From 9ee975d588ee99550917e3d459dd6f79057f5c30 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 8 Jul 2020 14:40:34 +0200 Subject: [PATCH] gpgsm: Replace all assert calls by log_assert. -- Signed-off-by: Werner Koch --- sm/call-agent.c | 5 ++--- sm/call-dirmngr.c | 5 ++--- sm/certchain.c | 1 - sm/certcheck.c | 5 ++--- sm/certdump.c | 5 ++--- sm/certlist.c | 1 - sm/certreqgen-ui.c | 1 - sm/certreqgen.c | 11 +++++++---- sm/decrypt.c | 3 +-- sm/delete.c | 1 - sm/encrypt.c | 1 - sm/export.c | 1 - sm/fingerprint.c | 13 ++++++------- sm/import.c | 1 - sm/keylist.c | 3 +-- sm/minip12.c | 7 +++---- sm/qualified.c | 3 +-- sm/sign.c | 3 +-- sm/verify.c | 3 +-- 19 files changed, 29 insertions(+), 44 deletions(-) diff --git a/sm/call-agent.c b/sm/call-agent.c index ec8020517..9287091bc 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -25,7 +25,6 @@ #include #include #include -#include #ifdef HAVE_LOCALE_H #include #endif @@ -480,7 +479,7 @@ gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc, if (rc) return rc; - assert (gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL)); + log_assert (gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL)); return 0; } @@ -542,7 +541,7 @@ gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, if (rc) return rc; - assert ( DIM(line) >= 50 ); + log_assert ( DIM(line) >= 50 ); snprintf (line, DIM(line), "SETKEY %s", keygrip); rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c index d9083c9c9..c9ec8f1e7 100644 --- a/sm/call-dirmngr.c +++ b/sm/call-dirmngr.c @@ -25,7 +25,6 @@ #include #include #include -#include #include #include "gpgsm.h" @@ -283,7 +282,7 @@ start_dirmngr (ctrl_t ctrl) { gpg_error_t err; - assert (! dirmngr_ctx_locked); + log_assert (! dirmngr_ctx_locked); dirmngr_ctx_locked = 1; err = start_dirmngr_ext (ctrl, &dirmngr_ctx); @@ -313,7 +312,7 @@ start_dirmngr2 (ctrl_t ctrl) { gpg_error_t err; - assert (! dirmngr2_ctx_locked); + log_assert (! dirmngr2_ctx_locked); dirmngr2_ctx_locked = 1; err = start_dirmngr_ext (ctrl, &dirmngr2_ctx); diff --git a/sm/certchain.c b/sm/certchain.c index 1555a84a7..d92b2e833 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -26,7 +26,6 @@ #include #include #include -#include #include "gpgsm.h" #include diff --git a/sm/certcheck.c b/sm/certcheck.c index 450e589bb..fca45759b 100644 --- a/sm/certcheck.c +++ b/sm/certcheck.c @@ -27,7 +27,6 @@ #include #include #include -#include #include "gpgsm.h" #include @@ -169,12 +168,12 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits, frame[n++] = 0; frame[n++] = 1; /* block type */ i = nframe - len - asnlen -3 ; - assert ( i > 1 ); + log_assert ( i > 1 ); memset ( frame+n, 0xff, i ); n += i; frame[n++] = 0; memcpy ( frame+n, asn, asnlen ); n += asnlen; memcpy ( frame+n, gcry_md_read(md, algo), len ); n += len; - assert ( n == nframe ); + log_assert ( n == nframe ); } if (DBG_CRYPTO) { diff --git a/sm/certdump.c b/sm/certdump.c index 62451ba95..ae257d232 100644 --- a/sm/certdump.c +++ b/sm/certdump.c @@ -24,7 +24,6 @@ #include #include #include -#include #ifdef HAVE_LOCALE_H #include #endif @@ -654,7 +653,7 @@ pretty_es_print_sexp (estream_t fp, const unsigned char *buf, size_t buflen) return; } len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0); - assert (len); + log_assert (len); result = xtrymalloc (len); if (!result) { @@ -663,7 +662,7 @@ pretty_es_print_sexp (estream_t fp, const unsigned char *buf, size_t buflen) return; } len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, result, len); - assert (len); + log_assert (len); for (p = result; len; len--, p++) { if (*p == '\n') diff --git a/sm/certlist.c b/sm/certlist.c index b3d113bfd..95666dc8f 100644 --- a/sm/certlist.c +++ b/sm/certlist.c @@ -25,7 +25,6 @@ #include #include #include -#include #include "gpgsm.h" #include diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c index e508079b4..6ea481529 100644 --- a/sm/certreqgen-ui.c +++ b/sm/certreqgen-ui.c @@ -24,7 +24,6 @@ #include #include #include -#include #include "gpgsm.h" #include diff --git a/sm/certreqgen.c b/sm/certreqgen.c index 27a6a3458..75343385d 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -59,7 +59,6 @@ #include #include #include -#include #include "gpgsm.h" #include @@ -448,7 +447,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para, char *cardkeyid = NULL; /* Check that we have all required parameters; */ - assert (get_parameter (para, pKEYTYPE, 0)); + log_assert (get_parameter (para, pKEYTYPE, 0)); /* There is a problem with pkcs-10 on how to use ElGamal because it is expected that a PK algorithm can always be used for @@ -915,7 +914,7 @@ create_request (ctrl_t ctrl, for (seq=0; (s = get_parameter_value (para, pNAMEDNS, seq)); seq++) { len = strlen (s); - assert (len); + log_assert (len); snprintf (numbuf, DIM(numbuf), "%u:", (unsigned int)len); buf = p = xtrymalloc (11 + strlen (numbuf) + len + 3); if (!buf) @@ -942,7 +941,7 @@ create_request (ctrl_t ctrl, for (seq=0; (s = get_parameter_value (para, pNAMEURI, seq)); seq++) { len = strlen (s); - assert (len); + log_assert (len); snprintf (numbuf, DIM(numbuf), "%u:", (unsigned int)len); buf = p = xtrymalloc (6 + strlen (numbuf) + len + 3); if (!buf) @@ -1322,6 +1321,10 @@ create_request (ctrl_t ctrl, size_t qlen, derlen; unsigned char *der; + /* FIXME: This assumes that the to-be-certified key uses the + * same algorithm as the certification key - this is not + * always the case; in fact it is common that they + * differ. */ err = get_ecc_q_from_canon_sexp (sigkey, sigkeylen, &q, &qlen); if (err) { diff --git a/sm/decrypt.c b/sm/decrypt.c index e79da570d..af9c2d684 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -27,7 +27,6 @@ #include #include #include -#include #include "gpgsm.h" #include @@ -594,7 +593,7 @@ decrypt_filter (void *arg, *inused = inlen + parm->helpblocklen; if (inlen) { - assert (inlen >= blklen); + log_assert (inlen >= blklen); if (parm->any_data) { gcry_cipher_decrypt (parm->hd, (char*)outbuf+blklen, inlen, diff --git a/sm/delete.c b/sm/delete.c index b370406de..9ba3fa137 100644 --- a/sm/delete.c +++ b/sm/delete.c @@ -24,7 +24,6 @@ #include #include #include -#include #include "gpgsm.h" #include diff --git a/sm/encrypt.c b/sm/encrypt.c index be4f19fef..449b3b4f8 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -28,7 +28,6 @@ #include #include #include -#include #include "gpgsm.h" #include diff --git a/sm/export.c b/sm/export.c index 50489304a..115d79b9e 100644 --- a/sm/export.c +++ b/sm/export.c @@ -24,7 +24,6 @@ #include #include #include -#include #include "gpgsm.h" #include diff --git a/sm/fingerprint.c b/sm/fingerprint.c index c3c37c2d6..70ca0e9ab 100644 --- a/sm/fingerprint.c +++ b/sm/fingerprint.c @@ -24,7 +24,6 @@ #include #include #include -#include #include "gpgsm.h" @@ -55,7 +54,7 @@ gpgsm_get_fingerprint (ksba_cert_t cert, int algo, algo = GCRY_MD_SHA1; len = gcry_md_get_algo_dlen (algo); - assert (len); + log_assert (len); if (!array) array = xmalloc (len); @@ -67,7 +66,7 @@ gpgsm_get_fingerprint (ksba_cert_t cert, int algo, { size_t buflen; - assert (len >= 20); + log_assert (len >= 20); if (!ksba_cert_get_user_data (cert, "sha1-fingerprint", array, len, &buflen) && buflen == 20) @@ -115,7 +114,7 @@ gpgsm_get_fingerprint_string (ksba_cert_t cert, int algo) algo = GCRY_MD_SHA1; len = gcry_md_get_algo_dlen (algo); - assert (len <= MAX_DIGEST_LEN ); + log_assert (len <= MAX_DIGEST_LEN ); gpgsm_get_fingerprint (cert, algo, digest, NULL); buf = xmalloc (len*3+1); bin2hexcolon (digest, len, buf); @@ -135,7 +134,7 @@ gpgsm_get_fingerprint_hexstring (ksba_cert_t cert, int algo) algo = GCRY_MD_SHA1; len = gcry_md_get_algo_dlen (algo); - assert (len <= MAX_DIGEST_LEN ); + log_assert (len <= MAX_DIGEST_LEN ); gpgsm_get_fingerprint (cert, algo, digest, NULL); buf = xmalloc (len*2+1); bin2hex (digest, len, buf); @@ -307,8 +306,8 @@ gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits) } -/* This is a wrapper around pubkey_algo_string which takesa KSA - * certitificate instead of a Gcrypt public key. Note that this +/* This is a wrapper around pubkey_algo_string which takes a KSBA + * certificate instead of a Gcrypt public key. Note that this * function may return NULL on error. */ char * gpgsm_pubkey_algo_string (ksba_cert_t cert, int *r_algoid) diff --git a/sm/import.c b/sm/import.c index 3f4d192c2..a4dd671f8 100644 --- a/sm/import.c +++ b/sm/import.c @@ -23,7 +23,6 @@ #include #include #include -#include #include #include "gpgsm.h" diff --git a/sm/keylist.c b/sm/keylist.c index 39ae8e0f4..1a47be084 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -25,7 +25,6 @@ #include #include #include -#include #include "gpgsm.h" @@ -1282,7 +1281,7 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret, { if (!cert_der) cert_der = ksba_cert_get_image (cert, NULL); - assert (cert_der); + log_assert (cert_der); es_fputs (" restriction: ", fp); print_utf8_extn (fp, 15, cert_der+off, len); } diff --git a/sm/minip12.c b/sm/minip12.c index 1e8a49eb5..26d77f426 100644 --- a/sm/minip12.c +++ b/sm/minip12.c @@ -32,7 +32,6 @@ #include #include #include -#include #include #include @@ -491,7 +490,7 @@ set_key_iv (gcry_cipher_hd_t chd, char *salt, size_t saltlen, int iter, unsigned char keybuf[24]; int rc; - assert (keybytes == 5 || keybytes == 24); + log_assert (keybytes == 5 || keybytes == 24); if (string_to_key (1, salt, saltlen, iter, pw, keybytes, keybuf)) return -1; rc = gcry_cipher_setkey (chd, keybuf, keybytes); @@ -2163,7 +2162,7 @@ build_rsa_key_sequence (gcry_mpi_t *kparms, int mode, size_t *r_length) } plainlen = p - plain; - assert (needed == plainlen); + log_assert (needed == plainlen); if (!mode) { @@ -2567,7 +2566,7 @@ build_cert_sequence (const unsigned char *buffer, size_t buflen, size_t certseqlen; int i; - assert (strlen (keyidstr) == 8); + log_assert (strlen (keyidstr) == 8); /* Walk 8 steps down to collect the info: */ diff --git a/sm/qualified.c b/sm/qualified.c index 70d03aed3..a1d6fe9bf 100644 --- a/sm/qualified.c +++ b/sm/qualified.c @@ -22,7 +22,6 @@ #include #include #include -#include #include #include "gpgsm.h" @@ -106,7 +105,7 @@ read_list (char *key, char *country, int *lnr) listname, *lnr); return gpg_error (GPG_ERR_BAD_DATA); } - assert (p[i]); + log_assert (p[i]); i++; while (spacep (p+i)) i++; diff --git a/sm/sign.c b/sm/sign.c index 0b1266200..8a65d58c1 100644 --- a/sm/sign.c +++ b/sm/sign.c @@ -25,7 +25,6 @@ #include #include #include -#include #include "gpgsm.h" #include @@ -808,7 +807,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, unsigned char *digest; size_t digest_len; - assert (!detached); + log_assert (!detached); rc = hash_and_copy_data (data_fd, data_md, writer); if (rc) diff --git a/sm/verify.c b/sm/verify.c index 824767bef..e95734770 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -28,7 +28,6 @@ #include #include #include -#include #include "gpgsm.h" #include @@ -363,7 +362,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) } else if (gpg_err_code (rc) == GPG_ERR_NO_DATA) { - assert (!msgdigest); + log_assert (!msgdigest); rc = 0; algoid = NULL; algo = 0;