merging sync
authorVolker Birk <vb@pep-project.org>
Fri, 22 Mar 2019 16:05:18 +0100
branchsync
changeset 3380aad0fe0a6387
parent 3379 2f957d83c0f7
parent 3378 7f1e1775d946
child 3381 d9347f38d69c
merging
     1.1 --- a/src/pgp_sequoia.c	Fri Mar 22 16:05:04 2019 +0100
     1.2 +++ b/src/pgp_sequoia.c	Fri Mar 22 16:05:18 2019 +0100
     1.3 @@ -1078,6 +1078,7 @@
     1.4      struct decrypt_cookie cookie = { session, 0, NULL, NULL, 0, 0, 0, };
     1.5      pgp_reader_t reader = NULL;
     1.6      pgp_writer_t writer = NULL;
     1.7 +    pgp_reader_t decryptor = NULL;
     1.8      *ptext = NULL;
     1.9      *psize = 0;
    1.10  
    1.11 @@ -1102,23 +1103,26 @@
    1.12          ERROR_OUT(NULL, PEP_UNKNOWN_ERROR, "Creating writer");
    1.13  
    1.14      pgp_error_t err = NULL;
    1.15 -    pgp_status_t pgp_status
    1.16 -        = pgp_decrypt(&err, reader, writer,
    1.17 -                      get_public_keys_cb, get_secret_keys_cb,
    1.18 -                      check_signatures_cb, &cookie);
    1.19 -    if (pgp_status)
    1.20 -        ERROR_OUT(err, PEP_DECRYPT_NO_KEY, "pgp_decrypt");
    1.21 +    decryptor = pgp_decryptor_new(&err, reader,
    1.22 +                                  get_public_keys_cb, get_secret_keys_cb,
    1.23 +                                  check_signatures_cb, &cookie);
    1.24 +    if (! decryptor)
    1.25 +        ERROR_OUT(err, PEP_DECRYPT_NO_KEY, "pgp_decryptor_new");
    1.26 +
    1.27 +    // Copy 128 MB at a time.
    1.28 +    ssize_t nread;
    1.29 +    while ((nread = pgp_reader_copy (&err, decryptor, writer,
    1.30 +                                     128 * 1024 * 1024) > 0))
    1.31 +        ;
    1.32 +    if (nread < 0)
    1.33 +        ERROR_OUT(err, PGP_STATUS_UNKNOWN_ERROR, "pgp_reader_read");
    1.34 +
    1.35 +    // Add a terminating NUL for naive users
    1.36 +    pgp_writer_write(&err, writer, (const uint8_t *) &""[0], 1);
    1.37  
    1.38      if (! cookie.decrypted)
    1.39          ERROR_OUT(err, PEP_DECRYPT_NO_KEY, "Decryption failed");
    1.40  
    1.41 -    // Add a terminating NUL for naive users
    1.42 -    void *t = realloc(*ptext, *psize + 1);
    1.43 -    if (! t)
    1.44 -        ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
    1.45 -    *ptext = t;
    1.46 -    (*ptext)[*psize] = 0;
    1.47 -
    1.48      if (! cookie.signer_keylist) {
    1.49          cookie.signer_keylist = new_stringlist("");
    1.50          if (! cookie.signer_keylist)
    1.51 @@ -1152,6 +1156,8 @@
    1.52  
    1.53      if (reader)
    1.54          pgp_reader_free(reader);
    1.55 +    if (decryptor)
    1.56 +        pgp_reader_free(decryptor);
    1.57      if (writer)
    1.58          pgp_writer_free(writer);
    1.59  
    1.60 @@ -1168,6 +1174,7 @@
    1.61      struct decrypt_cookie cookie = { session, 0, NULL, NULL, 0, 0, 0, };
    1.62      pgp_reader_t reader = NULL;
    1.63      pgp_reader_t dsig_reader = NULL;
    1.64 +    pgp_reader_t verifier = NULL;
    1.65  
    1.66      if (size == 0 || sig_size == 0)
    1.67          return PEP_DECRYPT_WRONG_FORMAT;
    1.68 @@ -1191,9 +1198,20 @@
    1.69              ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "Creating signature reader");
    1.70      }
    1.71  
    1.72 -    if (pgp_verify(&err, reader, dsig_reader, /* output */ NULL,
    1.73 -                  get_public_keys_cb, check_signatures_cb, &cookie))
    1.74 -        ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_verify");
    1.75 +    if (dsig_reader)
    1.76 +        verifier = pgp_detached_verifier_new(&err, dsig_reader, reader,
    1.77 +                                             get_public_keys_cb,
    1.78 +                                             check_signatures_cb,
    1.79 +                                             &cookie);
    1.80 +    else
    1.81 +        verifier = pgp_verifier_new(&err, reader,
    1.82 +                                    get_public_keys_cb,
    1.83 +                                    check_signatures_cb,
    1.84 +                                    &cookie);
    1.85 +    if (! verifier)
    1.86 +        ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Creating verifier");
    1.87 +    if (pgp_reader_discard(&err, verifier) < 0)
    1.88 +        ERROR_OUT(err, PEP_UNKNOWN_ERROR, "verifier");
    1.89  
    1.90      if (! cookie.signer_keylist) {
    1.91          cookie.signer_keylist = new_stringlist("");
    1.92 @@ -1225,6 +1243,8 @@
    1.93          free_stringlist(cookie.signer_keylist);
    1.94      }
    1.95  
    1.96 +    if (verifier)
    1.97 +        pgp_reader_free(verifier);
    1.98      if (reader)
    1.99          pgp_reader_free(reader);
   1.100      if (dsig_reader)