[git] GnuPG - branch, gniibe/decryption-key, updated. gnupg-2.2.7-142-ged9030c
by NIIBE Yutaka
cvs at cvs.gnupg.org
Tue Jun 12 06:01:37 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, gniibe/decryption-key has been updated
via ed9030cb2a67148dfafa7f2c0d5a0be67a818397 (commit)
via ba7e934945a50aa37e3e971067dbfff724fe9696 (commit)
via b0c00ce0af1b1ac140ae675299214af34e4e0c1f (commit)
from c03a3eb01d2d26bd69e6d7c7d2a5f72229e189e0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ed9030cb2a67148dfafa7f2c0d5a0be67a818397
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jun 12 10:42:24 2018 +0900
g10: Prefer to available card keys for decryption.
* g10/skclist.c (enum_secret_keys): Add logic to prefer
decryption keys on cards.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/skclist.c b/g10/skclist.c
index f8c8cad..d40fe6d 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -329,6 +329,9 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
int eof;
int state;
strlist_t sl;
+ strlist_t card_list;
+ char *serialno;
+ struct agent_card_info_s info;
kbnode_t keyblock;
kbnode_t node;
getkey_ctx_t ctx;
@@ -347,6 +350,9 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (!sk)
{
/* Free the context. */
+ agent_release_card_info (&c->info);
+ xfree (c->serialno);
+ free_strlist (c->card_list);
pubkeys_free (c->results);
release_kbnode (c->keyblock);
getkey_end (ctrl, c->ctx);
@@ -390,7 +396,49 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
c->state++;
break;
- case 3: /* Init search context to enum all secret keys. */
+ case 3: /* Init list of card keys to try. */
+ err = agent_scd_cardlist (&c->card_list);
+ if (!err)
+ agent_scd_serialno (&c->serialno, NULL);
+ c->sl = c->card_list;
+ c->state++;
+ break;
+
+ case 4: /* Get next item from card list. */
+ if (c->sl)
+ {
+ char *serialno;
+
+ err = agent_scd_serialno (&serialno, c->sl->d);
+ if (err)
+ {
+ if (opt.verbose)
+ log_info (_("error getting serial number of card: %s\n"),
+ gpg_strerror (err));
+ continue;
+ }
+
+ xfree (serialno);
+ agent_release_card_info (&c->info);
+ err = agent_scd_getattr ("KEY-FPR", &c->info);
+ if (err)
+ log_error ("error retrieving key fingerprint from card: %s\n",
+ gpg_strerror (err));
+
+ if (c->info.fpr2valid)
+ name = c->info.fpr2;
+ c->sl = c->sl->next;
+ }
+ else
+ {
+ if (c->serialno)
+ /* Select the original card again. */
+ agent_scd_serialno (&c->serialno, c->serialno);
+ c->state++;
+ }
+ break;
+
+ case 5: /* Init search context to enum all secret keys. */
err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
&keyblock);
if (err)
@@ -403,7 +451,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
c->state++;
break;
- case 4: /* Get next item from the context. */
+ case 6: /* Get next item from the context. */
if (c->ctx)
{
err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
@@ -446,10 +494,10 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
/* Get the next key from the current keyblock. */
for (; c->node; c->node = c->node->next)
- {
- if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
+ {
+ if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
|| c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- {
+ {
pubkey_t r;
/* Skip this candidate if it's already enumerated. */
@@ -459,8 +507,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
if (r)
continue;
- copy_public_key (sk, c->node->pkt->pkt.public_key);
- c->node = c->node->next;
+ copy_public_key (sk, c->node->pkt->pkt.public_key);
+ c->node = c->node->next;
r = xtrycalloc (1, sizeof (*r));
if (!r)
@@ -475,8 +523,8 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
r->next = c->results;
c->results = r;
- return 0; /* Found. */
- }
+ return 0; /* Found. */
+ }
}
/* Dispose the keyblock and continue. */
commit ba7e934945a50aa37e3e971067dbfff724fe9696
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jun 12 10:36:59 2018 +0900
g10: Move enum_secret_keys to skclist.c.
* g10/getkey.c (enum_secret_keys): Move to...
* g10/skclist.c (enum_secret_keys): ... here.
--
The function enum_secret_keys is not used by gpgv.c, but it is in
getkey.c. Extending enum_secret_keys will require change of gpgv.c,
so moving the function to the file for gpg is better.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/getkey.c b/g10/getkey.c
index 470bab6..55c8628 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3904,203 +3904,6 @@ lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
}
-/* Enumerate some secret keys (specifically, those specified with
- * --default-key and --try-secret-key). Use the following procedure:
- *
- * 1) Initialize a void pointer to NULL
- * 2) Pass a reference to this pointer to this function (content)
- * and provide space for the secret key (sk)
- * 3) Call this function as long as it does not return an error (or
- * until you are done). The error code GPG_ERR_EOF indicates the
- * end of the listing.
- * 4) Call this function a last time with SK set to NULL,
- * so that can free it's context.
- *
- * In pseudo-code:
- *
- * void *ctx = NULL;
- * PKT_public_key *sk = xmalloc_clear (sizeof (*sk));
- *
- * while ((err = enum_secret_keys (&ctx, sk)))
- * { // Process SK.
- * if (done)
- * break;
- * sk = xmalloc_clear (sizeof (*sk));
- * }
- *
- * // Release any resources used by CTX.
- * enum_secret_keys (&ctx, NULL);
- *
- * if (gpg_err_code (err) != GPG_ERR_EOF)
- * ; // An error occurred.
- */
-gpg_error_t
-enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
-{
- gpg_error_t err = 0;
- const char *name;
- kbnode_t keyblock;
- struct
- {
- int eof;
- int state;
- strlist_t sl;
- kbnode_t keyblock;
- kbnode_t node;
- getkey_ctx_t ctx;
- pubkey_t results;
- } *c = *context;
-
- if (!c)
- {
- /* Make a new context. */
- c = xtrycalloc (1, sizeof *c);
- if (!c)
- return gpg_error_from_syserror ();
- *context = c;
- }
-
- if (!sk)
- {
- /* Free the context. */
- pubkeys_free (c->results);
- release_kbnode (c->keyblock);
- getkey_end (ctrl, c->ctx);
- xfree (c);
- *context = NULL;
- return 0;
- }
-
- if (c->eof)
- return gpg_error (GPG_ERR_EOF);
-
- for (;;)
- {
- /* Loop until we have a keyblock. */
- while (!c->keyblock)
- {
- /* Loop over the list of secret keys. */
- do
- {
- name = NULL;
- keyblock = NULL;
- switch (c->state)
- {
- case 0: /* First try to use the --default-key. */
- name = parse_def_secret_key (ctrl);
- c->state = 1;
- break;
-
- case 1: /* Init list of keys to try. */
- c->sl = opt.secret_keys_to_try;
- c->state++;
- break;
-
- case 2: /* Get next item from list. */
- if (c->sl)
- {
- name = c->sl->d;
- c->sl = c->sl->next;
- }
- else
- c->state++;
- break;
-
- case 3: /* Init search context to enum all secret keys. */
- err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
- &keyblock);
- if (err)
- {
- release_kbnode (keyblock);
- keyblock = NULL;
- getkey_end (ctrl, c->ctx);
- c->ctx = NULL;
- }
- c->state++;
- break;
-
- case 4: /* Get next item from the context. */
- if (c->ctx)
- {
- err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
- if (err)
- {
- release_kbnode (keyblock);
- keyblock = NULL;
- getkey_end (ctrl, c->ctx);
- c->ctx = NULL;
- }
- }
- else
- c->state++;
- break;
-
- default: /* No more names to check - stop. */
- c->eof = 1;
- return gpg_error (GPG_ERR_EOF);
- }
- }
- while ((!name || !*name) && !keyblock);
-
- if (keyblock)
- c->node = c->keyblock = keyblock;
- else
- {
- err = getkey_byname (ctrl, NULL, NULL, name, 1, &c->keyblock);
- if (err)
- {
- /* getkey_byname might return a keyblock even in the
- error case - I have not checked. Thus better release
- it. */
- release_kbnode (c->keyblock);
- c->keyblock = NULL;
- }
- else
- c->node = c->keyblock;
- }
- }
-
- /* Get the next key from the current keyblock. */
- for (; c->node; c->node = c->node->next)
- {
- if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
- || c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
- {
- pubkey_t r;
-
- /* Skip this candidate if it's already enumerated. */
- for (r = c->results; r; r = r->next)
- if (!cmp_public_keys (r->pk, c->node->pkt->pkt.public_key))
- break;
- if (r)
- continue;
-
- copy_public_key (sk, c->node->pkt->pkt.public_key);
- c->node = c->node->next;
-
- r = xtrycalloc (1, sizeof (*r));
- if (!r)
- {
- err = gpg_error_from_syserror ();
- free_public_key (sk);
- return err;
- }
-
- r->pk = sk;
- r->keyblock = NULL;
- r->next = c->results;
- c->results = r;
-
- return 0; /* Found. */
- }
- }
-
- /* Dispose the keyblock and continue. */
- release_kbnode (c->keyblock);
- c->keyblock = NULL;
- }
-}
-
gpg_error_t
get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk,
const byte *fpr_card, size_t fpr_len)
diff --git a/g10/skclist.c b/g10/skclist.c
index 78890dc..f8c8cad 100644
--- a/g10/skclist.c
+++ b/g10/skclist.c
@@ -286,3 +286,201 @@ build_sk_list (ctrl_t ctrl,
*ret_sk_list = sk_list;
return err;
}
+
+
+/* Enumerate some secret keys (specifically, those specified with
+ * --default-key and --try-secret-key). Use the following procedure:
+ *
+ * 1) Initialize a void pointer to NULL
+ * 2) Pass a reference to this pointer to this function (content)
+ * and provide space for the secret key (sk)
+ * 3) Call this function as long as it does not return an error (or
+ * until you are done). The error code GPG_ERR_EOF indicates the
+ * end of the listing.
+ * 4) Call this function a last time with SK set to NULL,
+ * so that can free it's context.
+ *
+ * In pseudo-code:
+ *
+ * void *ctx = NULL;
+ * PKT_public_key *sk = xmalloc_clear (sizeof (*sk));
+ *
+ * while ((err = enum_secret_keys (&ctx, sk)))
+ * { // Process SK.
+ * if (done)
+ * break;
+ * sk = xmalloc_clear (sizeof (*sk));
+ * }
+ *
+ * // Release any resources used by CTX.
+ * enum_secret_keys (&ctx, NULL);
+ *
+ * if (gpg_err_code (err) != GPG_ERR_EOF)
+ * ; // An error occurred.
+ */
+gpg_error_t
+enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
+{
+ gpg_error_t err = 0;
+ const char *name;
+ kbnode_t keyblock;
+ struct
+ {
+ int eof;
+ int state;
+ strlist_t sl;
+ kbnode_t keyblock;
+ kbnode_t node;
+ getkey_ctx_t ctx;
+ pubkey_t results;
+ } *c = *context;
+
+ if (!c)
+ {
+ /* Make a new context. */
+ c = xtrycalloc (1, sizeof *c);
+ if (!c)
+ return gpg_error_from_syserror ();
+ *context = c;
+ }
+
+ if (!sk)
+ {
+ /* Free the context. */
+ pubkeys_free (c->results);
+ release_kbnode (c->keyblock);
+ getkey_end (ctrl, c->ctx);
+ xfree (c);
+ *context = NULL;
+ return 0;
+ }
+
+ if (c->eof)
+ return gpg_error (GPG_ERR_EOF);
+
+ for (;;)
+ {
+ /* Loop until we have a keyblock. */
+ while (!c->keyblock)
+ {
+ /* Loop over the list of secret keys. */
+ do
+ {
+ name = NULL;
+ keyblock = NULL;
+ switch (c->state)
+ {
+ case 0: /* First try to use the --default-key. */
+ name = parse_def_secret_key (ctrl);
+ c->state = 1;
+ break;
+
+ case 1: /* Init list of keys to try. */
+ c->sl = opt.secret_keys_to_try;
+ c->state++;
+ break;
+
+ case 2: /* Get next item from list. */
+ if (c->sl)
+ {
+ name = c->sl->d;
+ c->sl = c->sl->next;
+ }
+ else
+ c->state++;
+ break;
+
+ case 3: /* Init search context to enum all secret keys. */
+ err = getkey_bynames (ctrl, &c->ctx, NULL, NULL, 1,
+ &keyblock);
+ if (err)
+ {
+ release_kbnode (keyblock);
+ keyblock = NULL;
+ getkey_end (ctrl, c->ctx);
+ c->ctx = NULL;
+ }
+ c->state++;
+ break;
+
+ case 4: /* Get next item from the context. */
+ if (c->ctx)
+ {
+ err = getkey_next (ctrl, c->ctx, NULL, &keyblock);
+ if (err)
+ {
+ release_kbnode (keyblock);
+ keyblock = NULL;
+ getkey_end (ctrl, c->ctx);
+ c->ctx = NULL;
+ }
+ }
+ else
+ c->state++;
+ break;
+
+ default: /* No more names to check - stop. */
+ c->eof = 1;
+ return gpg_error (GPG_ERR_EOF);
+ }
+ }
+ while ((!name || !*name) && !keyblock);
+
+ if (keyblock)
+ c->node = c->keyblock = keyblock;
+ else
+ {
+ err = getkey_byname (ctrl, NULL, NULL, name, 1, &c->keyblock);
+ if (err)
+ {
+ /* getkey_byname might return a keyblock even in the
+ error case - I have not checked. Thus better release
+ it. */
+ release_kbnode (c->keyblock);
+ c->keyblock = NULL;
+ }
+ else
+ c->node = c->keyblock;
+ }
+ }
+
+ /* Get the next key from the current keyblock. */
+ for (; c->node; c->node = c->node->next)
+ {
+ if (c->node->pkt->pkttype == PKT_PUBLIC_KEY
+ || c->node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ {
+ pubkey_t r;
+
+ /* Skip this candidate if it's already enumerated. */
+ for (r = c->results; r; r = r->next)
+ if (!cmp_public_keys (r->pk, c->node->pkt->pkt.public_key))
+ break;
+ if (r)
+ continue;
+
+ copy_public_key (sk, c->node->pkt->pkt.public_key);
+ c->node = c->node->next;
+
+ r = xtrycalloc (1, sizeof (*r));
+ if (!r)
+ {
+ err = gpg_error_from_syserror ();
+ free_public_key (sk);
+ return err;
+ }
+
+ r->pk = sk;
+ r->keyblock = NULL;
+ r->next = c->results;
+ c->results = r;
+
+ return 0; /* Found. */
+ }
+ }
+
+ /* Dispose the keyblock and continue. */
+ release_kbnode (c->keyblock);
+ c->keyblock = NULL;
+ }
+}
commit b0c00ce0af1b1ac140ae675299214af34e4e0c1f
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Mon Jun 11 15:02:57 2018 +0900
g10: Fix comment of enum_secret_keys.
* g10/getkey.c (enum_secret_keys): Fix comment for usage of
enum_secret_keys, following the previous change.
--
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/getkey.c b/g10/getkey.c
index 670dc1d..470bab6 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3925,13 +3925,11 @@ lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret,
* { // Process SK.
* if (done)
* break;
- * free_public_key (sk);
* sk = xmalloc_clear (sizeof (*sk));
* }
*
* // Release any resources used by CTX.
* enum_secret_keys (&ctx, NULL);
- * free_public_key (sk);
*
* if (gpg_err_code (err) != GPG_ERR_EOF)
* ; // An error occurred.
-----------------------------------------------------------------------
Summary of changes:
g10/getkey.c | 199 -----------------------------------------------
g10/skclist.c | 246 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 246 insertions(+), 199 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list