[git] GnuPG - branch, master, updated. gnupg-2.2.7-193-gb823788
by NIIBE Yutaka
cvs at cvs.gnupg.org
Mon Aug 27 09:26:20 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via b823788d200902f34c632026934cf0e43152b73e (commit)
via 84cc55880a5815155328229beb309326472bfd82 (commit)
via 03a8de7def4195b9accde47c1dcb84279361936d (commit)
via 6bb93fc295e712ddf9b461dfe650211caf16a844 (commit)
via 30153c65f0875f9a62838f6347bcdcedd6114d35 (commit)
from ce2f71760155b71a71418fe145a557c99bd52290 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b823788d200902f34c632026934cf0e43152b73e
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jun 12 16:20:21 2018 +0900
g10: Fix enum_secret_keys for card keys.
* g10/skclist.c (enum_secret_keys): Since "KEY-FPR" returns
fingerprint in binary, change it to hex string.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/skclist.c b/g10/skclist.c
index d40fe6d..fe24b4a 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -331,6 +331,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
strlist_t sl;
strlist_t card_list;
char *serialno;
+ char fpr2[43];
struct agent_card_info_s info;
kbnode_t keyblock;
kbnode_t node;
@@ -350,7 +351,6 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (!sk)
{
/* Free the context. */
- agent_release_card_info (&c->info);
xfree (c->serialno);
free_strlist (c->card_list);
pubkeys_free (c->results);
@@ -419,14 +419,19 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
}
xfree (serialno);
- agent_release_card_info (&c->info);
+ c->info.fpr2valid = 0;
err = agent_scd_getattr ("KEY-FPR", &c->info);
if (err)
log_error ("error retrieving key fingerprint from card: %s\n",
gpg_strerror (err));
if (c->info.fpr2valid)
- name = c->info.fpr2;
+ {
+ c->fpr2[0] = '0';
+ c->fpr2[1] = 'x';
+ bin2hex (c->info.fpr2, 20, c->fpr2+2);
+ name = c->fpr2;
+ }
c->sl = c->sl->next;
}
else
commit 84cc55880a5815155328229beb309326472bfd82
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jun 12 10:42:24 2018 +0900
g10: Prefer to available card keys for decryption.
* g10/skclist.c (enum_secret_keys): Add logic to prefer
decryption keys on cards.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/skclist.c b/g10/skclist.c
index f8c8cad..d40fe6d 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -329,6 +329,9 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
int eof;
int state;
strlist_t sl;
+ strlist_t card_list;
+ char *serialno;
+ struct agent_card_info_s info;
kbnode_t keyblock;
kbnode_t node;
getkey_ctx_t ctx;
@@ -347,6 +350,9 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (!sk)
{
/* Free the context. */
+ agent_release_card_info (&c->info);
+ xfree (c->serialno);
+ free_strlist (c->card_list);
pubkeys_free (c->results);
release_kbnode (c->keyblock);
getkey_end (ctrl, c->ctx);
@@ -390,7 +396,49 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
c->state++;
break;
- case 3: /* Init search context to enum all secret keys. */
+ case 3: /* Init list of card keys to try. */
+ err = agent_scd_cardlist (&c->card_list);
+ if (!err)
+ agent_scd_serialno (&c->serialno, NULL);
+ c->sl = c->card_list;
+ c->state++;
+ break;
+
+ case 4: /* Get next item from card list. */
+ if (c->sl)
+ {
+ char *serialno;
+
+ err = agent_scd_serialno (&serialno, c->sl->d);
+ if (err)
+ {
+ if (opt.verbose)
+ log_info (_("error getting serial number of card: %s\n"),
+ gpg_strerror (err));
+ continue;
+ }
+
+ xfree (serialno);
+ agent_release_card_info (&c->info);
+ err = agent_scd_getattr ("KEY-FPR", &c->info);
+ if (err)
+ log_error ("error retrieving key fingerprint from card: %s\n",
+ gpg_strerror (err));
+
+ if (c->info.fpr2valid)
+ name = c->info.fpr2;
+ c->sl = c->sl->next;
+ }
+ else
+ {
+ if (c->serialno)
+ /* Select the original card again. */
+ agent_scd_serialno (&c->serialno, c->serialno);
+ c->state++;
+ }
+ break;
+
+ case 5: /* Init search context to enum all secret keys. */
err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
&keyblock);
if (err)
@@ -403,7 +451,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
c->state++;
break;
- case 4: /* Get next item from the context. */
+ case 6: /* Get next item from the context. */
if (c->ctx)
{
err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
@@ -446,10 +494,10 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
/* Get the next key from the current keyblock. */
for (; c->node; c->node = c->node->next)
- {
- if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
+ {
+ if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
|| c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- {
+ {
pubkey_t r;
/* Skip this candidate if it's already enumerated. */
@@ -459,8 +507,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (r)
continue;
- copy_public_key (sk, c->node->pkt->pkt.public_key);
- c->node = c->node->next;
+ copy_public_key (sk, c->node->pkt->pkt.public_key);
+ c->node = c->node->next;
r = xtrycalloc (1, sizeof (*r));
if (!r)
@@ -475,8 +523,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
r->next = c->results;
c->results = r;
- return 0; /* Found. */
- }
+ return 0; /* Found. */
+ }
}
/* Dispose the keyblock and continue. */
commit 03a8de7def4195b9accde47c1dcb84279361936d
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jun 12 10:36:59 2018 +0900
g10: Move enum_secret_keys to skclist.c.
* g10/getkey.c (enum_secret_keys): Move to...
* g10/skclist.c (enum_secret_keys): ... here.
--
The function enum_secret_keys is not used by gpgv.c, but it is in
getkey.c. Extending enum_secret_keys will require change of gpgv.c,
so moving the function to the file for gpg is better.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/getkey.c b/g10/getkey.c
index e9e98b1..41afeb9 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3947,203 +3947,6 @@ lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
}
-/* Enumerate some secret keys (specifically, those specified with
- * --default-key and --try-secret-key). Use the following procedure:
- *
- * 1) Initialize a void pointer to NULL
- * 2) Pass a reference to this pointer to this function (content)
- * and provide space for the secret key (sk)
- * 3) Call this function as long as it does not return an error (or
- * until you are done). The error code GPG_ERR_EOF indicates the
- * end of the listing.
- * 4) Call this function a last time with SK set to NULL,
- * so that can free it's context.
- *
- * In pseudo-code:
- *
- * void *ctx = NULL;
- * PKT_public_key *sk = xmalloc_clear (sizeof (*sk));
- *
- * while ((err = enum_secret_keys (&ctx, sk)))
- * { // Process SK.
- * if (done)
- * break;
- * sk = xmalloc_clear (sizeof (*sk));
- * }
- *
- * // Release any resources used by CTX.
- * enum_secret_keys (&ctx, NULL);
- *
- * if (gpg_err_code (err) != GPG_ERR_EOF)
- * ; // An error occurred.
- */
-gpg_error_t
-enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
-{
- gpg_error_t err = 0;
- const char *name;
- kbnode_t keyblock;
- struct
- {
- int eof;
- int state;
- strlist_t sl;
- kbnode_t keyblock;
- kbnode_t node;
- getkey_ctx_t ctx;
- pubkey_t results;
- } *c = *context;
-
- if (!c)
- {
- /* Make a new context. */
- c = xtrycalloc (1, sizeof *c);
- if (!c)
- return gpg_error_from_syserror ();
- *context = c;
- }
-
- if (!sk)
- {
- /* Free the context. */
- pubkeys_free (c->results);
- release_kbnode (c->keyblock);
- getkey_end (ctrl, c->ctx);
- xfree (c);
- *context = NULL;
- return 0;
- }
-
- if (c->eof)
- return gpg_error (GPG_ERR_EOF);
-
- for (;;)
- {
- /* Loop until we have a keyblock. */
- while (!c->keyblock)
- {
- /* Loop over the list of secret keys. */
- do
- {
- name = NULL;
- keyblock = NULL;
- switch (c->state)
- {
- case 0: /* First try to use the --default-key. */
- name = parse_def_secret_key (ctrl);
- c->state = 1;
- break;
-
- case 1: /* Init list of keys to try. */
- c->sl = opt.secret_keys_to_try;
- c->state++;
- break;
-
- case 2: /* Get next item from list. */
- if (c->sl)
- {
- name = c->sl->d;
- c->sl = c->sl->next;
- }
- else
- c->state++;
- break;
-
- case 3: /* Init search context to enum all secret keys. */
- err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
- &keyblock);
- if (err)
- {
- release_kbnode (keyblock);
- keyblock = NULL;
- getkey_end (ctrl, c->ctx);
- c->ctx = NULL;
- }
- c->state++;
- break;
-
- case 4: /* Get next item from the context. */
- if (c->ctx)
- {
- err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
- if (err)
- {
- release_kbnode (keyblock);
- keyblock = NULL;
- getkey_end (ctrl, c->ctx);
- c->ctx = NULL;
- }
- }
- else
- c->state++;
- break;
-
- default: /* No more names to check - stop. */
- c->eof = 1;
- return gpg_error (GPG_ERR_EOF);
- }
- }
- while ((!name || !*name) && !keyblock);
-
- if (keyblock)
- c->node = c->keyblock = keyblock;
- else
- {
- err = getkey_byname (ctrl, NULL, NULL, name, 1, &c->keyblock);
- if (err)
- {
- /* getkey_byname might return a keyblock even in the
- error case - I have not checked. Thus better release
- it. */
- release_kbnode (c->keyblock);
- c->keyblock = NULL;
- }
- else
- c->node = c->keyblock;
- }
- }
-
- /* Get the next key from the current keyblock. */
- for (; c->node; c->node = c->node->next)
- {
- if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
- || c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- {
- pubkey_t r;
-
- /* Skip this candidate if it's already enumerated. */
- for (r = c->results; r; r = r->next)
- if (!cmp_public_keys (r->pk, c->node->pkt->pkt.public_key))
- break;
- if (r)
- continue;
-
- copy_public_key (sk, c->node->pkt->pkt.public_key);
- c->node = c->node->next;
-
- r = xtrycalloc (1, sizeof (*r));
- if (!r)
- {
- err = gpg_error_from_syserror ();
- free_public_key (sk);
- return err;
- }
-
- r->pk = sk;
- r->keyblock = NULL;
- r->next = c->results;
- c->results = r;
-
- return 0; /* Found. */
- }
- }
-
- /* Dispose the keyblock and continue. */
- release_kbnode (c->keyblock);
- c->keyblock = NULL;
- }
-}
-
gpg_error_t
get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk,
const byte *fpr_card, size_t fpr_len)
diff --git a/g10/skclist.c b/g10/skclist.c
index 78890dc..f8c8cad 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -286,3 +286,201 @@ build_sk_list (ctrl_t ctrl,
*ret_sk_list = sk_list;
return err;
}
+
+
+/* Enumerate some secret keys (specifically, those specified with
+ * --default-key and --try-secret-key). Use the following procedure:
+ *
+ * 1) Initialize a void pointer to NULL
+ * 2) Pass a reference to this pointer to this function (content)
+ * and provide space for the secret key (sk)
+ * 3) Call this function as long as it does not return an error (or
+ * until you are done). The error code GPG_ERR_EOF indicates the
+ * end of the listing.
+ * 4) Call this function a last time with SK set to NULL,
+ * so that can free it's context.
+ *
+ * In pseudo-code:
+ *
+ * void *ctx = NULL;
+ * PKT_public_key *sk = xmalloc_clear (sizeof (*sk));
+ *
+ * while ((err = enum_secret_keys (&ctx, sk)))
+ * { // Process SK.
+ * if (done)
+ * break;
+ * sk = xmalloc_clear (sizeof (*sk));
+ * }
+ *
+ * // Release any resources used by CTX.
+ * enum_secret_keys (&ctx, NULL);
+ *
+ * if (gpg_err_code (err) != GPG_ERR_EOF)
+ * ; // An error occurred.
+ */
+gpg_error_t
+enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
+{
+ gpg_error_t err = 0;
+ const char *name;
+ kbnode_t keyblock;
+ struct
+ {
+ int eof;
+ int state;
+ strlist_t sl;
+ kbnode_t keyblock;
+ kbnode_t node;
+ getkey_ctx_t ctx;
+ pubkey_t results;
+ } *c = *context;
+
+ if (!c)
+ {
+ /* Make a new context. */
+ c = xtrycalloc (1, sizeof *c);
+ if (!c)
+ return gpg_error_from_syserror ();
+ *context = c;
+ }
+
+ if (!sk)
+ {
+ /* Free the context. */
+ pubkeys_free (c->results);
+ release_kbnode (c->keyblock);
+ getkey_end (ctrl, c->ctx);
+ xfree (c);
+ *context = NULL;
+ return 0;
+ }
+
+ if (c->eof)
+ return gpg_error (GPG_ERR_EOF);
+
+ for (;;)
+ {
+ /* Loop until we have a keyblock. */
+ while (!c->keyblock)
+ {
+ /* Loop over the list of secret keys. */
+ do
+ {
+ name = NULL;
+ keyblock = NULL;
+ switch (c->state)
+ {
+ case 0: /* First try to use the --default-key. */
+ name = parse_def_secret_key (ctrl);
+ c->state = 1;
+ break;
+
+ case 1: /* Init list of keys to try. */
+ c->sl = opt.secret_keys_to_try;
+ c->state++;
+ break;
+
+ case 2: /* Get next item from list. */
+ if (c->sl)
+ {
+ name = c->sl->d;
+ c->sl = c->sl->next;
+ }
+ else
+ c->state++;
+ break;
+
+ case 3: /* Init search context to enum all secret keys. */
+ err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
+ &keyblock);
+ if (err)
+ {
+ release_kbnode (keyblock);
+ keyblock = NULL;
+ getkey_end (ctrl, c->ctx);
+ c->ctx = NULL;
+ }
+ c->state++;
+ break;
+
+ case 4: /* Get next item from the context. */
+ if (c->ctx)
+ {
+ err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
+ if (err)
+ {
+ release_kbnode (keyblock);
+ keyblock = NULL;
+ getkey_end (ctrl, c->ctx);
+ c->ctx = NULL;
+ }
+ }
+ else
+ c->state++;
+ break;
+
+ default: /* No more names to check - stop. */
+ c->eof = 1;
+ return gpg_error (GPG_ERR_EOF);
+ }
+ }
+ while ((!name || !*name) && !keyblock);
+
+ if (keyblock)
+ c->node = c->keyblock = keyblock;
+ else
+ {
+ err = getkey_byname (ctrl, NULL, NULL, name, 1, &c->keyblock);
+ if (err)
+ {
+ /* getkey_byname might return a keyblock even in the
+ error case - I have not checked. Thus better release
+ it. */
+ release_kbnode (c->keyblock);
+ c->keyblock = NULL;
+ }
+ else
+ c->node = c->keyblock;
+ }
+ }
+
+ /* Get the next key from the current keyblock. */
+ for (; c->node; c->node = c->node->next)
+ {
+ if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
+ || c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ {
+ pubkey_t r;
+
+ /* Skip this candidate if it's already enumerated. */
+ for (r = c->results; r; r = r->next)
+ if (!cmp_public_keys (r->pk, c->node->pkt->pkt.public_key))
+ break;
+ if (r)
+ continue;
+
+ copy_public_key (sk, c->node->pkt->pkt.public_key);
+ c->node = c->node->next;
+
+ r = xtrycalloc (1, sizeof (*r));
+ if (!r)
+ {
+ err = gpg_error_from_syserror ();
+ free_public_key (sk);
+ return err;
+ }
+
+ r->pk = sk;
+ r->keyblock = NULL;
+ r->next = c->results;
+ c->results = r;
+
+ return 0; /* Found. */
+ }
+ }
+
+ /* Dispose the keyblock and continue. */
+ release_kbnode (c->keyblock);
+ c->keyblock = NULL;
+ }
+}
commit 6bb93fc295e712ddf9b461dfe650211caf16a844
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Mon Jun 11 15:02:57 2018 +0900
g10: Fix comment of enum_secret_keys.
* g10/getkey.c (enum_secret_keys): Fix comment for usage of
enum_secret_keys, following the previous change.
--
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/getkey.c b/g10/getkey.c
index 5e4ca54..e9e98b1 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3968,13 +3968,11 @@ lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
* { // Process SK.
* if (done)
* break;
- * free_public_key (sk);
* sk = xmalloc_clear (sizeof (*sk));
* }
*
* // Release any resources used by CTX.
* enum_secret_keys (&ctx, NULL);
- * free_public_key (sk);
*
* if (gpg_err_code (err) != GPG_ERR_EOF)
* ; // An error occurred.
commit 30153c65f0875f9a62838f6347bcdcedd6114d35
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Mon Jun 11 11:48:14 2018 +0900
g10: Enumerated keys for decryption should be unique.
* g10/getkey.c (enum_secret_keys): Collecting keys in the context,
check duplicate to make sure returning only unique keys.
* g10/pubkey-enc.c (get_session_key): Now, it's the responsibility of
enum_secret_keys to free keys.
--
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/getkey.c b/g10/getkey.c
index 08e17e9..5e4ca54 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3993,6 +3993,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
kbnode_t keyblock;
kbnode_t node;
getkey_ctx_t ctx;
+ pubkey_t results;
} *c = *context;
if (!c)
@@ -4007,6 +4008,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (!sk)
{
/* Free the context. */
+ pubkeys_free (c->results);
release_kbnode (c->keyblock);
getkey_end (ctrl, c->ctx);
xfree (c);
@@ -4109,8 +4111,31 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
|| c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
+ pubkey_t r;
+
+ /* Skip this candidate if it's already enumerated. */
+ for (r = c->results; r; r = r->next)
+ if (!cmp_public_keys (r->pk, c->node->pkt->pkt.public_key))
+ break;
+ if (r)
+ continue;
+
copy_public_key (sk, c->node->pkt->pkt.public_key);
c->node = c->node->next;
+
+ r = xtrycalloc (1, sizeof (*r));
+ if (!r)
+ {
+ err = gpg_error_from_syserror ();
+ free_public_key (sk);
+ return err;
+ }
+
+ r->pk = sk;
+ r->keyblock = NULL;
+ r->next = c->results;
+ c->results = r;
+
return 0; /* Found. */
}
}
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 8540e03..32b1ed0 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -87,7 +87,6 @@ get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek)
{
struct pubkey_enc_list *k;
- free_public_key (sk);
sk = xmalloc_clear (sizeof *sk);
rc = enum_secret_keys (ctrl, &enum_context, sk);
if (rc)
@@ -156,7 +155,6 @@ get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek)
}
}
enum_secret_keys (ctrl, &enum_context, NULL); /* free context */
- free_public_key (sk);
if (DBG_CLOCK)
log_clock ("get_session_key leave");
-----------------------------------------------------------------------
Summary of changes:
g10/getkey.c | 174 --------------------------------------
g10/pubkey-enc.c | 2 -
g10/skclist.c | 251 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 251 insertions(+), 176 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list