[svn] GnuPG - r4230 - in trunk: . agent doc g10 jnlib sm
svn author wk
cvs at cvs.gnupg.org
Tue Aug 29 18:18:32 CEST 2006
Author: wk
Date: 2006-08-29 18:18:30 +0200 (Tue, 29 Aug 2006)
New Revision: 4230
Modified:
trunk/NEWS
trunk/TODO
trunk/agent/pkdecrypt.c
trunk/doc/gpg-agent.texi
trunk/doc/gpgsm.texi
trunk/g10/ChangeLog
trunk/g10/mainproc.c
trunk/jnlib/ChangeLog
trunk/jnlib/logging.c
trunk/sm/ChangeLog
trunk/sm/call-agent.c
trunk/sm/gpgsm.c
Log:
See ChangeLogs
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/NEWS 2006-08-29 16:18:30 UTC (rev 4230)
@@ -9,7 +9,10 @@
gpg part. For production use of OpenPGP the gpg version 1.4.5 is
still recommended.
+ * API change in gpg-agent's pkdecrypt command. Thus an older gpgsm
+ may not be used with the current gpg-agent.
+
Noteworthy changes in version 1.9.22 (2006-07-27)
-------------------------------------------------
Modified: trunk/TODO
===================================================================
--- trunk/TODO 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/TODO 2006-08-29 16:18:30 UTC (rev 4230)
@@ -6,8 +6,6 @@
** Check that we really release the ksba reader/writer objects.
* sm/call-agent.c
-** The protocol uses an incomplete S-expression
-We should always use valid S-Exp and not just parts.
** Some code should go into import.c
** When we allow concurrent service request in gpgsm, we
might want to have an agent context for each service request
@@ -23,7 +21,6 @@
** replace leading zero in integer hack by a cleaner solution
* sm/gpgsm.c
-** Support --output for all commands
** mark all unimplemented commands and options.
** Implement --default-key
** support the anyPolicy semantic
@@ -109,10 +106,8 @@
** issue a NO_SECKEY xxxx if a -u key was not found.
** Replace DIGEST_ALGO_SHA224
We can't do that right now because it is only defined by newer
- versions of libgcrypt. Changes this if we require libgcrypt 1.3
+ versions of libgcrypt. Change this if we require libgcrypt 1.3
anyway.
-** skclist.c:random_is_faked
- Remove the whole stuff?
** qbits
We pass a new qbit parameter to genkey - implement this in libgcrypt.
** skclist.c
Modified: trunk/agent/pkdecrypt.c
===================================================================
--- trunk/agent/pkdecrypt.c 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/agent/pkdecrypt.c 2006-08-29 16:18:30 UTC (rev 4230)
@@ -90,15 +90,14 @@
log_error ("smartcard decryption failed: %s\n", gpg_strerror (rc));
goto leave;
}
- /* FIXME: Change the protocol to return a complete S-expression
- and not just a part. */
+
{
- char tmpbuf[50];
+ char tmpbuf[60];
- sprintf (tmpbuf, "%u:", (unsigned int)len);
+ sprintf (tmpbuf, "(5:value%u:", (unsigned int)len);
put_membuf (outbuf, tmpbuf, strlen (tmpbuf));
put_membuf (outbuf, buf, len);
- put_membuf (outbuf, "", 1);
+ put_membuf (outbuf, ")", 2);
}
}
else
@@ -126,7 +125,16 @@
buf = xmalloc (len);
len = gcry_sexp_sprint (s_plain, GCRYSEXP_FMT_CANON, buf, len);
assert (len);
- put_membuf (outbuf, buf, len);
+ if (*buf == '(')
+ put_membuf (outbuf, buf, len);
+ else
+ {
+ /* Old style libgcrypt: This is only an S-expression
+ part. Turn it into a complete S-expression. */
+ put_membuf (outbuf, "(5:value", 8);
+ put_membuf (outbuf, buf, len);
+ put_membuf (outbuf, ")", 2);
+ }
}
Modified: trunk/doc/gpg-agent.texi
===================================================================
--- trunk/doc/gpg-agent.texi 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/doc/gpg-agent.texi 2006-08-29 16:18:30 UTC (rev 4230)
@@ -701,7 +701,7 @@
C: D (b 3F444677CA)))
C: END
S: # session key follows
- S: D 1234567890ABCDEF0
+ S: D (value 1234567890ABCDEF0)
S: OK descryption successful
@end example
Modified: trunk/doc/gpgsm.texi
===================================================================
--- trunk/doc/gpgsm.texi 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/doc/gpgsm.texi 2006-08-29 16:18:30 UTC (rev 4230)
@@ -428,6 +428,12 @@
Set the user(s) to be used for signing. The default is the first
secret key found in the database.
+ at item --output @var{file}
+ at itemx -o @var{file}
+ at opindex output
+Write output to @var{file}. The default is to write it to stdout.
+
+
@item --with-key-data
@opindex with-key-data
Displays extra information with the @code{--list-keys} commands. Especially
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/g10/ChangeLog 2006-08-29 16:18:30 UTC (rev 4230)
@@ -1,3 +1,7 @@
+2006-08-22 Werner Koch <wk at g10code.com>
+
+ * mainproc.c (proc_plaintext): Fixed a #warning
+
2006-08-21 Werner Koch <wk at g10code.com>
* skclist.c (random_is_faked): Implemented.
Modified: trunk/g10/mainproc.c
===================================================================
--- trunk/g10/mainproc.c 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/g10/mainproc.c 2006-08-29 16:18:30 UTC (rev 4230)
@@ -681,13 +681,10 @@
}
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
- if (rc)
- log_debug ("handle_plaintext failed: err=%d\n", rc);
- if( gpg_err_code (rc) == GPG_ERR_ENOENT && !c->sigs_only)
+ if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
{
-#warning We need to change the test for the error code
- /* Can't write output but we hash it anyway to
- * Check the signature. */
+ /* Can't write output but we hash it anyway to check the
+ signature. */
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
}
Modified: trunk/jnlib/ChangeLog
===================================================================
--- trunk/jnlib/ChangeLog 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/jnlib/ChangeLog 2006-08-29 16:18:30 UTC (rev 4230)
@@ -1,3 +1,7 @@
+2006-08-29 Werner Koch <wk at g10code.com>
+
+ * logging.c (do_logv): Emit a missing LF for fatal errors.
+
2006-06-28 Werner Koch <wk at g10code.com>
* dotlock.c (make_dotlock, release_dotlock, read_lockfile)
Modified: trunk/jnlib/logging.c
===================================================================
--- trunk/jnlib/logging.c 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/jnlib/logging.c 2006-08-29 16:18:30 UTC (rev 4230)
@@ -486,9 +486,17 @@
}
if (level == JNLIB_LOG_FATAL)
- exit(2);
+ {
+ if (missing_lf)
+ putc('\n', logstream );
+ exit(2);
+ }
if (level == JNLIB_LOG_BUG)
- abort();
+ {
+ if (missing_lf)
+ putc('\n', logstream );
+ abort();
+ }
}
static void
Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/sm/ChangeLog 2006-08-29 16:18:30 UTC (rev 4230)
@@ -1,3 +1,11 @@
+2006-08-29 Werner Koch <wk at g10code.com>
+
+ * call-agent.c (gpgsm_agent_pkdecrypt): Allow decryption using
+ complete S-expressions as implemented by the current gpg-agent.
+
+ * gpgsm.c (main): Implement --output for encrypt, decrypt, sign
+ and export.
+
2006-07-03 Werner Koch <wk at g10code.com>
* certreqgen.c (proc_parameters): Print the component label of a
Modified: trunk/sm/call-agent.c
===================================================================
--- trunk/sm/call-agent.c 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/sm/call-agent.c 2006-08-29 16:18:30 UTC (rev 4230)
@@ -300,7 +300,7 @@
membuf_t data;
struct cipher_parm_s cipher_parm;
size_t n, len;
- char *buf, *endp;
+ char *p, *buf, *endp;
size_t ciphertextlen;
if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
@@ -349,21 +349,36 @@
return map_assuan_err (rc);
}
- put_membuf (&data, "", 1); /* make sure it is 0 terminated */
+ put_membuf (&data, "", 1); /* Make sure it is 0 terminated. */
buf = get_membuf (&data, &len);
if (!buf)
return gpg_error (GPG_ERR_ENOMEM);
- /* FIXME: We would better a return a full S-exp and not just a part */
- assert (len);
- len--; /* remove the terminating 0 */
- n = strtoul (buf, &endp, 10);
+ assert (len); /* (we forced Nul termination.) */
+
+ if (*buf == '(')
+ {
+ if (len < 13 || memcmp (buf, "(5:value", 8) ) /* "(5:valueN:D)\0" */
+ return gpg_error (GPG_ERR_INV_SEXP);
+ len -= 11; /* Count only the data of the second part. */
+ p = buf + 8; /* Skip leading parenthesis and the value tag. */
+ }
+ else
+ {
+ /* For compatibility with older gpg-agents handle the old style
+ incomplete S-exps. */
+ len--; /* Do not count the Nul. */
+ p = buf;
+ }
+
+ n = strtoul (p, &endp, 10);
if (!n || *endp != ':')
return gpg_error (GPG_ERR_INV_SEXP);
endp++;
- if (endp-buf+n > len)
- return gpg_error (GPG_ERR_INV_SEXP); /* oops len does not
- match internal len*/
+ if (endp-p+n > len)
+ return gpg_error (GPG_ERR_INV_SEXP); /* Oops: Inconsistent S-Exp. */
+
memmove (buf, endp, n);
+
*r_buflen = n;
*r_buf = buf;
return 0;
Modified: trunk/sm/gpgsm.c
===================================================================
--- trunk/sm/gpgsm.c 2006-08-29 13:12:01 UTC (rev 4229)
+++ trunk/sm/gpgsm.c 2006-08-29 16:18:30 UTC (rev 4230)
@@ -1420,31 +1420,42 @@
run_protect_tool (argc, argv);
break;
- case aEncr: /* encrypt the given file */
- set_binary (stdin);
- set_binary (stdout);
- if (!argc)
- gpgsm_encrypt (&ctrl, recplist, 0, stdout); /* from stdin */
- else if (argc == 1)
- gpgsm_encrypt (&ctrl, recplist, open_read (*argv), stdout); /* from file */
- else
- wrong_args ("--encrypt [datafile]");
+ case aEncr: /* Encrypt the given file. */
+ {
+ FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
+
+ set_binary (stdin);
+
+ if (!argc) /* Source is stdin. */
+ gpgsm_encrypt (&ctrl, recplist, 0, fp);
+ else if (argc == 1) /* Source is the given file. */
+ gpgsm_encrypt (&ctrl, recplist, open_read (*argv), fp);
+ else
+ wrong_args ("--encrypt [datafile]");
+
+ if (fp != stdout)
+ fclose (fp);
+ }
break;
- case aSign: /* sign the given file */
- /* FIXME: We don't handle --output yet. We should also allow
- to concatenate multiple files for signing because that is
- what gpg does.*/
- set_binary (stdin);
- set_binary (stdout);
- if (!argc)
- gpgsm_sign (&ctrl, signerlist,
- 0, detached_sig, stdout); /* create from stdin */
- else if (argc == 1)
- gpgsm_sign (&ctrl, signerlist,
- open_read (*argv), detached_sig, stdout); /* from file */
- else
- wrong_args ("--sign [datafile]");
+ case aSign: /* Sign the given file. */
+ {
+ FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
+
+ /* Fixme: We should also allow to concatenate multiple files for
+ signing because that is what gpg does.*/
+ set_binary (stdin);
+ if (!argc) /* Create from stdin. */
+ gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
+ else if (argc == 1) /* From file. */
+ gpgsm_sign (&ctrl, signerlist,
+ open_read (*argv), detached_sig, fp);
+ else
+ wrong_args ("--sign [datafile]");
+
+ if (fp != stdout)
+ fclose (fp);
+ }
break;
case aSignEncr: /* sign and encrypt the given file */
@@ -1484,14 +1495,19 @@
break;
case aDecrypt:
- set_binary (stdin);
- set_binary (stdout);
- if (!argc)
- gpgsm_decrypt (&ctrl, 0, stdout); /* from stdin */
- else if (argc == 1)
- gpgsm_decrypt (&ctrl, open_read (*argv), stdout); /* from file */
- else
- wrong_args ("--decrypt [filename]");
+ {
+ FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
+
+ set_binary (stdin);
+ if (!argc)
+ gpgsm_decrypt (&ctrl, 0, fp); /* from stdin */
+ else if (argc == 1)
+ gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */
+ else
+ wrong_args ("--decrypt [filename]");
+ if (fp != stdout)
+ fclose (fp);
+ }
break;
case aDeleteKey:
@@ -1556,19 +1572,29 @@
break;
case aExport:
- set_binary (stdout);
- for (sl=NULL; argc; argc--, argv++)
- add_to_strlist (&sl, *argv);
- gpgsm_export (&ctrl, sl, stdout);
- free_strlist(sl);
+ {
+ FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
+
+ for (sl=NULL; argc; argc--, argv++)
+ add_to_strlist (&sl, *argv);
+ gpgsm_export (&ctrl, sl, fp);
+ free_strlist(sl);
+ if (fp != stdout)
+ fclose (fp);
+ }
break;
case aExportSecretKeyP12:
- set_binary (stdout);
- if (argc == 1)
- gpgsm_p12_export (&ctrl, *argv, stdout);
- else
- wrong_args ("--export-secret-key-p12 KEY-ID");
+ {
+ FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
+
+ if (argc == 1)
+ gpgsm_p12_export (&ctrl, *argv, stdout);
+ else
+ wrong_args ("--export-secret-key-p12 KEY-ID");
+ if (fp != stdout)
+ fclose (fp);
+ }
break;
case aSendKeys:
More information about the Gnupg-commits
mailing list