LCOV - code coverage report
Current view: top level - src - sign.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 154 218 70.6 %
Date: 2017-03-02 17:11:10 Functions: 10 11 90.9 %

          Line data    Source code
       1             : /* sign.c - Signing function.
       2             :    Copyright (C) 2000 Werner Koch (dd9jn)
       3             :    Copyright (C) 2001, 2002, 2003, 2004, 2007 g10 Code GmbH
       4             : 
       5             :    This file is part of GPGME.
       6             : 
       7             :    GPGME is free software; you can redistribute it and/or modify it
       8             :    under the terms of the GNU Lesser General Public License as
       9             :    published by the Free Software Foundation; either version 2.1 of
      10             :    the License, or (at your option) any later version.
      11             : 
      12             :    GPGME is distributed in the hope that it will be useful, but
      13             :    WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      15             :    Lesser General Public License for more details.
      16             : 
      17             :    You should have received a copy of the GNU Lesser General Public
      18             :    License along with this program; if not, write to the Free Software
      19             :    Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
      20             :    02111-1307, USA.  */
      21             : 
      22             : #if HAVE_CONFIG_H
      23             : #include <config.h>
      24             : #endif
      25             : #include <stdlib.h>
      26             : #include <string.h>
      27             : #include <errno.h>
      28             : 
      29             : /* Suppress warning for accessing deprecated member "class".  */
      30             : #define _GPGME_IN_GPGME 1
      31             : #include "gpgme.h"
      32             : #include "context.h"
      33             : #include "ops.h"
      34             : #include "util.h"
      35             : #include "debug.h"
      36             : 
      37             : 
      38             : typedef struct
      39             : {
      40             :   struct _gpgme_op_sign_result result;
      41             : 
      42             :   /* The error code from a FAILURE status line or 0.  */
      43             :   gpg_error_t failure_code;
      44             : 
      45             :   /* The fingerprint from the last KEY_CONSIDERED status line.  */
      46             :   char *kc_fpr;
      47             : 
      48             :   /* The flags from the last KEY_CONSIDERED status line.  */
      49             :   unsigned int kc_flags;
      50             : 
      51             :   /* A pointer to the next pointer of the last invalid signer in
      52             :      the list.  This makes appending new invalid signers painless
      53             :      while preserving the order.  */
      54             :   gpgme_invalid_key_t *last_signer_p;
      55             : 
      56             :   /* Likewise for signature information.  */
      57             :   gpgme_new_signature_t *last_sig_p;
      58             : 
      59             :   /* Flags used while processing the status lines.  */
      60             :   unsigned int ignore_inv_recp:1;
      61             :   unsigned int inv_sgnr_seen:1;
      62             :   unsigned int sig_created_seen:1;
      63             : } *op_data_t;
      64             : 
      65             : 
      66             : static void
      67          64 : release_signatures (gpgme_new_signature_t sig)
      68             : {
      69         203 :   while (sig)
      70             :     {
      71          75 :       gpgme_new_signature_t next = sig->next;
      72          75 :       free (sig->fpr);
      73          75 :       free (sig);
      74          75 :       sig = next;
      75             :     }
      76          64 : }
      77             : 
      78             : 
      79             : static void
      80          64 : release_op_data (void *hook)
      81             : {
      82          64 :   op_data_t opd = (op_data_t) hook;
      83          64 :   gpgme_invalid_key_t invalid_signer = opd->result.invalid_signers;
      84             : 
      85         132 :   while (invalid_signer)
      86             :     {
      87           4 :       gpgme_invalid_key_t next = invalid_signer->next;
      88           4 :       if (invalid_signer->fpr)
      89           4 :         free (invalid_signer->fpr);
      90           4 :       free (invalid_signer);
      91           4 :       invalid_signer = next;
      92             :     }
      93             : 
      94          64 :   release_signatures (opd->result.signatures);
      95          64 :   free (opd->kc_fpr);
      96          64 : }
      97             : 
      98             : 
      99             : gpgme_sign_result_t
     100          58 : gpgme_op_sign_result (gpgme_ctx_t ctx)
     101             : {
     102             :   void *hook;
     103             :   op_data_t opd;
     104             :   gpgme_error_t err;
     105             :   gpgme_invalid_key_t inv_key, key;
     106             :   gpgme_new_signature_t sig;
     107          58 :   unsigned int inv_signers = 0;
     108          58 :   unsigned int signatures = 0;
     109             : 
     110          58 :   TRACE_BEG (DEBUG_CTX, "gpgme_op_sign_result", ctx);
     111             : 
     112          58 :   err = _gpgme_op_data_lookup (ctx, OPDATA_SIGN, &hook, -1, NULL);
     113          58 :   opd = hook;
     114          58 :   if (err || !opd)
     115             :     {
     116           0 :       TRACE_SUC0 ("result=(null)");
     117           0 :       return NULL;
     118             :     }
     119             : 
     120          62 :   for (inv_key = opd->result.invalid_signers; inv_key; inv_key = inv_key->next)
     121           4 :     inv_signers++;
     122         127 :   for (sig = opd->result.signatures; sig; sig = sig->next)
     123          69 :     signatures++;
     124             : 
     125          58 :   if (gpgme_signers_count (ctx)
     126          29 :       && signatures + inv_signers != gpgme_signers_count (ctx))
     127             :     {
     128             :       /* In this case at least one signatures was not created perhaps
     129             :          due to a bad passphrase etc.  Thus the entire message is
     130             :          broken and should not be used.  We add the already created
     131             :          signatures to the invalid signers list and thus this case can
     132             :          be detected.  */
     133           0 :       TRACE_LOG3 ("result: invalid signers: %u, signatures: %u, count: %u",
     134             :                   inv_signers, signatures, gpgme_signers_count (ctx));
     135             : 
     136           0 :       for (sig = opd->result.signatures; sig; sig = sig->next)
     137             :         {
     138           0 :           key = calloc (1, sizeof *key);
     139           0 :           if (!key)
     140             :             {
     141           0 :               TRACE_SUC0 ("out of core; result=(null)");
     142           0 :               return NULL;
     143             :             }
     144           0 :           if (sig->fpr)
     145             :             {
     146           0 :               key->fpr = strdup (sig->fpr);
     147           0 :               if (!key->fpr)
     148             :                 {
     149           0 :                   free (key);
     150           0 :                   TRACE_SUC0 ("out of core; result=(null)");
     151           0 :                   return NULL;
     152             :                 }
     153             :             }
     154           0 :           key->reason = GPG_ERR_GENERAL;
     155             : 
     156           0 :           inv_key = opd->result.invalid_signers;
     157           0 :           if (inv_key)
     158             :             {
     159           0 :               for (; inv_key->next; inv_key = inv_key->next)
     160             :                 ;
     161           0 :               inv_key->next = key;
     162             :             }
     163             :           else
     164           0 :             opd->result.invalid_signers = key;
     165             :         }
     166             : 
     167           0 :       release_signatures (opd->result.signatures);
     168           0 :       opd->result.signatures = NULL;
     169             :     }
     170             : 
     171             :   if (_gpgme_debug_trace())
     172             :     {
     173          58 :       TRACE_LOG2 ("result: invalid signers: %i, signatures: %i",
     174             :                   inv_signers, signatures);
     175          62 :       for (inv_key=opd->result.invalid_signers; inv_key; inv_key=inv_key->next)
     176             :         {
     177           4 :           TRACE_LOG3 ("result: invalid signer: fpr=%s, reason=%s <%s>",
     178             :                       inv_key->fpr, gpgme_strerror (inv_key->reason),
     179             :                       gpgme_strsource (inv_key->reason));
     180             :         }
     181         127 :       for (sig = opd->result.signatures; sig; sig = sig->next)
     182             :         {
     183          69 :           TRACE_LOG6 ("result: signature: type=%i, pubkey_algo=%i, "
     184             :                       "hash_algo=%i, timestamp=%li, fpr=%s, sig_class=%i",
     185             :                       sig->type, sig->pubkey_algo, sig->hash_algo,
     186             :                       sig->timestamp, sig->fpr, sig->sig_class);
     187             :         }
     188             :    }
     189             : 
     190          58 :   TRACE_SUC1 ("result=%p", &opd->result);
     191          58 :   return &opd->result;
     192             : }
     193             : 
     194             : 
     195             : 
     196             : static gpgme_error_t
     197          75 : parse_sig_created (char *args, gpgme_new_signature_t *sigp,
     198             :                    gpgme_protocol_t protocol)
     199             : {
     200             :   gpgme_new_signature_t sig;
     201             :   char *tail;
     202             : 
     203          75 :   sig = malloc (sizeof (*sig));
     204          75 :   if (!sig)
     205           0 :     return gpg_error_from_syserror ();
     206             : 
     207          75 :   sig->next = NULL;
     208          75 :   switch (*args)
     209             :     {
     210             :     case 'S':
     211          44 :       sig->type = GPGME_SIG_MODE_NORMAL;
     212          44 :       break;
     213             : 
     214             :     case 'D':
     215          16 :       sig->type = GPGME_SIG_MODE_DETACH;
     216          16 :       break;
     217             : 
     218             :     case 'C':
     219          15 :       sig->type = GPGME_SIG_MODE_CLEAR;
     220          15 :       break;
     221             : 
     222             :     default:
     223             :       /* The backend engine is not behaving.  */
     224           0 :       free (sig);
     225           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     226             :     }
     227             : 
     228          75 :   args++;
     229          75 :   if (*args != ' ')
     230             :     {
     231           0 :       free (sig);
     232           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     233             :     }
     234             : 
     235          75 :   gpg_err_set_errno (0);
     236          75 :   sig->pubkey_algo = _gpgme_map_pk_algo (strtol (args, &tail, 0), protocol);
     237          75 :   if (errno || args == tail || *tail != ' ')
     238             :     {
     239             :       /* The crypto backend does not behave.  */
     240           0 :       free (sig);
     241           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     242             :     }
     243          75 :   args = tail;
     244             : 
     245          75 :   sig->hash_algo = strtol (args, &tail, 0);
     246          75 :   if (errno || args == tail || *tail != ' ')
     247             :     {
     248             :       /* The crypto backend does not behave.  */
     249           0 :       free (sig);
     250           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     251             :     }
     252          75 :   args = tail;
     253             : 
     254          75 :   sig->sig_class = strtol (args, &tail, 0);
     255          75 :   sig->class = sig->sig_class;
     256          75 :   sig->_obsolete_class = sig->sig_class;
     257          75 :   if (errno || args == tail || *tail != ' ')
     258             :     {
     259             :       /* The crypto backend does not behave.  */
     260           0 :       free (sig);
     261           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     262             :     }
     263          75 :   args = tail;
     264             : 
     265          75 :   sig->timestamp = _gpgme_parse_timestamp (args, &tail);
     266          75 :   if (sig->timestamp == -1 || args == tail || *tail != ' ')
     267             :     {
     268             :       /* The crypto backend does not behave.  */
     269           0 :       free (sig);
     270           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     271             :     }
     272          75 :   args = tail;
     273         225 :   while (*args == ' ')
     274          75 :     args++;
     275             : 
     276          75 :   if (!*args)
     277             :     {
     278             :       /* The crypto backend does not behave.  */
     279           0 :       free (sig);
     280           0 :       return trace_gpg_error (GPG_ERR_INV_ENGINE);
     281             :     }
     282             : 
     283          75 :   tail = strchr (args, ' ');
     284          75 :   if (tail)
     285           0 :     *tail = '\0';
     286             : 
     287          75 :   sig->fpr = strdup (args);
     288          75 :   if (!sig->fpr)
     289             :     {
     290           0 :       free (sig);
     291           0 :       return gpg_error_from_syserror ();
     292             :     }
     293          75 :   *sigp = sig;
     294          75 :   return 0;
     295             : }
     296             : 
     297             : 
     298             : gpgme_error_t
     299         512 : _gpgme_sign_status_handler (void *priv, gpgme_status_code_t code, char *args)
     300             : {
     301         512 :   gpgme_ctx_t ctx = (gpgme_ctx_t) priv;
     302             :   gpgme_error_t err;
     303             :   void *hook;
     304             :   op_data_t opd;
     305             : 
     306         512 :   err = _gpgme_passphrase_status_handler (priv, code, args);
     307         512 :   if (err)
     308           0 :     return err;
     309             : 
     310         512 :   err = _gpgme_op_data_lookup (ctx, OPDATA_SIGN, &hook, -1, NULL);
     311         512 :   opd = hook;
     312         512 :   if (err)
     313           0 :     return err;
     314             : 
     315         512 :   switch (code)
     316             :     {
     317             :     case GPGME_STATUS_SIG_CREATED:
     318          75 :       opd->sig_created_seen = 1;
     319          75 :       err = parse_sig_created (args, opd->last_sig_p, ctx->protocol);
     320          75 :       if (err)
     321           0 :         return err;
     322             : 
     323          75 :       opd->last_sig_p = &(*opd->last_sig_p)->next;
     324          75 :       break;
     325             : 
     326             :     case GPGME_STATUS_KEY_CONSIDERED:
     327             :       /* This is emitted during gpg's key lookup to give information
     328             :        * about the lookup results.  We store the last one so it can be
     329             :        * used in connection with INV_RECP.  */
     330         146 :       free (opd->kc_fpr);
     331         146 :       opd->kc_fpr = NULL;
     332         146 :       err = _gpgme_parse_key_considered (args, &opd->kc_fpr, &opd->kc_flags);
     333         146 :       if (err)
     334           0 :         return err;
     335         146 :       break;
     336             : 
     337             :     case GPGME_STATUS_INV_RECP:
     338           0 :       if (opd->inv_sgnr_seen && opd->ignore_inv_recp)
     339           0 :         break;
     340             :       /* FALLTROUGH */
     341             :     case GPGME_STATUS_INV_SGNR:
     342           4 :       if (code == GPGME_STATUS_INV_SGNR)
     343           4 :         opd->inv_sgnr_seen = 1;
     344           4 :       free (opd->kc_fpr);
     345           4 :       opd->kc_fpr = NULL;
     346           4 :       err = _gpgme_parse_inv_recp (args, 1, opd->kc_fpr, opd->kc_flags,
     347             :                                    opd->last_signer_p);
     348           4 :       if (err)
     349           0 :         return err;
     350             : 
     351           4 :       opd->last_signer_p = &(*opd->last_signer_p)->next;
     352           4 :       free (opd->kc_fpr);
     353           4 :       opd->kc_fpr = NULL;
     354           4 :       break;
     355             : 
     356             :     case GPGME_STATUS_FAILURE:
     357           4 :       opd->failure_code = _gpgme_parse_failure (args);
     358           4 :       break;
     359             : 
     360             :     case GPGME_STATUS_EOF:
     361             :       /* The UI server does not send information about the created
     362             :          signature.  This is irrelevant for this protocol and thus we
     363             :          should not check for that.  */
     364          62 :       if (opd->result.invalid_signers)
     365           2 :         err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
     366          60 :       else if (!opd->sig_created_seen
     367           0 :                && ctx->protocol != GPGME_PROTOCOL_UISERVER)
     368           0 :         err = opd->failure_code? opd->failure_code:gpg_error (GPG_ERR_GENERAL);
     369          62 :       break;
     370             : 
     371             :     case GPGME_STATUS_INQUIRE_MAXLEN:
     372           1 :       if (ctx->status_cb && !ctx->full_status)
     373           0 :         err = ctx->status_cb (ctx->status_cb_value, "INQUIRE_MAXLEN", args);
     374           1 :       break;
     375             : 
     376             :     default:
     377         220 :       break;
     378             :     }
     379         512 :   return err;
     380             : }
     381             : 
     382             : 
     383             : static gpgme_error_t
     384         332 : sign_status_handler (void *priv, gpgme_status_code_t code, char *args)
     385             : {
     386             :   gpgme_error_t err;
     387             : 
     388         332 :   err = _gpgme_progress_status_handler (priv, code, args);
     389         332 :   if (!err)
     390         332 :     err = _gpgme_sign_status_handler (priv, code, args);
     391         332 :   return err;
     392             : }
     393             : 
     394             : 
     395             : static gpgme_error_t
     396          64 : sign_init_result (gpgme_ctx_t ctx, int ignore_inv_recp)
     397             : {
     398             :   gpgme_error_t err;
     399             :   void *hook;
     400             :   op_data_t opd;
     401             : 
     402          64 :   err = _gpgme_op_data_lookup (ctx, OPDATA_SIGN, &hook,
     403             :                                sizeof (*opd), release_op_data);
     404          64 :   opd = hook;
     405          64 :   if (err)
     406           0 :     return err;
     407          64 :   opd->failure_code = 0;
     408          64 :   opd->last_signer_p = &opd->result.invalid_signers;
     409          64 :   opd->last_sig_p = &opd->result.signatures;
     410          64 :   opd->ignore_inv_recp = !!ignore_inv_recp;
     411          64 :   opd->inv_sgnr_seen = 0;
     412          64 :   opd->sig_created_seen = 0;
     413          64 :   return 0;
     414             : }
     415             : 
     416             : gpgme_error_t
     417          16 : _gpgme_op_sign_init_result (gpgme_ctx_t ctx)
     418             : {
     419          16 :   return sign_init_result (ctx, 0);
     420             : }
     421             : 
     422             : 
     423             : static gpgme_error_t
     424          48 : sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_data_t plain,
     425             :             gpgme_data_t sig, gpgme_sig_mode_t mode)
     426             : {
     427             :   gpgme_error_t err;
     428             : 
     429          48 :   err = _gpgme_op_reset (ctx, synchronous);
     430          48 :   if (err)
     431           0 :     return err;
     432             : 
     433             :   /* If we are using the CMS protocol, we ignore the INV_RECP status
     434             :      code if a newer GPGSM is in use.  GPGMS does not support combined
     435             :      sign+encrypt and thus this can't harm.  */
     436          48 :   err = sign_init_result (ctx, (ctx->protocol == GPGME_PROTOCOL_CMS));
     437          48 :   if (err)
     438           0 :     return err;
     439             : 
     440          48 :   if (mode != GPGME_SIG_MODE_NORMAL && mode != GPGME_SIG_MODE_DETACH
     441          10 :       && mode != GPGME_SIG_MODE_CLEAR)
     442           0 :     return gpg_error (GPG_ERR_INV_VALUE);
     443             : 
     444          48 :   if (!plain)
     445           0 :     return gpg_error (GPG_ERR_NO_DATA);
     446          48 :   if (!sig)
     447           0 :     return gpg_error (GPG_ERR_INV_VALUE);
     448             : 
     449          48 :   if (ctx->passphrase_cb)
     450             :     {
     451          13 :       err = _gpgme_engine_set_command_handler
     452             :         (ctx->engine, _gpgme_passphrase_command_handler, ctx, NULL);
     453          13 :       if (err)
     454           0 :         return err;
     455             :     }
     456             : 
     457          48 :   _gpgme_engine_set_status_handler (ctx->engine, sign_status_handler,
     458             :                                     ctx);
     459             : 
     460          96 :   return _gpgme_engine_op_sign (ctx->engine, plain, sig, mode, ctx->use_armor,
     461          96 :                                 ctx->use_textmode, ctx->include_certs,
     462             :                                 ctx /* FIXME */);
     463             : }
     464             : 
     465             : 
     466             : /* Sign the plaintext PLAIN and store the signature in SIG.  */
     467             : gpgme_error_t
     468           0 : gpgme_op_sign_start (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig,
     469             :                      gpgme_sig_mode_t mode)
     470             : {
     471             :   gpg_error_t err;
     472           0 :   TRACE_BEG3 (DEBUG_CTX, "gpgme_op_sign_start", ctx,
     473             :               "plain=%p, sig=%p, mode=%i", plain, sig, mode);
     474             : 
     475           0 :   if (!ctx)
     476           0 :     return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
     477             : 
     478           0 :   err = sign_start (ctx, 0, plain, sig, mode);
     479           0 :   return TRACE_ERR (err);
     480             : }
     481             : 
     482             : 
     483             : /* Sign the plaintext PLAIN and store the signature in SIG.  */
     484             : gpgme_error_t
     485          48 : gpgme_op_sign (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig,
     486             :                gpgme_sig_mode_t mode)
     487             : {
     488             :   gpgme_error_t err;
     489             : 
     490          48 :   TRACE_BEG3 (DEBUG_CTX, "gpgme_op_sign", ctx,
     491             :               "plain=%p, sig=%p, mode=%i", plain, sig, mode);
     492             : 
     493          48 :   if (!ctx)
     494           0 :     return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
     495             : 
     496          48 :   err = sign_start (ctx, 1, plain, sig, mode);
     497          48 :   if (!err)
     498          48 :     err = _gpgme_wait_one (ctx);
     499          48 :   return TRACE_ERR (err);
     500             : }

Generated by: LCOV version 1.13