/* Created a detached signature for INDATA and write it to OUTDATA.
On termination of the signing command engine_private_finished() is
called with FILTER as the first argument. */
int
op_gpgme_sign (protocol_t protocol,
gpgme_data_t indata, gpgme_data_t outdata,
engine_filter_t filter, void *hwnd)
{
gpg_error_t err;
closure_data_t cld;
gpgme_ctx_t ctx = NULL;
gpgme_key_t sign_key = NULL;
(void)hwnd;
if (signer_dialog_box (&sign_key, NULL, 0) == -1)
{
log_debug ("%s:%s: leave (dialog failed)\n", SRCNAME, __func__);
return gpg_error (GPG_ERR_CANCELED);
}
cld = xcalloc (1, sizeof *cld);
cld->closure = sign_closure;
cld->filter = filter;
err = gpgme_new (&ctx);
if (err)
goto leave;
gpgme_set_progress_cb (ctx, NULL, cld);
switch (protocol)
{
case PROTOCOL_OPENPGP: /* Gpgme's default. */
break;
case PROTOCOL_SMIME:
err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
break;
default:
err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
break;
}
if (err)
goto leave;
gpgme_set_armor (ctx, 1);
gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb);
cld->pw_cb.ctx = ctx;
cld->pw_cb.ttl = opt.passwd_ttl;
err = gpgme_signers_add (ctx, sign_key);
if (!err)
err = gpgme_op_sign_start (ctx, indata, outdata, GPGME_SIG_MODE_DETACH);
leave:
if (err)
{
xfree (cld);
gpgme_release (ctx);
}
else
engine_private_set_cancel (filter, ctx);
gpgme_key_unref (sign_key);
return err;
}
/* Decrypt data from INDATA to OUTDATE. If WITH_VERIFY is set, a
signature of PGP/MIME combined message is also verified the same
way as with op_gpgme_verify. */
int
op_gpgme_decrypt (protocol_t protocol,
gpgme_data_t indata, gpgme_data_t outdata,
engine_filter_t filter, void *hwnd,
int with_verify)
{
gpgme_error_t err;
closure_data_t cld;
gpgme_ctx_t ctx = NULL;
(void)hwnd;
cld = xcalloc (1, sizeof *cld);
cld->closure = decrypt_closure;
cld->filter = filter;
cld->with_verify = with_verify;
err = gpgme_new (&ctx);
if (err)
goto leave;
gpgme_set_progress_cb (ctx, NULL, cld);
switch (protocol)
{
case PROTOCOL_OPENPGP: /* Gpgme's default. */
break;
case PROTOCOL_SMIME:
err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
break;
default:
err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
break;
}
if (err)
goto leave;
/* Note: We do no error checking for the next call because some
backends may not implement a command hanler at all. */
gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb);
cld->pw_cb.ctx = ctx;
if (with_verify)
err = gpgme_op_decrypt_verify_start (ctx, indata, outdata);
else
err = gpgme_op_decrypt_start (ctx, indata, outdata);
leave:
if (err)
{
xfree (cld);
gpgme_release (ctx);
}
else
engine_private_set_cancel (filter, ctx);
return err;
}
/* Verify a detached message where the data is in the gpgme object
DATA and the signature given as the string SIGNATUEE. */
int
op_gpgme_verify (gpgme_protocol_t protocol,
gpgme_data_t data, const char *signature, size_t sig_len,
engine_filter_t filter, void *hwnd)
{
gpgme_error_t err;
closure_data_t cld;
gpgme_ctx_t ctx = NULL;
gpgme_data_t sigobj = NULL;
(void)hwnd;
cld = xcalloc (1, sizeof *cld);
cld->closure = verify_closure;
cld->filter = filter;
err = gpgme_new (&ctx);
if (err)
goto leave;
gpgme_set_progress_cb (ctx, NULL, cld);
switch (protocol)
{
case PROTOCOL_OPENPGP: /* Gpgme's default. */
break;
case PROTOCOL_SMIME:
err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
break;
default:
err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
break;
}
if (err)
goto leave;
err = gpgme_data_new_from_mem (&sigobj, signature, sig_len, 0);
if (err)
goto leave;
cld->sigobj = sigobj;
err = gpgme_op_verify_start (ctx, sigobj, data, NULL);
leave:
if (err)
{
gpgme_data_release (sigobj);
xfree (cld);
gpgme_release (ctx);
}
else
engine_private_set_cancel (filter, ctx);
return err;
}
static int
pygpgme_context_set_progress_cb(PyGpgmeContext *self, PyObject *value)
{
gpgme_progress_cb_t progress_cb;
PyObject *callback;
/* free the progress callback */
gpgme_get_progress_cb(self->ctx, &progress_cb, (void **)&callback);
if (progress_cb == pygpgme_progress_cb) {
Py_DECREF(callback);
}
/* callback of None == unset */
if (value == Py_None)
value = NULL;
if (value != NULL) {
Py_INCREF(value);
gpgme_set_progress_cb(self->ctx, pygpgme_progress_cb, value);
} else {
gpgme_set_progress_cb(self->ctx, NULL, NULL);
}
return 0;
}
int
main (int argc, char *argv[])
{
gpgme_ctx_t ctx;
gpgme_error_t err;
struct gpgme_data_cbs cbs;
gpgme_data_t in, out;
gpgme_key_t key[3] = { NULL, NULL, NULL };
gpgme_encrypt_result_t result;
size_t nbytes;
struct cb_parms parms;
if (argc > 1)
nbytes = atoi (argv[1]);
else
nbytes = 100000;
init_gpgme (GPGME_PROTOCOL_OpenPGP);
memset (&cbs, 0, sizeof cbs);
cbs.read = read_cb;
cbs.write = write_cb;
memset (&parms, 0, sizeof parms);
parms.bytes_to_send = nbytes;
err = gpgme_new (&ctx);
fail_if_err (err);
gpgme_set_armor (ctx, 0);
/* Install a progress handler to enforce a bit of more work to the
gpgme i/o system. */
gpgme_set_progress_cb (ctx, progress_cb, NULL);
err = gpgme_data_new_from_cbs (&in, &cbs, &parms);
fail_if_err (err);
err = gpgme_data_new_from_cbs (&out, &cbs, &parms);
fail_if_err (err);
err = gpgme_get_key (ctx, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
&key[0], 0);
fail_if_err (err);
err = gpgme_get_key (ctx, "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2",
&key[1], 0);
fail_if_err (err);
err = gpgme_op_encrypt (ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, in, out);
fail_if_err (err);
result = gpgme_op_encrypt_result (ctx);
if (result->invalid_recipients)
{
fprintf (stderr, "Invalid recipient encountered: %s\n",
result->invalid_recipients->fpr);
exit (1);
}
printf ("plaintext=%u bytes, ciphertext=%u bytes\n",
(unsigned int)nbytes, (unsigned int)parms.bytes_received);
gpgme_key_unref (key[0]);
gpgme_key_unref (key[1]);
gpgme_data_release (in);
gpgme_data_release (out);
gpgme_release (ctx);
return 0;
}
/* Encrypt the data from INDATA to the OUTDATA object for all
recpients given in the NULL terminated array RECIPIENTS. This
function terminates with success and then expects the caller to
wait for the result of the encryption using engine_wait. FILTER is
used for asynchronous commnication with the engine module. HWND is
the window handle of the current window and used to maintain the
correct relationship between a popups and the active window. */
int
op_gpgme_encrypt (protocol_t protocol,
gpgme_data_t indata, gpgme_data_t outdata,
engine_filter_t filter, void *hwnd,
char **recipients)
{
gpg_error_t err;
closure_data_t cld;
gpgme_ctx_t ctx = NULL;
gpgme_key_t *keys = NULL;
(void)hwnd;
cld = xcalloc (1, sizeof *cld);
cld->closure = encrypt_closure;
cld->filter = filter;
err = prepare_recipient_keys (&keys, recipients, NULL);
if (err)
goto leave;
err = gpgme_new (&ctx);
if (err)
goto leave;
gpgme_set_progress_cb (ctx, NULL, cld);
switch (protocol)
{
case PROTOCOL_OPENPGP: /* Gpgme's default. */
break;
case PROTOCOL_SMIME:
err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
break;
default:
err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
break;
}
if (err)
goto leave;
gpgme_set_armor (ctx, 1);
/* FIXME: We should not hardcode always trust. */
/* if (sign_key) */
/* { */
/* gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb); */
/* cld->pw_cb.ctx = ctx; */
/* cld->pw_cb.ttl = opt.passwd_ttl; */
/* err = gpgme_signers_add (ctx, sign_key); */
/* if (!err) */
/* err = gpgme_op_encrypt_sign_start (ctx, keys, */
/* GPGME_ENCRYPT_ALWAYS_TRUST, */
/* indata, outdata); */
/* } */
/* else */
err = gpgme_op_encrypt_start (ctx, keys, GPGME_ENCRYPT_ALWAYS_TRUST,
indata, outdata);
leave:
if (err)
{
xfree (cld);
gpgme_release (ctx);
}
else
engine_private_set_cancel (filter, ctx);
release_key_array (keys);
return err;
}