[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_9-55-g9710320
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_9-55-g9710320 |
|
Date: |
Fri, 30 Dec 2011 22:49:06 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9710320f8e5a84b3f97efb5fbb24903e00e5fe13
The branch, master has been updated
via 9710320f8e5a84b3f97efb5fbb24903e00e5fe13 (commit)
via da774307b84256aaf9c7c16b286baadd9c67dd55 (commit)
via 394189a3bddb59f32c27bab388786b035591758d (commit)
via 06c6a7ed3f7448bf2a94af14c10d872e71f97269 (commit)
from 07cd58a5b21bca3d59d62285fae68dd341433c43 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9710320f8e5a84b3f97efb5fbb24903e00e5fe13
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Dec 31 00:48:58 2011 +0200
correctly report 0 keys on a keyring
commit da774307b84256aaf9c7c16b286baadd9c67dd55
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Dec 31 00:39:08 2011 +0200
more opencdk simplifications
commit 394189a3bddb59f32c27bab388786b035591758d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Dec 31 00:38:55 2011 +0200
specify key type (raw) to certtool
commit 06c6a7ed3f7448bf2a94af14c10d872e71f97269
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Dec 31 00:03:54 2011 +0200
Removed unneeded opencdk functionality.
-----------------------------------------------------------------------
Summary of changes:
lib/opencdk/Makefile.am | 2 +-
lib/opencdk/armor.c | 110 ------------
lib/opencdk/kbnode.c | 9 +-
lib/opencdk/keydb.c | 108 +------------
lib/opencdk/main.c | 339 --------------------------------------
lib/opencdk/opencdk.h | 72 +--------
lib/openpgp/extras.c | 5 +-
lib/openpgp/gnutls_openpgp.c | 5 +-
lib/openpgp/pgp.c | 45 +----
lib/openpgp/privkey.c | 47 +-----
src/certtool.c | 2 +-
tests/openpgp-certs/testselfsigs | 8 +-
12 files changed, 44 insertions(+), 708 deletions(-)
delete mode 100644 lib/opencdk/main.c
diff --git a/lib/opencdk/Makefile.am b/lib/opencdk/Makefile.am
index fd8ea23..3f31c29 100644
--- a/lib/opencdk/Makefile.am
+++ b/lib/opencdk/Makefile.am
@@ -32,7 +32,7 @@ endif
noinst_LTLIBRARIES = libminiopencdk.la
-libminiopencdk_la_SOURCES = armor.c filters.h keydb.h main.c types.h \
+libminiopencdk_la_SOURCES = armor.c filters.h keydb.h types.h \
kbnode.c main.h packet.h sig-check.c hash.c \
keydb.c pubkey.c stream.c write-packet.c misc.c seskey.c \
context.h literal.c new-packet.c read-packet.c stream.h opencdk.h
diff --git a/lib/opencdk/armor.c b/lib/opencdk/armor.c
index 9462b2b..19b8d4b 100644
--- a/lib/opencdk/armor.c
+++ b/lib/opencdk/armor.c
@@ -463,7 +463,6 @@ search_header (const char *buf, const char **array)
if (strlen (buf) < 5 || strncmp (buf, "-----", 5))
{
- gnutls_assert ();
return -1;
}
for (i = 0; (s = array[i]); i++)
@@ -517,7 +516,6 @@ armor_decode (void *data, FILE * in, FILE * out)
if (feof (in) || !pgp_data)
{
- gnutls_assert ();
return CDK_Armor_Error; /* no data found */
}
@@ -616,114 +614,6 @@ armor_decode (void *data, FILE * in, FILE * out)
return rc;
}
-
-/**
- * cdk_file_armor:
- * @hd: Handle
- * @file: Name of the file to protect.
- * @output: Output filename.
- *
- * Protect a file with ASCII armor.
- **/
-cdk_error_t
-cdk_file_armor (cdk_ctx_t hd, const char *file, const char *output)
-{
- cdk_stream_t inp, out;
- cdk_error_t rc;
-
- rc = _cdk_check_args (hd->opt.overwrite, file, output);
- if (rc)
- return rc;
-
- rc = cdk_stream_open (file, &inp);
- if (rc)
- {
- gnutls_assert ();
- return rc;
- }
-
- rc = cdk_stream_new (output, &out);
- if (rc)
- {
- cdk_stream_close (inp);
- gnutls_assert ();
- return rc;
- }
-
- cdk_stream_set_armor_flag (out, CDK_ARMOR_MESSAGE);
- if (hd->opt.compress)
- rc = cdk_stream_set_compress_flag (out, hd->compress.algo,
- hd->compress.level);
- if (!rc)
- rc = cdk_stream_set_literal_flag (out, 0, file);
- if (!rc)
- rc = cdk_stream_kick_off (inp, out);
- if (!rc)
- rc = _cdk_stream_get_errno (out);
-
- cdk_stream_close (out);
- cdk_stream_close (inp);
- return rc;
-}
-
-
-/**
- * cdk_file_dearmor:
- * @file: Name of the file to unprotect.
- * @output: Output filename.
- *
- * Remove ASCII armor from a file.
- **/
-cdk_error_t
-cdk_file_dearmor (const char *file, const char *output)
-{
- cdk_stream_t inp, out;
- cdk_error_t rc;
- int zipalgo;
-
- rc = _cdk_check_args (1, file, output);
- if (rc)
- {
- gnutls_assert ();
- return rc;
- }
-
- rc = cdk_stream_open (file, &inp);
- if (rc)
- {
- gnutls_assert ();
- return rc;
- }
-
- rc = cdk_stream_create (output, &out);
- if (rc)
- {
- cdk_stream_close (inp);
- gnutls_assert ();
- return rc;
- }
-
- if (cdk_armor_filter_use (inp))
- {
- rc = cdk_stream_set_literal_flag (inp, 0, NULL);
- zipalgo = cdk_stream_is_compressed (inp);
- if (zipalgo)
- rc = cdk_stream_set_compress_flag (inp, zipalgo, 0);
- if (!rc)
- rc = cdk_stream_set_armor_flag (inp, 0);
- if (!rc)
- rc = cdk_stream_kick_off (inp, out);
- if (!rc)
- rc = _cdk_stream_get_errno (inp);
- }
-
- cdk_stream_close (inp);
- cdk_stream_close (out);
- gnutls_assert ();
- return rc;
-}
-
-
int
_cdk_filter_armor (void *data, int ctl, FILE * in, FILE * out)
{
diff --git a/lib/opencdk/kbnode.c b/lib/opencdk/kbnode.c
index 8b91e19..3fc7674 100644
--- a/lib/opencdk/kbnode.c
+++ b/lib/opencdk/kbnode.c
@@ -1,6 +1,5 @@
/* kbnode.c - keyblock node utility functions
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2007, 2008, 2010
- * Free Software Foundation, Inc.
+ * Copyright (C) 1998-2003, 2007-2011 Free Software Foundation, Inc.
*
* Author: Timo Schulz
*
@@ -396,6 +395,7 @@ cdk_kbnode_get_packet (cdk_kbnode_t node)
/**
* cdk_kbnode_read_from_mem:
* @ret_node: the new key node
+ * @armor: whether base64 or not
* @buf: the buffer which stores the key sequence
* @buflen: the length of the buffer
*
@@ -403,6 +403,7 @@ cdk_kbnode_get_packet (cdk_kbnode_t node)
**/
cdk_error_t
cdk_kbnode_read_from_mem (cdk_kbnode_t * ret_node,
+ int armor,
const byte * buf, size_t buflen)
{
cdk_stream_t inp;
@@ -418,6 +419,10 @@ cdk_kbnode_read_from_mem (cdk_kbnode_t * ret_node,
rc = cdk_stream_tmp_from_mem (buf, buflen, &inp);
if (rc)
return rc;
+
+ if (armor)
+ cdk_stream_set_armor_flag (inp, 0);
+
rc = cdk_keydb_get_keyblock (inp, ret_node);
if (rc)
gnutls_assert ();
diff --git a/lib/opencdk/keydb.c b/lib/opencdk/keydb.c
index c47154e..10e46a7 100644
--- a/lib/opencdk/keydb.c
+++ b/lib/opencdk/keydb.c
@@ -279,13 +279,15 @@ keydb_idx_search (cdk_stream_t inp, u32 * keyid, const
byte * fpr,
/**
* cdk_keydb_new_from_mem:
* @r_hd: The keydb output handle.
+ * @secret: does the stream contain secret key data
+ * @armor: the stream is base64
* @data: The raw key data.
* @datlen: The length of the raw data.
*
* Create a new keyring db handle from the contents of a buffer.
*/
cdk_error_t
-cdk_keydb_new_from_mem (cdk_keydb_hd_t * r_db, int secret,
+cdk_keydb_new_from_mem (cdk_keydb_hd_t * r_db, int secret, int armor,
const void *data, size_t datlen)
{
cdk_keydb_hd_t db;
@@ -305,7 +307,8 @@ cdk_keydb_new_from_mem (cdk_keydb_hd_t * r_db, int secret,
gnutls_assert ();
return rc;
}
- if (cdk_armor_filter_use (db->fp))
+
+ if (armor)
cdk_stream_set_armor_flag (db->fp, 0);
db->type = CDK_DBTYPE_DATA;
db->secret = secret;
@@ -313,102 +316,6 @@ cdk_keydb_new_from_mem (cdk_keydb_hd_t * r_db, int secret,
return 0;
}
-
-/**
- * cdk_keydb_new_from_stream:
- * @r_hd: the output keydb handle
- * @secret: does the stream contain secret key data
- * @in: the input stream to use
- *
- * This function creates a new keydb handle based on the given
- * stream. The stream is not closed in cdk_keydb_free() and it
- * is up to the caller to close it. No decoding is done.
- */
-cdk_error_t
-cdk_keydb_new_from_stream (cdk_keydb_hd_t * r_hd, int secret, cdk_stream_t in)
-{
- cdk_keydb_hd_t hd;
-
- if (!r_hd)
- {
- gnutls_assert ();
- return CDK_Inv_Value;
- }
- *r_hd = NULL;
-
- hd = calloc (1, sizeof *hd);
- hd->fp = in;
- hd->fp_ref = 1;
- hd->type = CDK_DBTYPE_STREAM;
- hd->secret = secret;
- *r_hd = hd;
-
- /* We do not push any filters and thus we expect that the format
- of the stream has the format the user wanted. */
-
- return 0;
-}
-
-
-cdk_error_t
-cdk_keydb_new_from_file (cdk_keydb_hd_t * r_hd, int secret, const char *fname)
-{
- cdk_keydb_hd_t hd;
-
- if (!r_hd)
- {
- gnutls_assert ();
- return CDK_Inv_Value;
- }
- *r_hd = NULL;
- hd = calloc (1, sizeof *hd);
- hd->name = cdk_strdup (fname);
- if (!hd->name)
- {
- cdk_free (hd);
- gnutls_assert ();
- return CDK_Out_Of_Core;
- }
- hd->type = secret ? CDK_DBTYPE_SK_KEYRING : CDK_DBTYPE_PK_KEYRING;
- hd->secret = secret;
- *r_hd = hd;
- return 0;
-}
-
-
-
-/**
- * cdk_keydb_new:
- * @r_hd: handle to store the new keydb object
- * @type: type of the keyring
- * @data: data which depends on the keyring type
- * @count: length of the data
- *
- * Create a new keydb object
- **/
-cdk_error_t
-cdk_keydb_new (cdk_keydb_hd_t * r_hd, int type, void *data, size_t count)
-{
- switch (type)
- {
- case CDK_DBTYPE_PK_KEYRING:
- case CDK_DBTYPE_SK_KEYRING:
- return cdk_keydb_new_from_file (r_hd, type == CDK_DBTYPE_SK_KEYRING,
- (const char *) data);
-
- case CDK_DBTYPE_DATA:
- return cdk_keydb_new_from_mem (r_hd, 0, data, count);
-
- case CDK_DBTYPE_STREAM:
- return cdk_keydb_new_from_stream (r_hd, 0, (cdk_stream_t) data);
-
- default:
- gnutls_assert ();
- return CDK_Inv_Mode;
- }
-}
-
-
/**
* cdk_keydb_free:
* @hd: the keydb object
@@ -453,7 +360,7 @@ _cdk_keydb_open (cdk_keydb_hd_t hd, cdk_stream_t * ret_kr)
}
rc = 0;
- if ((hd->type == CDK_DBTYPE_DATA || hd->type == CDK_DBTYPE_STREAM)
+ if ((hd->type == CDK_DBTYPE_DATA)
&& hd->fp)
{
kr = hd->fp;
@@ -466,9 +373,6 @@ _cdk_keydb_open (cdk_keydb_hd_t hd, cdk_stream_t * ret_kr)
if (rc)
goto leave;
-
- if (cdk_armor_filter_use (kr))
- cdk_stream_set_armor_flag (kr, 0);
}
else
{
diff --git a/lib/opencdk/main.c b/lib/opencdk/main.c
deleted file mode 100644
index bb1a163..0000000
--- a/lib/opencdk/main.c
+++ /dev/null
@@ -1,339 +0,0 @@
-/* main.c
- * Copyright (C) 2001, 2002, 2003, 2007, 2008, 2010 Free Software
- * Foundation, Inc.
- *
- * Author: Timo Schulz
- *
- * This file is part of OpenCDK.
- *
- * The OpenCDK library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 3 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <stdio.h>
-#include <errno.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "opencdk.h"
-#include "main.h"
-#include "packet.h"
-
-
-/* Set a default cipher algorithm and a digest algorithm.
- Even if AES and SHA-256 are not 'MUST' in the latest
- OpenPGP draft, AES seems to be a good choice. */
-#define DEFAULT_DIGEST_ALGO GNUTLS_DIG_SHA256
-
-/* Use the passphrase callback in the handle HD or
- return NULL if there is no valid callback. */
-char *
-_cdk_passphrase_get (cdk_ctx_t hd, const char *prompt)
-{
- if (!hd || !hd->passphrase_cb)
- return NULL;
- return hd->passphrase_cb (hd->passphrase_cb_value, prompt);
-}
-
-
-static void
-handle_set_digest (cdk_ctx_t hd, int digest)
-{
- if (!hd)
- return;
- if (_gnutls_hash_get_algo_len (digest) <= 0)
- digest = DEFAULT_DIGEST_ALGO;
- hd->digest_algo = digest;
-}
-
-
-static void
-handle_set_s2k (cdk_ctx_t hd, int mode, int digest)
-{
- if (!hd)
- return;
- if (_gnutls_hash_get_algo_len (digest) <= 0)
- digest = DEFAULT_DIGEST_ALGO;
- if (mode != CDK_S2K_SIMPLE &&
- mode != CDK_S2K_SALTED && mode != CDK_S2K_ITERSALTED)
- mode = CDK_S2K_ITERSALTED;
- hd->_s2k.mode = mode;
- hd->_s2k.digest_algo = digest;
-}
-
-
-static void
-handle_set_compress (cdk_ctx_t hd, int algo, int level)
-{
- if (!hd)
- return;
- if (algo < 0 || algo > 2)
- algo = 0;
- hd->compress.algo = algo;
- if (!algo)
- hd->opt.compress = 0;
- else
- {
- if (level > 0 && level < 10)
- hd->compress.level = level;
- else
- hd->compress.level = 6;
- }
-}
-
-
-/**
- * cdk_handle_control:
- * @hd: session handle
- * @action: flag which indicates whether put or get is requested
- * @cmd: command id
- *
- * Perform various control operations for the current session.
- **/
-int
-cdk_handle_control (cdk_ctx_t hd, int action, int cmd, ...)
-{
- va_list arg_ptr;
- int set = action == CDK_CTLF_SET, val = 0;
-
- if (!hd)
- return -1;
-
- if (action != CDK_CTLF_SET && action != CDK_CTLF_GET)
- return -1;
- va_start (arg_ptr, cmd);
- switch (cmd)
- {
- case CDK_CTL_ARMOR:
- if (set)
- hd->opt.armor = va_arg (arg_ptr, int);
- else
- val = hd->opt.armor;
- break;
-
- case CDK_CTL_DIGEST:
- if (set)
- handle_set_digest (hd, va_arg (arg_ptr, int));
- else
- val = hd->digest_algo;
- break;
-
- case CDK_CTL_OVERWRITE:
- if (set)
- hd->opt.overwrite = va_arg (arg_ptr, int);
- else
- val = hd->opt.overwrite;
- break;
-
- case CDK_CTL_COMPRESS:
- if (set)
- {
- int algo = va_arg (arg_ptr, int);
- int level = va_arg (arg_ptr, int);
- handle_set_compress (hd, algo, level);
- }
- else
- val = hd->compress.algo;
- break;
-
- case CDK_CTL_S2K:
- if (set)
- {
- int mode = va_arg (arg_ptr, int);
- int digest = va_arg (arg_ptr, int);
- handle_set_s2k (hd, mode, digest);
- }
- else
- val = hd->_s2k.mode;
- break;
-
- case CDK_CTL_FORCE_DIGEST:
- if (set)
- hd->opt.force_digest = va_arg (arg_ptr, int);
- else
- val = hd->opt.force_digest;
- break;
-
- case CDK_CTL_BLOCKMODE_ON:
- if (set)
- hd->opt.blockmode = va_arg (arg_ptr, int);
- else
- val = hd->opt.blockmode;
- break;
-
- default:
- val = -1;
- break;
- }
- va_end (arg_ptr);
- return val;
-}
-
-
-
-/**
- * cdk_handle_new:
- * @r_ctx: context to store the handle
- *
- * create a new session handle.
- **/
-cdk_error_t
-cdk_handle_new (cdk_ctx_t * r_ctx)
-{
- cdk_ctx_t c;
-
- if (!r_ctx)
- return CDK_Inv_Value;
-
- c = cdk_calloc (1, sizeof *c);
- if (!c)
- return CDK_Out_Of_Core;
-
- /* For S2K use the iterated and salted mode and use the
- default digest and cipher algorithms. Because the MDC
- feature will be used, the default cipher should use a
- blocksize of 128 bits. */
- c->_s2k.mode = CDK_S2K_ITERSALTED;
- c->_s2k.digest_algo = DEFAULT_DIGEST_ALGO;
-
- c->opt.mdc = 1;
- c->opt.compress = 1;
- c->opt.armor = 0;
- c->opt.textmode = 0;
-
- c->digest_algo = DEFAULT_DIGEST_ALGO;
-
- c->compress.algo = CDK_COMPRESS_ZIP;
- c->compress.level = 6;
-
- *r_ctx = c;
- return 0;
-}
-
-
-/**
- * cdk_handle_set_keyring:
- * @hd: session handle
- * @type: public=0 or secret=1 keyring type
- * @kringname: file name of the keyring which shall be used.
- *
- * Convenient function to set the keyring for the current session.
- */
-cdk_error_t
-cdk_handle_set_keyring (cdk_ctx_t hd, int type, const char *kringname)
-{
- cdk_keydb_hd_t db;
- cdk_error_t err;
-
- err = cdk_keydb_new_from_file (&db, type, kringname);
- if (err)
- return err;
-
- if (!type)
- hd->db.pub = db;
- else
- hd->db.sec = db;
- hd->db.close_db = 1;
- return 0;
-}
-
-
-/**
- * cdk_handle_set_keydb:
- * @hd: session handle
- * @db: the database handle
- *
- * set the key database handle.
- * the function automatically detects whether this is a public or
- * secret keyring and the right handle is set.
- **/
-void
-cdk_handle_set_keydb (cdk_ctx_t hd, cdk_keydb_hd_t db)
-{
- if (!hd)
- return;
- if (_cdk_keydb_is_secret (db))
- hd->db.sec = db;
- else
- hd->db.pub = db;
-}
-
-
-/**
- * cdk_handle_get_keydb:
- * @hd: session handle
- * @type: type of the keyring
- *
- * Return the keydb handle from the session handle.
- * The caller should not free these handles.
- **/
-cdk_keydb_hd_t
-cdk_handle_get_keydb (cdk_ctx_t hd, int type)
-{
- if (!hd)
- return NULL;
- if (type == CDK_DBTYPE_PK_KEYRING)
- return hd->db.pub;
- else if (type == CDK_DBTYPE_SK_KEYRING)
- return hd->db.sec;
- return NULL;
-}
-
-
-/**
- * cdk_handle_set_passphrase_cb:
- * @hd: session handle
- * @cb: callback function
- * @cb_value: the opaque value for the cb function
- *
- * set the passphrase callback.
- **/
-void
-cdk_handle_set_passphrase_cb (cdk_ctx_t hd,
- char *(*cb) (void *opa, const char *prompt),
- void *cb_value)
-{
- if (!hd)
- return;
- hd->passphrase_cb = cb;
- hd->passphrase_cb_value = cb_value;
-}
-
-/**
- * cdk_handle_free:
- * @hd: the handle
- *
- * Release the main handle.
- **/
-void
-cdk_handle_free (cdk_ctx_t hd)
-{
- if (!hd)
- return;
-
- /* If cdk_handle_set_keyring() were used, we need to free the key db
- handles here because the handles are not controlled by the user. */
- if (hd->db.close_db)
- {
- if (hd->db.pub)
- cdk_keydb_free (hd->db.pub);
- if (hd->db.sec)
- cdk_keydb_free (hd->db.sec);
- hd->db.pub = hd->db.sec = NULL;
- }
- cdk_free (hd);
-}
diff --git a/lib/opencdk/opencdk.h b/lib/opencdk/opencdk.h
index 113e64e..85531bb 100644
--- a/lib/opencdk/opencdk.h
+++ b/lib/opencdk/opencdk.h
@@ -258,7 +258,6 @@ extern "C"
CDK_DBTYPE_PK_KEYRING = 100, /* A file with one or more public keys
*/
CDK_DBTYPE_SK_KEYRING = 101, /* A file with one or more secret keys
*/
CDK_DBTYPE_DATA = 102, /* A buffer with at least one public key */
- CDK_DBTYPE_STREAM = 103 /* A stream is used to read keys from */
};
@@ -576,56 +575,6 @@ extern "C"
};
typedef struct cdk_packet_s *cdk_packet_t;
-/* Session handle routines */
- cdk_error_t cdk_handle_new (cdk_ctx_t * r_ctx);
- void cdk_handle_free (cdk_ctx_t c);
-
-/* Set the key database handle for the given session handle.
- The type of the key db handle (public or secret) decides
- which session key db handle to use. */
- void cdk_handle_set_keydb (cdk_ctx_t hd, cdk_keydb_hd_t db);
-
-/* Convenient function to avoid to open a key db first.
- The user can directly use the file name, the rest is
- done internally. */
- cdk_error_t cdk_handle_set_keyring (cdk_ctx_t hd, int type,
- const char *kringname);
-
-/* Return keydb handle stored in the session handle. */
- cdk_keydb_hd_t cdk_handle_get_keydb (cdk_ctx_t hd, int type);
- int cdk_handle_control (cdk_ctx_t hd, int action, int cmd, ...);
-
-/* Set a passphrase callback for the given session handle. */
- void cdk_handle_set_passphrase_cb (cdk_ctx_t hd,
- char *(*cb) (void *opa,
- const char *prompt),
- void *cb_value);
-
-/* shortcuts for some controls */
-
-/* Enable or disable armor output. */
-#define cdk_handle_set_armor(a, val) \
- cdk_handle_control ((a), CDK_CTLF_SET, CDK_CTL_ARMOR, (val))
-
-/* Set the compression algorithm and level. 0 means disable compression. */
-#define cdk_handle_set_compress(a, algo, level) \
- cdk_handle_control ((a), CDK_CTLF_SET, CDK_CTL_COMPRESS, (algo), (level))
-
-/* Activate partial bodies for the output. This is needed if the length
- of the data is not known in advance or for the use with sockets
- or pipes. */
-#define cdk_handle_set_blockmode(a, val) \
- cdk_handle_control ((a), CDK_CTLF_SET, CDK_CTL_BLOCKMODE_ON, (val))
-
-/* Set the digest for the PK signing operation. */
-#define cdk_handle_set_digest(a, val) \
- cdk_handle_control ((a), CDK_CTLF_SET, CDK_CTL_DIGEST, (val))
-
-/* Set the mode and the digest for the S2K operation. */
-#define cdk_handle_set_s2k(a, val1, val2) \
- cdk_handle_control ((a), CDK_CTLF_SET, CDK_CTL_S2K, (val1), (val2))
-/* Raw packet routines. */
-
/* Allocate a new packet or a new packet with the given packet type. */
cdk_error_t cdk_pkt_new (cdk_packet_t * r_pkt);
cdk_error_t cdk_pkt_alloc (cdk_packet_t * r_pkt, cdk_packet_type_t pkttype);
@@ -750,9 +699,6 @@ extern "C"
const unsigned char *salt);
void cdk_s2k_free (cdk_s2k_t s2k);
- cdk_error_t cdk_file_armor (cdk_ctx_t hd, const char *file,
- const char *output);
- cdk_error_t cdk_file_dearmor (const char *file, const char *output);
int cdk_armor_filter_use (cdk_stream_t inp);
/* Protect the inbuf with ASCII armor of the specified type.
@@ -833,26 +779,11 @@ extern "C"
the requested amount of bytes. */
int cdk_stream_peek (cdk_stream_t inp, unsigned char *buf, size_t buflen);
-/* A wrapper around the various new_from_XXX functions. Because
- the function does not support all combinations, the dedicated
- functions should be preferred. */
- cdk_error_t cdk_keydb_new (cdk_keydb_hd_t * r_hd, int type, void *data,
- size_t count);
-
/* Create a new key db handle from a memory buffer. */
cdk_error_t cdk_keydb_new_from_mem (cdk_keydb_hd_t * r_hd, int secret,
+ int armor,
const void *data, size_t datlen);
-/* Create a new key db which uses an existing file. */
- cdk_error_t cdk_keydb_new_from_file (cdk_keydb_hd_t * r_hd, int secret,
- const char *fname);
-
-/* Uses a stream as the key db input. For searching it is important
- that the seek function is supported on the stream. Furthermore,
- the stream is not closed in cdk_keydb_free(). The caller must do it. */
- cdk_error_t cdk_keydb_new_from_stream (cdk_keydb_hd_t * r_hd, int secret,
- cdk_stream_t in);
-
/* Check that a secret key with the given key ID is available. */
cdk_error_t cdk_keydb_check_sk (cdk_keydb_hd_t hd, unsigned int *keyid);
@@ -921,6 +852,7 @@ extern "C"
cdk_kbnode_t cdk_kbnode_new (cdk_packet_t pkt);
cdk_error_t cdk_kbnode_read_from_mem (cdk_kbnode_t * ret_node,
+ int armor,
const unsigned char *buf,
size_t buflen);
cdk_error_t cdk_kbnode_write_to_mem (cdk_kbnode_t node,
diff --git a/lib/openpgp/extras.c b/lib/openpgp/extras.c
index 6e1e297..726379f 100644
--- a/lib/openpgp/extras.c
+++ b/lib/openpgp/extras.c
@@ -147,7 +147,7 @@ gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t
keyring,
size_t written = 0;
err = cdk_stream_tmp_from_mem (data->data, data->size, &input);
- if (!err)
+ if (err == 0)
err = cdk_stream_set_armor_flag (input, 0);
if (err)
{
@@ -183,7 +183,6 @@ gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t
keyring,
while (written < raw_len && err != EOF && err > 0);
raw_len = written;
-
}
else
{ /* RAW */
@@ -191,7 +190,7 @@ gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t
keyring,
raw_data = data->data;
}
- err = cdk_keydb_new (&keyring->db, CDK_DBTYPE_DATA, raw_data, raw_len);
+ err = cdk_keydb_new_from_mem (&keyring->db, 0, 0, raw_data, raw_len);
if (err)
gnutls_assert ();
diff --git a/lib/openpgp/gnutls_openpgp.c b/lib/openpgp/gnutls_openpgp.c
index ae7320a..0ceca8f 100644
--- a/lib/openpgp/gnutls_openpgp.c
+++ b/lib/openpgp/gnutls_openpgp.c
@@ -1,6 +1,5 @@
/*
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011
- * Free Software Foundation, Inc.
+ * Copyright (C) 2002-2011 Free Software Foundation, Inc.
*
* Author: Timo Schulz, Nikos Mavrogiannopoulos
*
@@ -499,7 +498,7 @@ gnutls_openpgp_count_key_names (const gnutls_datum_t * cert)
return 0;
}
- if (cdk_kbnode_read_from_mem (&knode, cert->data, cert->size))
+ if (cdk_kbnode_read_from_mem (&knode, 0, cert->data, cert->size))
{
gnutls_assert ();
return 0;
diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c
index e012644..c74dc8d 100644
--- a/lib/openpgp/pgp.c
+++ b/lib/openpgp/pgp.c
@@ -1,6 +1,5 @@
/*
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
- * Free Software Foundation, Inc.
+ * Copyright (C) 2002-2011 Free Software Foundation, Inc.
*
* Author: Timo Schulz, Nikos Mavrogiannopoulos
*
@@ -89,9 +88,8 @@ gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key,
const gnutls_datum_t * data,
gnutls_openpgp_crt_fmt_t format)
{
- cdk_stream_t inp;
cdk_packet_t pkt;
- int rc;
+ int rc, armor;
if (data->data == NULL || data->size == 0)
{
@@ -99,38 +97,15 @@ gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key,
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
- if (format == GNUTLS_OPENPGP_FMT_RAW)
- {
- rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
- if (rc)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
- }
- else
+ if (format == GNUTLS_OPENPGP_FMT_RAW) armor = 0;
+ else armor = 1;
+
+ rc = cdk_kbnode_read_from_mem (&key->knode, armor, data->data, data->size);
+ if (rc)
{
- rc = cdk_stream_tmp_from_mem (data->data, data->size, &inp);
- if (rc)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
- rc = cdk_stream_set_armor_flag (inp, 0);
- if (!rc)
- rc = cdk_keydb_get_keyblock (inp, &key->knode);
- cdk_stream_close (inp);
- if (rc)
- {
- if (rc == CDK_Inv_Packet)
- rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
- else
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
}
/* Test if the import was successful. */
diff --git a/lib/openpgp/privkey.c b/lib/openpgp/privkey.c
index f43c53b..81b0e43 100644
--- a/lib/openpgp/privkey.c
+++ b/lib/openpgp/privkey.c
@@ -169,9 +169,8 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
gnutls_openpgp_crt_fmt_t format,
const char *password, unsigned int flags)
{
- cdk_stream_t inp;
cdk_packet_t pkt;
- int rc;
+ int rc, armor;
if (data->data == NULL || data->size == 0)
{
@@ -180,43 +179,15 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t
key,
}
if (format == GNUTLS_OPENPGP_FMT_RAW)
- {
- rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
- if (rc != 0)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
- }
- else
- {
- rc = cdk_stream_tmp_from_mem (data->data, data->size, &inp);
- if (rc != 0)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
+ armor = 0;
+ else armor = 1;
- rc = cdk_stream_set_armor_flag (inp, 0);
- if (rc != 0)
- {
- rc = _gnutls_map_cdk_rc (rc);
- cdk_stream_close (inp);
- gnutls_assert ();
- return rc;
- }
-
- rc = cdk_keydb_get_keyblock (inp, &key->knode);
- cdk_stream_close (inp);
-
- if (rc != 0)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
+ rc = cdk_kbnode_read_from_mem (&key->knode, armor, data->data, data->size);
+ if (rc != 0)
+ {
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
}
/* Test if the import was successful. */
diff --git a/src/certtool.c b/src/certtool.c
index e6ae096..972e50d 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1454,7 +1454,7 @@ pgp_ring_info (void)
free (pem.data);
count = gnutls_openpgp_keyring_get_crt_count (ring);
- if (count > 0)
+ if (count >= 0)
fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", count);
else
error (EXIT_FAILURE, 0, "keyring error: %s", gnutls_strerror (count));
diff --git a/tests/openpgp-certs/testselfsigs b/tests/openpgp-certs/testselfsigs
index 49d7427..7350b89 100755
--- a/tests/openpgp-certs/testselfsigs
+++ b/tests/openpgp-certs/testselfsigs
@@ -34,19 +34,19 @@ fail() {
echo "Checking OpenPGP certificate self verification"
-($CERTTOOL --pgp-certificate-info --infile $srcdir/selfsigs/alice.pub \
+($CERTTOOL --inraw --pgp-certificate-info --infile $srcdir/selfsigs/alice.pub \
| grep "^Self Signature verification: ok" > /dev/null) || \
fail "Self sig Verification should have succeeded!"
-($CERTTOOL --pgp-certificate-info --infile
$srcdir/selfsigs/alice-mallory-badsig18.pub \
+($CERTTOOL --inraw --pgp-certificate-info --infile
$srcdir/selfsigs/alice-mallory-badsig18.pub \
| grep "^Self Signature verification: failed" > /dev/null) || \
fail "Self sig Verification should have failed!"
-($CERTTOOL --pgp-certificate-info --infile
$srcdir/selfsigs/alice-mallory-irrelevantsig.pub \
+($CERTTOOL --inraw --pgp-certificate-info --infile
$srcdir/selfsigs/alice-mallory-irrelevantsig.pub \
| grep "^Self Signature verification: failed" >/dev/null) || \
fail "Self sig Verification should have failed!"
-($CERTTOOL --pgp-certificate-info --infile
$srcdir/selfsigs/alice-mallory-nosig18.pub \
+($CERTTOOL --inraw --pgp-certificate-info --infile
$srcdir/selfsigs/alice-mallory-nosig18.pub \
| grep "^Self Signature verification: failed" >/dev/null) || \
fail "Self sig Verification should have failed!"
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_9-55-g9710320,
Nikos Mavrogiannopoulos <=