mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Make use of libgpg-error
This commit is contained in:
parent
7c9855aaa2
commit
c3cdaeeff7
@ -1,3 +1,14 @@
|
||||
2003-06-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Changed all error codes in all files to the new libgpg-error scheme.
|
||||
|
||||
* agent.h: Include gpg-error.h and errno.h
|
||||
* Makefile.am: Link with libgpg-error
|
||||
|
||||
* query.c: assuan.h is now a system header.
|
||||
* genkey.c (agent_genkey): Fixed silly use of xmalloc by
|
||||
xtrymalloc.
|
||||
|
||||
2003-04-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* command.c (register_commands): Adjusted for new Assuan semantics.
|
||||
|
@ -46,7 +46,7 @@ gpg_agent_SOURCES = \
|
||||
|
||||
|
||||
gpg_agent_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \
|
||||
$(LIBGCRYPT_LIBS) $(PTH_LIBS) $(LIBASSUAN_LIBS)
|
||||
$(LIBGCRYPT_LIBS) $(PTH_LIBS) $(LIBASSUAN_LIBS) -lgpg-error
|
||||
|
||||
gpg_protect_tool_SOURCES = \
|
||||
protect-tool.c \
|
||||
@ -55,8 +55,6 @@ gpg_protect_tool_SOURCES = \
|
||||
simple-pwquery.c simple-pwquery.h
|
||||
|
||||
gpg_protect_tool_LDADD = ../jnlib/libjnlib.a \
|
||||
../common/libcommon.a $(LIBGCRYPT_LIBS)
|
||||
|
||||
|
||||
../common/libcommon.a $(LIBGCRYPT_LIBS) -lgpg-error
|
||||
|
||||
|
||||
|
@ -21,10 +21,25 @@
|
||||
#ifndef AGENT_H
|
||||
#define AGENT_H
|
||||
|
||||
#ifdef GPG_ERR_SOURCE_DEFAULT
|
||||
#error GPG_ERR_SOURCE_DEFAULT already defined
|
||||
#endif
|
||||
#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GPGAGENT
|
||||
#include <gpg-error.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <gcrypt.h>
|
||||
#include "../common/util.h"
|
||||
#include "../common/errors.h"
|
||||
|
||||
/* Convenience function to be used instead of returning the old
|
||||
GNUPG_Out_Of_Core. */
|
||||
static __inline__ gpg_error_t
|
||||
out_of_core (void)
|
||||
{
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
#define MAX_DIGEST_LEN 24
|
||||
|
||||
/* A large struct name "opt" to keep global flags */
|
||||
|
@ -38,7 +38,7 @@
|
||||
#endif
|
||||
|
||||
#include "agent.h"
|
||||
#include "../assuan/assuan.h"
|
||||
#include <assuan.h>
|
||||
|
||||
#ifdef _POSIX_OPEN_MAX
|
||||
#define MAX_OPEN_FDS _POSIX_OPEN_MAX
|
||||
@ -144,7 +144,7 @@ unlock_scd (int rc)
|
||||
{
|
||||
log_error ("failed to release the SCD lock\n");
|
||||
if (!rc)
|
||||
rc = GNUPG_Internal_Error;
|
||||
rc = gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
#endif
|
||||
return rc;
|
||||
@ -165,7 +165,7 @@ start_scd (void)
|
||||
if (!pth_mutex_acquire (&scd_lock, 0, NULL))
|
||||
{
|
||||
log_error ("failed to acquire the SCD lock\n");
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -179,8 +179,9 @@ start_scd (void)
|
||||
|
||||
if (fflush (NULL))
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error flushing pending output: %s\n", strerror (errno));
|
||||
return unlock_scd (seterr (Write_Error));
|
||||
return unlock_scd (tmperr);
|
||||
}
|
||||
|
||||
if (!opt.scdaemon_program || !*opt.scdaemon_program)
|
||||
@ -210,7 +211,7 @@ start_scd (void)
|
||||
{
|
||||
log_error ("can't connect to the SCdaemon: %s\n",
|
||||
assuan_strerror (rc));
|
||||
return unlock_scd (seterr (No_Scdaemon));
|
||||
return unlock_scd (gpg_error (GPG_ERR_NO_SCDAEMON));
|
||||
}
|
||||
scd_ctx = ctx;
|
||||
|
||||
@ -410,7 +411,7 @@ agent_card_pksign (const char *keyid,
|
||||
return rc;
|
||||
|
||||
if (indatalen*2 + 50 > DIM(line))
|
||||
return unlock_scd (seterr (General_Error));
|
||||
return unlock_scd (gpg_error (GPG_ERR_GENERAL));
|
||||
|
||||
sprintf (line, "SETDATA ");
|
||||
p = line + strlen (line);
|
||||
@ -443,8 +444,9 @@ agent_card_pksign (const char *keyid,
|
||||
*r_buf = xtrymalloc (*r_buflen);
|
||||
if (!*r_buf)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
xfree (*r_buf);
|
||||
return unlock_scd (GNUPG_Out_Of_Core);
|
||||
return unlock_scd (tmperr);
|
||||
}
|
||||
p = stpcpy (*r_buf, "(7:sig-val(3:rsa(1:s" );
|
||||
sprintf (p, "%u:", (unsigned int)sigbuflen);
|
||||
@ -479,7 +481,7 @@ agent_card_pkdecrypt (const char *keyid,
|
||||
|
||||
/* FIXME: use secure memory where appropriate */
|
||||
if (indatalen*2 + 50 > DIM(line))
|
||||
return unlock_scd (seterr (General_Error));
|
||||
return unlock_scd (gpg_error (GPG_ERR_GENERAL));
|
||||
|
||||
sprintf (line, "SETDATA ");
|
||||
p = line + strlen (line);
|
||||
@ -506,7 +508,7 @@ agent_card_pkdecrypt (const char *keyid,
|
||||
}
|
||||
*r_buf = get_membuf (&data, r_buflen);
|
||||
if (!*r_buf)
|
||||
return unlock_scd (GNUPG_Out_Of_Core);
|
||||
return unlock_scd (gpg_error (GPG_ERR_ENOMEM));
|
||||
|
||||
return unlock_scd (0);
|
||||
}
|
||||
@ -541,7 +543,7 @@ agent_card_readcert (const char *id, char **r_buf, size_t *r_buflen)
|
||||
}
|
||||
*r_buf = get_membuf (&data, r_buflen);
|
||||
if (!*r_buf)
|
||||
return unlock_scd (GNUPG_Out_Of_Core);
|
||||
return unlock_scd (gpg_error (GPG_ERR_ENOMEM));
|
||||
|
||||
return unlock_scd (0);
|
||||
}
|
||||
@ -577,12 +579,12 @@ agent_card_readkey (const char *id, unsigned char **r_buf)
|
||||
}
|
||||
*r_buf = get_membuf (&data, &buflen);
|
||||
if (!*r_buf)
|
||||
return unlock_scd (GNUPG_Out_Of_Core);
|
||||
return unlock_scd (gpg_error (GPG_ERR_ENOMEM));
|
||||
|
||||
if (!gcry_sexp_canon_len (*r_buf, buflen, NULL, NULL))
|
||||
{
|
||||
xfree (*r_buf); *r_buf = NULL;
|
||||
return unlock_scd (GNUPG_Invalid_Value);
|
||||
return unlock_scd (gpg_error (GPG_ERR_INV_VALUE));
|
||||
}
|
||||
|
||||
return unlock_scd (0);
|
||||
|
@ -559,11 +559,11 @@ cmd_passwd (ASSUAN_CONTEXT ctx, char *line)
|
||||
|
||||
s_skey = agent_key_from_file (ctrl, grip, &shadow_info, 1);
|
||||
if (!s_skey && !shadow_info)
|
||||
rc = seterr (No_Secret_Key);
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
else if (!s_skey)
|
||||
{
|
||||
log_error ("changing a smartcard PIN is not yet supported\n");
|
||||
rc = seterr (Not_Implemented);
|
||||
rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
|
||||
}
|
||||
else
|
||||
rc = agent_protect_and_store (ctrl, s_skey);
|
||||
|
@ -48,14 +48,14 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid)
|
||||
*r_kid = NULL;
|
||||
s = shadow_info;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
want_sn = xtrymalloc (n*2+1);
|
||||
if (!want_sn)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
for (i=0; i < n; i++)
|
||||
sprintf (want_sn+2*i, "%02X", s[i]);
|
||||
s += n;
|
||||
@ -68,12 +68,13 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid)
|
||||
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
want_kid = xtrymalloc (n+1);
|
||||
if (!want_kid)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
xfree (want_sn);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
memcpy (want_kid, s, n);
|
||||
want_kid[n] = 0;
|
||||
@ -94,7 +95,7 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid)
|
||||
return 0; /* yes, we have the correct card */
|
||||
}
|
||||
}
|
||||
else if (rc == GNUPG_Card_Not_Present)
|
||||
else if (gpg_err_code (rc) == GPG_ERR_CARD_NOT_PRESENT)
|
||||
{
|
||||
log_debug ("no card present\n");
|
||||
rc = 0;
|
||||
@ -115,7 +116,7 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid)
|
||||
"insert the one with serial number",
|
||||
want_sn_displen, want_sn) < 0)
|
||||
{
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -146,12 +147,12 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
|
||||
if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
|
||||
{
|
||||
log_error ("no object identifier for algo %d\n", algo);
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
|
||||
frame = xtrymalloc (asnlen + digestlen);
|
||||
if (!frame)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
memcpy (frame, asn, asnlen);
|
||||
memcpy (frame+asnlen, digest, digestlen);
|
||||
if (DBG_CRYPTO)
|
||||
@ -177,7 +178,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
|
||||
CTRL ctrl = opaque;
|
||||
|
||||
if (maxbuf < 2)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
|
||||
|
||||
/* FIXME: keep PI and TRIES in OPAQUE. Frankly this is a whole
|
||||
@ -260,32 +261,32 @@ divert_pkdecrypt (CTRL ctrl,
|
||||
|
||||
s = cipher;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "enc-val"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "rsa"))
|
||||
return GNUPG_Unsupported_Algorithm;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "a"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
ciphertext = s;
|
||||
ciphertextlen = n;
|
||||
|
||||
|
@ -64,7 +64,7 @@ agent_write_private_key (const unsigned char *grip,
|
||||
{
|
||||
log_error ("secret key file `%s' already exists\n", fname);
|
||||
xfree (fname);
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
/* We would like to create FNAME but only if it does not already
|
||||
@ -82,32 +82,39 @@ agent_write_private_key (const unsigned char *grip,
|
||||
else
|
||||
{
|
||||
fp = fdopen (fd, "wb");
|
||||
if (! fp)
|
||||
close (fd);
|
||||
if (!fp)
|
||||
{
|
||||
int save_e = errno;
|
||||
close (fd);
|
||||
errno = save_e;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!fp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("can't create `%s': %s\n", fname, strerror (errno));
|
||||
xfree (fname);
|
||||
return seterr (File_Create_Error);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
if (fwrite (buffer, length, 1, fp) != 1)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error writing `%s': %s\n", fname, strerror (errno));
|
||||
fclose (fp);
|
||||
remove (fname);
|
||||
xfree (fname);
|
||||
return seterr (File_Create_Error);
|
||||
return tmperr;
|
||||
}
|
||||
if ( fclose (fp) )
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error closing `%s': %s\n", fname, strerror (errno));
|
||||
remove (fname);
|
||||
xfree (fname);
|
||||
return seterr (File_Create_Error);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
xfree (fname);
|
||||
@ -291,7 +298,7 @@ agent_key_from_file (CTRL ctrl,
|
||||
assert (n);
|
||||
*shadow_info = xtrymalloc (n);
|
||||
if (!*shadow_info)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
else
|
||||
{
|
||||
memcpy (*shadow_info, s, n);
|
||||
@ -306,7 +313,7 @@ agent_key_from_file (CTRL ctrl,
|
||||
break;
|
||||
default:
|
||||
log_error ("invalid private key format\n");
|
||||
rc = GNUPG_Bad_Secret_Key;
|
||||
rc = gpg_error (GPG_ERR_BAD_SECKEY);
|
||||
break;
|
||||
}
|
||||
if (rc)
|
||||
|
@ -40,14 +40,14 @@ store_key (GCRY_SEXP private, const char *passphrase, int force)
|
||||
if ( !gcry_pk_get_keygrip (private, grip) )
|
||||
{
|
||||
log_error ("can't calculate keygrip\n");
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
len = gcry_sexp_sprint (private, GCRYSEXP_FMT_CANON, NULL, 0);
|
||||
assert (len);
|
||||
buf = gcry_malloc_secure (len);
|
||||
if (!buf)
|
||||
return seterr (Out_Of_Core);
|
||||
return out_of_core ();
|
||||
len = gcry_sexp_sprint (private, GCRYSEXP_FMT_CANON, buf, len);
|
||||
assert (len);
|
||||
|
||||
@ -101,7 +101,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to convert keyparam: %s\n", gcry_strerror (rc));
|
||||
return seterr (Invalid_Data);
|
||||
return gpg_error (GPG_ERR_INVALID_DATA);
|
||||
}
|
||||
|
||||
/* Get the passphrase now, cause key generation may take a while. */
|
||||
@ -147,7 +147,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
|
||||
log_error ("key generation failed: invalid return value\n");
|
||||
gcry_sexp_release (s_key);
|
||||
xfree (pi);
|
||||
return seterr (Invalid_Data);
|
||||
return gpg_error (GPG_ERR_INVALID_DATA);
|
||||
}
|
||||
s_public = gcry_sexp_find_token (s_key, "public-key", 0);
|
||||
if (!s_public)
|
||||
@ -156,7 +156,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
|
||||
gcry_sexp_release (s_private);
|
||||
gcry_sexp_release (s_key);
|
||||
xfree (pi);
|
||||
return seterr (Invalid_Data);
|
||||
return gpg_error (GPG_ERR_INVALID_DATA);
|
||||
}
|
||||
gcry_sexp_release (s_key); s_key = NULL;
|
||||
|
||||
@ -175,22 +175,24 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
|
||||
log_debug ("returning public key\n");
|
||||
len = gcry_sexp_sprint (s_public, GCRYSEXP_FMT_CANON, NULL, 0);
|
||||
assert (len);
|
||||
buf = xmalloc (len);
|
||||
buf = xtrymalloc (len);
|
||||
if (!buf)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
gcry_sexp_release (s_private);
|
||||
gcry_sexp_release (s_public);
|
||||
return seterr (Out_Of_Core);
|
||||
return tmperr;
|
||||
}
|
||||
len = gcry_sexp_sprint (s_public, GCRYSEXP_FMT_CANON, buf, len);
|
||||
assert (len);
|
||||
if (fwrite (buf, len, 1, outfp) != 1)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error writing public key: %s\n", strerror (errno));
|
||||
gcry_sexp_release (s_private);
|
||||
gcry_sexp_release (s_public);
|
||||
xfree (buf);
|
||||
return seterr (File_Create_Error);
|
||||
return tmperr;
|
||||
}
|
||||
gcry_sexp_release (s_public);
|
||||
xfree (buf);
|
||||
|
@ -29,7 +29,7 @@
|
||||
#include <sys/stat.h>
|
||||
|
||||
#include "agent.h"
|
||||
#include "../assuan/assuan.h"
|
||||
#include <assuan.h>
|
||||
|
||||
struct keypair_info_s {
|
||||
struct keypair_info_s *next;
|
||||
@ -97,7 +97,7 @@ kpinfo_cb (void *opaque, const char *line)
|
||||
item = xtrycalloc (1, sizeof *item + strlen (line));
|
||||
if (!item)
|
||||
{
|
||||
parm->error = GNUPG_Out_Of_Core;
|
||||
parm->error = out_of_core ();
|
||||
return;
|
||||
}
|
||||
strcpy (item->hexgrip, line);
|
||||
@ -110,7 +110,7 @@ kpinfo_cb (void *opaque, const char *line)
|
||||
}
|
||||
else if ((p - item->hexgrip) != 40 || !spacep (p))
|
||||
{ /* not a 20 byte hex keygrip or not followed by a space */
|
||||
parm->error = GNUPG_Invalid_Response;
|
||||
parm->error = gpg_error (GPG_ERR_INVALID_RESPONSE);
|
||||
xfree (item);
|
||||
return;
|
||||
}
|
||||
@ -122,7 +122,7 @@ kpinfo_cb (void *opaque, const char *line)
|
||||
p++;
|
||||
if (p == item->id)
|
||||
{ /* invalid ID string */
|
||||
parm->error = GNUPG_Invalid_Response;
|
||||
parm->error = gpg_error (GPG_ERR_INVALID_RESPONSE);
|
||||
xfree (item);
|
||||
return;
|
||||
}
|
||||
@ -154,7 +154,7 @@ certinfo_cb (void *opaque, const char *line)
|
||||
;
|
||||
if (p == pend || !*p)
|
||||
{
|
||||
parm->error = GNUPG_Invalid_Response;
|
||||
parm->error = gpg_error (GPG_ERR_INVALID_RESPONSE);
|
||||
return;
|
||||
}
|
||||
*pend = 0; /* ignore trailing stuff */
|
||||
@ -162,7 +162,7 @@ certinfo_cb (void *opaque, const char *line)
|
||||
item = xtrycalloc (1, sizeof *item + strlen (p));
|
||||
if (!item)
|
||||
{
|
||||
parm->error = GNUPG_Out_Of_Core;
|
||||
parm->error = out_of_core ();
|
||||
return;
|
||||
}
|
||||
item->type = type;
|
||||
@ -323,7 +323,7 @@ agent_handle_learn (void *assuan_context)
|
||||
unsigned char *shadow_info = make_shadow_info (serialno, item->id);
|
||||
if (!shadow_info)
|
||||
{
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
xfree (pubkey);
|
||||
goto leave;
|
||||
}
|
||||
|
@ -47,7 +47,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
|
||||
if (!ctrl->have_keygrip)
|
||||
{
|
||||
log_error ("speculative decryption not yet supported\n");
|
||||
rc = seterr (No_Secret_Key);
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -55,7 +55,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to convert ciphertext: %s\n", gcry_strerror (rc));
|
||||
rc = seterr (Invalid_Data);
|
||||
rc = gpg_error (GPG_ERR_INV_DATA);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -68,7 +68,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
|
||||
if (!s_skey && !shadow_info)
|
||||
{
|
||||
log_error ("failed to read the secret key\n");
|
||||
rc = seterr (No_Secret_Key);
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -77,7 +77,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
|
||||
|
||||
if (!gcry_sexp_canon_len (ciphertext, ciphertextlen, NULL, NULL))
|
||||
{
|
||||
rc = GNUPG_Invalid_Sexp;
|
||||
rc = gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
|
@ -45,14 +45,14 @@ do_encode_md (const unsigned char *digest, size_t digestlen, int algo,
|
||||
if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
|
||||
{
|
||||
log_error ("no object identifier for algo %d\n", algo);
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
|
||||
if (digestlen + asnlen + 4 > nframe )
|
||||
{
|
||||
log_error ("can't encode a %d bit MD into a %d bits frame\n",
|
||||
(int)(digestlen*8), (int)nbits);
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
|
||||
/* We encode the MD in this way:
|
||||
@ -63,7 +63,7 @@ do_encode_md (const unsigned char *digest, size_t digestlen, int algo,
|
||||
*/
|
||||
frame = xtrymalloc (nframe);
|
||||
if (!frame)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
n = 0;
|
||||
frame[n++] = 0;
|
||||
frame[n++] = 1; /* block type */
|
||||
@ -96,14 +96,14 @@ agent_pksign (CTRL ctrl, FILE *outfp, int ignore_cache)
|
||||
size_t len;
|
||||
|
||||
if (!ctrl->have_keygrip)
|
||||
return seterr (No_Secret_Key);
|
||||
return gpg_error (GPG_ERR_NO_SECKEY);
|
||||
|
||||
s_skey = agent_key_from_file (ctrl,
|
||||
ctrl->keygrip, &shadow_info, ignore_cache);
|
||||
if (!s_skey && !shadow_info)
|
||||
{
|
||||
log_error ("failed to read the secret key\n");
|
||||
rc = seterr (No_Secret_Key);
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
|
172
agent/protect.c
172
agent/protect.c
@ -68,20 +68,20 @@ calculate_mic (const unsigned char *plainkey, unsigned char *sha1hash)
|
||||
|
||||
s = plainkey;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "private-key"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
hash_begin = s;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n; /* skip over the algorithm name */
|
||||
|
||||
while (*s == '(')
|
||||
@ -89,18 +89,18 @@ calculate_mic (const unsigned char *plainkey, unsigned char *sha1hash)
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n;
|
||||
if ( *s != ')' )
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
}
|
||||
if (*s != ')')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
hash_end = s;
|
||||
|
||||
@ -164,13 +164,13 @@ do_encryption (const char *protbegin, size_t protlen,
|
||||
enclen = outlen/blklen * blklen;
|
||||
outbuf = gcry_malloc_secure (outlen);
|
||||
if (!outbuf)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
if (!rc)
|
||||
{
|
||||
/* allocate random bytes to be used as IV, padding and s2k salt*/
|
||||
iv = gcry_random_bytes (blklen*2+8, GCRY_WEAK_RANDOM);
|
||||
if (!iv)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
else
|
||||
rc = gcry_cipher_setiv (hd, iv, blklen);
|
||||
}
|
||||
@ -181,7 +181,7 @@ do_encryption (const char *protbegin, size_t protlen,
|
||||
|
||||
key = gcry_malloc_secure (keylen);
|
||||
if (!key)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
else
|
||||
{
|
||||
rc = hash_passphrase (passphrase, GCRY_MD_SHA1,
|
||||
@ -232,7 +232,7 @@ do_encryption (const char *protbegin, size_t protlen,
|
||||
blklen, &ivpos, blklen, "",
|
||||
enclen, &encpos, enclen, "");
|
||||
if (p)
|
||||
{ /* asprintf does not use out malloc system */
|
||||
{ /* asprintf does not use our malloc system */
|
||||
char *psave = p;
|
||||
p = xtrymalloc (strlen (psave)+1);
|
||||
if (p)
|
||||
@ -241,9 +241,10 @@ do_encryption (const char *protbegin, size_t protlen,
|
||||
}
|
||||
if (!p)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
xfree (iv);
|
||||
xfree (outbuf);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
*resultlen = strlen (p);
|
||||
*result = p;
|
||||
@ -277,28 +278,28 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
|
||||
|
||||
s = plainkey;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "private-key"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
depth++;
|
||||
hash_begin = s;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
|
||||
for (infidx=0; protect_info[infidx].algo
|
||||
&& !smatch (&s, n, protect_info[infidx].algo); infidx++)
|
||||
;
|
||||
if (!protect_info[infidx].algo)
|
||||
return GNUPG_Unsupported_Algorithm;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
|
||||
prot_begin = prot_end = NULL;
|
||||
for (i=0; (c=protect_info[infidx].parmlist[i]); i++)
|
||||
@ -306,28 +307,28 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
|
||||
if (i == protect_info[infidx].prot_from)
|
||||
prot_begin = s;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (n != 1 || c != *s)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s +=n; /* skip value */
|
||||
if (*s != ')')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth--;
|
||||
if (i == protect_info[infidx].prot_to)
|
||||
prot_end = s;
|
||||
s++;
|
||||
}
|
||||
if (*s != ')' || !prot_begin || !prot_end )
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth--;
|
||||
hash_end = s;
|
||||
s++;
|
||||
@ -358,8 +359,9 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
|
||||
*result = p = xtrymalloc (*resultlen);
|
||||
if (!p)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
xfree (protected);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
memcpy (p, "(21:protected-", 14);
|
||||
p += 14;
|
||||
@ -391,7 +393,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
|
||||
|
||||
blklen = gcry_cipher_get_algo_blklen (PROT_CIPHER);
|
||||
if (protectedlen < 4 || (protectedlen%blklen))
|
||||
return GNUPG_Corrupted_Protection;
|
||||
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
|
||||
|
||||
hd = gcry_cipher_open (PROT_CIPHER, GCRY_CIPHER_MODE_CBC,
|
||||
GCRY_CIPHER_SECURE);
|
||||
@ -400,7 +402,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
|
||||
|
||||
outbuf = gcry_malloc_secure (protectedlen);
|
||||
if (!outbuf)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
if (!rc)
|
||||
rc = gcry_cipher_setiv (hd, iv, ivlen);
|
||||
if (!rc)
|
||||
@ -410,7 +412,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
|
||||
|
||||
key = gcry_malloc_secure (keylen);
|
||||
if (!key)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
else
|
||||
{
|
||||
rc = hash_passphrase (passphrase, GCRY_MD_SHA1,
|
||||
@ -433,14 +435,14 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
|
||||
if (*outbuf != '(' && outbuf[1] != '(')
|
||||
{
|
||||
xfree (outbuf);
|
||||
return GNUPG_Bad_Passphrase;
|
||||
return gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
||||
}
|
||||
/* check that we have a consistent S-Exp */
|
||||
reallen = gcry_sexp_canon_len (outbuf, protectedlen, NULL, NULL);
|
||||
if (!reallen || (reallen + blklen < protectedlen) )
|
||||
{
|
||||
xfree (outbuf);
|
||||
return GNUPG_Bad_Passphrase;
|
||||
return gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
||||
}
|
||||
*result = outbuf;
|
||||
return 0;
|
||||
@ -464,21 +466,21 @@ merge_lists (const unsigned char *protectedkey,
|
||||
int i, rc;
|
||||
|
||||
if (replacepos < 26)
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
|
||||
/* Estimate the required size of the resulting list. We have a large
|
||||
safety margin of >20 bytes (MIC hash from CLEARTEXT and the
|
||||
removed "protected-" */
|
||||
newlistlen = gcry_sexp_canon_len (protectedkey, 0, NULL, NULL);
|
||||
if (!newlistlen)
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
n = gcry_sexp_canon_len (cleartext, 0, NULL, NULL);
|
||||
if (!n)
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
newlistlen += n;
|
||||
newlist = gcry_malloc_secure (newlistlen);
|
||||
if (!newlist)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
|
||||
/* Copy the initial segment */
|
||||
strcpy (newlist, "(11:private-key");
|
||||
@ -489,7 +491,7 @@ merge_lists (const unsigned char *protectedkey,
|
||||
/* copy the cleartext */
|
||||
s = cleartext;
|
||||
if (*s != '(' && s[1] != '(')
|
||||
return GNUPG_Bug; /*we already checked this */
|
||||
return gpg_error (GPG_ERR_BUG); /*we already checked this */
|
||||
s += 2;
|
||||
startpos = s;
|
||||
while ( *s == '(' )
|
||||
@ -564,7 +566,7 @@ merge_lists (const unsigned char *protectedkey,
|
||||
|
||||
invalid_sexp:
|
||||
xfree (newlist);
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
}
|
||||
|
||||
|
||||
@ -589,25 +591,25 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||
|
||||
s = protectedkey;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "protected-private-key"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
|
||||
for (infidx=0; protect_info[infidx].algo
|
||||
&& !smatch (&s, n, protect_info[infidx].algo); infidx++)
|
||||
;
|
||||
if (!protect_info[infidx].algo)
|
||||
return GNUPG_Unsupported_Algorithm;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
|
||||
/* now find the list with the protected information. Here is an
|
||||
example for such a list:
|
||||
@ -618,12 +620,12 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||
for (;;)
|
||||
{
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
prot_begin = s;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (smatch (&s, n, "protected"))
|
||||
break;
|
||||
s += n;
|
||||
@ -635,47 +637,47 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||
/* found */
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc"))
|
||||
return GNUPG_Unsupported_Protection;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
|
||||
if (*s != '(' || s[1] != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += 2;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "sha1"))
|
||||
return GNUPG_Unsupported_Protection;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
|
||||
n = snext (&s);
|
||||
if (n != 8)
|
||||
return GNUPG_Corrupted_Protection;
|
||||
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
|
||||
s2ksalt = s;
|
||||
s += n;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Corrupted_Protection;
|
||||
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
|
||||
/* We expect a list close as next, so we can simply use strtoul()
|
||||
here. We might want to check that we only have digits - but this
|
||||
is nothing we should worry about */
|
||||
if (s[n] != ')' )
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s2kcount = strtoul (s, NULL, 10);
|
||||
if (!s2kcount)
|
||||
return GNUPG_Corrupted_Protection;
|
||||
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
|
||||
s += n;
|
||||
s++; /* skip list end */
|
||||
|
||||
n = snext (&s);
|
||||
if (n != 16) /* Wrong blocksize for IV (we support ony aes-128) */
|
||||
return GNUPG_Corrupted_Protection;
|
||||
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
|
||||
iv = s;
|
||||
s += n;
|
||||
if (*s != ')' )
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
|
||||
rc = do_decryption (s, n,
|
||||
passphrase, s2ksalt, s2kcount,
|
||||
@ -692,7 +694,7 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||
|
||||
rc = calculate_mic (final, sha1hash2);
|
||||
if (!rc && memcmp (sha1hash, sha1hash2, 20))
|
||||
rc = GNUPG_Corrupted_Protection;
|
||||
rc = gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
|
||||
if (rc)
|
||||
{
|
||||
xfree (final);
|
||||
@ -755,9 +757,9 @@ hash_passphrase (const char *passphrase, int hashalgo,
|
||||
|
||||
if ( (s2kmode != 0 && s2kmode != 1 && s2kmode != 3)
|
||||
|| !hashalgo || !keylen || !key || !passphrase)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if ((s2kmode == 1 ||s2kmode == 3) && !s2ksalt)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
|
||||
md = gcry_md_open (hashalgo, GCRY_MD_FLAG_SECURE);
|
||||
if (!md)
|
||||
@ -834,42 +836,42 @@ agent_shadow_key (const unsigned char *pubkey,
|
||||
size_t shadow_info_len = gcry_sexp_canon_len (shadow_info, 0, NULL,NULL);
|
||||
|
||||
if (!pubkey_len || !shadow_info_len)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
s = pubkey;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "public-key"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n; /* skip over the algorithm name */
|
||||
|
||||
while (*s != ')')
|
||||
{
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s +=n; /* skip value */
|
||||
if (*s != ')')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth--;
|
||||
s++;
|
||||
}
|
||||
@ -883,7 +885,7 @@ agent_shadow_key (const unsigned char *pubkey,
|
||||
n = 12 + pubkey_len + 1 + 3+8 + 2+5 + shadow_info_len + 1;
|
||||
*result = p = xtrymalloc (n);
|
||||
if (!p)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
p = stpcpy (p, "(20:shadowed-private-key");
|
||||
/* (10:public-key ...)*/
|
||||
memcpy (p, pubkey+14, point - (pubkey+14));
|
||||
@ -910,58 +912,58 @@ agent_get_shadow_info (const unsigned char *shadowkey,
|
||||
|
||||
s = shadowkey;
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (!smatch (&s, n, "shadowed-private-key"))
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n; /* skip over the algorithm name */
|
||||
|
||||
for (;;)
|
||||
{
|
||||
if (*s == ')')
|
||||
return GNUPG_Unknown_Sexp;
|
||||
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth++;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (smatch (&s, n, "shadowed"))
|
||||
break;
|
||||
s += n;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s +=n; /* skip value */
|
||||
if (*s != ')')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
depth--;
|
||||
s++;
|
||||
}
|
||||
/* found the shadowed list, s points to the protocol */
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
if (smatch (&s, n, "t1-v1"))
|
||||
{
|
||||
if (*s != '(')
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
*shadow_info = s;
|
||||
}
|
||||
else
|
||||
return GNUPG_Unsupported_Protocol;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -33,7 +33,7 @@
|
||||
|
||||
#include "agent.h"
|
||||
#include "i18n.h"
|
||||
#include "../assuan/assuan.h"
|
||||
#include <assuan.h>
|
||||
|
||||
#ifdef _POSIX_OPEN_MAX
|
||||
#define MAX_OPEN_FDS _POSIX_OPEN_MAX
|
||||
@ -70,7 +70,7 @@ unlock_pinentry (int rc)
|
||||
{
|
||||
log_error ("failed to release the entry lock\n");
|
||||
if (!rc)
|
||||
rc = GNUPG_Internal_Error;
|
||||
rc = gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
#endif
|
||||
entry_ctx = NULL;
|
||||
@ -96,7 +96,7 @@ start_pinentry (CTRL ctrl)
|
||||
if (!pth_mutex_acquire (&entry_lock, 0, NULL))
|
||||
{
|
||||
log_error ("failed to acquire the entry lock\n");
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -108,8 +108,9 @@ start_pinentry (CTRL ctrl)
|
||||
|
||||
if (fflush (NULL))
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error flushing pending output: %s\n", strerror (errno));
|
||||
return unlock_pinentry (seterr (Write_Error));
|
||||
return unlock_pinentry (tmperr);
|
||||
}
|
||||
|
||||
if (!opt.pinentry_program || !*opt.pinentry_program)
|
||||
@ -145,7 +146,7 @@ start_pinentry (CTRL ctrl)
|
||||
{
|
||||
log_error ("can't connect to the PIN entry module: %s\n",
|
||||
assuan_strerror (rc));
|
||||
return unlock_pinentry (seterr (No_PIN_Entry));
|
||||
return unlock_pinentry (gpg_error (GPG_ERR_NO_PIN_ENTRY));
|
||||
}
|
||||
entry_ctx = ctx;
|
||||
|
||||
@ -161,7 +162,7 @@ start_pinentry (CTRL ctrl)
|
||||
{
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION ttyname=%s", ctrl->ttyname) < 0 )
|
||||
return unlock_pinentry (GNUPG_Out_Of_Core);
|
||||
return unlock_pinentry (out_of_core ());
|
||||
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
free (optstr);
|
||||
@ -172,7 +173,7 @@ start_pinentry (CTRL ctrl)
|
||||
{
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION ttytype=%s", ctrl->ttytype) < 0 )
|
||||
return unlock_pinentry (GNUPG_Out_Of_Core);
|
||||
return unlock_pinentry (out_of_core ());
|
||||
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
if (rc)
|
||||
@ -182,7 +183,7 @@ start_pinentry (CTRL ctrl)
|
||||
{
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION lc-ctype=%s", ctrl->lc_ctype) < 0 )
|
||||
return unlock_pinentry (GNUPG_Out_Of_Core);
|
||||
return unlock_pinentry (out_of_core ());
|
||||
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
if (rc)
|
||||
@ -192,7 +193,7 @@ start_pinentry (CTRL ctrl)
|
||||
{
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION lc-messages=%s", ctrl->lc_messages) < 0 )
|
||||
return unlock_pinentry (GNUPG_Out_Of_Core);
|
||||
return unlock_pinentry (out_of_core ());
|
||||
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
if (rc)
|
||||
@ -250,7 +251,7 @@ agent_askpin (CTRL ctrl,
|
||||
return 0; /* fixme: we should return BAD PIN */
|
||||
|
||||
if (!pininfo || pininfo->max_length < 1)
|
||||
return seterr (Invalid_Value);
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (!desc_text && pininfo->min_digits)
|
||||
desc_text = _("Please enter your PIN, so that the secret key "
|
||||
"can be unlocked for this session");
|
||||
@ -322,7 +323,8 @@ agent_askpin (CTRL ctrl,
|
||||
rc = pininfo->check_cb (pininfo);
|
||||
if (rc == -1 && pininfo->cb_errtext)
|
||||
errtext = pininfo->cb_errtext;
|
||||
else if (rc == GNUPG_Bad_Passphrase || rc == GNUPG_Bad_PIN)
|
||||
else if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
|
||||
|| gpg_err_code (rc) == GPG_ERR_BAD_PIN)
|
||||
errtext = (is_pin? _("Bad PIN")
|
||||
: _("Bad Passphrase"));
|
||||
else if (rc)
|
||||
@ -333,8 +335,8 @@ agent_askpin (CTRL ctrl,
|
||||
return unlock_pinentry (0); /* okay, got a PIN or passphrase */
|
||||
}
|
||||
|
||||
return unlock_pinentry (pininfo->min_digits? GNUPG_Bad_PIN
|
||||
: GNUPG_Bad_Passphrase);
|
||||
return unlock_pinentry (gpg_error (pininfo->min_digits? GPG_ERR_BAD_PIN
|
||||
: GPG_ERR_BAD_PASSPHRASE));
|
||||
}
|
||||
|
||||
|
||||
@ -356,7 +358,7 @@ agent_get_passphrase (CTRL ctrl,
|
||||
|
||||
*retpass = NULL;
|
||||
if (opt.batch)
|
||||
return GNUPG_Bad_Passphrase;
|
||||
return gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
||||
|
||||
rc = start_pinentry (ctrl);
|
||||
if (rc)
|
||||
@ -394,7 +396,7 @@ agent_get_passphrase (CTRL ctrl,
|
||||
parm.size = ASSUAN_LINELENGTH/2 - 5;
|
||||
parm.buffer = gcry_malloc_secure (parm.size+10);
|
||||
if (!parm.buffer)
|
||||
return unlock_pinentry (seterr (Out_Of_Core));
|
||||
return unlock_pinentry (out_of_core ());
|
||||
|
||||
assuan_begin_confidential (entry_ctx);
|
||||
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm, NULL, NULL, NULL, NULL);
|
||||
@ -407,8 +409,9 @@ agent_get_passphrase (CTRL ctrl,
|
||||
hexstring = gcry_malloc_secure (strlen (parm.buffer)*2+1);
|
||||
if (!hexstring)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
xfree (parm.buffer);
|
||||
return unlock_pinentry (seterr (Out_Of_Core));
|
||||
return unlock_pinentry (tmperr);
|
||||
}
|
||||
|
||||
for (i=0, p=parm.buffer; *p; p++, i += 2)
|
||||
@ -423,7 +426,7 @@ agent_get_passphrase (CTRL ctrl,
|
||||
|
||||
/* Pop up the PIN-entry, display the text and the prompt and ask the
|
||||
user to confirm this. We return 0 for success, ie. the used
|
||||
confirmed it, GNUPG_Not_Confirmed for what the text says or an
|
||||
confirmed it, GPG_ERR_NOT_CONFIRMED for what the text says or an
|
||||
other error. */
|
||||
int
|
||||
agent_get_confirmation (CTRL ctrl,
|
||||
|
@ -68,10 +68,10 @@ sskip (unsigned char const **buf, int *depth)
|
||||
else
|
||||
{
|
||||
if (!d)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
s += n;
|
||||
}
|
||||
}
|
||||
|
@ -29,8 +29,7 @@
|
||||
#include <sys/stat.h>
|
||||
|
||||
#include "agent.h"
|
||||
#include "../assuan/assuan.h" /* fixme: need a way to avoid assuan
|
||||
calls here */
|
||||
#include <assuan.h> /* fixme: need a way to avoid assuan calls here */
|
||||
|
||||
static const char headerblurb[] =
|
||||
"# This is the list of trusted keys. Comments like this one and empty\n"
|
||||
@ -60,9 +59,10 @@ open_list (int append)
|
||||
trustfp = fopen (fname, "wx");
|
||||
if (!trustfp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("can't create `%s': %s\n", fname, strerror (errno));
|
||||
xfree (fname);
|
||||
return seterr (File_Create_Error);
|
||||
return tmperr;
|
||||
}
|
||||
fputs (headerblurb, trustfp);
|
||||
fclose (trustfp);
|
||||
@ -71,9 +71,10 @@ open_list (int append)
|
||||
|
||||
if (!trustfp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("can't open `%s': %s\n", fname, strerror (errno));
|
||||
xfree (fname);
|
||||
return seterr (File_Open_Error);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
/*FIXME: check the MAC */
|
||||
@ -109,7 +110,7 @@ read_list (char *key, int *keyflag)
|
||||
{
|
||||
if (feof (trustfp))
|
||||
return -1;
|
||||
return GNUPG_Read_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
if (!*line || line[strlen(line)-1] != '\n')
|
||||
@ -117,7 +118,8 @@ read_list (char *key, int *keyflag)
|
||||
/* eat until end of line */
|
||||
while ( (c=getc (trustfp)) != EOF && c != '\n')
|
||||
;
|
||||
return *line? GNUPG_Line_Too_Long: GNUPG_Incomplete_Line;
|
||||
return gpg_error (*line? GPG_ERR_LINE_TOO_LONG
|
||||
: GPG_ERR_INCOMPLETE_LINE);
|
||||
}
|
||||
|
||||
/* Allow for emty lines and spaces */
|
||||
@ -132,7 +134,7 @@ read_list (char *key, int *keyflag)
|
||||
if (i!=40 || !(spacep (p+i) || p[i] == '\n'))
|
||||
{
|
||||
log_error ("invalid formatted fingerprint in trustlist\n");
|
||||
return GNUPG_Bad_Data;
|
||||
return gpg_error (GPG_ERR_BAD_DATA);
|
||||
}
|
||||
assert (p[i]);
|
||||
if (p[i] == '\n')
|
||||
@ -149,13 +151,13 @@ read_list (char *key, int *keyflag)
|
||||
else
|
||||
{
|
||||
log_error ("invalid keyflag in trustlist\n");
|
||||
return GNUPG_Bad_Data;
|
||||
return gpg_error (GPG_ERR_BAD_DATA);
|
||||
}
|
||||
i++;
|
||||
if ( !(spacep (p+i) || p[i] == '\n'))
|
||||
{
|
||||
log_error ("invalid keyflag in trustlist\n");
|
||||
return GNUPG_Bad_Data;
|
||||
return gpg_error (GPG_ERR_BAD_DATA);
|
||||
}
|
||||
}
|
||||
|
||||
@ -253,7 +255,7 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag)
|
||||
" \"%s\"%%0A"
|
||||
"has the fingerprint:%%0A"
|
||||
" %s", name, fpr) < 0 )
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
rc = agent_get_confirmation (ctrl, desc, "Correct", "No");
|
||||
free (desc);
|
||||
if (rc)
|
||||
@ -264,7 +266,7 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag)
|
||||
" \"%s\"%%0A"
|
||||
"to correctly certify user certificates?",
|
||||
name) < 0 )
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
rc = agent_get_confirmation (ctrl, desc, "Yes", "No");
|
||||
free (desc);
|
||||
if (rc)
|
||||
@ -294,11 +296,11 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag)
|
||||
print_sanitized_string (trustfp, name, 0);
|
||||
fprintf (trustfp, "\n%s %c\n", fpr, flag);
|
||||
if (ferror (trustfp))
|
||||
rc = GNUPG_Write_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
/* close because we are in append mode */
|
||||
if (fclose (trustfp))
|
||||
rc = GNUPG_File_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
trustfp = NULL;
|
||||
return rc;
|
||||
}
|
||||
|
@ -23,7 +23,13 @@
|
||||
|
||||
#include "util.h"
|
||||
|
||||
/* Error numbers */
|
||||
#ifdef GPG_ERR_SOURCE_DEFAULT
|
||||
# define GPG_ERR_INVALID_VALUE GPG_ERR_INV_VALUE
|
||||
# define GPG_ERR_INVALID_DATA GPG_ERR_INV_DATA
|
||||
# define GPG_ERR_INVALID_SEXP GPG_ERR_INV_SEXP
|
||||
#else /*GPG_ERR_SOURCE_DEFAUL*/
|
||||
/* Error numbers. Note, that they are onkly used for old code not yet
|
||||
converted to libgpg-error. */
|
||||
enum {
|
||||
GNUPG_EOF = -1,
|
||||
GNUPG_No_Error = 0,
|
||||
@ -104,6 +110,7 @@ enum {
|
||||
GNUPG_Unsupported_Operation = 75,
|
||||
GNUPG_Wrong_Key_Usage = 76,
|
||||
};
|
||||
#endif /* !GPG_ERR_SOURCE_DEFAULT */
|
||||
|
||||
/* Status codes - fixme: should go into another file */
|
||||
enum {
|
||||
|
@ -1,3 +1,11 @@
|
||||
2003-06-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Changed all error codes in all files to the new libgpg-error scheme.
|
||||
|
||||
* keybox-defs.h: Include gpg-error.h .
|
||||
(KeyboxError): Removed.
|
||||
* Makefile.am: Removed keybox-error.c stuff.
|
||||
|
||||
2002-11-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* keybox-search.c (blob_cmp_name) <compare all names>: Fixed
|
||||
|
@ -1,5 +1,5 @@
|
||||
# Keybox Makefile
|
||||
# Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
@ -24,7 +24,6 @@ INCLUDES = -I../intl -DLOCALEDIR=\"$(localedir)\"
|
||||
|
||||
EXTRA_DIST = mkerrors
|
||||
AM_CPPFLAGS = $(KSBA_CFLAGS) $(LIBGCRYPT_CFLAGS)
|
||||
BUILT_SOURCES = keybox-errors.c
|
||||
|
||||
noinst_LIBRARIES = libkeybox.a
|
||||
bin_PROGRAMS = kbxutil
|
||||
@ -32,7 +31,6 @@ bin_PROGRAMS = kbxutil
|
||||
common_sources = \
|
||||
keybox.h keybox-defs.h keybox-search-desc.h \
|
||||
keybox-util.c \
|
||||
keybox-errors.c \
|
||||
keybox-init.c \
|
||||
keybox-blob.c \
|
||||
keybox-file.c \
|
||||
@ -44,10 +42,7 @@ common_sources = \
|
||||
libkeybox_a_SOURCES = $(common_sources)
|
||||
|
||||
kbxutil_SOURCES = kbxutil.c $(common_sources)
|
||||
kbxutil_LDADD = ../jnlib/libjnlib.a $(KSBA_LIBS) $(LIBGCRYPT_LIBS)
|
||||
|
||||
keybox-errors.c : keybox.h mkerrors
|
||||
$(srcdir)/mkerrors < $(srcdir)/keybox.h > keybox-errors.c
|
||||
kbxutil_LDADD = ../jnlib/libjnlib.a $(KSBA_LIBS) $(LIBGCRYPT_LIBS) -lgpg-error
|
||||
|
||||
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* keybox-blob.c - KBX Blob handling
|
||||
* Copyright (C) 2000, 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -489,7 +489,7 @@ x509_create_blob_cert (KEYBOXBLOB blob, KsbaCert cert)
|
||||
|
||||
image = ksba_cert_get_image (cert, &length);
|
||||
if (!image)
|
||||
return KEYBOX_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
put_membuf (a, image, length);
|
||||
|
||||
add_fixup (blob, 12, a->len - kbstart);
|
||||
@ -651,7 +651,7 @@ create_blob_finish (KEYBOXBLOB blob)
|
||||
/* get the memory area */
|
||||
p = get_membuf (a, &n);
|
||||
if (!p)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
assert (n >= 20);
|
||||
|
||||
/* fixup the length */
|
||||
@ -659,7 +659,7 @@ create_blob_finish (KEYBOXBLOB blob)
|
||||
|
||||
/* do the fixups */
|
||||
if (blob->fixup_out_of_core)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
|
||||
{
|
||||
struct fixup_list *fl;
|
||||
@ -678,7 +678,7 @@ create_blob_finish (KEYBOXBLOB blob)
|
||||
|
||||
pp = xtrymalloc (n);
|
||||
if ( !pp )
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
memcpy (pp , p, n);
|
||||
blob->blob = pp;
|
||||
blob->bloblen = n;
|
||||
@ -698,8 +698,8 @@ _keybox_create_pgp_blob (KEYBOXBLOB *r_blob, KBNODE keyblock, int as_ephemeral)
|
||||
|
||||
*r_blob = NULL;
|
||||
blob = xtrycalloc (1, sizeof *blob);
|
||||
if( !blob )
|
||||
return KEYBOX_Out_Of_Core;
|
||||
if (!blob)
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
/* fixme: Do some sanity checks on the keyblock */
|
||||
|
||||
@ -723,7 +723,7 @@ _keybox_create_pgp_blob (KEYBOXBLOB *r_blob, KBNODE keyblock, int as_ephemeral)
|
||||
blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs );
|
||||
if (!blob->keys || !blob->uids || !blob->sigs)
|
||||
{
|
||||
rc = KEYBOX_Out_Of_Core;
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -818,7 +818,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert,
|
||||
*r_blob = NULL;
|
||||
blob = xtrycalloc (1, sizeof *blob);
|
||||
if( !blob )
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
p = ksba_cert_get_serial (cert);
|
||||
if (p)
|
||||
@ -828,7 +828,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert,
|
||||
if (n < 2)
|
||||
{
|
||||
xfree (p);
|
||||
return KEYBOX_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
blob->serialbuf = p;
|
||||
p++; n--; /* skip '(' */
|
||||
@ -838,7 +838,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert,
|
||||
{
|
||||
xfree (blob->serialbuf);
|
||||
blob->serialbuf = NULL;
|
||||
return KEYBOX_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
p++;
|
||||
blob->serial = p;
|
||||
@ -853,13 +853,13 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert,
|
||||
names = xtrymalloc (max_names * sizeof *names);
|
||||
if (!names)
|
||||
{
|
||||
rc = KEYBOX_Out_Of_Core;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
p = ksba_cert_get_issuer (cert, 0);
|
||||
if (!p)
|
||||
{
|
||||
rc = KEYBOX_Missing_Value;
|
||||
rc = gpg_error (GPG_ERR_MISSING_VALUE);
|
||||
goto leave;
|
||||
}
|
||||
names[blob->nuids++] = p;
|
||||
@ -874,7 +874,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert,
|
||||
tmp = xtryrealloc (names, max_names * sizeof *names);
|
||||
if (!tmp)
|
||||
{
|
||||
rc = KEYBOX_Out_Of_Core;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -891,7 +891,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert,
|
||||
blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs );
|
||||
if (!blob->keys || !blob->uids || !blob->sigs)
|
||||
{
|
||||
rc = KEYBOX_Out_Of_Core;
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -964,7 +964,7 @@ _keybox_new_blob (KEYBOXBLOB *r_blob, char *image, size_t imagelen, off_t off)
|
||||
*r_blob = NULL;
|
||||
blob = xtrycalloc (1, sizeof *blob);
|
||||
if (!blob)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
blob->blob = image;
|
||||
blob->bloblen = imagelen;
|
||||
|
@ -24,6 +24,13 @@
|
||||
#include <sys/types.h> /* off_t */
|
||||
#include "keybox.h"
|
||||
|
||||
#ifdef GPG_ERR_SOURCE_DEFAULT
|
||||
#error GPG_ERR_SOURCE_DEFAULT already defined
|
||||
#endif
|
||||
#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_KEYBOX
|
||||
#include <gpg-error.h>
|
||||
|
||||
|
||||
#ifndef HAVE_BYTE_TYPEDEF
|
||||
typedef unsigned char byte; /* fixme */
|
||||
#endif
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* keybox-dump.c - Debug helpers
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -322,8 +322,9 @@ _keybox_dump_file (const char *filename, FILE *outfp)
|
||||
fp = fopen (filename, "rb");
|
||||
if (!fp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
fprintf (outfp, "can't open `%s': %s\n", filename, strerror(errno));
|
||||
return KEYBOX_File_Error;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
while ( !(rc = _keybox_read_blob (&blob, fp)) )
|
||||
@ -337,8 +338,7 @@ _keybox_dump_file (const char *filename, FILE *outfp)
|
||||
if (rc == -1)
|
||||
rc = 0;
|
||||
if (rc)
|
||||
fprintf (outfp, "error reading `%s': %s\n", filename,
|
||||
rc == KEYBOX_Read_Error? keybox_strerror(rc):strerror (errno));
|
||||
fprintf (outfp, "error reading `%s': %s\n", filename, gpg_strerror (rc));
|
||||
|
||||
if (fp != stdin)
|
||||
fclose (fp);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* keybox-file.c - file oeprations
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -22,6 +22,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "keybox-defs.h"
|
||||
|
||||
@ -40,7 +41,7 @@ _keybox_read_blob (KEYBOXBLOB *r_blob, FILE *fp)
|
||||
*r_blob = NULL;
|
||||
off = ftello (fp);
|
||||
if (off == (off_t)-1)
|
||||
return KEYBOX_Read_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
if ((c1 = getc (fp)) == EOF
|
||||
|| (c2 = getc (fp)) == EOF
|
||||
@ -50,33 +51,34 @@ _keybox_read_blob (KEYBOXBLOB *r_blob, FILE *fp)
|
||||
{
|
||||
if ( c1 == EOF && !ferror (fp) )
|
||||
return -1; /* eof */
|
||||
return KEYBOX_Read_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
imagelen = (c1 << 24) | (c2 << 16) | (c3 << 8 ) | c4;
|
||||
if (imagelen > 500000) /* sanity check */
|
||||
return KEYBOX_Blob_Too_Large;
|
||||
return gpg_error (GPG_ERR_TOO_LARGE);
|
||||
|
||||
if (imagelen < 5)
|
||||
return KEYBOX_Blob_Too_Short;
|
||||
return gpg_error (GPG_ERR_TOO_SHORT);
|
||||
|
||||
if (!type)
|
||||
{
|
||||
/* special treatment for empty blobs. */
|
||||
if (fseek (fp, imagelen-5, SEEK_CUR))
|
||||
return KEYBOX_Read_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto again;
|
||||
}
|
||||
|
||||
image = xtrymalloc (imagelen);
|
||||
if (!image)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
image[0] = c1; image[1] = c2; image[2] = c3; image[3] = c4; image[4] = type;
|
||||
if (fread (image+5, imagelen-5, 1, fp) != 1)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
xfree (image);
|
||||
return KEYBOX_Read_Error;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
rc = r_blob? _keybox_new_blob (r_blob, image, imagelen, off) : 0;
|
||||
@ -95,8 +97,6 @@ _keybox_write_blob (KEYBOXBLOB blob, FILE *fp)
|
||||
|
||||
image = _keybox_get_blob_image (blob, &length);
|
||||
if (fwrite (image, length, 1, fp) != 1)
|
||||
{
|
||||
return KEYBOX_Write_Error;
|
||||
}
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
return 0;
|
||||
}
|
||||
|
@ -120,7 +120,7 @@ int
|
||||
keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes)
|
||||
{
|
||||
if (!hd)
|
||||
return KEYBOX_Invalid_Handle;
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
hd->ephemeral = yes;
|
||||
return 0;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* keybox-search.c - Search operations
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -23,6 +23,7 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "../jnlib/stringhelp.h" /* ascii_xxxx() */
|
||||
#include "keybox-defs.h"
|
||||
@ -481,7 +482,7 @@ int
|
||||
keybox_search_reset (KEYBOX_HANDLE hd)
|
||||
{
|
||||
if (!hd)
|
||||
return KEYBOX_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
|
||||
if (hd->found.blob)
|
||||
{
|
||||
@ -512,7 +513,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
struct sn_array_s *sn_array = NULL;
|
||||
|
||||
if (!hd)
|
||||
return KEYBOX_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
|
||||
/* clear last found result */
|
||||
if (hd->found.blob)
|
||||
@ -548,7 +549,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
{
|
||||
sn_array = xtrycalloc (ndesc, sizeof *sn_array);
|
||||
if (!sn_array)
|
||||
return (hd->error = KEYBOX_Out_Of_Core);
|
||||
return (hd->error = gpg_error (gpg_err_code_from_errno (errno)));
|
||||
}
|
||||
}
|
||||
|
||||
@ -557,8 +558,9 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
hd->fp = fopen (hd->kb->fname, "rb");
|
||||
if (!hd->fp)
|
||||
{
|
||||
hd->error = gpg_error (gpg_err_code_from_errno (errno));
|
||||
xfree (sn_array);
|
||||
return (hd->error = KEYBOX_File_Open_Error);
|
||||
return hd->error;
|
||||
}
|
||||
}
|
||||
|
||||
@ -588,8 +590,9 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
sn_array[n].sn = xtrymalloc (snlen);
|
||||
if (!sn_array[n].sn)
|
||||
{
|
||||
hd->error = gpg_error (gpg_err_code_from_errno (errno));
|
||||
release_sn_array (sn_array, n);
|
||||
return (hd->error = KEYBOX_Out_Of_Core);
|
||||
return hd->error;
|
||||
}
|
||||
sn_array[n].snlen = snlen;
|
||||
sn = sn_array[n].sn;
|
||||
@ -611,8 +614,9 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
sn_array[n].sn = xtrymalloc (snlen);
|
||||
if (!sn_array[n].sn)
|
||||
{
|
||||
hd->error = gpg_error (gpg_err_code_from_errno (errno));
|
||||
release_sn_array (sn_array, n);
|
||||
return (hd->error = KEYBOX_Out_Of_Core);
|
||||
return hd->error;
|
||||
}
|
||||
sn_array[n].snlen = snlen;
|
||||
memcpy (sn_array[n].sn, sn, snlen);
|
||||
@ -700,7 +704,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
goto found;
|
||||
break;
|
||||
default:
|
||||
rc = KEYBOX_Invalid_Value;
|
||||
rc = gpg_error (GPG_ERR_INV_VALUE);
|
||||
goto found;
|
||||
}
|
||||
}
|
||||
@ -759,37 +763,37 @@ keybox_get_cert (KEYBOX_HANDLE hd, KsbaCert *r_cert)
|
||||
int rc;
|
||||
|
||||
if (!hd)
|
||||
return KEYBOX_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (!hd->found.blob)
|
||||
return KEYBOX_Nothing_Found;
|
||||
return gpg_error (GPG_ERR_NOTHING_FOUND);
|
||||
|
||||
if (blob_get_type (hd->found.blob) != BLOBTYPE_X509)
|
||||
return KEYBOX_Wrong_Blob_Type;
|
||||
return gpg_error (GPG_ERR_WRONG_BLOB_TYPE);
|
||||
|
||||
buffer = _keybox_get_blob_image (hd->found.blob, &length);
|
||||
if (length < 40)
|
||||
return KEYBOX_Blob_Too_Short;
|
||||
return gpg_error (GPG_ERR_TOO_SHORT);
|
||||
cert_off = get32 (buffer+8);
|
||||
cert_len = get32 (buffer+12);
|
||||
if (cert_off+cert_len > length)
|
||||
return KEYBOX_Blob_Too_Short;
|
||||
return gpg_error (GPG_ERR_TOO_SHORT);
|
||||
|
||||
reader = ksba_reader_new ();
|
||||
if (!reader)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len);
|
||||
if (rc)
|
||||
{
|
||||
ksba_reader_release (reader);
|
||||
/* fixme: need to map the error codes */
|
||||
return KEYBOX_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
cert = ksba_cert_new ();
|
||||
if (!cert)
|
||||
{
|
||||
ksba_reader_release (reader);
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
}
|
||||
|
||||
rc = ksba_cert_read_der (cert, reader);
|
||||
@ -798,7 +802,7 @@ keybox_get_cert (KEYBOX_HANDLE hd, KsbaCert *r_cert)
|
||||
ksba_cert_release (cert);
|
||||
ksba_reader_release (reader);
|
||||
/* fixme: need to map the error codes */
|
||||
return KEYBOX_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
*r_cert = cert;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* keybox-update.c - keybox update operations
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -50,15 +50,16 @@ create_tmp_file (const char *template,
|
||||
{
|
||||
bakfname = xtrymalloc (strlen (template) + 1);
|
||||
if (!bakfname)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
strcpy (bakfname, template);
|
||||
strcpy (bakfname+strlen(template)-4, EXTSEP_S "bak");
|
||||
|
||||
tmpfname = xtrymalloc (strlen (template) + 1);
|
||||
if (!tmpfname)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
xfree (bakfname);
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
strcpy (tmpfname,template);
|
||||
strcpy (tmpfname + strlen (template)-4, EXTSEP_S "tmp");
|
||||
@ -67,28 +68,30 @@ create_tmp_file (const char *template,
|
||||
{ /* file does not end with kbx; hmmm */
|
||||
bakfname = xtrymalloc ( strlen (template) + 5);
|
||||
if (!bakfname)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
strcpy (stpcpy (bakfname, template), EXTSEP_S "bak");
|
||||
|
||||
tmpfname = xtrymalloc ( strlen (template) + 5);
|
||||
if (!tmpfname)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
xfree (bakfname);
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
strcpy (stpcpy (tmpfname, template), EXTSEP_S "tmp");
|
||||
}
|
||||
# else /* Posix file names */
|
||||
bakfname = xtrymalloc (strlen (template) + 2);
|
||||
if (!bakfname)
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
strcpy (stpcpy (bakfname,template),"~");
|
||||
|
||||
tmpfname = xtrymalloc ( strlen (template) + 5);
|
||||
if (!tmpfname)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
xfree (bakfname);
|
||||
return KEYBOX_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
strcpy (stpcpy (tmpfname,template), EXTSEP_S "tmp");
|
||||
# endif /* Posix filename */
|
||||
@ -96,9 +99,10 @@ create_tmp_file (const char *template,
|
||||
*r_fp = fopen (tmpfname, "wb");
|
||||
if (!*r_fp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
xfree (tmpfname);
|
||||
xfree (bakfname);
|
||||
return KEYBOX_File_Create_Error;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
*r_bakfname = bakfname;
|
||||
@ -139,7 +143,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
|
||||
#endif
|
||||
if (rename (fname, bakfname) )
|
||||
{
|
||||
return KEYBOX_File_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
}
|
||||
|
||||
@ -149,7 +153,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
|
||||
#endif
|
||||
if (rename (tmpfname, fname) )
|
||||
{
|
||||
rc = KEYBOX_File_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
if (secret)
|
||||
{
|
||||
/* log_info ("WARNING: 2 files with confidential" */
|
||||
@ -185,7 +189,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
/* Open the source file. Because we do a rename, we have to check the
|
||||
permissions of the file */
|
||||
if (access (fname, W_OK))
|
||||
return KEYBOX_Write_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
fp = fopen (fname, "rb");
|
||||
if (mode == 1 && !fp && errno == ENOENT)
|
||||
@ -193,7 +197,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
newfp = fopen (fname, "wb");
|
||||
if (!newfp )
|
||||
{
|
||||
return KEYBOX_File_Create_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
rc = _keybox_write_blob (blob, newfp);
|
||||
@ -203,7 +207,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
}
|
||||
if ( fclose (newfp) )
|
||||
{
|
||||
return KEYBOX_File_Create_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
/* if (chmod( fname, S_IRUSR | S_IWUSR )) */
|
||||
@ -216,7 +220,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
|
||||
if (!fp)
|
||||
{
|
||||
rc = KEYBOX_File_Open_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -236,13 +240,13 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
{
|
||||
if (fwrite (buffer, nread, 1, newfp) != 1)
|
||||
{
|
||||
rc = KEYBOX_Write_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
if (ferror (fp))
|
||||
{
|
||||
rc = KEYBOX_Read_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -265,14 +269,14 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
|
||||
if (fwrite (buffer, nread, 1, newfp) != 1)
|
||||
{
|
||||
rc = KEYBOX_Write_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
if (ferror (fp))
|
||||
{
|
||||
rc = KEYBOX_Read_Error;
|
||||
goto leave;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
/* skip this blob */
|
||||
@ -296,13 +300,13 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
{
|
||||
if (fwrite (buffer, nread, 1, newfp) != 1)
|
||||
{
|
||||
rc = KEYBOX_Write_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
if (ferror (fp))
|
||||
{
|
||||
rc = KEYBOX_Read_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -310,13 +314,13 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
|
||||
/* close both files */
|
||||
if (fclose(fp))
|
||||
{
|
||||
rc = KEYBOX_File_Close_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
fclose (newfp);
|
||||
goto leave;
|
||||
}
|
||||
if (fclose(newfp))
|
||||
{
|
||||
rc = KEYBOX_File_Close_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -341,12 +345,12 @@ keybox_insert_cert (KEYBOX_HANDLE hd, KsbaCert cert,
|
||||
KEYBOXBLOB blob;
|
||||
|
||||
if (!hd)
|
||||
return KEYBOX_Invalid_Handle;
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
if (!hd->kb)
|
||||
return KEYBOX_Invalid_Handle;
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
fname = hd->kb->fname;
|
||||
if (!fname)
|
||||
return KEYBOX_Invalid_Handle;
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
|
||||
/* close this one otherwise we will mess up the position for a next
|
||||
search. Fixme: it would be better to adjust the position after
|
||||
@ -390,18 +394,18 @@ keybox_delete (KEYBOX_HANDLE hd)
|
||||
int rc;
|
||||
|
||||
if (!hd)
|
||||
return KEYBOX_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (!hd->found.blob)
|
||||
return KEYBOX_Nothing_Found;
|
||||
return gpg_error (GPG_ERR_NOTHING_FOUND);
|
||||
if (!hd->kb)
|
||||
return KEYBOX_Invalid_Handle;
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
fname = hd->kb->fname;
|
||||
if (!fname)
|
||||
return KEYBOX_Invalid_Handle;
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
|
||||
off = _keybox_get_blob_fileoffset (hd->found.blob);
|
||||
if (off == (off_t)-1)
|
||||
return KEYBOX_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
off += 4;
|
||||
|
||||
if (hd->fp)
|
||||
@ -412,19 +416,19 @@ keybox_delete (KEYBOX_HANDLE hd)
|
||||
|
||||
fp = fopen (hd->kb->fname, "r+b");
|
||||
if (!fp)
|
||||
return KEYBOX_File_Open_Error;
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
|
||||
if (fseeko (fp, off, SEEK_SET))
|
||||
rc = KEYBOX_Write_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
else if (putc (0, fp) == EOF)
|
||||
rc = KEYBOX_Write_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
else
|
||||
rc = 0;
|
||||
|
||||
if (fclose (fp))
|
||||
{
|
||||
if (!rc)
|
||||
rc = KEYBOX_File_Close_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
return rc;
|
||||
|
26
kbx/keybox.h
26
kbx/keybox.h
@ -1,5 +1,5 @@
|
||||
/* keybox.h - Keybox operations
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -43,27 +43,6 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
typedef enum {
|
||||
KEYBOX_No_Error = 0,
|
||||
KEYBOX_General_Error = 1,
|
||||
KEYBOX_Out_Of_Core = 2,
|
||||
KEYBOX_Invalid_Value = 3,
|
||||
KEYBOX_Timeout = 4,
|
||||
KEYBOX_Read_Error = 5,
|
||||
KEYBOX_Write_Error = 6,
|
||||
KEYBOX_File_Error = 7,
|
||||
KEYBOX_Blob_Too_Short = 8,
|
||||
KEYBOX_Blob_Too_Large = 9,
|
||||
KEYBOX_Invalid_Handle = 10,
|
||||
KEYBOX_File_Create_Error = 11,
|
||||
KEYBOX_File_Open_Error = 12,
|
||||
KEYBOX_File_Close_Error = 13,
|
||||
KEYBOX_Nothing_Found = 14,
|
||||
KEYBOX_Wrong_Blob_Type = 15,
|
||||
KEYBOX_Missing_Value = 16,
|
||||
} KeyboxError;
|
||||
|
||||
|
||||
|
||||
typedef struct keybox_handle *KEYBOX_HANDLE;
|
||||
|
||||
@ -115,9 +94,6 @@ void keybox_set_malloc_hooks ( void *(*new_alloc_func)(size_t n),
|
||||
void *(*new_realloc_func)(void *p, size_t n),
|
||||
void (*new_free_func)(void*) );
|
||||
|
||||
/*-- keybox-errors.c (built) --*/
|
||||
const char *keybox_strerror (KeyboxError err);
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
@ -1,3 +1,25 @@
|
||||
2003-06-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Changed all error codes in all files to the new libgpg-error scheme.
|
||||
|
||||
* scdaemon.h: Include gpg-error.h and errno.h
|
||||
* card.c (map_sc_err): Use unknown for the error source.
|
||||
* Makefile.am: Link with libgpg-error
|
||||
|
||||
2003-05-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* atr.c, atr.h: New.
|
||||
* sc-investigate.c: Dump the ATR in a human readable format.
|
||||
|
||||
2003-05-08 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* scdaemon.h (DBG_CARD_IO_VALUE): New.
|
||||
|
||||
* sc-investigate.c: New.
|
||||
* scdaemon.c (main): Removed --print-atr option.
|
||||
|
||||
* iso7816.c, iso7816.h, app-openpgp.c: New.
|
||||
|
||||
2003-04-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* scdaemon.c: New options --print-atr and --reader-port
|
||||
|
@ -1,4 +1,4 @@
|
||||
# Copyright (C) 2002 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2002, 2003 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
@ -21,7 +21,7 @@
|
||||
localedir = $(datadir)/locale
|
||||
INCLUDES = -I../intl -DLOCALEDIR=\"$(localedir)\"
|
||||
|
||||
bin_PROGRAMS = scdaemon
|
||||
bin_PROGRAMS = scdaemon sc-investigate sc-genkey
|
||||
|
||||
AM_CPPFLAGS = -I$(top_srcdir)/common $(OPENSC_CFLAGS) $(LIBGCRYPT_CFLAGS) \
|
||||
$(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS)
|
||||
@ -31,7 +31,37 @@ scdaemon_SOURCES = \
|
||||
command.c card.c \
|
||||
card-common.h \
|
||||
card-p15.c card-dinsig.c \
|
||||
apdu.c apdu.h
|
||||
apdu.c apdu.h \
|
||||
iso7816.c iso7816.h \
|
||||
app-openpgp.c
|
||||
|
||||
scdaemon_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \
|
||||
$(OPENSC_LIBS) $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) -ldl
|
||||
$(OPENSC_LIBS) $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) -lgpg-error -ldl
|
||||
|
||||
sc_investigate_SOURCES = \
|
||||
sc-investigate.c scdaemon.h \
|
||||
apdu.c apdu.h \
|
||||
iso7816.c iso7816.h \
|
||||
app-openpgp.c \
|
||||
atr.c atr.h
|
||||
|
||||
sc_investigate_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \
|
||||
$(LIBGCRYPT_LIBS) -lgpg-error -ldl
|
||||
|
||||
sc_genkey_SOURCES = \
|
||||
sc-genkey.c scdaemon.h \
|
||||
apdu.c apdu.h \
|
||||
iso7816.c iso7816.h \
|
||||
app-openpgp.c \
|
||||
atr.c atr.h
|
||||
|
||||
sc_genkey_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \
|
||||
$(LIBGCRYPT_LIBS) -lgpg-error -ldl
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
253
scd/apdu.c
253
scd/apdu.c
@ -24,6 +24,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <dlfcn.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include "scdaemon.h"
|
||||
#include "apdu.h"
|
||||
@ -243,6 +244,31 @@ open_ct_reader (int port)
|
||||
}
|
||||
|
||||
|
||||
/* Actuall send the APDU of length APDULEN to SLOT and return a
|
||||
maximum of *BUFLEN data in BUFFER, the actual retruned size will be
|
||||
set to BUFLEN. Returns: CT API error code. */
|
||||
static int
|
||||
ct_send_apdu (int slot, unsigned char *apdu, size_t apdulen,
|
||||
unsigned char *buffer, size_t *buflen)
|
||||
{
|
||||
int rc;
|
||||
unsigned char dad[1], sad[1];
|
||||
unsigned short ctbuflen;
|
||||
|
||||
dad[0] = 0; /* Destination address: Card. */
|
||||
sad[0] = 2; /* Source address: Host. */
|
||||
ctbuflen = *buflen;
|
||||
if (DBG_CARD_IO)
|
||||
log_printhex (" CT_data:", apdu, apdulen);
|
||||
rc = CT_data (slot, dad, sad, apdulen, apdu, &ctbuflen, buffer);
|
||||
*buflen = ctbuflen;
|
||||
|
||||
/* FIXME: map the errorcodes to GNUPG ones, so that they can be
|
||||
shared between CTAPI and PCSC. */
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
#endif /*HAVE_CTAPI*/
|
||||
|
||||
|
||||
@ -292,8 +318,235 @@ apdu_open_reader (int port)
|
||||
}
|
||||
|
||||
|
||||
unsigned char *
|
||||
apdu_get_atr (int slot, size_t *atrlen)
|
||||
{
|
||||
char *buf;
|
||||
|
||||
if (slot < 0 || slot >= MAX_READER || !reader_table[slot].used )
|
||||
return NULL;
|
||||
|
||||
buf = xtrymalloc (reader_table[slot].atrlen);
|
||||
if (!buf)
|
||||
return NULL;
|
||||
memcpy (buf, reader_table[slot].atr, reader_table[slot].atrlen);
|
||||
*atrlen = reader_table[slot].atrlen;
|
||||
return buf;
|
||||
}
|
||||
|
||||
|
||||
static const char *
|
||||
error_string (int slot, int rc)
|
||||
{
|
||||
#ifdef HAVE_CTAPI
|
||||
return ct_error_string (rc);
|
||||
#elif defined(HAVE_PCSC)
|
||||
return "?";
|
||||
#else
|
||||
return "?";
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
/* Dispatcher for the actual send_apdu fucntion. */
|
||||
static int
|
||||
send_apdu (int slot, unsigned char *apdu, size_t apdulen,
|
||||
unsigned char *buffer, size_t *buflen)
|
||||
{
|
||||
#ifdef HAVE_CTAPI
|
||||
return ct_send_apdu (slot, apdu, apdulen, buffer, buflen);
|
||||
#elif defined(HAVE_PCSC)
|
||||
return -1;
|
||||
#else
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Send an APDU to the card in SLOT. The APDU is created from all
|
||||
given parameters: CLASS, INS, P0, P1, LC, DATA, LE. A value of -1
|
||||
for LC won't sent this field and the data field; in this case DATA
|
||||
must also be passed as NULL. The return value is the status word
|
||||
or -1 for an invalid SLOT or other non card related error. If
|
||||
RETBUF is not NULL, it will receive an allocated buffer with the
|
||||
returned data. The length of that data will be put into
|
||||
*RETBUFLEN. The caller is reposnible for releasing the buffer even
|
||||
in case of errors. */
|
||||
int
|
||||
apdu_send_le(int slot, int class, int ins, int p0, int p1,
|
||||
int lc, const char *data, int le,
|
||||
unsigned char **retbuf, size_t *retbuflen)
|
||||
{
|
||||
unsigned char result[256+10]; /* 10 extra in case of bugs in the driver. */
|
||||
size_t resultlen = 256;
|
||||
unsigned char apdu[5+256+1];
|
||||
size_t apdulen;
|
||||
int rc, sw;
|
||||
|
||||
if (DBG_CARD_IO)
|
||||
log_debug ("send apdu: c=%02X i=%02X p0=%02X p1=%02X lc=%d le=%d\n",
|
||||
class, ins, p0, p1, lc, le);
|
||||
|
||||
if (lc != -1 && (lc > 255 || lc < 0))
|
||||
return SW_WRONG_LENGTH;
|
||||
if (le != -1 && (le > 256 || le < 1))
|
||||
return SW_WRONG_LENGTH;
|
||||
if ((!data && lc != -1) || (data && lc == -1))
|
||||
return -1;
|
||||
|
||||
apdulen = 0;
|
||||
apdu[apdulen++] = class;
|
||||
apdu[apdulen++] = ins;
|
||||
apdu[apdulen++] = p0;
|
||||
apdu[apdulen++] = p1;
|
||||
if (lc != -1)
|
||||
{
|
||||
apdu[apdulen++] = lc;
|
||||
memcpy (apdu+apdulen, data, lc);
|
||||
apdulen += lc;
|
||||
}
|
||||
if (le != -1)
|
||||
apdu[apdulen++] = le; /* Truncation is okay becuase 0 means 256. */
|
||||
assert (sizeof (apdu) >= apdulen);
|
||||
/* As safeguard don't pass any garbage from the stack to the driver. */
|
||||
memset (apdu+apdulen, 0, sizeof (apdu) - apdulen);
|
||||
rc = send_apdu (slot, apdu, apdulen, result, &resultlen);
|
||||
if (rc || resultlen < 2)
|
||||
{
|
||||
log_error ("apdu_send_simple(%d) failed: %s\n",
|
||||
slot, error_string (slot, rc));
|
||||
return -1;
|
||||
}
|
||||
sw = (result[resultlen-2] << 8) | result[resultlen-1];
|
||||
/* store away the returned data but strip the statusword. */
|
||||
resultlen -= 2;
|
||||
if (DBG_CARD_IO)
|
||||
{
|
||||
log_debug (" response: sw=%04X datalen=%d\n", sw, resultlen);
|
||||
if ( !retbuf && (sw == SW_SUCCESS || (sw & 0xff00) == SW_MORE_DATA))
|
||||
log_printhex (" dump: ", result, resultlen);
|
||||
}
|
||||
|
||||
if (sw == SW_SUCCESS)
|
||||
{
|
||||
if (retbuf)
|
||||
{
|
||||
*retbuf = xtrymalloc (resultlen? resultlen : 1);
|
||||
if (!*retbuf)
|
||||
return -1; /* fixme: this is actually out of core. */
|
||||
*retbuflen = resultlen;
|
||||
memcpy (*retbuf, result, resultlen);
|
||||
}
|
||||
}
|
||||
else if ((sw & 0xff00) == SW_MORE_DATA)
|
||||
{
|
||||
unsigned char *p = NULL, *tmp;
|
||||
size_t bufsize = 4096;
|
||||
|
||||
/* It is likely that we need to return much more data, so we
|
||||
start off with a large buffer. */
|
||||
if (retbuf)
|
||||
{
|
||||
*retbuf = p = xtrymalloc (bufsize);
|
||||
if (!*retbuf)
|
||||
return -1; /* fixme: this is actually out of core. */
|
||||
assert (resultlen < bufsize);
|
||||
memcpy (p, result, resultlen);
|
||||
p += resultlen;
|
||||
}
|
||||
|
||||
do
|
||||
{
|
||||
int len = (sw & 0x00ff);
|
||||
|
||||
log_debug ("apdu_send_simple(%d): %d more bytes available\n",
|
||||
slot, len);
|
||||
apdulen = 0;
|
||||
apdu[apdulen++] = class;
|
||||
apdu[apdulen++] = 0xC0;
|
||||
apdu[apdulen++] = 0;
|
||||
apdu[apdulen++] = 0;
|
||||
apdu[apdulen++] = 64; /* that is 256 bytes for Le */
|
||||
memset (apdu+apdulen, 0, sizeof (apdu) - apdulen);
|
||||
rc = send_apdu (slot, apdu, apdulen, result, &resultlen);
|
||||
if (rc || resultlen < 2)
|
||||
{
|
||||
log_error ("apdu_send_simple(%d) for get response failed: %s\n",
|
||||
slot, error_string (slot, rc));
|
||||
return -1;
|
||||
}
|
||||
sw = (result[resultlen-2] << 8) | result[resultlen-1];
|
||||
resultlen -= 2;
|
||||
if (DBG_CARD_IO)
|
||||
{
|
||||
log_debug (" more: sw=%04X datalen=%d\n", sw, resultlen);
|
||||
if (!retbuf && (sw==SW_SUCCESS || (sw&0xff00)==SW_MORE_DATA))
|
||||
log_printhex (" dump: ", result, resultlen);
|
||||
}
|
||||
|
||||
if ((sw & 0xff00) == SW_MORE_DATA || sw == SW_SUCCESS)
|
||||
{
|
||||
if (retbuf)
|
||||
{
|
||||
if (p - *retbuf + resultlen > bufsize)
|
||||
{
|
||||
bufsize += resultlen > 4096? resultlen: 4096;
|
||||
tmp = xtryrealloc (*retbuf, bufsize);
|
||||
if (!tmp)
|
||||
return -1; /* fixme: actually this is out of core */
|
||||
p = tmp + (p - *retbuf);
|
||||
*retbuf = tmp;
|
||||
}
|
||||
memcpy (p, result, resultlen);
|
||||
p += resultlen;
|
||||
}
|
||||
}
|
||||
else
|
||||
log_info ("apdu_send_simple(%d) "
|
||||
"got unexpected status %04X from get response\n",
|
||||
slot, sw);
|
||||
}
|
||||
while ((sw & 0xff00) == SW_MORE_DATA);
|
||||
|
||||
if (retbuf)
|
||||
{
|
||||
*retbuflen = p - *retbuf;
|
||||
tmp = xtryrealloc (*retbuf, *retbuflen);
|
||||
if (tmp)
|
||||
*retbuf = tmp;
|
||||
}
|
||||
}
|
||||
if (DBG_CARD_IO && retbuf && sw == SW_SUCCESS)
|
||||
log_printhex (" dump: ", *retbuf, *retbuflen);
|
||||
|
||||
return sw;
|
||||
}
|
||||
|
||||
/* Send an APDU to the card in SLOT. The APDU is created from all
|
||||
given parameters: CLASS, INS, P0, P1, LC, DATA. A value of -1 for
|
||||
LC won't sent this field and the data field; in this case DATA must
|
||||
also be passed as NULL. The return value is the status word or -1
|
||||
for an invalid SLOT or other non card related error. If RETBUF is
|
||||
not NULL, it will receive an allocated buffer with the returned
|
||||
data. The length of that data will be put into *RETBUFLEN. The
|
||||
caller is reponsible for releasing the buffer even in case of
|
||||
errors. */
|
||||
int
|
||||
apdu_send(int slot, int class, int ins, int p0, int p1,
|
||||
int lc, const char *data, unsigned char **retbuf, size_t *retbuflen)
|
||||
{
|
||||
return apdu_send_le (slot, class, ins, p0, p1, lc, data, 256,
|
||||
retbuf, retbuflen);
|
||||
}
|
||||
|
||||
/* Send an APDU to the card in SLOT. The APDU is created from all
|
||||
given parameters: CLASS, INS, P0, P1, LC, DATA. A value of -1 for
|
||||
LC won't sent this field and the data field; in this case DATA must
|
||||
also be passed as NULL. The return value is the status word or -1
|
||||
for an invalid SLOT or other non card related error. No data will be
|
||||
returned. */
|
||||
int
|
||||
apdu_send_simple (int slot, int class, int ins, int p0, int p1,
|
||||
int lc, const char *data)
|
||||
{
|
||||
return apdu_send (slot, class, ins, p0, p1, lc, data, NULL, NULL);
|
||||
}
|
||||
|
31
scd/apdu.h
31
scd/apdu.h
@ -1,4 +1,4 @@
|
||||
/* apdu.c - ISO 7816 APDU functions and low level I/O
|
||||
/* apdu.h - ISO 7816 APDU functions and low level I/O
|
||||
* Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
@ -21,9 +21,38 @@
|
||||
#ifndef APDU_H
|
||||
#define APDU_H
|
||||
|
||||
/* ISO 7816 values for the statusword are defined here because they
|
||||
should not be visible to the users of the actual iso command
|
||||
API. */
|
||||
enum {
|
||||
SW_MORE_DATA = 0x6100, /* Note: that the low byte must be
|
||||
masked of.*/
|
||||
SW_EEPROM_FAILURE = 0x6581,
|
||||
SW_WRONG_LENGTH = 0x6700,
|
||||
SW_CHV_WRONG = 0x6982,
|
||||
SW_CHV_BLOCKED = 0x6983,
|
||||
SW_USE_CONDITIONS = 0x6985,
|
||||
SW_BAD_PARAMETER = 0x6a80, /* (in the data field) */
|
||||
SW_REF_NOT_FOUND = 0x6a88,
|
||||
SW_BAD_P0_P1 = 0x6b00,
|
||||
SW_INS_NOT_SUP = 0x6d00,
|
||||
SW_CLA_NOT_SUP = 0x6e00,
|
||||
SW_SUCCESS = 0x9000
|
||||
};
|
||||
|
||||
|
||||
|
||||
int apdu_open_reader (int port);
|
||||
unsigned char *apdu_get_atr (int slot, size_t *atrlen);
|
||||
|
||||
int apdu_send_simple (int slot, int class, int ins, int p0, int p1,
|
||||
int lc, const char *data);
|
||||
int apdu_send (int slot, int class, int ins, int p0, int p1,
|
||||
int lc, const char *data,
|
||||
unsigned char **retbuf, size_t *retbuflen);
|
||||
int apdu_send_le (int slot, int class, int ins, int p0, int p1,
|
||||
int lc, const char *data, int le,
|
||||
unsigned char **retbuf, size_t *retbuflen);
|
||||
|
||||
|
||||
#endif /*APDU_H*/
|
||||
|
@ -59,7 +59,7 @@ struct card_ctx_s {
|
||||
};
|
||||
|
||||
/*-- card.c --*/
|
||||
int map_sc_err (int rc);
|
||||
gpg_error_t map_sc_err (int rc);
|
||||
int card_help_get_keygrip (KsbaCert cert, unsigned char *array);
|
||||
|
||||
/*-- card-15.c --*/
|
||||
|
@ -116,8 +116,9 @@ dinsig_enum_keypairs (CARD card, int idx,
|
||||
cert = ksba_cert_new ();
|
||||
if (!cert)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
xfree (buf);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
krc = ksba_cert_init_from_mem (cert, buf, buflen);
|
||||
@ -127,13 +128,13 @@ dinsig_enum_keypairs (CARD card, int idx,
|
||||
log_error ("failed to parse the certificate at idx %d: %s\n",
|
||||
idx, ksba_strerror (krc));
|
||||
ksba_cert_release (cert);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
if (card_help_get_keygrip (cert, keygrip))
|
||||
{
|
||||
log_error ("failed to calculate the keygrip at index %d\n", idx);
|
||||
ksba_cert_release (cert);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
ksba_cert_release (cert);
|
||||
|
||||
@ -142,7 +143,7 @@ dinsig_enum_keypairs (CARD card, int idx,
|
||||
{
|
||||
*keyid = xtrymalloc (17);
|
||||
if (!*keyid)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
if (!idx)
|
||||
strcpy (*keyid, "DINSIG-DF01.C000");
|
||||
else
|
||||
@ -170,7 +171,7 @@ dinsig_read_cert (CARD card, const char *certidstr,
|
||||
else if (!strcmp (certidstr, "DINSIG-DF01.C200"))
|
||||
sc_format_path ("3F00DF01C200", &path);
|
||||
else
|
||||
return GNUPG_Invalid_Id;
|
||||
return gpg_error (GPG_ERR_INVALID_ID);
|
||||
|
||||
rc = sc_select_file (card->scard, &path, &file);
|
||||
if (rc)
|
||||
@ -183,19 +184,20 @@ dinsig_read_cert (CARD card, const char *certidstr,
|
||||
{
|
||||
log_error ("wrong type or structure of certificate EF\n");
|
||||
sc_file_free (file);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
if (file->size < 20) /* check against a somewhat arbitrary length */
|
||||
{
|
||||
log_error ("certificate EF too short\n");
|
||||
sc_file_free (file);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
buf = xtrymalloc (file->size);
|
||||
if (!buf)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
sc_file_free (file);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
rc = sc_read_binary (card->scard, 0, buf, file->size, 0);
|
||||
@ -204,7 +206,7 @@ dinsig_read_cert (CARD card, const char *certidstr,
|
||||
log_error ("short read on certificate EF\n");
|
||||
sc_file_free (file);
|
||||
xfree (buf);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
sc_file_free (file);
|
||||
if (rc < 0)
|
||||
|
@ -53,7 +53,7 @@ init_private_data (CARD card)
|
||||
|
||||
priv = xtrycalloc (1, sizeof *priv);
|
||||
if (!priv)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
|
||||
/* OpenSC (0.7.0) is a bit strange in that the get_objects functions
|
||||
tries to be a bit too clever and implicitly does an enumeration
|
||||
@ -70,7 +70,7 @@ init_private_data (CARD card)
|
||||
{
|
||||
log_error ("private keys enumeration failed: %s\n", sc_strerror (rc));
|
||||
xfree (priv);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
priv->n_prkey_rsa_objs = rc;
|
||||
|
||||
@ -82,7 +82,7 @@ init_private_data (CARD card)
|
||||
{
|
||||
log_error ("private keys enumeration failed: %s\n", sc_strerror (rc));
|
||||
xfree (priv);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
priv->n_cert_objs = rc;
|
||||
|
||||
@ -136,7 +136,7 @@ p15_enum_keypairs (CARD card, int idx,
|
||||
log_info ("certificate for private key %d not found: %s\n",
|
||||
idx, sc_strerror (rc));
|
||||
/* note, that we return the ID anyway */
|
||||
rc = GNUPG_Missing_Certificate;
|
||||
rc = gpg_error (GPG_ERR_MISSING_CERTIFICATE);
|
||||
goto return_keyid;
|
||||
}
|
||||
certinfo = tmpobj->data;
|
||||
@ -145,14 +145,15 @@ p15_enum_keypairs (CARD card, int idx,
|
||||
{
|
||||
log_info ("failed to read certificate for private key %d: %s\n",
|
||||
idx, sc_strerror (rc));
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
|
||||
cert = ksba_cert_new ();
|
||||
if (!cert)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
sc_pkcs15_free_certificate (certder);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
krc = ksba_cert_init_from_mem (cert, certder->data, certder->data_len);
|
||||
sc_pkcs15_free_certificate (certder);
|
||||
@ -161,13 +162,13 @@ p15_enum_keypairs (CARD card, int idx,
|
||||
log_error ("failed to parse the certificate for private key %d: %s\n",
|
||||
idx, ksba_strerror (krc));
|
||||
ksba_cert_release (cert);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
if (card_help_get_keygrip (cert, keygrip))
|
||||
{
|
||||
log_error ("failed to calculate the keygrip of private key %d\n", idx);
|
||||
ksba_cert_release (cert);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
ksba_cert_release (cert);
|
||||
|
||||
@ -180,7 +181,7 @@ p15_enum_keypairs (CARD card, int idx,
|
||||
|
||||
*keyid = p = xtrymalloc (9+pinfo->id.len*2+1);
|
||||
if (!*keyid)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
p = stpcpy (p, "P15-5015.");
|
||||
for (i=0; i < pinfo->id.len; i++, p += 2)
|
||||
sprintf (p, "%02X", pinfo->id.value[i]);
|
||||
@ -218,7 +219,7 @@ p15_enum_certs (CARD card, int idx, char **certid, int *type)
|
||||
|
||||
*certid = p = xtrymalloc (9+cinfo->id.len*2+1);
|
||||
if (!*certid)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
p = stpcpy (p, "P15-5015.");
|
||||
for (i=0; i < cinfo->id.len; i++, p += 2)
|
||||
sprintf (p, "%02X", cinfo->id.value[i]);
|
||||
@ -251,14 +252,14 @@ idstr_to_id (const char *idstr, struct sc_pkcs15_id *id)
|
||||
|
||||
/* For now we only support the standard DF */
|
||||
if (strncmp (idstr, "P15-5015.", 9) )
|
||||
return GNUPG_Invalid_Id;
|
||||
return gpg_error (GPG_ERR_INVALID_ID);
|
||||
for (s=idstr+9, n=0; hexdigitp (s); s++, n++)
|
||||
;
|
||||
if (*s || (n&1))
|
||||
return GNUPG_Invalid_Id; /* invalid or odd number of digits */
|
||||
return gpg_error (GPG_ERR_INVALID_ID); /*invalid or odd number of digits*/
|
||||
n /= 2;
|
||||
if (!n || n > SC_PKCS15_MAX_ID_SIZE)
|
||||
return GNUPG_Invalid_Id; /* empty or too large */
|
||||
return gpg_error (GPG_ERR_INVALID_ID); /* empty or too large */
|
||||
for (s=idstr+9, n=0; *s; s += 2, n++)
|
||||
id->value[n] = xtoi_2 (s);
|
||||
id->len = n;
|
||||
@ -278,9 +279,9 @@ p15_read_cert (CARD card, const char *certidstr,
|
||||
int rc;
|
||||
|
||||
if (!card || !certidstr || !cert || !ncert)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
if (!card->p15card)
|
||||
return GNUPG_No_PKCS15_App;
|
||||
return gpg_error (GPG_ERR_NO_PKCS15_APP);
|
||||
|
||||
rc = idstr_to_id (certidstr, &certid);
|
||||
if (rc)
|
||||
@ -299,14 +300,15 @@ p15_read_cert (CARD card, const char *certidstr,
|
||||
{
|
||||
log_info ("failed to read certificate '%s': %s\n",
|
||||
certidstr, sc_strerror (rc));
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
|
||||
*cert = xtrymalloc (certder->data_len);
|
||||
if (!*cert)
|
||||
{
|
||||
gpg_error_t tmperr = out_of_core ();
|
||||
sc_pkcs15_free_certificate (certder);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
memcpy (*cert, certder->data, certder->data_len);
|
||||
*ncert = certder->data_len;
|
||||
@ -337,7 +339,7 @@ p15_prepare_key (CARD card, const char *keyidstr,
|
||||
if (rc < 0)
|
||||
{
|
||||
log_error ("private key not found: %s\n", sc_strerror(rc));
|
||||
return GNUPG_No_Secret_Key;
|
||||
return gpg_error (GPG_ERR_NO_SECRET_KEY);
|
||||
}
|
||||
|
||||
rc = sc_pkcs15_find_pin_by_auth_id (card->p15card,
|
||||
@ -345,7 +347,7 @@ p15_prepare_key (CARD card, const char *keyidstr,
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to find PIN by auth ID: %s\n", sc_strerror (rc));
|
||||
return GNUPG_Bad_PIN_Method;
|
||||
return gpg_error (GPG_ERR_BAD_PIN_METHOD);
|
||||
}
|
||||
pin = pinobj->data;
|
||||
|
||||
@ -365,7 +367,7 @@ p15_prepare_key (CARD card, const char *keyidstr,
|
||||
if (rc)
|
||||
{
|
||||
log_info ("PIN verification failed: %s\n", sc_strerror (rc));
|
||||
return GNUPG_Bad_PIN;
|
||||
return gpg_error (GPG_ERR_BAD_PIN);
|
||||
}
|
||||
|
||||
/* fixme: check wheter we need to release KEYOBJ in case of an error */
|
||||
@ -389,7 +391,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo,
|
||||
size_t outbuflen;
|
||||
|
||||
if (hashalgo != GCRY_MD_SHA1)
|
||||
return GNUPG_Unsupported_Algorithm;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
|
||||
rc = p15_prepare_key (card, keyidstr, pincb, pincb_arg, &keyobj);
|
||||
if (rc)
|
||||
@ -400,7 +402,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo,
|
||||
outbuflen = 1024;
|
||||
outbuf = xtrymalloc (outbuflen);
|
||||
if (!outbuf)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
|
||||
rc = sc_pkcs15_compute_signature (card->p15card, keyobj,
|
||||
cryptflags,
|
||||
@ -409,7 +411,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo,
|
||||
if (rc < 0)
|
||||
{
|
||||
log_error ("failed to create signature: %s\n", sc_strerror (rc));
|
||||
rc = GNUPG_Card_Error;
|
||||
rc = gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -462,7 +464,7 @@ p15_decipher (CARD card, const char *keyidstr,
|
||||
outbuflen = indatalen < 256? 256 : indatalen;
|
||||
outbuf = xtrymalloc (outbuflen);
|
||||
if (!outbuf)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
|
||||
rc = sc_pkcs15_decipher (card->p15card, keyobj,
|
||||
0,
|
||||
@ -471,7 +473,7 @@ p15_decipher (CARD card, const char *keyidstr,
|
||||
if (rc < 0)
|
||||
{
|
||||
log_error ("failed to decipher the data: %s\n", sc_strerror (rc));
|
||||
rc = GNUPG_Card_Error;
|
||||
rc = gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
98
scd/card.c
98
scd/card.c
@ -34,23 +34,25 @@
|
||||
#include "card-common.h"
|
||||
|
||||
/* Map the SC error codes to the GNUPG ones */
|
||||
int
|
||||
gpg_error_t
|
||||
map_sc_err (int rc)
|
||||
{
|
||||
gpg_err_code_t e;
|
||||
|
||||
switch (rc)
|
||||
{
|
||||
case 0: rc = 0; break;
|
||||
case 0: e = 0; break;
|
||||
#ifdef HAVE_OPENSC
|
||||
case SC_ERROR_NOT_SUPPORTED: rc = GNUPG_Not_Supported; break;
|
||||
case SC_ERROR_PKCS15_APP_NOT_FOUND: rc = GNUPG_No_PKCS15_App; break;
|
||||
case SC_ERROR_OUT_OF_MEMORY: rc = GNUPG_Out_Of_Core; break;
|
||||
case SC_ERROR_CARD_NOT_PRESENT: rc = GNUPG_Card_Not_Present; break;
|
||||
case SC_ERROR_CARD_REMOVED: rc = GNUPG_Card_Removed; break;
|
||||
case SC_ERROR_INVALID_CARD: rc = GNUPG_Invalid_Card; break;
|
||||
case SC_ERROR_NOT_SUPPORTED: e = GPG_ERR_NOT_SUPPORTED; break;
|
||||
case SC_ERROR_PKCS15_APP_NOT_FOUND: e = GPG_ERR_NO_PKCS15_APP; break;
|
||||
case SC_ERROR_OUT_OF_MEMORY: e = GPG_ERR_ENOMEM; break;
|
||||
case SC_ERROR_CARD_NOT_PRESENT: e = GPG_ERR_CARD_NOT_PRESENT; break;
|
||||
case SC_ERROR_CARD_REMOVED: e = GPG_ERR_CARD_REMOVED; break;
|
||||
case SC_ERROR_INVALID_CARD: e = GPG_ERR_INVALID_CARD; break;
|
||||
#endif
|
||||
default: rc = GNUPG_Card_Error; break;
|
||||
default: e = GPG_ERR_CARD_ERROR; break;
|
||||
}
|
||||
return rc;
|
||||
return gpg_make_error (GPG_ERR_SOURCE_UNKNOWN, e);
|
||||
}
|
||||
|
||||
/* Get the keygrip from CERT, return 0 on success */
|
||||
@ -89,7 +91,7 @@ card_help_get_keygrip (KsbaCert cert, unsigned char *array)
|
||||
information of the card. Detects whgether a PKCS_15 application is
|
||||
stored.
|
||||
|
||||
Common errors: GNUPG_Card_Not_Present */
|
||||
Common errors: GPG_ERR_CARD_NOT_PRESENT */
|
||||
int
|
||||
card_open (CARD *rcard)
|
||||
{
|
||||
@ -99,7 +101,7 @@ card_open (CARD *rcard)
|
||||
|
||||
card = xtrycalloc (1, sizeof *card);
|
||||
if (!card)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
card->reader = 0;
|
||||
|
||||
rc = sc_establish_context (&card->ctx, "scdaemon");
|
||||
@ -112,7 +114,7 @@ card_open (CARD *rcard)
|
||||
if (card->reader >= card->ctx->reader_count)
|
||||
{
|
||||
log_error ("no card reader available\n");
|
||||
rc = GNUPG_Card_Error;
|
||||
rc = gpg_error (GPG_ERR_CARD_ERROR);
|
||||
goto leave;
|
||||
}
|
||||
card->ctx->error_file = log_get_stream ();
|
||||
@ -121,7 +123,7 @@ card_open (CARD *rcard)
|
||||
|
||||
if (sc_detect_card_presence (card->ctx->reader[card->reader], 0) != 1)
|
||||
{
|
||||
rc = GNUPG_Card_Not_Present;
|
||||
rc = gpg_error (GPG_ERR_CARD_NOT_PRESENT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -155,7 +157,7 @@ card_open (CARD *rcard)
|
||||
|
||||
return rc;
|
||||
#else
|
||||
return GNUPG_Not_Supported;
|
||||
return gpg_error (GPG_ERR_NOT_SUPPORTED);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -240,7 +242,7 @@ find_iccsn (const unsigned char *buffer, size_t length, char **serial)
|
||||
|
||||
s = find_simple_tlv (buffer, length, 0x5A, &n);
|
||||
if (!s)
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
length -= s - buffer;
|
||||
if (n > length)
|
||||
{
|
||||
@ -255,14 +257,16 @@ find_iccsn (const unsigned char *buffer, size_t length, char **serial)
|
||||
n--;
|
||||
}
|
||||
else
|
||||
return GNUPG_Card_Error; /* Bad encoding; does not fit into buffer. */
|
||||
return gpg_error (GPG_ERR_CARD_ERROR); /* Bad encoding; does
|
||||
not fit into
|
||||
buffer. */
|
||||
}
|
||||
if (!n)
|
||||
return GNUPG_Card_Error; /* Well, that is too short. */
|
||||
return gpg_error (GPG_ERR_CARD_ERROR); /* Well, that is too short. */
|
||||
|
||||
*serial = p = xtrymalloc (2*n+1);
|
||||
if (!*serial)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
for (; n; n--, p += 2, s++)
|
||||
sprintf (p, "%02X", *s);
|
||||
*p = 0;
|
||||
@ -290,7 +294,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
#endif
|
||||
|
||||
if (!card || !serial || !stamp)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
|
||||
*serial = NULL;
|
||||
*stamp = 0; /* not available */
|
||||
@ -328,21 +332,21 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
if (rc)
|
||||
{
|
||||
log_error ("sc_select_file failed: %s\n", sc_strerror (rc));
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
if (file->type != SC_FILE_TYPE_WORKING_EF
|
||||
|| file->ef_structure != SC_FILE_EF_TRANSPARENT)
|
||||
{
|
||||
log_error ("wrong type or structure of GDO file\n");
|
||||
sc_file_free (file);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
|
||||
if (!file->size || file->size >= DIM(buf) )
|
||||
{ /* FIXME: Use a real parser */
|
||||
log_error ("unsupported size of GDO file (%d)\n", file->size);
|
||||
sc_file_free (file);
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
buflen = file->size;
|
||||
|
||||
@ -351,16 +355,16 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
if (rc < 0)
|
||||
{
|
||||
log_error ("error reading GDO file: %s\n", sc_strerror (rc));
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
if (rc != buflen)
|
||||
{
|
||||
log_error ("short read on GDO file\n");
|
||||
return GNUPG_Card_Error;
|
||||
return gpg_error (GPG_ERR_CARD_ERROR);
|
||||
}
|
||||
|
||||
rc = find_iccsn (buf, buflen, serial);
|
||||
if (rc == GNUPG_Card_Error)
|
||||
if (gpg_err_code (rc) == GPG_ERR_CARD_ERROR)
|
||||
log_error ("invalid structure of GDO file\n");
|
||||
if (!rc && card->p15card && !strcmp (*serial, "D27600000000000000000000"))
|
||||
{ /* This is a German card with a silly serial number. Try to get
|
||||
@ -376,7 +380,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
*serial = NULL;
|
||||
p = xtrymalloc (strlen (efser) + 7);
|
||||
if (!p)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
else
|
||||
{
|
||||
strcpy (p, "FF0100");
|
||||
@ -392,7 +396,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
{
|
||||
xfree (*serial);
|
||||
*serial = NULL;
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -404,7 +408,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
}
|
||||
return rc;
|
||||
#else
|
||||
return GNUPG_Not_Supported;
|
||||
return gpg_error (GPG_ERR_NOT_SUPPORTED);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -415,7 +419,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp)
|
||||
the KEYGRIP of the keypair. If KEYID is not NULL, it returns the
|
||||
ID field of the key in allocated memory; this is a string without
|
||||
spaces. The function returns -1 when all keys have been
|
||||
enumerated. Note that the error GNUPG_Missing_Certificate may be
|
||||
enumerated. Note that the error GPG_ERR_MISSING_CERTIFICATE may be
|
||||
returned if there is just the private key but no public key (ie.e a
|
||||
certificate) available. Applications might want to continue
|
||||
enumerating after this error.*/
|
||||
@ -430,13 +434,13 @@ card_enum_keypairs (CARD card, int idx,
|
||||
*keyid = NULL;
|
||||
|
||||
if (!card || !keygrip)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (idx < 0)
|
||||
return GNUPG_Invalid_Index;
|
||||
return gpg_error (GPG_ERR_INVALID_INDEX);
|
||||
if (!card->fnc.initialized)
|
||||
return GNUPG_Card_Not_Initialized;
|
||||
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
||||
if (!card->fnc.enum_keypairs)
|
||||
return GNUPG_Unsupported_Operation;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||
rc = card->fnc.enum_keypairs (card, idx, keygrip, keyid);
|
||||
if (opt.verbose)
|
||||
log_info ("card operation enum_keypairs result: %s\n",
|
||||
@ -462,13 +466,13 @@ card_enum_certs (CARD card, int idx, char **certid, int *certtype)
|
||||
*certid = NULL;
|
||||
|
||||
if (!card)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (idx < 0)
|
||||
return GNUPG_Invalid_Index;
|
||||
return gpg_error (GPG_ERR_INVALID_INDEX);
|
||||
if (!card->fnc.initialized)
|
||||
return GNUPG_Card_Not_Initialized;
|
||||
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
||||
if (!card->fnc.enum_certs)
|
||||
return GNUPG_Unsupported_Operation;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||
rc = card->fnc.enum_certs (card, idx, certid, certtype);
|
||||
if (opt.verbose)
|
||||
log_info ("card operation enum_certs result: %s\n",
|
||||
@ -489,11 +493,11 @@ card_read_cert (CARD card, const char *certidstr,
|
||||
int rc;
|
||||
|
||||
if (!card || !certidstr || !cert || !ncert)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (!card->fnc.initialized)
|
||||
return GNUPG_Card_Not_Initialized;
|
||||
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
||||
if (!card->fnc.read_cert)
|
||||
return GNUPG_Unsupported_Operation;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||
rc = card->fnc.read_cert (card, certidstr, cert, ncert);
|
||||
if (opt.verbose)
|
||||
log_info ("card operation read_cert result: %s\n", gnupg_strerror (rc));
|
||||
@ -514,11 +518,11 @@ card_sign (CARD card, const char *keyidstr, int hashalgo,
|
||||
int rc;
|
||||
|
||||
if (!card || !indata || !indatalen || !outdata || !outdatalen || !pincb)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (!card->fnc.initialized)
|
||||
return GNUPG_Card_Not_Initialized;
|
||||
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
||||
if (!card->fnc.sign)
|
||||
return GNUPG_Unsupported_Operation;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||
rc = card->fnc.sign (card, keyidstr, hashalgo,
|
||||
pincb, pincb_arg,
|
||||
indata, indatalen,
|
||||
@ -542,11 +546,11 @@ card_decipher (CARD card, const char *keyidstr,
|
||||
int rc;
|
||||
|
||||
if (!card || !indata || !indatalen || !outdata || !outdatalen || !pincb)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (!card->fnc.initialized)
|
||||
return GNUPG_Card_Not_Initialized;
|
||||
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
||||
if (!card->fnc.decipher)
|
||||
return GNUPG_Unsupported_Operation;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||
rc = card->fnc.decipher (card, keyidstr,
|
||||
pincb, pincb_arg,
|
||||
indata, indatalen,
|
||||
|
@ -233,7 +233,7 @@ cmd_learn (ASSUAN_CONTEXT ctx, char *line)
|
||||
|
||||
buf = xtrymalloc (40 + 1 + strlen (certid) + 1);
|
||||
if (!buf)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
else
|
||||
{
|
||||
sprintf (buf, "%d %s", certtype, certid);
|
||||
@ -255,7 +255,7 @@ cmd_learn (ASSUAN_CONTEXT ctx, char *line)
|
||||
int no_cert = 0;
|
||||
|
||||
rc = card_enum_keypairs (ctrl->card_ctx, idx, keygrip, &keyid);
|
||||
if (rc == GNUPG_Missing_Certificate && keyid)
|
||||
if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT && keyid)
|
||||
{
|
||||
/* this does happen with an incomplete personalized
|
||||
card; i.e. during the time we have stored the key on the
|
||||
@ -271,7 +271,7 @@ cmd_learn (ASSUAN_CONTEXT ctx, char *line)
|
||||
|
||||
buf = p = xtrymalloc (40 + 1 + strlen (keyid) + 1);
|
||||
if (!buf)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = out_of_core ();
|
||||
else
|
||||
{
|
||||
int i;
|
||||
@ -358,8 +358,8 @@ cmd_readkey (ASSUAN_CONTEXT ctx, char *line)
|
||||
kc = ksba_cert_new ();
|
||||
if (!kc)
|
||||
{
|
||||
rc = out_of_core ();
|
||||
xfree (cert);
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
goto leave;
|
||||
}
|
||||
rc = ksba_cert_init_from_mem (kc, cert, ncert);
|
||||
@ -373,7 +373,7 @@ cmd_readkey (ASSUAN_CONTEXT ctx, char *line)
|
||||
p = ksba_cert_get_public_key (kc);
|
||||
if (!p)
|
||||
{
|
||||
rc = GNUPG_No_Public_Key;
|
||||
rc = gpg_error (GPG_ERR_NO_PUBKEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -439,7 +439,7 @@ pin_cb (void *opaque, const char *info, char **retstr)
|
||||
|
||||
rc = asprintf (&command, "NEEDPIN %s", info);
|
||||
if (rc < 0)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return out_of_core ();
|
||||
|
||||
/* FIXME: Write an inquire function which returns the result in
|
||||
secure memory */
|
||||
@ -452,7 +452,7 @@ pin_cb (void *opaque, const char *info, char **retstr)
|
||||
{
|
||||
/* We require that the returned value is an UTF-8 string */
|
||||
xfree (value);
|
||||
return GNUPG_Invalid_Response;
|
||||
return gpg_error (GPG_ERR_INVALID_RESPONSE);
|
||||
}
|
||||
*retstr = value;
|
||||
return 0;
|
||||
|
@ -69,7 +69,6 @@ enum cmd_and_opt_values
|
||||
oDaemon,
|
||||
oBatch,
|
||||
oReaderPort,
|
||||
oPrintATR,
|
||||
|
||||
aTest };
|
||||
|
||||
@ -93,7 +92,6 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oNoDetach, "no-detach" ,0, N_("do not detach from the console")},
|
||||
{ oLogFile, "log-file" ,2, N_("use a log file for the server")},
|
||||
{ oReaderPort, "reader-port", 1, N_("|N|connect to reader at port N")},
|
||||
{ oPrintATR, "print-atr", 0, N_("print ATR and exit")},
|
||||
|
||||
{0}
|
||||
};
|
||||
@ -233,9 +231,6 @@ main (int argc, char **argv )
|
||||
char *logfile = NULL;
|
||||
int debug_wait = 0;
|
||||
int reader_port = 32768; /* First USB reader. */
|
||||
int print_atr = 0;
|
||||
|
||||
|
||||
|
||||
set_strusage (my_strusage);
|
||||
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
|
||||
@ -371,7 +366,6 @@ main (int argc, char **argv )
|
||||
case oDaemon: is_daemon = 1; break;
|
||||
|
||||
case oReaderPort: reader_port = pargs.r.ret_int; break;
|
||||
case oPrintATR: print_atr = 1; break;
|
||||
|
||||
default : pargs.err = configfp? 1:2; break;
|
||||
}
|
||||
@ -410,12 +404,6 @@ main (int argc, char **argv )
|
||||
}
|
||||
|
||||
|
||||
if (print_atr)
|
||||
{
|
||||
apdu_open_reader (reader_port);
|
||||
scd_exit (0);
|
||||
}
|
||||
|
||||
if (debug_wait && pipe_server)
|
||||
{
|
||||
log_debug ("waiting for debugger - my pid is %u .....\n",
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* scdaemon.h - Global definitions for the SCdaemon
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -21,11 +21,27 @@
|
||||
#ifndef SCDAEMON_H
|
||||
#define SCDAEMON_H
|
||||
|
||||
#ifdef GPG_ERR_SOURCE_DEFAULT
|
||||
#error GPG_ERR_SOURCE_DEFAULT already defined
|
||||
#endif
|
||||
#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_SCD
|
||||
#include <gpg-error.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <time.h>
|
||||
#include <gcrypt.h>
|
||||
#include "../common/util.h"
|
||||
#include "../common/errors.h"
|
||||
|
||||
/* Convenience funcion to be used instead of returning the old
|
||||
GNUPG_Out_Of_Core. */
|
||||
static __inline__ gpg_error_t
|
||||
out_of_core (void)
|
||||
{
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
}
|
||||
|
||||
|
||||
#define MAX_DIGEST_LEN 24
|
||||
|
||||
/* A large struct name "opt" to keep global flags */
|
||||
@ -48,6 +64,7 @@ struct {
|
||||
#define DBG_MEMSTAT_VALUE 128 /* show memory statistics */
|
||||
#define DBG_HASHING_VALUE 512 /* debug hashing operations */
|
||||
#define DBG_ASSUAN_VALUE 1024
|
||||
#define DBG_CARD_IO_VALUE 2048
|
||||
|
||||
#define DBG_COMMAND (opt.debug & DBG_COMMAND_VALUE)
|
||||
#define DBG_CRYPTO (opt.debug & DBG_CRYPTO_VALUE)
|
||||
@ -55,6 +72,7 @@ struct {
|
||||
#define DBG_CACHE (opt.debug & DBG_CACHE_VALUE)
|
||||
#define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
|
||||
#define DBG_ASSUAN (opt.debug & DBG_ASSUAN_VALUE)
|
||||
#define DBG_CARD_IO (opt.debug & DBG_CARD_IO_VALUE)
|
||||
|
||||
struct server_local_s;
|
||||
struct card_ctx_s;
|
||||
|
@ -1,3 +1,10 @@
|
||||
2003-06-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Changed all error codes in all files to the new libgpg-error scheme.
|
||||
|
||||
* gpgsm.h: Include gpg-error.h .
|
||||
* Makefile.am: Link with libgpg-error.
|
||||
|
||||
2003-04-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* Makefile.am: Use libassuan. Don't override LDFLAGS anymore.
|
||||
|
@ -51,6 +51,4 @@ gpgsm_SOURCES = \
|
||||
|
||||
|
||||
gpgsm_LDADD = ../jnlib/libjnlib.a ../kbx/libkeybox.a ../common/libcommon.a \
|
||||
$(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(KSBA_LIBS)
|
||||
|
||||
|
||||
$(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(KSBA_LIBS) -lgpg-error
|
14
sm/base64.c
14
sm/base64.c
@ -1,5 +1,5 @@
|
||||
/* base64.c
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -482,7 +482,7 @@ base64_finish_write (struct writer_cb_parm_s *parm)
|
||||
fputs (parm->pem_name, fp);
|
||||
fputs ("-----\n", fp);
|
||||
}
|
||||
return ferror (fp)? GNUPG_Write_Error : 0;
|
||||
return ferror (fp)? gpg_error (gpg_err_code_from_errno (errno)) : 0;
|
||||
}
|
||||
|
||||
|
||||
@ -504,13 +504,13 @@ gpgsm_create_reader (Base64Context *ctx,
|
||||
*r_reader = NULL;
|
||||
*ctx = xtrycalloc (1, sizeof **ctx);
|
||||
if (!*ctx)
|
||||
return seterr (Out_Of_Core);
|
||||
return OUT_OF_CORE (errno);
|
||||
|
||||
r = ksba_reader_new ();
|
||||
if (!r)
|
||||
{
|
||||
xfree (*ctx); *ctx = NULL;
|
||||
return seterr (Out_Of_Core);
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
}
|
||||
|
||||
(*ctx)->u.rparm.fp = fp;
|
||||
@ -569,13 +569,13 @@ gpgsm_create_writer (Base64Context *ctx,
|
||||
*r_writer = NULL;
|
||||
*ctx = xtrycalloc (1, sizeof **ctx);
|
||||
if (!*ctx)
|
||||
return seterr (Out_Of_Core);
|
||||
return OUT_OF_CORE (errno);
|
||||
|
||||
w = ksba_writer_new ();
|
||||
if (!w)
|
||||
{
|
||||
xfree (*ctx); *ctx = NULL;
|
||||
return seterr (Out_Of_Core);
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
}
|
||||
|
||||
if (ctrl->create_pem || ctrl->create_base64)
|
||||
@ -607,7 +607,7 @@ gpgsm_finish_writer (Base64Context ctx)
|
||||
struct writer_cb_parm_s *parm;
|
||||
|
||||
if (!ctx)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
parm = &ctx->u.wparm;
|
||||
if (parm->did_finish)
|
||||
return 0; /* already done */
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* call-agent.c - divert operations to the agent
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -30,9 +30,9 @@
|
||||
#ifdef HAVE_LOCALE_H
|
||||
#include <locale.h>
|
||||
#endif
|
||||
#include <assuan.h>
|
||||
|
||||
#include "gpgsm.h"
|
||||
#include "../assuan/assuan.h"
|
||||
#include "i18n.h"
|
||||
#include "keydb.h" /* fixme: Move this to import.c */
|
||||
|
||||
@ -159,8 +159,9 @@ start_agent (void)
|
||||
|
||||
if (fflush (NULL))
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error flushing pending output: %s\n", strerror (errno));
|
||||
return seterr (Write_Error);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
if (!opt.agent_program || !*opt.agent_program)
|
||||
@ -224,7 +225,7 @@ start_agent (void)
|
||||
if (rc)
|
||||
{
|
||||
log_error ("can't connect to the agent: %s\n", assuan_strerror (rc));
|
||||
return seterr (No_Agent);
|
||||
return gpg_error (GPG_ERR_NO_AGENT);
|
||||
}
|
||||
agent_ctx = ctx;
|
||||
|
||||
@ -241,7 +242,7 @@ start_agent (void)
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION display=%s",
|
||||
opt.display ? opt.display : dft_display) < 0)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
free (optstr);
|
||||
@ -259,7 +260,7 @@ start_agent (void)
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION ttyname=%s",
|
||||
opt.ttyname ? opt.ttyname : dft_ttyname) < 0)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
free (optstr);
|
||||
@ -272,7 +273,7 @@ start_agent (void)
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION ttytype=%s",
|
||||
opt.ttyname ? opt.ttytype : dft_ttytype) < 0)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
NULL);
|
||||
free (optstr);
|
||||
@ -285,7 +286,7 @@ start_agent (void)
|
||||
{
|
||||
old_lc = strdup (old_lc);
|
||||
if (!old_lc)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
}
|
||||
dft_lc = setlocale (LC_CTYPE, "");
|
||||
#endif
|
||||
@ -294,7 +295,7 @@ start_agent (void)
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION lc-ctype=%s",
|
||||
opt.lc_ctype ? opt.lc_ctype : dft_lc) < 0)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = OUT_OF_CORE (errno);
|
||||
else
|
||||
{
|
||||
rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
@ -319,7 +320,7 @@ start_agent (void)
|
||||
{
|
||||
old_lc = strdup (old_lc);
|
||||
if (!old_lc)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
}
|
||||
dft_lc = setlocale (LC_MESSAGES, "");
|
||||
#endif
|
||||
@ -328,7 +329,7 @@ start_agent (void)
|
||||
char *optstr;
|
||||
if (asprintf (&optstr, "OPTION lc-messages=%s",
|
||||
opt.lc_messages ? opt.lc_messages : dft_lc) < 0)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = OUT_OF_CORE (errno);
|
||||
else
|
||||
{
|
||||
rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
||||
@ -381,7 +382,7 @@ gpgsm_agent_pksign (const char *keygrip,
|
||||
return rc;
|
||||
|
||||
if (digestlen*2 + 50 > DIM(line))
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
|
||||
rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL);
|
||||
if (rc)
|
||||
@ -414,10 +415,10 @@ gpgsm_agent_pksign (const char *keygrip,
|
||||
if (!gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL))
|
||||
{
|
||||
xfree (*r_buf); *r_buf = NULL;
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
}
|
||||
|
||||
return *r_buf? 0 : GNUPG_Out_Of_Core;
|
||||
return *r_buf? 0 : OUT_OF_CORE (errno);
|
||||
}
|
||||
|
||||
|
||||
@ -454,12 +455,12 @@ gpgsm_agent_pkdecrypt (const char *keygrip,
|
||||
size_t ciphertextlen;
|
||||
|
||||
if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
*r_buf = NULL;
|
||||
|
||||
ciphertextlen = gcry_sexp_canon_len (ciphertext, 0, NULL, NULL);
|
||||
if (!ciphertextlen)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
rc = start_agent ();
|
||||
if (rc)
|
||||
@ -492,16 +493,17 @@ gpgsm_agent_pkdecrypt (const char *keygrip,
|
||||
put_membuf (&data, "", 1); /* make sure it is 0 terminated */
|
||||
buf = get_membuf (&data, &len);
|
||||
if (!buf)
|
||||
return seterr (Out_Of_Core);
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
/* FIXME: We would better a return a full S-exp and not just a part */
|
||||
assert (len);
|
||||
len--; /* remove the terminating 0 */
|
||||
n = strtoul (buf, &endp, 10);
|
||||
if (!n || *endp != ':')
|
||||
return seterr (Invalid_Sexp);
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
endp++;
|
||||
if (endp-buf+n > len)
|
||||
return seterr (Invalid_Sexp); /* oops len does not match internal len*/
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP); /* oops len does not
|
||||
match internal len*/
|
||||
memmove (buf, endp, n);
|
||||
*r_buflen = n;
|
||||
*r_buf = buf;
|
||||
@ -550,7 +552,7 @@ gpgsm_agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey)
|
||||
gk_parm.sexp = keyparms;
|
||||
gk_parm.sexplen = gcry_sexp_canon_len (keyparms, 0, NULL, NULL);
|
||||
if (!gk_parm.sexplen)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
rc = assuan_transact (agent_ctx, "GENKEY",
|
||||
membuf_data_cb, &data,
|
||||
inq_genkey_parms, &gk_parm, NULL, NULL);
|
||||
@ -561,11 +563,11 @@ gpgsm_agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey)
|
||||
}
|
||||
buf = get_membuf (&data, &len);
|
||||
if (!buf)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
if (!gcry_sexp_canon_len (buf, len, NULL, NULL))
|
||||
{
|
||||
xfree (buf);
|
||||
return GNUPG_Invalid_Sexp;
|
||||
return gpg_error (GPG_ERR_INVALID_SEXP);
|
||||
}
|
||||
*r_pubkey = buf;
|
||||
return 0;
|
||||
@ -589,7 +591,7 @@ gpgsm_agent_istrusted (KsbaCert cert)
|
||||
if (!fpr)
|
||||
{
|
||||
log_error ("error getting the fingerprint\n");
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
snprintf (line, DIM(line)-1, "ISTRUSTED %s", fpr);
|
||||
@ -616,14 +618,14 @@ gpgsm_agent_marktrusted (KsbaCert cert)
|
||||
if (!fpr)
|
||||
{
|
||||
log_error ("error getting the fingerprint\n");
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
dn = ksba_cert_get_issuer (cert, 0);
|
||||
if (!dn)
|
||||
{
|
||||
xfree (fpr);
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
snprintf (line, DIM(line)-1, "MARKTRUSTED %s S %s", fpr, dn);
|
||||
line[DIM(line)-1] = 0;
|
||||
@ -649,7 +651,7 @@ gpgsm_agent_havekey (const char *hexkeygrip)
|
||||
return rc;
|
||||
|
||||
if (!hexkeygrip || strlen (hexkeygrip) != 40)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
snprintf (line, DIM(line)-1, "HAVEKEY %s", hexkeygrip);
|
||||
line[DIM(line)-1] = 0;
|
||||
@ -680,7 +682,7 @@ learn_cb (void *opaque, const void *buffer, size_t length)
|
||||
buf = get_membuf (parm->data, &len);
|
||||
if (!buf)
|
||||
{
|
||||
parm->error = GNUPG_Out_Of_Core;
|
||||
parm->error = gpg_error (GPG_ERR_ENOMEM);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -689,7 +691,7 @@ learn_cb (void *opaque, const void *buffer, size_t length)
|
||||
cert = ksba_cert_new ();
|
||||
if (!cert)
|
||||
{
|
||||
parm->error = GNUPG_Out_Of_Core;
|
||||
parm->error = gpg_error (GPG_ERR_ENOMEM);
|
||||
return 0;
|
||||
}
|
||||
rc = ksba_cert_init_from_mem (cert, buf, len);
|
||||
@ -702,7 +704,7 @@ learn_cb (void *opaque, const void *buffer, size_t length)
|
||||
}
|
||||
|
||||
rc = gpgsm_basic_cert_check (cert);
|
||||
if (rc == GNUPG_Missing_Certificate)
|
||||
if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT)
|
||||
{ /* For later use we store it in the ephemeral database. */
|
||||
log_info ("issuer certificate missing - storing as ephemeral\n");
|
||||
keydb_store_cert (cert, 1, NULL);
|
||||
@ -766,7 +768,7 @@ gpgsm_agent_passwd (const char *hexkeygrip)
|
||||
return rc;
|
||||
|
||||
if (!hexkeygrip || strlen (hexkeygrip) != 40)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
snprintf (line, DIM(line)-1, "PASSWD %s", hexkeygrip);
|
||||
line[DIM(line)-1] = 0;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* call-dirmngr.c - communication with the dromngr
|
||||
* Copyright (C) 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -29,9 +29,9 @@
|
||||
#include <ctype.h>
|
||||
|
||||
#include <gcrypt.h>
|
||||
#include <assuan.h>
|
||||
|
||||
#include "gpgsm.h"
|
||||
#include "../assuan/assuan.h"
|
||||
#include "i18n.h"
|
||||
|
||||
struct membuf {
|
||||
@ -154,8 +154,9 @@ start_dirmngr (void)
|
||||
|
||||
if (fflush (NULL))
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("error flushing pending output: %s\n", strerror (errno));
|
||||
return seterr (Write_Error);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
if (!opt.dirmngr_program || !*opt.dirmngr_program)
|
||||
@ -219,7 +220,7 @@ start_dirmngr (void)
|
||||
if (rc)
|
||||
{
|
||||
log_error ("can't connect to the dirmngr: %s\n", assuan_strerror (rc));
|
||||
return seterr (No_Dirmngr);
|
||||
return gpg_error (GPG_ERR_NO_DIRMNGR);
|
||||
}
|
||||
dirmngr_ctx = ctx;
|
||||
|
||||
@ -284,9 +285,9 @@ inq_certificate (void *opaque, const char *line)
|
||||
/* Call the directory manager to check whether the certificate is valid
|
||||
Returns 0 for valid or usually one of the errors:
|
||||
|
||||
GNUPG_Certificate_Revoked
|
||||
GNUPG_No_CRL_Known
|
||||
GNUPG_CRL_Too_Old
|
||||
GPG_ERR_CERTIFICATE_REVOKED
|
||||
GPG_ERR NO_CRL_KNOWN
|
||||
GPG_ERR_CRL_TOO_OLD
|
||||
*/
|
||||
int
|
||||
gpgsm_dirmngr_isvalid (KsbaCert cert)
|
||||
@ -304,7 +305,7 @@ gpgsm_dirmngr_isvalid (KsbaCert cert)
|
||||
if (!certid)
|
||||
{
|
||||
log_error ("error getting the certificate ID\n");
|
||||
return seterr (General_Error);
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
if (opt.verbose > 1)
|
||||
@ -352,14 +353,14 @@ lookup_cb (void *opaque, const void *buffer, size_t length)
|
||||
buf = get_membuf (&parm->data, &len);
|
||||
if (!buf)
|
||||
{
|
||||
parm->error = GNUPG_Out_Of_Core;
|
||||
parm->error = gpg_error (GPG_ERR_ENOMEM);
|
||||
return 0;
|
||||
}
|
||||
|
||||
cert = ksba_cert_new ();
|
||||
if (!cert)
|
||||
{
|
||||
parm->error = GNUPG_Out_Of_Core;
|
||||
parm->error = gpg_error (GPG_ERR_ENOMEM);
|
||||
return 0;
|
||||
}
|
||||
rc = ksba_cert_init_from_mem (cert, buf, len);
|
||||
@ -475,7 +476,7 @@ gpgsm_dirmngr_lookup (CTRL ctrl, STRLIST names,
|
||||
|
||||
pattern = pattern_from_strlist (names);
|
||||
if (!pattern)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
snprintf (line, DIM(line)-1, "LOOKUP %s", pattern);
|
||||
line[DIM(line)-1] = 0;
|
||||
xfree (pattern);
|
||||
@ -598,7 +599,7 @@ gpgsm_dirmngr_run_command (CTRL ctrl, const char *command,
|
||||
len += 1 + 3*strlen (argv[i]); /* enough space for percent escaping */
|
||||
line = xtrymalloc (len);
|
||||
if (!line)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
|
||||
p = stpcpy (line, command);
|
||||
for (i=0; i < argc; i++)
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* certchain.c - certificate chain validation
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -58,7 +58,7 @@ unknown_criticals (KsbaCert cert)
|
||||
{
|
||||
log_error (_("critical certificate extension %s is not supported\n"),
|
||||
oid);
|
||||
rc = GNUPG_Unsupported_Certificate;
|
||||
rc = gpg_error (GPG_ERR_UNSUPPORTED_CERT);
|
||||
}
|
||||
}
|
||||
if (err && err != -1)
|
||||
@ -79,7 +79,7 @@ allowed_ca (KsbaCert cert, int *chainlen)
|
||||
if (!flag)
|
||||
{
|
||||
log_error (_("issuer certificate is not marked as a CA\n"));
|
||||
return GNUPG_Bad_CA_Certificate;
|
||||
return gpg_error (GPG_ERR_BAD_CA_CERT);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@ -116,7 +116,7 @@ check_cert_policy (KsbaCert cert)
|
||||
if (any_critical)
|
||||
{
|
||||
log_error ("critical marked policy without configured policies\n");
|
||||
return GNUPG_No_Policy_Match;
|
||||
return gpg_error (GPG_ERR_NO_POLICY_MATCH);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@ -127,7 +127,7 @@ check_cert_policy (KsbaCert cert)
|
||||
log_error ("failed to open `%s': %s\n",
|
||||
opt.policy_file, strerror (errno));
|
||||
xfree (policies);
|
||||
return GNUPG_No_Policy_Match;
|
||||
return gpg_error (GPG_ERR_NO_POLICY_MATCH);
|
||||
}
|
||||
|
||||
for (;;)
|
||||
@ -141,6 +141,8 @@ check_cert_policy (KsbaCert cert)
|
||||
{
|
||||
if (!fgets (line, DIM(line)-1, fp) )
|
||||
{
|
||||
gpg_error_t tmperr;
|
||||
|
||||
xfree (policies);
|
||||
if (feof (fp))
|
||||
{
|
||||
@ -152,10 +154,11 @@ check_cert_policy (KsbaCert cert)
|
||||
return 0;
|
||||
}
|
||||
log_error (_("certificate policy not allowed\n"));
|
||||
return GNUPG_No_Policy_Match;
|
||||
return gpg_error (GPG_ERR_NO_POLICY_MATCH);
|
||||
}
|
||||
tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
fclose (fp);
|
||||
return GNUPG_Read_Error;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
if (!*line || line[strlen(line)-1] != '\n')
|
||||
@ -165,7 +168,8 @@ check_cert_policy (KsbaCert cert)
|
||||
;
|
||||
fclose (fp);
|
||||
xfree (policies);
|
||||
return *line? GNUPG_Line_Too_Long: GNUPG_Incomplete_Line;
|
||||
return gpg_error (*line? GPG_ERR_LINE_TOO_LONG
|
||||
: GPG_ERR_INCOMPLETE_LINE);
|
||||
}
|
||||
|
||||
/* Allow for empty lines and spaces */
|
||||
@ -182,7 +186,7 @@ check_cert_policy (KsbaCert cert)
|
||||
{
|
||||
fclose (fp);
|
||||
xfree (policies);
|
||||
return GNUPG_Configuration_Error;
|
||||
return gpg_error (GPG_ERR_CONFIGURATION_ERROR);
|
||||
}
|
||||
*p = 0; /* strip the rest of the line */
|
||||
/* See whether we find ALLOWED (which is an OID) in POLICIES */
|
||||
@ -288,7 +292,7 @@ find_up (KEYDB_HANDLE kh, KsbaCert cert, const char *issuer)
|
||||
|
||||
pattern = xtrymalloc (strlen (s)+2);
|
||||
if (!pattern)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
strcpy (stpcpy (pattern, "/"), s);
|
||||
add_to_strlist (&names, pattern);
|
||||
xfree (pattern);
|
||||
@ -332,7 +336,7 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next)
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -341,13 +345,13 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next)
|
||||
if (!issuer)
|
||||
{
|
||||
log_error ("no issuer found in certificate\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
if (!subject)
|
||||
{
|
||||
log_error ("no subject found in certificate\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -364,7 +368,7 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next)
|
||||
print an error here */
|
||||
if (rc != -1 && opt.verbose > 1)
|
||||
log_error ("failed to find issuer's certificate: rc=%d\n", rc);
|
||||
rc = GNUPG_Missing_Certificate;
|
||||
rc = gpg_error (GPG_ERR_MISSING_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -372,7 +376,7 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next)
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to get cert: rc=%d\n", rc);
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
leave:
|
||||
@ -431,7 +435,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -451,7 +455,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (!issuer)
|
||||
{
|
||||
log_error ("no issuer found in certificate\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -463,7 +467,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (not_before == (time_t)(-1) || not_after == (time_t)(-1))
|
||||
{
|
||||
log_error ("certificate with invalid validity\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -480,7 +484,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
log_error ("certificate too young; valid from ");
|
||||
gpgsm_dump_time (not_before);
|
||||
log_printf ("\n");
|
||||
rc = GNUPG_Certificate_Too_Young;
|
||||
rc = gpg_error (GPG_ERR_CERT_TOO_YOUNG);
|
||||
goto leave;
|
||||
}
|
||||
if (not_after && current_time > not_after)
|
||||
@ -499,7 +503,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (!opt.no_policy_check)
|
||||
{
|
||||
rc = check_cert_policy (subject_cert);
|
||||
if (rc == GNUPG_No_Policy_Match)
|
||||
if (gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH)
|
||||
{
|
||||
any_no_policy_match = 1;
|
||||
rc = 1;
|
||||
@ -515,15 +519,15 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
{
|
||||
switch (rc)
|
||||
{
|
||||
case GNUPG_Certificate_Revoked:
|
||||
case GPG_ERR_CERT_REVOKED:
|
||||
log_error (_("the certificate has been revoked\n"));
|
||||
any_revoked = 1;
|
||||
break;
|
||||
case GNUPG_No_CRL_Known:
|
||||
case GPG_ERR_NO_CRL_KNOWN:
|
||||
log_error (_("no CRL found for certificate\n"));
|
||||
any_no_crl = 1;
|
||||
break;
|
||||
case GNUPG_CRL_Too_Old:
|
||||
case GPG_ERR_CRL_TOO_OLD:
|
||||
log_error (_("the available CRL is too old\n"));
|
||||
log_info (_("please make sure that the "
|
||||
"\"dirmngr\" is properly installed\n"));
|
||||
@ -531,7 +535,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
break;
|
||||
default:
|
||||
log_error (_("checking the CRL failed: %s\n"),
|
||||
gnupg_strerror (rc));
|
||||
gpg_strerror (rc));
|
||||
goto leave;
|
||||
}
|
||||
rc = 0;
|
||||
@ -543,7 +547,8 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (gpgsm_check_cert_sig (subject_cert, subject_cert) )
|
||||
{
|
||||
log_error ("selfsigned certificate has a BAD signatures\n");
|
||||
rc = depth? GNUPG_Bad_Certificate_Chain : GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (depth? GPG_ERR_BAD_CERT_CHAIN
|
||||
: GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
rc = allowed_ca (subject_cert, NULL);
|
||||
@ -553,7 +558,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
rc = gpgsm_agent_istrusted (subject_cert);
|
||||
if (!rc)
|
||||
;
|
||||
else if (rc == GNUPG_Not_Trusted)
|
||||
else if (gpg_err_code (rc) == GPG_ERR_NOT_TRUSTED)
|
||||
{
|
||||
int rc2;
|
||||
|
||||
@ -590,7 +595,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (depth > maxdepth)
|
||||
{
|
||||
log_error (_("certificate chain too long\n"));
|
||||
rc = GNUPG_Bad_Certificate_Chain;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -607,7 +612,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
}
|
||||
else
|
||||
log_error ("failed to find issuer's certificate: rc=%d\n", rc);
|
||||
rc = GNUPG_Missing_Certificate;
|
||||
rc = gpg_error (GPG_ERR_MISSING_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -616,7 +621,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to get cert: rc=%d\n", rc);
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -629,7 +634,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
if (gpgsm_check_cert_sig (issuer_cert, subject_cert) )
|
||||
{
|
||||
log_error ("certificate has a BAD signatures\n");
|
||||
rc = GNUPG_Bad_Certificate_Chain;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -642,7 +647,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
{
|
||||
log_error (_("certificate chain longer than allowed by CA (%d)\n"),
|
||||
chainlen);
|
||||
rc = GNUPG_Bad_Certificate_Chain;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN);
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -672,15 +677,15 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
|
||||
{ /* If we encountered an error somewhere during the checks, set
|
||||
the error code to the most critical one */
|
||||
if (any_revoked)
|
||||
rc = GNUPG_Certificate_Revoked;
|
||||
rc = gpg_error (GPG_ERR_CERT_REVOKED);
|
||||
else if (any_no_crl)
|
||||
rc = GNUPG_No_CRL_Known;
|
||||
rc = gpg_error (GPG_ERR_NO_CRL_KNOWN);
|
||||
else if (any_crl_too_old)
|
||||
rc = GNUPG_CRL_Too_Old;
|
||||
rc = gpg_error (GPG_ERR_CRL_TOO_OLD);
|
||||
else if (any_no_policy_match)
|
||||
rc = GNUPG_No_Policy_Match;
|
||||
rc = gpg_error (GPG_ERR_NO_POLICY_MATCH);
|
||||
else if (any_expired)
|
||||
rc = GNUPG_Certificate_Expired;
|
||||
rc = gpg_error (GPG_ERR_CERT_EXPIRED);
|
||||
}
|
||||
|
||||
leave:
|
||||
@ -717,7 +722,7 @@ gpgsm_basic_cert_check (KsbaCert cert)
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -726,7 +731,7 @@ gpgsm_basic_cert_check (KsbaCert cert)
|
||||
if (!issuer)
|
||||
{
|
||||
log_error ("no issuer found in certificate\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -735,7 +740,7 @@ gpgsm_basic_cert_check (KsbaCert cert)
|
||||
if (gpgsm_check_cert_sig (cert, cert) )
|
||||
{
|
||||
log_error ("selfsigned certificate has a BAD signatures\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -754,7 +759,7 @@ gpgsm_basic_cert_check (KsbaCert cert)
|
||||
}
|
||||
else
|
||||
log_error ("failed to find issuer's certificate: rc=%d\n", rc);
|
||||
rc = GNUPG_Missing_Certificate;
|
||||
rc = gpg_error (GPG_ERR_MISSING_CERT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -763,14 +768,14 @@ gpgsm_basic_cert_check (KsbaCert cert)
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to get cert: rc=%d\n", rc);
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
if (gpgsm_check_cert_sig (issuer_cert, cert) )
|
||||
{
|
||||
log_error ("certificate has a BAD signatures\n");
|
||||
rc = GNUPG_Bad_Certificate;
|
||||
rc = gpg_error (GPG_ERR_BAD_CERT);
|
||||
goto leave;
|
||||
}
|
||||
if (opt.verbose)
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* certcheck.c - check one certificate
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -50,7 +50,7 @@ do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits,
|
||||
if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
|
||||
{
|
||||
log_error ("No object identifier for algo %d\n", algo);
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
|
||||
len = gcry_md_get_algo_dlen (algo);
|
||||
@ -59,7 +59,7 @@ do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits,
|
||||
{
|
||||
log_error ("can't encode a %d bit MD into a %d bits frame\n",
|
||||
(int)(len*8), (int)nbits);
|
||||
return GNUPG_Internal_Error;
|
||||
return gpg_error (GPG_ERR_INTERNAL);
|
||||
}
|
||||
|
||||
/* We encode the MD in this way:
|
||||
@ -70,7 +70,7 @@ do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits,
|
||||
*/
|
||||
frame = xtrymalloc (nframe);
|
||||
if (!frame)
|
||||
return GNUPG_Out_Of_Core;
|
||||
return OUT_OF_CORE (errno);
|
||||
n = 0;
|
||||
frame[n++] = 0;
|
||||
frame[n++] = 1; /* block type */
|
||||
@ -115,13 +115,13 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
|
||||
if (!algo)
|
||||
{
|
||||
log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?");
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
md = gcry_md_open (algo, 0);
|
||||
if (!md)
|
||||
{
|
||||
log_error ("md_open failed: %s\n", gcry_strerror (-1));
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
if (DBG_HASHING)
|
||||
gcry_md_start_debug (md, "hash.cert");
|
||||
@ -142,7 +142,7 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
|
||||
log_error ("libksba did not return a proper S-Exp\n");
|
||||
gcry_md_close (md);
|
||||
ksba_free (p);
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
}
|
||||
if (DBG_X509)
|
||||
{
|
||||
@ -170,7 +170,7 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert)
|
||||
gcry_md_close (md);
|
||||
ksba_free (p);
|
||||
gcry_sexp_release (s_sig);
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
}
|
||||
rc = gcry_sexp_sscan ( &s_pkey, NULL, p, n);
|
||||
ksba_free (p);
|
||||
@ -223,7 +223,7 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
|
||||
if (!n)
|
||||
{
|
||||
log_error ("libksba did not return a proper S-Exp\n");
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
}
|
||||
rc = gcry_sexp_sscan (&s_sig, NULL, sigval, n);
|
||||
if (rc)
|
||||
@ -239,7 +239,7 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval,
|
||||
log_error ("libksba did not return a proper S-Exp\n");
|
||||
ksba_free (p);
|
||||
gcry_sexp_release (s_sig);
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
}
|
||||
if (DBG_X509)
|
||||
log_printhex ("public key: ", p, n);
|
||||
@ -287,7 +287,7 @@ gpgsm_create_cms_signature (KsbaCert cert, GCRY_MD_HD md, int mdalgo,
|
||||
|
||||
grip = gpgsm_get_keygrip_hexstring (cert);
|
||||
if (!grip)
|
||||
return seterr (Bad_Certificate);
|
||||
return gpg_error (GPG_ERR_BAD_CERT);
|
||||
|
||||
rc = gpgsm_agent_pksign (grip, gcry_md_read(md, mdalgo),
|
||||
gcry_md_get_algo_dlen (mdalgo), mdalgo,
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* certlist.c - build list of certificates
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -65,7 +65,7 @@ cert_usage_p (KsbaCert cert, int mode)
|
||||
if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN)))
|
||||
return 0;
|
||||
log_info ( _("certificate should have not been used certification\n"));
|
||||
return GNUPG_Wrong_Key_Usage;
|
||||
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
|
||||
}
|
||||
|
||||
if ((use & ((mode&1)?
|
||||
@ -77,7 +77,7 @@ cert_usage_p (KsbaCert cert, int mode)
|
||||
mode==2? _("certificate should have not been used for signing\n"):
|
||||
mode==1? _("certificate is not usable for encryption\n"):
|
||||
_("certificate is not usable for signing\n"));
|
||||
return GNUPG_Wrong_Key_Usage;
|
||||
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
|
||||
}
|
||||
|
||||
|
||||
@ -150,7 +150,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
|
||||
{
|
||||
kh = keydb_new (0);
|
||||
if (!kh)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
else
|
||||
{
|
||||
int wrong_usage = 0;
|
||||
@ -165,7 +165,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
|
||||
{
|
||||
rc = secret? gpgsm_cert_use_sign_p (cert)
|
||||
: gpgsm_cert_use_encrypt_p (cert);
|
||||
if (rc == GNUPG_Wrong_Key_Usage)
|
||||
if (gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE)
|
||||
{
|
||||
/* There might be another certificate with the
|
||||
correct usage, so we try again */
|
||||
@ -209,14 +209,16 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
|
||||
if (!keydb_get_cert (kh, &cert2))
|
||||
{
|
||||
int tmp = (same_subject_issuer (subject, issuer, cert2)
|
||||
&& ((secret? gpgsm_cert_use_sign_p (cert2):
|
||||
gpgsm_cert_use_encrypt_p (cert2))
|
||||
== GNUPG_Wrong_Key_Usage));
|
||||
&& ((gpg_err_code (
|
||||
secret? gpgsm_cert_use_sign_p (cert2)
|
||||
: gpgsm_cert_use_encrypt_p (cert2)
|
||||
)
|
||||
) == GPG_ERR_WRONG_KEY_USAGE));
|
||||
ksba_cert_release (cert2);
|
||||
if (tmp)
|
||||
goto next_ambigious;
|
||||
}
|
||||
rc = GNUPG_Ambiguous_Name;
|
||||
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
|
||||
}
|
||||
}
|
||||
xfree (subject);
|
||||
@ -226,7 +228,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
|
||||
{
|
||||
char *p;
|
||||
|
||||
rc = GNUPG_No_Secret_Key;
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
p = gpgsm_get_keygrip_hexstring (cert);
|
||||
if (p)
|
||||
{
|
||||
@ -241,7 +243,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
|
||||
{
|
||||
CERTLIST cl = xtrycalloc (1, sizeof *cl);
|
||||
if (!cl)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = OUT_OF_CORE (errno);
|
||||
else
|
||||
{
|
||||
cl->cert = cert; cert = NULL;
|
||||
@ -254,7 +256,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
|
||||
|
||||
keydb_release (kh);
|
||||
ksba_cert_release (cert);
|
||||
return rc == -1? GNUPG_No_Public_Key: rc;
|
||||
return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc;
|
||||
}
|
||||
|
||||
void
|
||||
@ -285,7 +287,7 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert)
|
||||
{
|
||||
kh = keydb_new (0);
|
||||
if (!kh)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
else
|
||||
{
|
||||
rc = keydb_search (kh, &desc, 1);
|
||||
@ -299,7 +301,7 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert)
|
||||
else
|
||||
{
|
||||
if (!rc)
|
||||
rc = GNUPG_Ambiguous_Name;
|
||||
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
|
||||
ksba_cert_release (*r_cert);
|
||||
*r_cert = NULL;
|
||||
}
|
||||
@ -308,6 +310,6 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert)
|
||||
}
|
||||
|
||||
keydb_release (kh);
|
||||
return rc == -1? GNUPG_No_Public_Key: rc;
|
||||
return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc;
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* certreqgen.c - Generate a key and a certification request
|
||||
* Copyright (C) 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -366,12 +366,12 @@ read_parameters (FILE *fp, KsbaWriter writer)
|
||||
if (err)
|
||||
{
|
||||
log_error ("line %d: %s\n", outctrl.lnr, err);
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
else if (ferror(fp))
|
||||
{
|
||||
log_error ("line %d: read error: %s\n", outctrl.lnr, strerror(errno) );
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
else if (para)
|
||||
{
|
||||
@ -382,7 +382,7 @@ read_parameters (FILE *fp, KsbaWriter writer)
|
||||
}
|
||||
|
||||
if (!rc && !any)
|
||||
rc = GNUPG_No_Data;
|
||||
rc = gpg_error (GPG_ERR_NO_DATA);
|
||||
|
||||
leave:
|
||||
release_parameter_list (para);
|
||||
@ -436,7 +436,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl)
|
||||
{
|
||||
r = get_parameter (para, pKEYTYPE);
|
||||
log_error ("line %d: invalid algorithm\n", r->lnr);
|
||||
return GNUPG_Invalid_Parameter;
|
||||
return gpg_error (GPG_ERR_INV_PARAMETER);
|
||||
}
|
||||
|
||||
/* check the keylength */
|
||||
@ -449,12 +449,12 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl)
|
||||
r = get_parameter (para, pKEYTYPE);
|
||||
log_error ("line %d: invalid key length %u (valid are 512 to 4096)\n",
|
||||
r->lnr, nbits);
|
||||
return GNUPG_Invalid_Parameter;
|
||||
return gpg_error (GPG_ERR_INV_PARAMETER);
|
||||
}
|
||||
|
||||
/* check the usage */
|
||||
if (parse_parameter_usage (para, pKEYUSAGE))
|
||||
return GNUPG_Invalid_Parameter;
|
||||
return gpg_error (GPG_ERR_INV_PARAMETER);
|
||||
|
||||
/* check that there is a subject name and that this DN fits our
|
||||
requirements */
|
||||
@ -462,7 +462,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl)
|
||||
{
|
||||
r = get_parameter (para, pKEYTYPE);
|
||||
log_error ("line %d: no subject name given\n", r->lnr);
|
||||
return GNUPG_Invalid_Parameter;
|
||||
return gpg_error (GPG_ERR_INV_PARAMETER);
|
||||
}
|
||||
/* fixme check s */
|
||||
|
||||
@ -477,7 +477,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl)
|
||||
{
|
||||
r = get_parameter (para, pKEYTYPE);
|
||||
log_error ("line %d: not a valid email address\n", r->lnr);
|
||||
return GNUPG_Invalid_Parameter;
|
||||
return gpg_error (GPG_ERR_INV_PARAMETER);
|
||||
}
|
||||
}
|
||||
|
||||
@ -515,7 +515,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
|
||||
|
||||
cr = ksba_certreq_new ();
|
||||
if (!cr)
|
||||
return seterr (Out_Of_Core);
|
||||
return gpg_error (GPG_ERR_ENOMEM);
|
||||
|
||||
md = gcry_md_open (GCRY_MD_SHA1, 0);
|
||||
if (!md)
|
||||
@ -542,11 +542,12 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
|
||||
s = get_parameter_value (para, pNAMEEMAIL);
|
||||
if (s)
|
||||
{
|
||||
char *buf = xtrymalloc (strlen (s) + 3);
|
||||
char *buf;
|
||||
|
||||
buf = xtrymalloc (strlen (s) + 3);
|
||||
if (!buf)
|
||||
{
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = OUT_OF_CORE (errno);
|
||||
goto leave;
|
||||
}
|
||||
*buf = '<';
|
||||
@ -594,7 +595,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
|
||||
if (!n)
|
||||
{
|
||||
log_error ("libksba did not return a proper S-Exp\n");
|
||||
err = GNUPG_Bug;
|
||||
err = gpg_error (GPG_ERR_BUG);
|
||||
goto leave;
|
||||
}
|
||||
rc = gcry_sexp_sscan (&s_pkey, NULL, public, n);
|
||||
@ -606,7 +607,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public,
|
||||
}
|
||||
if ( !gcry_pk_get_keygrip (s_pkey, grip) )
|
||||
{
|
||||
rc = seterr (General_Error);
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
log_error ("can't figure out the keygrip\n");
|
||||
gcry_sexp_release (s_pkey);
|
||||
goto leave;
|
||||
@ -661,8 +662,9 @@ gpgsm_genkey (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
in_fp = fdopen (dup (in_fd), "rb");
|
||||
if (!in_fp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("fdopen() failed: %s\n", strerror (errno));
|
||||
return seterr (IO_Error);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
ctrl->pem_name = "NEW CERTIFICATE REQUEST";
|
||||
|
24
sm/decrypt.c
24
sm/decrypt.c
@ -1,5 +1,5 @@
|
||||
/* decrypt.c - Decrypt a message
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -82,7 +82,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
|
||||
{
|
||||
if (n + 7 > seskeylen )
|
||||
{
|
||||
rc = seterr (Invalid_Session_Key);
|
||||
rc = gpg_error (GPG_ERR_INV_SESSION_KEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -96,7 +96,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
|
||||
|
||||
if (seskey[n] != 2 ) /* wrong block type version */
|
||||
{
|
||||
rc = seterr (Invalid_Session_Key);
|
||||
rc = gpg_error (GPG_ERR_INV_SESSION_KEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -105,7 +105,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
|
||||
n++; /* and the zero byte */
|
||||
if (n >= seskeylen )
|
||||
{
|
||||
rc = seterr (Invalid_Session_Key);
|
||||
rc = gpg_error (GPG_ERR_INV_SESSION_KEY);
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -261,7 +261,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -269,8 +269,8 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
in_fp = fdopen ( dup (in_fd), "rb");
|
||||
if (!in_fp)
|
||||
{
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("fdopen() failed: %s\n", strerror (errno));
|
||||
rc = seterr (IO_Error);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -291,7 +291,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
cms = ksba_cms_new ();
|
||||
if (!cms)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -327,7 +327,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
mode = gcry_cipher_mode_from_oid (algoid);
|
||||
if (!algo || !mode)
|
||||
{
|
||||
rc = GNUPG_Unsupported_Algorithm;
|
||||
rc = gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
log_error ("unsupported algorithm `%s'\n", algoid? algoid:"?");
|
||||
if (algoid && !strcmp (algoid, "1.2.840.113549.3.2"))
|
||||
log_info (_("(this is the RC2 algorithm)\n"));
|
||||
@ -342,7 +342,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
dfparm.mode = mode;
|
||||
dfparm.blklen = gcry_cipher_get_algo_blklen (algo);
|
||||
if (dfparm.blklen > sizeof (dfparm.helpblock))
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
|
||||
rc = ksba_cms_get_content_enc_iv (cms,
|
||||
dfparm.iv,
|
||||
@ -437,7 +437,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
}
|
||||
if (!any_key)
|
||||
{
|
||||
rc = GNUPG_No_Secret_Key;
|
||||
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
@ -450,7 +450,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
if (!npadding || npadding > dfparm.blklen)
|
||||
{
|
||||
log_error ("invalid padding with value %d\n", npadding);
|
||||
rc = seterr (Invalid_Data);
|
||||
rc = gpg_error (GPG_ERR_INVALID_DATA);
|
||||
goto leave;
|
||||
}
|
||||
rc = ksba_writer_write (writer,
|
||||
@ -466,7 +466,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
|
||||
if (dfparm.lastblock[i] != npadding)
|
||||
{
|
||||
log_error ("inconsistent padding\n");
|
||||
rc = seterr (Invalid_Data);
|
||||
rc = gpg_error (GPG_ERR_INVALID_DATA);
|
||||
goto leave;
|
||||
}
|
||||
}
|
||||
|
@ -92,13 +92,13 @@ delete_one (CTRL ctrl, const char *username)
|
||||
goto next_ambigious;
|
||||
}
|
||||
}
|
||||
rc = GNUPG_Ambiguous_Name;
|
||||
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
|
||||
}
|
||||
}
|
||||
if (rc)
|
||||
{
|
||||
if (rc == -1)
|
||||
rc = GNUPG_No_Public_Key;
|
||||
rc = gpg_error (GPG_ERR_NO_PUBKEY);
|
||||
log_error (_("certificate `%s' not found: %s\n"),
|
||||
username, gnupg_strerror (rc));
|
||||
gpgsm_status2 (ctrl, STATUS_DELETE_PROBLEM, "3", NULL);
|
||||
@ -147,7 +147,7 @@ gpgsm_delete (CTRL ctrl, STRLIST names)
|
||||
if (!names)
|
||||
{
|
||||
log_error ("nothing to delete\n");
|
||||
return GNUPG_No_Data;
|
||||
return gpg_error (GPG_ERR_NO_DATA);
|
||||
}
|
||||
|
||||
for (; names; names=names->next )
|
||||
|
35
sm/encrypt.c
35
sm/encrypt.c
@ -1,5 +1,5 @@
|
||||
/* encrypt.c - Encrypt a message
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -72,28 +72,28 @@ init_dek (DEK dek)
|
||||
if (!dek->algo || !mode)
|
||||
{
|
||||
log_error ("unsupported algorithm `%s'\n", dek->algoid);
|
||||
return GNUPG_Unsupported_Algorithm;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
}
|
||||
|
||||
dek->keylen = gcry_cipher_get_algo_keylen (dek->algo);
|
||||
if (!dek->keylen || dek->keylen > sizeof (dek->key))
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
|
||||
dek->ivlen = gcry_cipher_get_algo_blklen (dek->algo);
|
||||
if (!dek->ivlen || dek->ivlen > sizeof (dek->iv))
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
|
||||
if (dek->keylen < 100/8)
|
||||
{ /* make sure we don't use weak keys */
|
||||
log_error ("key length of `%s' too small\n", dek->algoid);
|
||||
return GNUPG_Unsupported_Algorithm;
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
|
||||
}
|
||||
|
||||
dek->chd = gcry_cipher_open (dek->algo, mode, GCRY_CIPHER_SECURE);
|
||||
if (!dek->chd)
|
||||
{
|
||||
log_error ("failed to create cipher context: %s\n", gcry_strerror (-1));
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
for (i=0; i < 8; i++)
|
||||
@ -218,13 +218,13 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval)
|
||||
if (!buf)
|
||||
{
|
||||
log_error ("no public key for recipient\n");
|
||||
return GNUPG_No_Public_Key;
|
||||
return gpg_error (GPG_ERR_NO_PUBKEY);
|
||||
}
|
||||
len = gcry_sexp_canon_len (buf, 0, NULL, NULL);
|
||||
if (!len)
|
||||
{
|
||||
log_error ("libksba did not return a proper S-Exp\n");
|
||||
return GNUPG_Bug;
|
||||
return gpg_error (GPG_ERR_BUG);
|
||||
}
|
||||
rc = gcry_sexp_sscan (&s_pkey, NULL, buf, len);
|
||||
xfree (buf); buf = NULL;
|
||||
@ -241,7 +241,7 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval)
|
||||
if (!data)
|
||||
{
|
||||
gcry_mpi_release (data);
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
if (gcry_sexp_build (&s_data, NULL, "%m", data))
|
||||
BUG ();
|
||||
@ -259,8 +259,9 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval)
|
||||
buf = xtrymalloc (len);
|
||||
if (!buf)
|
||||
{
|
||||
gpg_error_t tmperr = OUT_OF_CORE (errno);
|
||||
gcry_sexp_release (s_ciph);
|
||||
return GNUPG_Out_Of_Core;
|
||||
return tmperr;
|
||||
}
|
||||
len = gcry_sexp_sprint (s_ciph, GCRYSEXP_FMT_CANON, buf, len);
|
||||
assert (len);
|
||||
@ -367,7 +368,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
|
||||
{
|
||||
log_error(_("no valid recipients given\n"));
|
||||
gpgsm_status (ctrl, STATUS_NO_RECP, "0");
|
||||
rc = GNUPG_No_Public_Key;
|
||||
rc = gpg_error (GPG_ERR_NO_PUBKEY);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -375,15 +376,15 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
data_fp = fdopen ( dup (data_fd), "rb");
|
||||
if (!data_fp)
|
||||
{
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("fdopen() failed: %s\n", strerror (errno));
|
||||
rc = seterr (IO_Error);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -410,7 +411,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
|
||||
cms = ksba_cms_new ();
|
||||
if (!cms)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -439,7 +440,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
|
||||
/* create a session key */
|
||||
dek = xtrycalloc (1, sizeof *dek); /* hmmm: should we put it into secmem?*/
|
||||
if (!dek)
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = OUT_OF_CORE (errno);
|
||||
else
|
||||
{
|
||||
dek->algoid = opt.def_cipher_algoid;
|
||||
@ -467,7 +468,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
|
||||
encparm.buffer = xtrymalloc (encparm.bufsize);
|
||||
if (!encparm.buffer)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = OUT_OF_CORE (errno);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -523,7 +524,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
|
||||
if (encparm.readerror)
|
||||
{
|
||||
log_error ("error reading input: %s\n", strerror (encparm.readerror));
|
||||
rc = seterr (Read_Error);
|
||||
rc = gpg_error (gpg_err_code_from_errno (encparm.readerror));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* export.c
|
||||
* Copyright (C) 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -70,7 +70,8 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp)
|
||||
desc = xtrycalloc (ndesc, sizeof *desc);
|
||||
if (!ndesc)
|
||||
{
|
||||
log_error ("%s\n", gnupg_strerror (GNUPG_Out_Of_Core));
|
||||
log_error ("allocating memory for export failed: %s\n",
|
||||
gpg_strerror (OUT_OF_CORE (errno)));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
|
@ -171,7 +171,7 @@ gpgsm_get_keygrip (KsbaCert cert, char *array)
|
||||
gcry_sexp_release (s_pkey);
|
||||
if (!array)
|
||||
{
|
||||
rc = seterr (General_Error);
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
log_error ("can't calculate keygrip\n");
|
||||
return NULL;
|
||||
}
|
||||
|
45
sm/gpgsm.c
45
sm/gpgsm.c
@ -1,5 +1,5 @@
|
||||
/* gpgsm.c - GnuPG for S/MIME
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -28,8 +28,9 @@
|
||||
#include <fcntl.h>
|
||||
|
||||
#include <gcrypt.h>
|
||||
#include <assuan.h> /* malloc hooks */
|
||||
|
||||
#include "gpgsm.h"
|
||||
#include "../assuan/assuan.h" /* malloc hooks */
|
||||
#include "../kbx/keybox.h" /* malloc hooks */
|
||||
#include "i18n.h"
|
||||
#include "keydb.h"
|
||||
@ -1096,16 +1097,16 @@ main ( int argc, char **argv)
|
||||
log_error (_("can't sign using `%s': %s\n"),
|
||||
sl->d, gnupg_strerror (rc));
|
||||
gpgsm_status2 (&ctrl, STATUS_INV_RECP,
|
||||
rc == -1? "1":
|
||||
rc == GNUPG_No_Public_Key? "1":
|
||||
rc == GNUPG_Ambiguous_Name? "2":
|
||||
rc == GNUPG_Wrong_Key_Usage? "3":
|
||||
rc == GNUPG_Certificate_Revoked? "4":
|
||||
rc == GNUPG_Certificate_Expired? "5":
|
||||
rc == GNUPG_No_CRL_Known? "6":
|
||||
rc == GNUPG_CRL_Too_Old? "7":
|
||||
rc == GNUPG_No_Policy_Match? "8":
|
||||
rc == GNUPG_No_Secret_Key? "9":
|
||||
gpg_err_code (rc) == -1? "1":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
|
||||
gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
|
||||
gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3":
|
||||
gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4":
|
||||
gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6":
|
||||
gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_SECKEY? "9":
|
||||
"0",
|
||||
sl->d, NULL);
|
||||
}
|
||||
@ -1118,15 +1119,15 @@ main ( int argc, char **argv)
|
||||
log_error (_("can't encrypt to `%s': %s\n"),
|
||||
sl->d, gnupg_strerror (rc));
|
||||
gpgsm_status2 (&ctrl, STATUS_INV_RECP,
|
||||
rc == -1? "1":
|
||||
rc == GNUPG_No_Public_Key? "1":
|
||||
rc == GNUPG_Ambiguous_Name? "2":
|
||||
rc == GNUPG_Wrong_Key_Usage? "3":
|
||||
rc == GNUPG_Certificate_Revoked? "4":
|
||||
rc == GNUPG_Certificate_Expired? "5":
|
||||
rc == GNUPG_No_CRL_Known? "6":
|
||||
rc == GNUPG_CRL_Too_Old? "7":
|
||||
rc == GNUPG_No_Policy_Match? "8":
|
||||
gpg_err_code (rc) == -1? "1":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
|
||||
gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
|
||||
gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3":
|
||||
gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4":
|
||||
gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6":
|
||||
gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7":
|
||||
gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
|
||||
"0",
|
||||
sl->d, NULL);
|
||||
}
|
||||
@ -1306,7 +1307,7 @@ main ( int argc, char **argv)
|
||||
if (rc)
|
||||
;
|
||||
else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
|
||||
rc = GNUPG_Bug;
|
||||
rc = gpg_error (GPG_ERR_BUG);
|
||||
else
|
||||
rc = gpgsm_agent_passwd (grip);
|
||||
if (rc)
|
||||
|
10
sm/gpgsm.h
10
sm/gpgsm.h
@ -1,5 +1,5 @@
|
||||
/* gpgsm.h - Global definitions for GpgSM
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -21,10 +21,18 @@
|
||||
#ifndef GPGSM_H
|
||||
#define GPGSM_H
|
||||
|
||||
#ifdef GPG_ERR_SOURCE_DEFAULT
|
||||
#error GPG_ERR_SOURCE_DEFAULT already defined
|
||||
#endif
|
||||
#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GPGSM
|
||||
#include <gpg-error.h>
|
||||
|
||||
#include <ksba.h>
|
||||
#include "../common/util.h"
|
||||
#include "../common/errors.h"
|
||||
|
||||
#define OUT_OF_CORE(a) (gpg_error (gpg_err_code_from_errno ((a))))
|
||||
|
||||
#define MAX_DIGEST_LEN 24
|
||||
|
||||
/* A large struct name "opt" to keep global flags */
|
||||
|
14
sm/import.c
14
sm/import.c
@ -1,5 +1,5 @@
|
||||
/* import.c - Import certificates
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -181,8 +181,8 @@ check_and_store (CTRL ctrl, struct stats_s *stats, KsbaCert cert, int depth)
|
||||
log_error (_("basic certificate checks failed - not imported\n"));
|
||||
stats->not_imported++;
|
||||
print_import_problem (ctrl, cert,
|
||||
rc == GNUPG_Missing_Certificate? 2 :
|
||||
rc == GNUPG_Bad_Certificate? 1 : 0);
|
||||
gpg_err_code (rc) == GPG_ERR_MISSING_CERT? 2 :
|
||||
gpg_err_code (rc) == GPG_ERR_BAD_CERT? 1 : 0);
|
||||
}
|
||||
}
|
||||
|
||||
@ -203,8 +203,8 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
|
||||
fp = fdopen ( dup (in_fd), "rb");
|
||||
if (!fp)
|
||||
{
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("fdopen() failed: %s\n", strerror (errno));
|
||||
rc = seterr (IO_Error);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -224,7 +224,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
|
||||
cms = ksba_cms_new ();
|
||||
if (!cms)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -268,7 +268,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
|
||||
cert = ksba_cert_new ();
|
||||
if (!cert)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -284,7 +284,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
|
||||
else
|
||||
{
|
||||
log_error ("can't extract certificates from input\n");
|
||||
rc = GNUPG_No_Data;
|
||||
rc = gpg_error (GPG_ERR_NO_DATA);
|
||||
}
|
||||
|
||||
leave:
|
||||
|
50
sm/keydb.c
50
sm/keydb.c
@ -1,5 +1,5 @@
|
||||
/* keydb.c - key database dispatcher
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -103,7 +103,7 @@ keydb_add_resource (const char *url, int force, int secret)
|
||||
else if (strchr (resname, ':'))
|
||||
{
|
||||
log_error ("invalid key resource URL `%s'\n", url );
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
#endif /* !HAVE_DRIVE_LETTERS && !__riscos__ */
|
||||
@ -150,14 +150,14 @@ keydb_add_resource (const char *url, int force, int secret)
|
||||
{
|
||||
case KEYDB_RESOURCE_TYPE_NONE:
|
||||
log_error ("unknown type of key resource `%s'\n", url );
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
|
||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||
fp = fopen (filename, "rb");
|
||||
if (!fp && !force)
|
||||
{
|
||||
rc = GNUPG_File_Open_Error;
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -175,7 +175,7 @@ keydb_add_resource (const char *url, int force, int secret)
|
||||
terminated, so that on the next invocation can
|
||||
read the options file in on startup */
|
||||
try_make_homedir (filename);
|
||||
rc = GNUPG_File_Open_Error;
|
||||
rc = gpg_error (GPG_ERR_FILE_OPEN_ERROR);
|
||||
*last_slash_in_filename = DIRSEP_C;
|
||||
goto leave;
|
||||
}
|
||||
@ -185,9 +185,9 @@ keydb_add_resource (const char *url, int force, int secret)
|
||||
fp = fopen (filename, "w");
|
||||
if (!fp)
|
||||
{
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error (_("error creating keybox `%s': %s\n"),
|
||||
filename, strerror(errno));
|
||||
rc = GNUPG_File_Create_Error;
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -204,7 +204,7 @@ keydb_add_resource (const char *url, int force, int secret)
|
||||
if (!token)
|
||||
; /* already registered - ignore it */
|
||||
else if (used_resources >= MAX_KEYDB_RESOURCES)
|
||||
rc = GNUPG_Resource_Limit;
|
||||
rc = gpg_error (GPG_ERR_RESOURCE_LIMIT);
|
||||
else
|
||||
{
|
||||
all_resources[used_resources].type = rt;
|
||||
@ -223,7 +223,7 @@ keydb_add_resource (const char *url, int force, int secret)
|
||||
break;
|
||||
default:
|
||||
log_error ("resource type of `%s' not supported\n", url);
|
||||
rc = GNUPG_Not_Supported;
|
||||
rc = gpg_error (GPG_ERR_NOT_SUPPORTED);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -562,7 +562,7 @@ keydb_get_cert (KEYDB_HANDLE hd, KsbaCert *r_cert)
|
||||
int rc = 0;
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
if ( hd->found < 0 || hd->found >= hd->used)
|
||||
return -1; /* nothing found */
|
||||
@ -570,7 +570,7 @@ keydb_get_cert (KEYDB_HANDLE hd, KsbaCert *r_cert)
|
||||
switch (hd->active[hd->found].type)
|
||||
{
|
||||
case KEYDB_RESOURCE_TYPE_NONE:
|
||||
rc = GNUPG_General_Error; /* oops */
|
||||
rc = gpg_error (GPG_ERR_GENERAL); /* oops */
|
||||
break;
|
||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||
rc = keybox_get_cert (hd->active[hd->found].u.kr, r_cert);
|
||||
@ -591,7 +591,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, KsbaCert cert)
|
||||
char digest[20];
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
if (opt.dry_run)
|
||||
return 0;
|
||||
@ -601,7 +601,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, KsbaCert cert)
|
||||
else if ( hd->current >= 0 && hd->current < hd->used)
|
||||
idx = hd->current;
|
||||
else
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
|
||||
rc = lock_all (hd);
|
||||
if (rc)
|
||||
@ -612,7 +612,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, KsbaCert cert)
|
||||
switch (hd->active[idx].type)
|
||||
{
|
||||
case KEYDB_RESOURCE_TYPE_NONE:
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
break;
|
||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||
rc = keybox_insert_cert (hd->active[idx].u.kr, cert, digest);
|
||||
@ -633,7 +633,7 @@ keydb_update_cert (KEYDB_HANDLE hd, KsbaCert cert)
|
||||
char digest[20];
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
if ( hd->found < 0 || hd->found >= hd->used)
|
||||
return -1; /* nothing found */
|
||||
@ -650,7 +650,7 @@ keydb_update_cert (KEYDB_HANDLE hd, KsbaCert cert)
|
||||
switch (hd->active[hd->found].type)
|
||||
{
|
||||
case KEYDB_RESOURCE_TYPE_NONE:
|
||||
rc = GNUPG_General_Error; /* oops */
|
||||
rc = gpg_error (GPG_ERR_GENERAL); /* oops */
|
||||
break;
|
||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||
rc = keybox_update_cert (hd->active[hd->found].u.kr, cert, digest);
|
||||
@ -671,7 +671,7 @@ keydb_delete (KEYDB_HANDLE hd)
|
||||
int rc = -1;
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
if ( hd->found < 0 || hd->found >= hd->used)
|
||||
return -1; /* nothing found */
|
||||
@ -686,7 +686,7 @@ keydb_delete (KEYDB_HANDLE hd)
|
||||
switch (hd->active[hd->found].type)
|
||||
{
|
||||
case KEYDB_RESOURCE_TYPE_NONE:
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
break;
|
||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||
rc = keybox_delete (hd->active[hd->found].u.kr);
|
||||
@ -710,7 +710,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
|
||||
int rc;
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
rc = keydb_search_reset (hd); /* this does reset hd->current */
|
||||
if (rc)
|
||||
@ -770,7 +770,7 @@ keydb_search_reset (KEYDB_HANDLE hd)
|
||||
int i, rc = 0;
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
hd->current = 0;
|
||||
hd->found = -1;
|
||||
@ -800,7 +800,7 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
|
||||
int rc = -1;
|
||||
|
||||
if (!hd)
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
|
||||
while (rc == -1 && hd->current >= 0 && hd->current < hd->used)
|
||||
{
|
||||
@ -891,12 +891,12 @@ keydb_search_issuer_sn (KEYDB_HANDLE hd,
|
||||
desc.mode = KEYDB_SEARCH_MODE_ISSUER_SN;
|
||||
s = serial;
|
||||
if (*s !='(')
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
s++;
|
||||
for (desc.snlen = 0; digitp (s); s++)
|
||||
desc.snlen = 10*desc.snlen + atoi_1 (s);
|
||||
if (*s !=':')
|
||||
return GNUPG_Invalid_Value;
|
||||
return gpg_error (GPG_ERR_INVALID_VALUE);
|
||||
desc.sn = s+1;
|
||||
desc.u.name = issuer;
|
||||
rc = keydb_search (hd, &desc, 1);
|
||||
@ -1209,7 +1209,7 @@ keydb_classify_name (const char *name, KEYDB_SEARCH_DESC *desc)
|
||||
desc = &dummy_desc;
|
||||
|
||||
if (!classify_user_id (name, desc, &dummy))
|
||||
return GNUPG_Invalid_Name;
|
||||
return gpg_error (GPG_ERR_INV_NAME);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -1231,14 +1231,14 @@ keydb_store_cert (KsbaCert cert, int ephemeral, int *existed)
|
||||
if (!gpgsm_get_fingerprint (cert, 0, fpr, NULL))
|
||||
{
|
||||
log_error (_("failed to get the fingerprint\n"));
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
}
|
||||
|
||||
kh = keydb_new (0);
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocate keyDB handle\n"));
|
||||
return GNUPG_Out_Of_Core;
|
||||
return gpg_error (GPG_ERR_ENOMEM);;
|
||||
}
|
||||
|
||||
if (ephemeral)
|
||||
|
51
sm/server.c
51
sm/server.c
@ -245,18 +245,21 @@ cmd_recipient (ASSUAN_CONTEXT ctx, char *line)
|
||||
|
||||
rc = gpgsm_add_to_certlist (ctrl, line, 0, &ctrl->server_local->recplist);
|
||||
if (rc)
|
||||
gpgsm_status2 (ctrl, STATUS_INV_RECP,
|
||||
rc == -1? "1":
|
||||
rc == GNUPG_No_Public_Key? "1":
|
||||
rc == GNUPG_Ambiguous_Name? "2":
|
||||
rc == GNUPG_Wrong_Key_Usage? "3":
|
||||
rc == GNUPG_Certificate_Revoked? "4":
|
||||
rc == GNUPG_Certificate_Expired? "5":
|
||||
rc == GNUPG_No_CRL_Known? "6":
|
||||
rc == GNUPG_CRL_Too_Old? "7":
|
||||
rc == GNUPG_No_Policy_Match? "8":
|
||||
{
|
||||
gpg_err_code_t r = gpg_err_code (rc);
|
||||
gpgsm_status2 (ctrl, STATUS_INV_RECP,
|
||||
r == -1? "1":
|
||||
r == GPG_ERR_NO_PUBKEY? "1":
|
||||
r == GPG_ERR_AMBIGUOUS_NAME? "2":
|
||||
r == GPG_ERR_WRONG_KEY_USAGE? "3":
|
||||
r == GPG_ERR_CERT_REVOKED? "4":
|
||||
r == GPG_ERR_CERT_EXPIRED? "5":
|
||||
r == GPG_ERR_NO_CRL_KNOWN? "6":
|
||||
r == GPG_ERR_CRL_TOO_OLD? "7":
|
||||
r == GPG_ERR_NO_POLICY_MATCH? "8":
|
||||
"0",
|
||||
line, NULL);
|
||||
}
|
||||
|
||||
return map_to_assuan_status (rc);
|
||||
}
|
||||
@ -285,20 +288,22 @@ cmd_signer (ASSUAN_CONTEXT ctx, char *line)
|
||||
|
||||
rc = gpgsm_add_to_certlist (ctrl, line, 1, &ctrl->server_local->signerlist);
|
||||
if (rc)
|
||||
gpgsm_status2 (ctrl, STATUS_INV_RECP,
|
||||
rc == -1? "1":
|
||||
rc == GNUPG_No_Public_Key? "1":
|
||||
rc == GNUPG_Ambiguous_Name? "2":
|
||||
rc == GNUPG_Wrong_Key_Usage? "3":
|
||||
rc == GNUPG_Certificate_Revoked? "4":
|
||||
rc == GNUPG_Certificate_Expired? "5":
|
||||
rc == GNUPG_No_CRL_Known? "6":
|
||||
rc == GNUPG_CRL_Too_Old? "7":
|
||||
rc == GNUPG_No_Policy_Match? "8":
|
||||
rc == GNUPG_No_Secret_Key? "9":
|
||||
{
|
||||
gpg_err_code_t r = gpg_err_code (rc);
|
||||
gpgsm_status2 (ctrl, STATUS_INV_RECP,
|
||||
r == -1? "1":
|
||||
r == GPG_ERR_NO_PUBKEY? "1":
|
||||
r == GPG_ERR_AMBIGUOUS_NAME? "2":
|
||||
r == GPG_ERR_WRONG_KEY_USAGE? "3":
|
||||
r == GPG_ERR_CERT_REVOKED? "4":
|
||||
r == GPG_ERR_CERT_EXPIRED? "5":
|
||||
r == GPG_ERR_NO_CRL_KNOWN? "6":
|
||||
r == GPG_ERR_CRL_TOO_OLD? "7":
|
||||
r == GPG_ERR_NO_POLICY_MATCH? "8":
|
||||
r == GPG_ERR_NO_SECKEY? "9":
|
||||
"0",
|
||||
line, NULL);
|
||||
|
||||
line, NULL);
|
||||
}
|
||||
return map_to_assuan_status (rc);
|
||||
}
|
||||
|
||||
|
29
sm/sign.c
29
sm/sign.c
@ -1,5 +1,5 @@
|
||||
/* sign.c - Sign a message
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -73,8 +73,9 @@ hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer)
|
||||
fp = fdopen ( dup (fd), "rb");
|
||||
if (!fp)
|
||||
{
|
||||
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
|
||||
return GNUPG_File_Open_Error;
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
do
|
||||
@ -95,8 +96,8 @@ hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer)
|
||||
while (nread && !rc);
|
||||
if (ferror (fp))
|
||||
{
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("read error on fd %d: %s\n", fd, strerror (errno));
|
||||
rc = GNUPG_Read_Error;
|
||||
}
|
||||
fclose (fp);
|
||||
if (!any)
|
||||
@ -106,7 +107,7 @@ hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer)
|
||||
already written the tag for data and now expects an octet
|
||||
string but an octet string of zeize 0 is illegal. */
|
||||
log_error ("cannot sign an empty message\n");
|
||||
rc = GNUPG_No_Data;
|
||||
rc = gpg_error (GPG_ERR_NO_DATA);
|
||||
}
|
||||
if (!rc)
|
||||
{
|
||||
@ -134,7 +135,7 @@ gpgsm_get_default_cert (KsbaCert *r_cert)
|
||||
|
||||
hd = keydb_new (0);
|
||||
if (!hd)
|
||||
return GNUPG_General_Error;
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
rc = keydb_search_first (hd);
|
||||
if (rc)
|
||||
{
|
||||
@ -313,7 +314,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -328,7 +329,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
cms = ksba_cms_new ();
|
||||
if (!cms)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -360,13 +361,13 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
if (!cert)
|
||||
{
|
||||
log_error ("no default signer found\n");
|
||||
rc = seterr (General_Error);
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
signerlist = xtrycalloc (1, sizeof *signerlist);
|
||||
if (!signerlist)
|
||||
{
|
||||
rc = GNUPG_Out_Of_Core;
|
||||
rc = OUT_OF_CORE (errno);
|
||||
ksba_cert_release (cert);
|
||||
goto leave;
|
||||
}
|
||||
@ -424,7 +425,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
if (!algo)
|
||||
{
|
||||
log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?");
|
||||
rc = GNUPG_Bug;
|
||||
rc = gpg_error (GPG_ERR_BUG);
|
||||
goto leave;
|
||||
}
|
||||
gcry_md_enable (data_md, algo);
|
||||
@ -446,7 +447,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
if ( !digest || !digest_len)
|
||||
{
|
||||
log_error ("problem getting the hash of the data\n");
|
||||
rc = GNUPG_Bug;
|
||||
rc = gpg_error (GPG_ERR_BUG);
|
||||
goto leave;
|
||||
}
|
||||
for (cl=signerlist,signer=0; cl; cl = cl->next, signer++)
|
||||
@ -505,7 +506,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
if ( !digest || !digest_len)
|
||||
{
|
||||
log_error ("problem getting the hash of the data\n");
|
||||
rc = GNUPG_Bug;
|
||||
rc = gpg_error (GPG_ERR_BUG);
|
||||
goto leave;
|
||||
}
|
||||
for (cl=signerlist,signer=0; cl; cl = cl->next, signer++)
|
||||
@ -574,7 +575,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
fpr = gpgsm_get_fingerprint_hexstring (cl->cert, GCRY_MD_SHA1);
|
||||
if (!fpr)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
gcry_md_close (md);
|
||||
goto leave;
|
||||
}
|
||||
@ -587,7 +588,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
||||
xfree (fpr);
|
||||
if (rc < 0)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
gcry_md_close (md);
|
||||
goto leave;
|
||||
}
|
||||
|
22
sm/verify.c
22
sm/verify.c
@ -1,5 +1,5 @@
|
||||
/* verify.c - Verify a messages signature
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -114,7 +114,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
if (!kh)
|
||||
{
|
||||
log_error (_("failed to allocated keyDB handle\n"));
|
||||
rc = GNUPG_General_Error;
|
||||
rc = gpg_error (GPG_ERR_GENERAL);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -122,8 +122,8 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
fp = fdopen ( dup (in_fd), "rb");
|
||||
if (!fp)
|
||||
{
|
||||
rc = gpg_error (gpg_err_code_from_errno (errno));
|
||||
log_error ("fdopen() failed: %s\n", strerror (errno));
|
||||
rc = seterr (IO_Error);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -147,7 +147,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
cms = ksba_cms_new ();
|
||||
if (!cms)
|
||||
{
|
||||
rc = seterr (Out_Of_Core);
|
||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -233,7 +233,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
if (data_fd != -1 && !is_detached)
|
||||
{
|
||||
log_error ("data given for a non-detached signature\n");
|
||||
rc = GNUPG_Conflict;
|
||||
rc = gpg_error (GPG_ERR_CONFLICT);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
@ -360,7 +360,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
if (rc == -1)
|
||||
{
|
||||
log_error ("certificate not found\n");
|
||||
rc = GNUPG_No_Public_Key;
|
||||
rc = gpg_error (GPG_ERR_NO_PUBKEY);
|
||||
}
|
||||
else
|
||||
log_error ("failed to find the certificate: %s\n",
|
||||
@ -457,7 +457,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
if (DBG_X509)
|
||||
log_debug ("signature okay - checking certs\n");
|
||||
rc = gpgsm_validate_chain (ctrl, cert, &keyexptime);
|
||||
if (rc == GNUPG_Certificate_Expired)
|
||||
if (gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED)
|
||||
{
|
||||
gpgsm_status (ctrl, STATUS_EXPKEYSIG, NULL);
|
||||
rc = 0;
|
||||
@ -482,10 +482,10 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
||||
if (rc) /* of validate_chain */
|
||||
{
|
||||
log_error ("invalid certification chain: %s\n", gnupg_strerror (rc));
|
||||
if (rc == GNUPG_Bad_Certificate_Chain
|
||||
|| rc == GNUPG_Bad_Certificate
|
||||
|| rc == GNUPG_Bad_CA_Certificate
|
||||
|| rc == GNUPG_Certificate_Revoked)
|
||||
if (gpg_err_code (rc) == GPG_ERR_BAD_CERT_CHAIN
|
||||
|| gpg_err_code (rc) == GPG_ERR_BAD_CERT
|
||||
|| gpg_err_code (rc) == GPG_ERR_BAD_CA_CERT
|
||||
|| gpg_err_code (rc) == GPG_ERR_CERT_REVOKED)
|
||||
gpgsm_status (ctrl, STATUS_TRUST_NEVER, gnupg_error_token (rc));
|
||||
else
|
||||
gpgsm_status (ctrl, STATUS_TRUST_UNDEFINED, gnupg_error_token (rc));
|
||||
|
Loading…
x
Reference in New Issue
Block a user