pushing to clean VM gnupg-2.1
authorKrista Bennett <krista@pep-project.org>
Sat, 15 Jul 2017 00:11:53 +0200
branchgnupg-2.1
changeset 1925bee52dae2cb9
parent 1924 c40a363fae45
child 1926 a6b1bf1c52a1
pushing to clean VM
src/pgp_gpg.c
src/pgp_gpg_internal.h
test/encrypt_missing_private_key_test.cc
     1.1 --- a/src/pgp_gpg.c	Fri Jul 14 18:27:42 2017 +0200
     1.2 +++ b/src/pgp_gpg.c	Sat Jul 15 00:11:53 2017 +0200
     1.3 @@ -285,6 +285,12 @@
     1.4                      = (gpgme_op_createkey_t) (intptr_t) dlsym(gpgme,
     1.5                      "gpgme_op_createkey");
     1.6                  assert(gpg.gpgme_op_createkey);
     1.7 +                
     1.8 +                gpg.gpgme_op_createsubkey
     1.9 +                    = (gpgme_op_createsubkey_t) (intptr_t) dlsym(gpgme,
    1.10 +                    "gpgme_op_createsubkey");
    1.11 +                assert(gpg.gpgme_op_createsubkey);
    1.12 +
    1.13          #endif
    1.14          #endif
    1.15          
    1.16 @@ -1069,6 +1075,39 @@
    1.17          psize, ctext, csize, true);
    1.18  }
    1.19  
    1.20 +
    1.21 +static PEP_STATUS find_single_key(
    1.22 +        PEP_SESSION session,
    1.23 +        const char *fpr,
    1.24 +        gpgme_key_t *key
    1.25 +    )
    1.26 +{
    1.27 +    gpgme_error_t gpgme_error;
    1.28 +
    1.29 +    *key = NULL;
    1.30 +
    1.31 +    gpgme_error = gpg.gpgme_op_keylist_start(session->ctx, fpr, 0);
    1.32 +    gpgme_error = _GPGERR(gpgme_error);
    1.33 +    switch (gpgme_error) {
    1.34 +    case GPG_ERR_NO_ERROR:
    1.35 +        break;
    1.36 +    case GPG_ERR_INV_VALUE:
    1.37 +        assert(0);
    1.38 +        return PEP_UNKNOWN_ERROR;
    1.39 +    default:
    1.40 +        return PEP_GET_KEY_FAILED;
    1.41 +    };
    1.42 +
    1.43 +    gpgme_error = gpg.gpgme_op_keylist_next(session->ctx, key);
    1.44 +    gpgme_error = _GPGERR(gpgme_error);
    1.45 +    assert(gpgme_error != GPG_ERR_INV_VALUE);
    1.46 +
    1.47 +    gpg.gpgme_op_keylist_end(session->ctx);
    1.48 +
    1.49 +    return PEP_STATUS_OK;
    1.50 +}
    1.51 +
    1.52 +
    1.53  static PEP_STATUS _pgp_createkey(PEP_SESSION session, pEp_identity *identity) {
    1.54      PEP_STATUS status = PEP_VERSION_MISMATCH;
    1.55  
    1.56 @@ -1090,9 +1129,7 @@
    1.57                                               0, 31536000, NULL, 
    1.58                                               GPGME_CREATE_NOPASSWD | 
    1.59                                               GPGME_CREATE_SIGN |
    1.60 -                                             GPGME_CREATE_ENCR |
    1.61                                               GPGME_CREATE_CERT |
    1.62 -                                             GPGME_CREATE_AUTH |
    1.63                                               GPGME_CREATE_FORCE);
    1.64          gpgme_error = _GPGERR(gpgme_error);
    1.65  
    1.66 @@ -1116,11 +1153,36 @@
    1.67              assert(gpgme_genkey_result);
    1.68              assert(gpgme_genkey_result->fpr);
    1.69  
    1.70 +            char* fpr = gpgme_genkey_result->fpr;
    1.71 +            gpgme_key_t key;
    1.72 +            PEP_STATUS key_status = find_single_key(session, fpr, &key);
    1.73 +            if (!key || key_status != PEP_STATUS_OK)
    1.74 +                return PEP_CANNOT_CREATE_KEY;
    1.75 +                                
    1.76 +            gpgme_error = gpg.gpgme_op_createsubkey(session->ctx, key, 
    1.77 +                                                    "RSA", 0, 
    1.78 +                                                    31536000, GPGME_CREATE_NOPASSWD 
    1.79 +                                                    | GPGME_CREATE_ENCR);
    1.80 +
    1.81 +            switch (gpgme_error) {
    1.82 +                case GPG_ERR_NO_ERROR:
    1.83 +                    break;		    
    1.84 +                case GPG_ERR_INV_VALUE:
    1.85 +                    return PEP_ILLEGAL_VALUE;
    1.86 +                case GPG_ERR_GENERAL:
    1.87 +                    return PEP_CANNOT_CREATE_KEY;
    1.88 +                default:
    1.89 +                    assert(0);
    1.90 +                    return PEP_UNKNOWN_ERROR;
    1.91 +            }        
    1.92 +            
    1.93              free(identity->fpr);
    1.94 -            identity->fpr = strdup(gpgme_genkey_result->fpr);
    1.95 +            identity->fpr = strdup(fpr);
    1.96              if (identity->fpr == NULL)
    1.97                  return PEP_OUT_OF_MEMORY;
    1.98  
    1.99 +            gpg.gpgme_key_unref(key);
   1.100 +            
   1.101              status = pgp_replace_only_uid(session, identity->fpr,
   1.102                          identity->username, identity->address);                        
   1.103          }
   1.104 @@ -1830,36 +1892,6 @@
   1.105      return status;
   1.106  }
   1.107  
   1.108 -static PEP_STATUS find_single_key(
   1.109 -        PEP_SESSION session,
   1.110 -        const char *fpr,
   1.111 -        gpgme_key_t *key
   1.112 -    )
   1.113 -{
   1.114 -    gpgme_error_t gpgme_error;
   1.115 -
   1.116 -    *key = NULL;
   1.117 -
   1.118 -    gpgme_error = gpg.gpgme_op_keylist_start(session->ctx, fpr, 0);
   1.119 -    gpgme_error = _GPGERR(gpgme_error);
   1.120 -    switch (gpgme_error) {
   1.121 -    case GPG_ERR_NO_ERROR:
   1.122 -        break;
   1.123 -    case GPG_ERR_INV_VALUE:
   1.124 -        assert(0);
   1.125 -        return PEP_UNKNOWN_ERROR;
   1.126 -    default:
   1.127 -        return PEP_GET_KEY_FAILED;
   1.128 -    };
   1.129 -
   1.130 -    gpgme_error = gpg.gpgme_op_keylist_next(session->ctx, key);
   1.131 -    gpgme_error = _GPGERR(gpgme_error);
   1.132 -    assert(gpgme_error != GPG_ERR_INV_VALUE);
   1.133 -
   1.134 -    gpg.gpgme_op_keylist_end(session->ctx);
   1.135 -
   1.136 -    return PEP_STATUS_OK;
   1.137 -}
   1.138  
   1.139  static ssize_t _nullwriter(
   1.140          void *_handle,
     2.1 --- a/src/pgp_gpg_internal.h	Fri Jul 14 18:27:42 2017 +0200
     2.2 +++ b/src/pgp_gpg_internal.h	Sat Jul 15 00:11:53 2017 +0200
     2.3 @@ -87,6 +87,9 @@
     2.4  typedef gpgme_error_t(*gpgme_op_createkey_t)(gpgme_ctx_t CTX, 
     2.5      const char *USERID, const char *ALGO, unsigned long RESERVED, 
     2.6      unsigned long EXPIRES, gpgme_key_t EXTRAKEY, unsigned int FLAGS);
     2.7 +typedef gpgme_error_t(*gpgme_op_createsubkey_t)(gpgme_ctx_t ctx, 
     2.8 +    gpgme_key_t key, const char *algo, unsigned long reserved, 
     2.9 +    unsigned long expires, unsigned int flags);    
    2.10  #endif
    2.11  #endif
    2.12  
    2.13 @@ -125,6 +128,7 @@
    2.14  #ifdef GPGME_VERSION_NUMBER 
    2.15  #if (GPGME_VERSION_NUMBER >= 0x010700)    
    2.16      gpgme_op_createkey_t gpgme_op_createkey;
    2.17 +    gpgme_op_createsubkey_t gpgme_op_createsubkey;
    2.18  #endif
    2.19  #endif    
    2.20      gpgme_op_delete_t gpgme_op_delete;
     3.1 --- a/test/encrypt_missing_private_key_test.cc	Fri Jul 14 18:27:42 2017 +0200
     3.2 +++ b/test/encrypt_missing_private_key_test.cc	Sat Jul 15 00:11:53 2017 +0200
     3.3 @@ -45,10 +45,14 @@
     3.4                                                        PEP_OWN_USERID,
     3.5                                                        "Blacklist Self");
     3.6      blacklisted_identity->me = true;
     3.7 -    PEP_STATUS status8 = update_identity(session, blacklisted_identity);
     3.8 +    PEP_STATUS status8 = myself(session, blacklisted_identity);
     3.9 +    assert (status8 == PEP_STATUS_OK);
    3.10      PEP_STATUS status9 = blacklist_add(session, bl_fpr_1);
    3.11 +    assert (status9 == PEP_STATUS_OK);
    3.12      PEP_STATUS status10 = blacklist_is_listed(session, bl_fpr_1, &is_blacklisted);
    3.13 -    PEP_STATUS status11 = update_identity(session, blacklisted_identity);
    3.14 +    assert (status10 == PEP_STATUS_OK);
    3.15 +    PEP_STATUS status11 = myself(session, blacklisted_identity);
    3.16 +    assert (status11 == PEP_STATUS_OK);
    3.17  
    3.18      /* identity is blacklisted. Now let's try to encrypt a message. */
    3.19