static gboolean proc_one_file (GpaFileImportOperation *op, gpa_file_item_t file_item) { gpg_error_t err; int fd; gpgme_data_t data; if (file_item->direct_in) { /* No copy is made. */ err = gpgme_data_new_from_mem (&data, file_item->direct_in, file_item->direct_in_len, 0); if (err) { gpa_gpgme_warning (err); return FALSE; } gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, is_cms_data (file_item->direct_in, file_item->direct_in_len) ? GPGME_PROTOCOL_CMS : GPGME_PROTOCOL_OpenPGP); } else { const char *filename = file_item->filename_in; fd = gpa_open_input (filename, &data, GPA_OPERATION (op)->window); if (fd == -1) return FALSE; gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, is_cms_file (filename) ? GPGME_PROTOCOL_CMS : GPGME_PROTOCOL_OpenPGP); } /* Start importing one file. */ err = gpgme_op_import_start (GPA_OPERATION (op)->context->ctx, data); if (err) { gpa_gpgme_warning (err); return FALSE; } /* Show and update the progress dialog */ gtk_widget_show_all (GPA_FILE_OPERATION (op)->progress_dialog); gpa_progress_dialog_set_label (GPA_PROGRESS_DIALOG (GPA_FILE_OPERATION (op)->progress_dialog), file_item->direct_name ? file_item->direct_name : file_item->filename_in); return TRUE; }
static void first_half_done_cb (GpaContext *context, gpg_error_t err, GpaKeyTable *keytable) { if (keytable->did_first_half || !cms_hack) { /* We are here for the second time and thus we continue with the real done handler. We do this also if the CMS_HACK has not been enabled. We reset the protocol to OpenPGP because some old code might assume that it is in OpenPGP mode. */ keytable->fpr = NULL; /* Not needed anymore. */ gpgme_set_protocol (keytable->context->ctx, GPGME_PROTOCOL_OpenPGP); done_cb (context, err, keytable); return; } /* Now continue with a key listing for X.509 keys but save the error of the the PGP key listing. */ keytable->first_half_err = err; keytable->did_first_half = 1; gpgme_set_protocol (context->ctx, GPGME_PROTOCOL_CMS); err = gpgme_op_keylist_start (keytable->context->ctx, keytable->fpr, keytable->secret); keytable->fpr = NULL; /* Not needed anymore. */ if (err) { if (keytable->first_half_err) gpa_gpgme_warning (keytable->first_half_err); if ((gpg_err_code (err) == GPG_ERR_INV_ENGINE || gpg_err_code (err) == GPG_ERR_UNSUPPORTED_PROTOCOL) && gpg_err_source (err) == GPG_ERR_SOURCE_GPGME) { if (gpg_err_code (err) == GPG_ERR_UNSUPPORTED_PROTOCOL) g_message ("Note: Please check libgpgme has " "been build with support for CMS"); gpa_window_error (_("It seems that no CMS engine is installed.\n\n" "Temporary disabling support for X.509.\n\n" "Please install a CMS engine or invoke this program\n" "with the option --disable-x509 ."), NULL); cms_hack = 0; err = 0; } else gpa_gpgme_warning (err); if (keytable->end) { keytable->end (keytable->data); } } }
gboolean sgpgme_has_secret_key(void) { gpgme_error_t err = 0; gpgme_ctx_t ctx; gpgme_key_t key; err = gpgme_new (&ctx); if (err) { debug_print("err : %s\n", gpgme_strerror(err)); return TRUE; } check_again: err = gpgme_op_keylist_start(ctx, NULL, TRUE); if (!err) err = gpgme_op_keylist_next(ctx, &key); gpgme_op_keylist_end(ctx); if (gpg_err_code(err) == GPG_ERR_EOF) { if (gpgme_get_protocol(ctx) != GPGME_PROTOCOL_CMS) { gpgme_set_protocol(ctx, GPGME_PROTOCOL_CMS); goto check_again; } gpgme_release(ctx); return FALSE; } else { gpgme_release(ctx); return TRUE; } }
/** * g_mime_pkcs7_context_new: * @request_passwd: a #GMimePasswordRequestFunc * * Creates a new pkcs7 crypto context object. * * Returns: (transfer full): a new pkcs7 crypto context object. **/ GMimeCryptoContext * g_mime_pkcs7_context_new (GMimePasswordRequestFunc request_passwd) { #ifdef ENABLE_SMIME GMimeCryptoContext *crypto; GMimePkcs7Context *pkcs7; gpgme_ctx_t ctx; /* make sure GpgMe supports the CMS protocols */ if (gpgme_engine_check_version (GPGME_PROTOCOL_CMS) != GPG_ERR_NO_ERROR) return NULL; /* create the GpgMe context */ if (gpgme_new (&ctx) != GPG_ERR_NO_ERROR) return NULL; pkcs7 = g_object_newv (GMIME_TYPE_PKCS7_CONTEXT, 0, NULL); gpgme_set_passphrase_cb (ctx, pkcs7_passphrase_cb, pkcs7); gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); pkcs7->priv->ctx = ctx; crypto = (GMimeCryptoContext *) pkcs7; crypto->request_passwd = request_passwd; return crypto; #else return NULL; #endif /* ENABLE_SMIME */ }
void GPGWrapper::init() { if (initialized) return; initialized = true; gpgme_check_version(NULL); setlocale(LC_ALL, ""); gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL)); #ifdef LC_MESSAGES gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL)); #endif gpgme_error_t error = gpgme_new(&context); fail_if_err(error, L"Nie uda³o siê zainicjowaæ kontekstu GPG."); gpgme_set_textmode(context, 1); gpgme_set_armor(context, 1); error = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); fail_if_err(error, L"Nie zainstalowano OpenPGP."); error = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP); fail_if_err(error, L"Nie uda³o siê ustawiæ OpenPGP."); privateKey = getPrivateKey(privateKeyId.c_str()); error = gpgme_signers_add(context, privateKey); fail_if_err(error, L"Nie uda³o siê ustawiæ klucza prywatnego."); }
/* * create a GpgME context for the passed protocol */ static gpgme_error_t gpgme_new_with_protocol(gpgme_ctx_t * ctx, gpgme_protocol_t protocol, GtkWindow * parent, GError ** error) { gpgme_error_t err; /* create the GpgME context */ if ((err = gpgme_new(ctx)) != GPG_ERR_NO_ERROR) { g_set_error_from_gpgme(error, err, _("could not create context")); } else { if ((err = gpgme_set_protocol(*ctx, protocol)) != GPG_ERR_NO_ERROR) { gchar *errmsg = g_strdup_printf(_("could not set protocol '%s'"), gpgme_get_protocol_name(protocol)); g_set_error_from_gpgme(error, err, errmsg); g_free(errmsg); gpgme_release(*ctx); } else { if (protocol == GPGME_PROTOCOL_OpenPGP) gpgme_set_passphrase_cb(*ctx, gpgme_passphrase_cb, parent); } } return err; }
/* Created a detached signature for INDATA and write it to OUTDATA. On termination of the signing command engine_private_finished() is called with FILTER as the first argument. */ int op_gpgme_sign (protocol_t protocol, gpgme_data_t indata, gpgme_data_t outdata, engine_filter_t filter, void *hwnd) { gpg_error_t err; closure_data_t cld; gpgme_ctx_t ctx = NULL; gpgme_key_t sign_key = NULL; (void)hwnd; if (signer_dialog_box (&sign_key, NULL, 0) == -1) { log_debug ("%s:%s: leave (dialog failed)\n", SRCNAME, __func__); return gpg_error (GPG_ERR_CANCELED); } cld = xcalloc (1, sizeof *cld); cld->closure = sign_closure; cld->filter = filter; err = gpgme_new (&ctx); if (err) goto leave; gpgme_set_progress_cb (ctx, NULL, cld); switch (protocol) { case PROTOCOL_OPENPGP: /* Gpgme's default. */ break; case PROTOCOL_SMIME: err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); break; default: err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); break; } if (err) goto leave; gpgme_set_armor (ctx, 1); gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb); cld->pw_cb.ctx = ctx; cld->pw_cb.ttl = opt.passwd_ttl; err = gpgme_signers_add (ctx, sign_key); if (!err) err = gpgme_op_sign_start (ctx, indata, outdata, GPGME_SIG_MODE_DETACH); leave: if (err) { xfree (cld); gpgme_release (ctx); } else engine_private_set_cancel (filter, ctx); gpgme_key_unref (sign_key); return err; }
char *gpg_decrypt_msg(const char *data, long *plain_size) { gpgme_ctx_t ctx; gpgme_error_t err; size_t n = 0; char *temp, *str, *msg; gpgme_data_t plain, cipher; msg = add_gpg_headers(data); if (!msg) { return 0; } err = gpgme_new(&ctx); if (err) { return 0; } gpgme_set_protocol(ctx, GPGME_PROTOCOL_OpenPGP); gpgme_set_armor(ctx, 1); // char *p = getenv("GPG_AGENT_INFO"); // if (p) { // log_write("GPG_AGENT_INFO: %s\n", p); // } else { // setenv("GPG_AGENT_INFO", "/tmp/gpg-3FhMq6/S.gpg-agent:22765:1", 1); // log_write("NO GPG AGENT INFO FOUND\n"); // } gpgme_set_passphrase_cb(ctx, &passphrase_cb, 0); gpgme_data_new_from_mem(&cipher, msg, strlen(msg), 0); gpgme_data_new(&plain); err = gpgme_op_decrypt(ctx, cipher, plain); gpgme_decrypt_result_t res = gpgme_op_decrypt_result(ctx); gpgme_recipient_t recipient = res->recipients; while (recipient) { log_write(">>> recipient keyid: %s\n", recipient->keyid); recipient = recipient->next; } gpgme_data_release(cipher); free(msg); if (err) { log_write("gpgme_op_decrypt error: %s\n", gpgme_strerror(err)); gpgme_data_release(plain); gpgme_release(ctx); return 0; } temp = gpgme_data_release_and_get_mem(plain, &n); if (!temp) { gpgme_release(ctx); return 0; } *plain_size = n; str = strndup(temp, n); free(temp); gpgme_release(ctx); return str; }
QalfCrypto::QalfCrypto() { gpgme_error_t result = gpgme_new(&context) ; Q_ASSERT(result == GPG_ERR_NO_ERROR) ; result = gpgme_set_protocol(context,GPGME_PROTOCOL_OpenPGP) ; Q_ASSERT(result == GPG_ERR_NO_ERROR) ; gpgme_set_armor(context,1) ; gpgme_set_textmode(context,1) ; }
/* Decrypt data from INDATA to OUTDATE. If WITH_VERIFY is set, a signature of PGP/MIME combined message is also verified the same way as with op_gpgme_verify. */ int op_gpgme_decrypt (protocol_t protocol, gpgme_data_t indata, gpgme_data_t outdata, engine_filter_t filter, void *hwnd, int with_verify) { gpgme_error_t err; closure_data_t cld; gpgme_ctx_t ctx = NULL; (void)hwnd; cld = xcalloc (1, sizeof *cld); cld->closure = decrypt_closure; cld->filter = filter; cld->with_verify = with_verify; err = gpgme_new (&ctx); if (err) goto leave; gpgme_set_progress_cb (ctx, NULL, cld); switch (protocol) { case PROTOCOL_OPENPGP: /* Gpgme's default. */ break; case PROTOCOL_SMIME: err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); break; default: err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); break; } if (err) goto leave; /* Note: We do no error checking for the next call because some backends may not implement a command hanler at all. */ gpgme_set_passphrase_cb (ctx, passphrase_callback_box, &cld->pw_cb); cld->pw_cb.ctx = ctx; if (with_verify) err = gpgme_op_decrypt_verify_start (ctx, indata, outdata); else err = gpgme_op_decrypt_start (ctx, indata, outdata); leave: if (err) { xfree (cld); gpgme_release (ctx); } else engine_private_set_cancel (filter, ctx); return err; }
char checkSignature(char *path, struct memory_identifier *memory) { gpgme_ctx_t context; gpgme_error_t err; gpgme_data_t signature, iso; FILE *file = fopen(path, "r"); if (file == NULL) { fprintf(stderr, "File %s not found!\n", path); fatal("Unable to open file!\n"); } gpgme_check_version(NULL); err = gpgme_new(&context); switch (err) { case GPG_ERR_NO_ERROR: break; case GPG_ERR_ENOMEM: fatal("There is not enough memory available to initialize gpgme. Aborting...\n"); default: break; } gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP); err = gpgme_data_new_from_stream(&iso, file); if (err == GPG_ERR_ENOMEM) fatal("There was not enough memory to crate a new data buffer for gpgme. Aborting...\n"); err = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_OpenPGP, "/usr/bin/gpg", "/etc/pacman.d/gnupg/"); if (err != GPG_ERR_NO_ERROR) { printf("Something went wrong while setting the engine info.\n"); return 1; } err = gpgme_data_new_from_mem(&signature, memory->chunk, memory->length, 1); if (err == GPG_ERR_ENOMEM) fatal("There was not enough memory to crate a new data buffer for gpgme. Aborting...\n"); err = gpgme_op_verify(context, signature, iso, NULL); if (err == GPG_ERR_NO_ERROR) return 0; else return 1; }
char *gpg_encrypt_msg(const char *msg, const char *fpr) { gpgme_ctx_t ctx; gpgme_data_t plain, cipher; gpgme_error_t err; char *temp, *str; char *ret = 0; gpgme_key_t key_arr[2] = {0, 0}; size_t n = 0; err = gpgme_new(&ctx); if (err) { return 0; } gpgme_set_protocol(ctx, GPGME_PROTOCOL_OpenPGP); gpgme_set_armor(ctx, 1); err = gpgme_get_key(ctx, fpr, &key_arr[0], 0); if (err) { gpgme_release(ctx); return 0; } err = gpgme_data_new_from_mem(&plain, msg, strlen(msg), 0); if (err) { goto end; } gpgme_data_new(&cipher); err = gpgme_op_encrypt(ctx, key_arr, GPGME_ENCRYPT_ALWAYS_TRUST, plain, cipher); gpgme_data_release(plain); if (err) { gpgme_data_release(cipher); goto end; } temp = gpgme_data_release_and_get_mem(cipher, &n); if (!temp) { goto end; } str = strndup(temp, n); gpgme_free(temp); if (!str) { goto end; } ret = drop_gpg_headers(str); free(str); end: gpgme_key_unref(key_arr[0]); gpgme_release(ctx); return ret; }
/* Verify a detached message where the data is in the gpgme object DATA and the signature given as the string SIGNATUEE. */ int op_gpgme_verify (gpgme_protocol_t protocol, gpgme_data_t data, const char *signature, size_t sig_len, engine_filter_t filter, void *hwnd) { gpgme_error_t err; closure_data_t cld; gpgme_ctx_t ctx = NULL; gpgme_data_t sigobj = NULL; (void)hwnd; cld = xcalloc (1, sizeof *cld); cld->closure = verify_closure; cld->filter = filter; err = gpgme_new (&ctx); if (err) goto leave; gpgme_set_progress_cb (ctx, NULL, cld); switch (protocol) { case PROTOCOL_OPENPGP: /* Gpgme's default. */ break; case PROTOCOL_SMIME: err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); break; default: err = gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); break; } if (err) goto leave; err = gpgme_data_new_from_mem (&sigobj, signature, sig_len, 0); if (err) goto leave; cld->sigobj = sigobj; err = gpgme_op_verify_start (ctx, sigobj, data, NULL); leave: if (err) { gpgme_data_release (sigobj); xfree (cld); gpgme_release (ctx); } else engine_private_set_cancel (filter, ctx); return err; }
int main (int argc, char *argv[]) { gpgme_ctx_t ctx; gpgme_error_t err; gpgme_data_t out; const char *pattern1[] = { "DFN Top Level Certification Authority", NULL }; const char *pattern2[] = { "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E", "DFN Server Certification Authority", NULL }; init_gpgme (GPGME_PROTOCOL_CMS); err = gpgme_new (&ctx); fail_if_err (err); gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); gpgme_set_armor (ctx, 1); /* Check exporting of one certificate. */ err = gpgme_data_new (&out); fail_if_err (err); err = gpgme_op_export_ext (ctx, pattern1, 0, out); fail_if_err (err); fflush (NULL); fputs ("Begin Result:\n", stdout); print_data (out); fputs ("End Result.\n", stdout); gpgme_data_release (out); /* Check exporting of 2 certificates. */ err = gpgme_data_new (&out); fail_if_err (err); err = gpgme_op_export_ext (ctx, pattern2, 0, out); fail_if_err (err); fflush (NULL); fputs ("Begin Result:\n", stdout); print_data (out); fputs ("End Result.\n", stdout); gpgme_data_release (out); gpgme_release (ctx); return 0; }
void crypto_asym::build_context() { #if GPGME_SUPPORT gpgme_error_t err = gpgme_new(&context); if(gpgme_err_code(err) != GPG_ERR_NO_ERROR) throw Erange("crypto_asym::crypto_asym", string(gettext("Failed creating GPGME context: ")) + tools_gpgme_strerror_r(err)); err = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP); if(gpgme_err_code(err) != GPG_ERR_NO_ERROR) throw Erange("crypto_asym::crypto_asym", string(gettext("Failed setting GPGME context with OpenPGP protocol: ")) + tools_gpgme_strerror_r(err)); gpgme_set_passphrase_cb(context, read_passphrase, (void *)this); #endif }
int main (int argc, char **argv) { gpgme_ctx_t ctx; gpgme_error_t err; gpgme_data_t sig, text; gpgme_verify_result_t result; init_gpgme (GPGME_PROTOCOL_CMS); err = gpgme_new (&ctx); fail_if_err (err); gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); /* Checking a valid message. */ err = gpgme_data_new_from_mem (&text, test_text1, strlen (test_text1), 0); fail_if_err (err); err = gpgme_data_new_from_mem (&sig, test_sig1, strlen (test_sig1), 0); fail_if_err (err); err = gpgme_op_verify (ctx, sig, text, NULL); fail_if_err (err); result = gpgme_op_verify_result (ctx); check_result (result, GPGME_SIGSUM_VALID | GPGME_SIGSUM_GREEN, "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E", GPG_ERR_NO_ERROR, GPGME_VALIDITY_FULL); show_auditlog (ctx); /* Checking a manipulated message. */ gpgme_data_release (text); err = gpgme_data_new_from_mem (&text, test_text1f, strlen (test_text1f), 0); fail_if_err (err); gpgme_data_seek (sig, 0, SEEK_SET); err = gpgme_op_verify (ctx, sig, text, NULL); fail_if_err (err); result = gpgme_op_verify_result (ctx); check_result (result, GPGME_SIGSUM_RED, "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E", GPG_ERR_BAD_SIGNATURE, GPGME_VALIDITY_UNKNOWN); show_auditlog (ctx); gpgme_data_release (text); gpgme_data_release (sig); gpgme_release (ctx); return got_errors? 1 : 0; }
static void gpa_card_manager_init (GTypeInstance *instance, void *class_ptr) { GpaCardManager *cardman = GPA_CARD_MANAGER (instance); gpg_error_t err; char *fname; cardman->cardtype = G_TYPE_NONE; cardman->cardtypename = "Unknown"; update_title (cardman); construct_widgets (cardman); g_signal_connect (cardman, "destroy", G_CALLBACK (card_manager_closed), cardman); /* We use the file watcher to speed up card change detection. If it does not work (i.e. on non Linux based systems) the ticker takes care of it. */ fname = g_build_filename (gnupg_homedir, "reader_0.status", NULL); cardman->watch = gpa_add_filewatch (fname, "w", watcher_cb, cardman); xfree (fname); err = gpgme_new (&cardman->gpgagent); if (err) gpa_gpgme_error (err); err = gpgme_set_protocol (cardman->gpgagent, GPGME_PROTOCOL_ASSUAN); if (err) { if (gpg_err_code (err) == GPG_ERR_INV_VALUE) gpa_window_error (_("The GPGME library is too old to " "support smartcards."), NULL); else gpa_gpgme_warning (err); gpgme_release (cardman->gpgagent); cardman->gpgagent = NULL; } setup_app_selector (cardman); if (cardman->app_selector) g_signal_connect (cardman->app_selector, "changed", G_CALLBACK (app_selector_changed_cb), cardman); }
/* * Setting the signers and the protocol for the context. The protocol * to use is derived from the keys. An errro will be displayed if the * selected keys are not all of one protocol. */ static gboolean set_signers (GpaFileSignOperation *op, GList *signers) { GList *cur; gpg_error_t err; gpgme_protocol_t protocol = GPGME_PROTOCOL_UNKNOWN; gpgme_signers_clear (GPA_OPERATION (op)->context->ctx); if (!signers) { /* Can't happen */ gpa_window_error (_("You didn't select any key for signing"), GPA_OPERATION (op)->window); return FALSE; } for (cur = signers; cur; cur = g_list_next (cur)) { gpgme_key_t key = cur->data; if (protocol == GPGME_PROTOCOL_UNKNOWN) protocol = key->protocol; else if (key->protocol != protocol) { /* Should not happen because the selection dialog should have not allowed to select different key types. */ gpa_window_error (_("The selected certificates are not all of the same type." " That is, you mixed OpenPGP and X.509 certificates." " Please make sure to select only certificates of the" " same type."), GPA_OPERATION (op)->window); return FALSE; } } gpgme_set_protocol (GPA_OPERATION (op)->context->ctx, protocol); for (cur = signers; cur; cur = g_list_next (cur)) { gpgme_key_t key = cur->data; err = gpgme_signers_add (GPA_OPERATION (op)->context->ctx, key); if (err) gpa_gpgme_error (err); } return TRUE; }
int main (int argc, char *argv[]) { gpgme_ctx_t ctx; gpgme_error_t err; gpgme_data_t in, out; gpgme_sign_result_t result; init_gpgme (GPGME_PROTOCOL_CMS); err = gpgme_new (&ctx); fail_if_err (err); gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); gpgme_set_textmode (ctx, 1); gpgme_set_armor (ctx, 1); err = gpgme_data_new_from_mem (&in, "Hallo Leute!\n", 13, 0); fail_if_err (err); /* First a normal signature. */ err = gpgme_data_new (&out); fail_if_err (err); err = gpgme_op_sign (ctx, in, out, GPGME_SIG_MODE_NORMAL); fail_if_err (err); result = gpgme_op_sign_result (ctx); check_result (result, GPGME_SIG_MODE_NORMAL); print_data (out); gpgme_data_release (out); /* Now a detached signature. */ gpgme_data_seek (in, 0, SEEK_SET); err = gpgme_data_new (&out); fail_if_err (err); err = gpgme_op_sign (ctx, in, out, GPGME_SIG_MODE_DETACH); fail_if_err (err); result = gpgme_op_sign_result (ctx); check_result (result, GPGME_SIG_MODE_DETACH); print_data (out); gpgme_data_release (out); gpgme_data_release (in); gpgme_release (ctx); return 0; }
int setup(gpgme_ctx_t* ctx) { char *p; gpgme_error_t err; gpgme_engine_info_t enginfo; setlocale (LC_ALL, ""); p = (char *) gpgme_check_version(NULL); printf("version=%s\n",p); /* set locale, because tests do also */ gpgme_set_locale(NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); /* check for OpenPGP support */ err = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); if(err != GPG_ERR_NO_ERROR) return 1; p = (char *) gpgme_get_protocol_name(GPGME_PROTOCOL_OpenPGP); printf("Protocol name: %s\n",p); /* get engine information */ err = gpgme_get_engine_info(&enginfo); if(err != GPG_ERR_NO_ERROR) return 2; printf("file=%s, home=%s\n",enginfo->file_name,enginfo->home_dir); /* create our own context */ err = gpgme_new(ctx); if(err != GPG_ERR_NO_ERROR) return 3; /* set protocol to use in our context */ err = gpgme_set_protocol(*ctx,GPGME_PROTOCOL_OpenPGP); if(err != GPG_ERR_NO_ERROR) return 4; /* set engine info in our context; I changed it for ceof like this: err = gpgme_ctx_set_engine_info (*ctx, GPGME_PROTOCOL_OpenPGP, "/usr/bin/gpg","/home/user/nico/.ceof/gpg/"); but I'll use standard values for this example: */ err = gpgme_ctx_set_engine_info (*ctx, GPGME_PROTOCOL_OpenPGP, enginfo->file_name,enginfo->home_dir); if(err != GPG_ERR_NO_ERROR) return 5; return 0; }
int gpg_list_keys(key_entry_t **head) { gpgme_ctx_t ctx; gpgme_error_t err; gpgme_keylist_mode_t mode = 0; *head = 0; err = gpgme_new(&ctx); if (err) { return 0; } gpgme_set_protocol(ctx, GPGME_PROTOCOL_OpenPGP); gpgme_set_keylist_mode(ctx, mode); err = gpgme_op_keylist_start(ctx, 0, 0); if (err) { return 0; } int count = 0; key_entry_t *key_entry_prev = 0; while (1) { gpgme_key_t key; err = gpgme_op_keylist_next(ctx, &key); if (err) { break; } key_entry_t *key_entry = g_new(key_entry_t, 1); key_entry->next = 0; key_entry->key = key; if (key_entry_prev) key_entry_prev->next = key_entry; key_entry_prev = key_entry; if (!*head) *head = key_entry; ++count; } gpgme_op_keylist_end(ctx); gpgme_release(ctx); return count; }
static int pygpgme_context_set_protocol(PyGpgmeContext *self, PyObject *value) { gpgme_protocol_t protocol; if (value == NULL) { PyErr_SetString(PyExc_AttributeError, "Can not delete attribute"); return -1; } protocol = PyInt_AsLong(value); if (PyErr_Occurred()) return -1; if (pygpgme_check_error(gpgme_set_protocol(self->ctx, protocol))) return -1; return 0; }
int main (int argc, char **argv) { gpgme_ctx_t ctx; gpgme_error_t err; gpgme_data_t in; gpgme_import_result_t result; char *cert_1 = make_filename ("cert_dfn_pca01.der"); char *cert_2 = make_filename ("cert_dfn_pca15.der"); init_gpgme (GPGME_PROTOCOL_CMS); err = gpgme_new (&ctx); fail_if_err (err); gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); err = gpgme_data_new_from_file (&in, cert_1, 1); free (cert_1); fail_if_err (err); err = gpgme_op_import (ctx, in); fail_if_err (err); result = gpgme_op_import_result (ctx); check_result (result, "DFA56FB5FC41E3A8921F77AD1622EEFD9152A5AD", 1, 1); gpgme_data_release (in); err = gpgme_data_new_from_file (&in, cert_2, 1); free (cert_2); fail_if_err (err); err = gpgme_op_import (ctx, in); fail_if_err (err); result = gpgme_op_import_result (ctx); check_result (result, "2C8F3C356AB761CB3674835B792CDA52937F9285", 1, 2); gpgme_data_release (in); gpgme_release (ctx); return 0; }
void CGPGHelper::Start() { #ifdef HAVE_LIBGPGME char buf[MAX_LINE_LEN]; snprintf(buf, MAX_LINE_LEN, "%s/licq_gpg.conf", BASE_DIR); mKeysIni.LoadFile(buf); mKeysIni.SetSection("gpg"); mKeysIni.ReadStr("passphrase", buf); mGPGPassphrase = strdup(buf); const char *gpgme_ver = gpgme_check_version(0); gLog.Info("%s[GPG] gpgme library found: %s\n", L_INITxSTR, gpgme_ver); if (gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP) != GPG_ERR_NO_ERROR) gLog.Error("%s[GPG] gpgme engine OpenPGP not found!\n", L_ERRORxSTR); gpgme_new(&mCtx); gpgme_set_protocol(mCtx, GPGME_PROTOCOL_OpenPGP); gpgme_set_armor(mCtx, 1); gpgme_set_passphrase_cb(mCtx, PassphraseCallback, 0); #endif }
retvalue signature_init(bool allowpassphrase){ #ifdef HAVE_LIBGPGME gpg_error_t err; if (context != NULL) return RET_NOTHING; gpgme_check_version(NULL); err = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); if (err != 0) return gpgerror(err); err = gpgme_new(&context); if (err != 0) return gpgerror(err); err = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP); if (err != 0) return gpgerror(err); if (allowpassphrase) gpgme_set_passphrase_cb(context, signature_getpassphrase, NULL); gpgme_set_armor(context, 1); #endif /* HAVE_LIBGPGME */ return RET_OK; }
int main (int argc, char **argv) { gpgme_error_t err; gpgme_error_t op_err; gpgme_ctx_t ctx; const char *command; gpgme_check_version (NULL); #ifndef HAVE_W32_SYSTEM setlocale (LC_ALL, ""); gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL)); #endif if (argc) { argc--; argv++; } command = argc? *argv : "NOP"; err = gpgme_new (&ctx); fail_if_err (err); err = gpgme_set_protocol (ctx, GPGME_PROTOCOL_ASSUAN); fail_if_err (err); err = gpgme_op_assuan_transact_ext (ctx, command, data_cb, NULL, inq_cb, NULL, status_cb, NULL, &op_err); fail_if_err (err || op_err); gpgme_release (ctx); return 0; }
static void reload_cache (GpaKeyTable *keytable, const char *fpr) { gpg_error_t err; /* We select the Open PGP protocol here. At the end first_half_done_cb will do another keylist_start for X,509. */ keytable->did_first_half = 0; keytable->first_half_err = 0; keytable->fpr = fpr; gpgme_set_protocol (keytable->context->ctx, GPGME_PROTOCOL_OpenPGP); err = gpgme_op_keylist_start (keytable->context->ctx, fpr, keytable->secret); if (gpg_err_code (err) != GPG_ERR_NO_ERROR) { gpa_gpgme_warning (err); if (keytable->end) { keytable->end (keytable->data); } return; } keytable->tmp_list = NULL; }
static gpgme_key_t fill_clist (struct select_keys_s *sk, const char *pattern, gpgme_protocol_t proto) { GtkCMCList *clist; gpgme_ctx_t ctx; gpgme_error_t err; gpgme_key_t key; int running=0; int num_results = 0; gboolean exact_match = FALSE; gpgme_key_t last_key = NULL; gpgme_user_id_t last_uid = NULL; cm_return_val_if_fail (sk, NULL); clist = sk->clist; cm_return_val_if_fail (clist, NULL); debug_print ("select_keys:fill_clist: pattern '%s' proto %d\n", pattern, proto); /*gtk_cmclist_freeze (select_keys.clist);*/ err = gpgme_new (&ctx); g_assert (!err); gpgme_set_protocol(ctx, proto); sk->select_ctx = ctx; update_progress (sk, ++running, pattern); while (gtk_events_pending ()) gtk_main_iteration (); err = gpgme_op_keylist_start (ctx, pattern, 0); if (err) { debug_print ("** gpgme_op_keylist_start(%s) failed: %s", pattern, gpgme_strerror (err)); sk->select_ctx = NULL; gpgme_release(ctx); return NULL; } update_progress (sk, ++running, pattern); while ( !(err = gpgme_op_keylist_next ( ctx, &key )) ) { gpgme_user_id_t uid = key->uids; if (!key->can_encrypt || key->revoked || key->expired || key->disabled) continue; debug_print ("%% %s:%d: insert\n", __FILE__ ,__LINE__ ); set_row (clist, key, proto ); for (; uid; uid = uid->next) { gchar *raw_mail = NULL; if (!uid->email) continue; if (uid->revoked || uid->invalid) continue; raw_mail = g_strdup(uid->email); extract_address(raw_mail); if (!strcasecmp(pattern, raw_mail)) { exact_match = TRUE; last_uid = uid; g_free(raw_mail); break; } g_free(raw_mail); } num_results++; last_key = key; key = NULL; update_progress (sk, ++running, pattern); while (gtk_events_pending ()) gtk_main_iteration (); } if (exact_match == TRUE && num_results == 1) { if (last_key->uids->validity < GPGME_VALIDITY_FULL && !use_untrusted(last_key, last_uid, proto)) exact_match = FALSE; } debug_print ("%% %s:%d: ready\n", __FILE__ ,__LINE__ ); if (gpgme_err_code(err) != GPG_ERR_EOF) { debug_print ("** gpgme_op_keylist_next failed: %s", gpgme_strerror (err)); gpgme_op_keylist_end(ctx); } if (!exact_match || num_results != 1) { sk->select_ctx = NULL; gpgme_release (ctx); } /*gtk_cmclist_thaw (select_keys.clist);*/ return (exact_match == TRUE && num_results == 1 ? last_key:NULL); }
gboolean lr_gpg_check_signature_fd(int signature_fd, int data_fd, const char *home_dir, GError **err) { gpgme_error_t gpgerr; gpgme_ctx_t context; gpgme_data_t signature_data; gpgme_data_t data_data; gpgme_verify_result_t result; gpgme_signature_t sig; assert(!err || *err == NULL); // Initialization gpgme_check_version(NULL); gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_engine_check_version: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGNOTSUPPORTED, "gpgme_engine_check_version() error: %s", gpgme_strerror(gpgerr)); return FALSE; } gpgerr = gpgme_new(&context); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_new: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_new() error: %s", gpgme_strerror(gpgerr)); return FALSE; } gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_set_protocol() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } if (home_dir) { gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_OpenPGP, NULL, home_dir); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_ctx_set_engine_info: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_ctx_set_engine_info() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } } gpgme_set_armor(context, 1); gpgerr = gpgme_data_new_from_fd(&signature_data, signature_fd); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_data_new_from_fd: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_data_new_from_fd(_, %d) error: %s", signature_fd, gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } gpgerr = gpgme_data_new_from_fd(&data_data, data_fd); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_data_new_from_fd: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_data_new_from_fd(_, %d) error: %s", data_fd, gpgme_strerror(gpgerr)); gpgme_data_release(signature_data); gpgme_release(context); return FALSE; } // Verify gpgerr = gpgme_op_verify(context, signature_data, data_data, NULL); gpgme_data_release(signature_data); gpgme_data_release(data_data); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_op_verify: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_op_verify() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } result = gpgme_op_verify_result(context); if (!result) { g_debug("%s: gpgme_op_verify_result: error", __func__); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_op_verify_result() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } // Check result of verification sig = result->signatures; if(!sig) { g_debug("%s: signature verify error (no signatures)", __func__); g_set_error(err, LR_GPG_ERROR, LRE_BADGPG, "Signature verify error - no signatures"); gpgme_release(context); return FALSE; } // Example of signature usage could be found in gpgme git repository // in the gpgme/tests/run-verify.c for (; sig; sig = sig->next) { if ((sig->summary & GPGME_SIGSUM_VALID) || // Valid (sig->summary & GPGME_SIGSUM_GREEN) || // Valid (sig->summary == 0 && sig->status == GPG_ERR_NO_ERROR)) // Valid but key is not certified with a trusted signature { gpgme_release(context); return TRUE; } } gpgme_release(context); g_debug("%s: Bad GPG signature", __func__); g_set_error(err, LR_GPG_ERROR, LRE_BADGPG, "Bad GPG signature"); return FALSE; }
gboolean lr_gpg_import_key(const char *key_fn, const char *home_dir, GError **err) { gpgme_error_t gpgerr; int key_fd; gpgme_ctx_t context; gpgme_data_t key_data; assert(!err || *err == NULL); // Initialization gpgme_check_version(NULL); gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_engine_check_version: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGNOTSUPPORTED, "gpgme_engine_check_version() error: %s", gpgme_strerror(gpgerr)); return FALSE; } gpgerr = gpgme_new(&context); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_new: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_new() error: %s", gpgme_strerror(gpgerr)); return FALSE; } gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_set_protocol() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } if (home_dir) { gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_OpenPGP, NULL, home_dir); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_ctx_set_engine_info: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_ctx_set_engine_info() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); return FALSE; } } gpgme_set_armor(context, 1); // Key import key_fd = open(key_fn, O_RDONLY); if (key_fd == -1) { g_debug("%s: Opening key: %s", __func__, strerror(errno)); g_set_error(err, LR_GPG_ERROR, LRE_IO, "Error while opening key %s: %s", key_fn, strerror(errno)); gpgme_release(context); return FALSE; } gpgerr = gpgme_data_new_from_fd(&key_data, key_fd); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_data_new_from_fd: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_data_new_from_fd(_, %d) error: %s", key_fd, gpgme_strerror(gpgerr)); gpgme_release(context); close(key_fd); return FALSE; } gpgerr = gpgme_op_import(context, key_data); gpgme_data_release(key_data); if (gpgerr != GPG_ERR_NO_ERROR) { g_debug("%s: gpgme_op_import: %s", __func__, gpgme_strerror(gpgerr)); g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR, "gpgme_op_import() error: %s", gpgme_strerror(gpgerr)); gpgme_release(context); close(key_fd); return FALSE; } close(key_fd); gpgme_release(context); return TRUE; }