (rc)
+  if (err)
    goto leave;
  len = gcry_sexp_sprint (s_sig, GCRYSEXP_FMT_CANON, NULL, 0);
-  assert (len);
+  log_assert (len);
-  buf = xmalloc (len);
+  buf = xtrymalloc (len);
  if (!buf)
    {
      err = gpg_error_from_syserror ();
      goto leave;
    }
  len = gcry_sexp_sprint (s_sig, GCRYSEXP_FMT_CANON, buf, len);
-  assert (len);
+  log_assert (len);
  put_membuf (outbuf, buf, len);
 leave:
  gcry_sexp_release (s_sig);
  xfree (buf);
-  return rc;
+  return err;
 }
--- a/agent/protect.c
+++ b/agent/protect.c
@ -238,7 +238,7 @@ get_standard_s2k_count_rfc4880 (void)
 /* Calculate the MIC for a private key or shared secret S-expression.
   SHA1HASH should point to a 20 byte buffer.  This function is
   suitable for all algorithms. */
-static int
+static gpg_error_t
 calculate_mic (const unsigned char *plainkey, unsigned char *sha1hash)
 {
  const unsigned char *hash_begin, *hash_end;
@ -728,7 +728,7 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
 /* Do the actual decryption and check the return list for consistency.  */
-static int
+static gpg_error_t
 do_decryption (const unsigned char *aad_begin, size_t aad_len,
               const unsigned char *aadhole_begin, size_t aadhole_len,
               const unsigned char *protected, size_t protectedlen,
@ -738,7 +738,7 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
               int prot_cipher, int prot_cipher_keylen, int is_ocb,
               unsigned char **result)
 {
-  int rc = 0;
+  int rc;
  int blklen;
  gcry_cipher_hd_t hd;
  unsigned char *outbuf;
@ -858,7 +858,7 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
 * CUTOFF and CUTLEN will receive the offset and the length of the
 * resulting list which should go into the MIC calculation but then be
 * removed.  */
-static int
+static gpg_error_t
 merge_lists (const unsigned char *protectedkey,
             size_t replacepos,
             const unsigned char *cleartext,
@ -1011,7 +1011,7 @@ merge_lists (const unsigned char *protectedkey,
 /* Unprotect the key encoded in canonical format.  We assume a valid
   S-Exp here.  If a protected-at item is available, its value will
   be stored at protected_at unless this is NULL.  */
-int
+gpg_error_t
 agent_unprotect (ctrl_t ctrl,
                 const unsigned char *protectedkey, const char *passphrase,
                 gnupg_isotime_t protected_at,
@ -1291,6 +1291,7 @@ agent_unprotect (ctrl_t ctrl,
  return 0;
 }
 /* Check the type of the private key, this is one of the constants:
   PRIVATE_KEY_UNKNOWN if we can't figure out the type (this is the
   value 0), PRIVATE_KEY_CLEAR for an unprotected private key.
@ -1549,7 +1550,7 @@ agent_shadow_key (const unsigned char *pubkey,
 /* Parse a canonical encoded shadowed key and return a pointer to the
   inner list with the shadow_info */
-int
+gpg_error_t
 agent_get_shadow_info (const unsigned char *shadowkey,
                       unsigned char const **shadow_info)
 {