static gpg_error_t cmd_sign (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int inp_fd, out_fd; estream_t out_fp; int detached; int rc; inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); if (inp_fd == -1) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); detached = has_option (line, "--detached"); out_fp = es_fdopen_nc (out_fd, "w"); if (!out_fp) return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); rc = start_audit_session (ctrl); if (!rc) rc = gpgsm_sign (assuan_get_pointer (ctx), ctrl->server_local->signerlist, inp_fd, detached, out_fp); es_fclose (out_fp); /* close and reset the fd */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; }
static gpg_error_t cmd_decrypt (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int inp_fd, out_fd; estream_t out_fp; int rc; (void)line; inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); if (inp_fd == -1) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); out_fp = es_fdopen_nc (out_fd, "w"); if (!out_fp) return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); rc = start_audit_session (ctrl); if (!rc) rc = gpgsm_decrypt (ctrl, inp_fd, out_fp); es_fclose (out_fp); /* Close and reset the fds. */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; }
static gpg_error_t cmd_verify (assuan_context_t ctx, char *line) { int rc; ctrl_t ctrl = assuan_get_pointer (ctx); int fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); int out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); estream_t out_fp = NULL; (void)line; if (fd == -1) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); if (out_fd != -1) { out_fp = es_fdopen_nc (out_fd, "w"); if (!out_fp) return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } rc = start_audit_session (ctrl); if (!rc) rc = gpgsm_verify (assuan_get_pointer (ctx), fd, ctrl->server_local->message_fd, out_fp); es_fclose (out_fp); /* Close and reset the fd. */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; }
/* DECRYPT This performs the decrypt operation. */ static gpg_error_t cmd_decrypt (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); gpg_error_t err; int inp_fd, out_fd; (void)line; /* LINE is not used. */ inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); if (inp_fd == -1) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); glo_ctrl.lasterr = 0; err = decrypt_message_fd (ctrl, inp_fd, out_fd); if (!err) err = glo_ctrl.lasterr; /* Close and reset the fds. */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); if (err) log_error ("command '%s' failed: %s\n", "DECRYPT", gpg_strerror (err)); return err; }
/* ENCRYPT Do the actual encryption process. Takes the plaintext from the INPUT command, writes the ciphertext to the file descriptor set with the OUTPUT command, take the recipients from all the recipients set so far with RECIPIENTS. If this command fails the clients should try to delete all output currently done or otherwise mark it as invalid. GPG does ensure that there won't be any security problem with leftover data on the output in this case. In most cases this command won't fail because most necessary checks have been done while setting the recipients. However some checks can only be done right here and thus error may occur anyway (for example, no recipients at all). The input, output and message pipes are closed after this command. */ static gpg_error_t cmd_encrypt (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); gpg_error_t err; int inp_fd, out_fd; (void)line; /* LINE is not used. */ if ( !ctrl->server_local->recplist ) { write_status_text (STATUS_NO_RECP, "0"); err = gpg_error (GPG_ERR_NO_USER_ID); goto leave; } inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); if (inp_fd == -1) { err = set_error (GPG_ERR_ASS_NO_INPUT, NULL); goto leave; } out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) { err = set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); goto leave; } /* Fixme: Check that we are using real files and not pipes if in PGP-2 mode. Do all the other checks we do in gpg.c for aEncr. Maybe we should drop the PGP2 compatibility. */ /* FIXME: GPGSM does this here: Add all encrypt-to marked recipients from the default list. */ /* fixme: err = ctrl->audit? 0 : start_audit_session (ctrl);*/ err = encrypt_crypt (ctrl, inp_fd, NULL, NULL, 0, ctrl->server_local->recplist, out_fd); leave: /* Release the recipient list on success. */ if (!err) { release_pk_list (ctrl->server_local->recplist); ctrl->server_local->recplist = NULL; } /* Close and reset the fds. */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); if (err) log_error ("command '%s' failed: %s\n", "ENCRYPT", gpg_strerror (err)); return err; }
/* VERIFY This does a verify operation on the message send to the input-FD. The result is written out using status lines. If an output FD was given, the signed text will be written to that. If the signature is a detached one, the server will inquire about the signed material and the client must provide it. */ static gpg_error_t cmd_verify (assuan_context_t ctx, char *line) { int rc; #ifdef HAVE_W32_SYSTEM (void)ctx; (void)line; rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED); #else ctrl_t ctrl = assuan_get_pointer (ctx); gnupg_fd_t fd = assuan_get_input_fd (ctx); gnupg_fd_t out_fd = assuan_get_output_fd (ctx); estream_t out_fp = NULL; /* FIXME: Revamp this code it is nearly to 3 years old and was only intended as a quick test. */ (void)line; if (fd == GNUPG_INVALID_FD) return gpg_error (GPG_ERR_ASS_NO_INPUT); if (out_fd != GNUPG_INVALID_FD) { es_syshd_t syshd; #ifdef HAVE_W32_SYSTEM syshd.type = ES_SYSHD_HANDLE; syshd.u.handle = out_fd; #else syshd.type = ES_SYSHD_FD; syshd.u.fd = out_fd; #endif out_fp = es_sysopen_nc (&syshd, "w"); if (!out_fp) return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } log_debug ("WARNING: The server mode is WORK " "IN PROGRESS and not ready for use\n"); rc = gpg_verify (ctrl, fd, ctrl->server_local->message_fd, out_fp); es_fclose (out_fp); close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); #endif if (rc) log_error ("command '%s' failed: %s\n", "VERIFY", gpg_strerror (rc)); return rc; }
static gpg_error_t cmd_encrypt (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); certlist_t cl; int inp_fd, out_fd; estream_t out_fp; int rc; (void)line; inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); if (inp_fd == -1) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); out_fp = es_fdopen_nc (out_fd, "w"); if (!out_fp) return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); /* Now add all encrypt-to marked recipients from the default list. */ rc = 0; if (!opt.no_encrypt_to && !ctrl->server_local->no_encrypt_to) { for (cl=ctrl->server_local->default_recplist; !rc && cl; cl = cl->next) if (cl->is_encrypt_to) rc = gpgsm_add_cert_to_certlist (ctrl, cl->cert, &ctrl->server_local->recplist, 1); } if (!rc) rc = ctrl->audit? 0 : start_audit_session (ctrl); if (!rc) rc = gpgsm_encrypt (assuan_get_pointer (ctx), ctrl->server_local->recplist, inp_fd, out_fp); es_fclose (out_fp); gpgsm_release_certlist (ctrl->server_local->recplist); ctrl->server_local->recplist = NULL; /* Close and reset the fd */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; }
static gpg_error_t cmd_getauditlog (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int out_fd; estream_t out_stream; int opt_data, opt_html; int rc; opt_data = has_option (line, "--data"); opt_html = has_option (line, "--html"); line = skip_options (line); if (!ctrl->audit) return gpg_error (GPG_ERR_NO_DATA); if (opt_data) { out_stream = es_fopencookie (ctx, "w", data_line_cookie_functions); if (!out_stream) return set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream"); } else { out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); out_stream = es_fdopen_nc (out_fd, "w"); if (!out_stream) { return set_error (GPG_ERR_ASS_GENERAL, "es_fdopen() failed"); } } audit_print_result (ctrl->audit, out_stream, opt_html); rc = 0; es_fclose (out_stream); /* Close and reset the fd. */ if (!opt_data) assuan_close_output_fd (ctx); return rc; }
/* VERIFY This does a verify operation on the message send to the input-FD. The result is written out using status lines. If an output FD was given, the signed text will be written to that. If the signature is a detached one, the server will inquire about the signed material and the client must provide it. */ static gpg_error_t cmd_verify (assuan_context_t ctx, char *line) { int rc; ctrl_t ctrl = assuan_get_pointer (ctx); gnupg_fd_t fd = assuan_get_input_fd (ctx); gnupg_fd_t out_fd = assuan_get_output_fd (ctx); FILE *out_fp = NULL; (void)line; if (fd == GNUPG_INVALID_FD) return gpg_error (GPG_ERR_ASS_NO_INPUT); if (out_fd != GNUPG_INVALID_FD) { out_fp = fdopen ( dup (FD2INT (out_fd)), "w"); if (!out_fp) return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); } log_debug ("WARNING: The server mode work " "in progress and not ready for use\n"); /* Need to dup it because it might get closed and libassuan won't know about it then. */ rc = gpg_verify (ctrl, dup ( FD2INT (fd)), dup ( FD2INT (ctrl->server_local->message_fd)), out_fp); if (out_fp) fclose (out_fp); close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; }
/* VERIFY This does a verify operation on the message send to the input-FD. The result is written out using status lines. If an output FD was given, the signed text will be written to that. If the signature is a detached one, the server will inquire about the signed material and the client must provide it. */ static gpg_error_t cmd_verify (assuan_context_t ctx, char *line) { int rc; ctrl_t ctrl = assuan_get_pointer (ctx); gnupg_fd_t fd = assuan_get_input_fd (ctx); gnupg_fd_t out_fd = assuan_get_output_fd (ctx); estream_t out_fp = NULL; /* FIXME: Revamp this code it is nearly to 3 years old and was only intended as a quick test. */ (void)line; if (fd == GNUPG_INVALID_FD) return gpg_error (GPG_ERR_ASS_NO_INPUT); if (out_fd != GNUPG_INVALID_FD) { out_fp = es_fdopen_nc (out_fd, "w"); if (!out_fp) return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } log_debug ("WARNING: The server mode is WORK " "iN PROGRESS and not ready for use\n"); rc = gpg_verify (ctrl, fd, ctrl->server_local->message_fd, out_fp); es_fclose (out_fp); close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); if (rc) log_error ("command '%s' failed: %s\n", "VERIFY", gpg_strerror (rc)); return rc; }
static gpg_error_t cmd_genkey (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int inp_fd, out_fd; estream_t in_stream, out_stream; int rc; (void)line; inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); if (inp_fd == -1) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if (out_fd == -1) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); in_stream = es_fdopen_nc (inp_fd, "r"); if (!in_stream) return set_error (GPG_ERR_ASS_GENERAL, "es_fdopen failed"); out_stream = es_fdopen_nc (out_fd, "w"); if (!out_stream) { es_fclose (in_stream); return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } rc = gpgsm_genkey (ctrl, in_stream, out_stream); es_fclose (out_stream); es_fclose (in_stream); /* close and reset the fds */ assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; }
static int do_listkeys (assuan_context_t ctx, char *line, int mode) { ctrl_t ctrl = assuan_get_pointer (ctx); estream_t fp; char *p; strlist_t list, sl; unsigned int listmode; gpg_error_t err; /* Break the line down into an strlist. */ list = NULL; for (p=line; *p; line = p) { while (*p && *p != ' ') p++; if (*p) *p++ = 0; if (*line) { sl = xtrymalloc (sizeof *sl + strlen (line)); if (!sl) { free_strlist (list); return out_of_core (); } sl->flags = 0; strcpy_escaped_plus (sl->d, line); sl->next = list; list = sl; } } if (ctrl->server_local->list_to_output) { int outfd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); if ( outfd == -1 ) return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); fp = es_fdopen_nc (outfd, "w"); if (!fp) return set_error (gpg_err_code_from_syserror (), "es_fdopen() failed"); } else { fp = es_fopencookie (ctx, "w", data_line_cookie_functions); if (!fp) return set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream"); } ctrl->with_colons = 1; listmode = mode; if (ctrl->server_local->list_internal) listmode |= (1<<6); if (ctrl->server_local->list_external) listmode |= (1<<7); err = gpgsm_list_keys (assuan_get_pointer (ctx), list, fp, listmode); free_strlist (list); es_fclose (fp); if (ctrl->server_local->list_to_output) assuan_close_output_fd (ctx); return err; }
static gpg_error_t cmd_export (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); char *p; strlist_t list, sl; int use_data; use_data = has_option (line, "--data"); if (use_data) { /* We need to override any possible setting done by an OUTPUT command. */ ctrl->create_pem = has_option (line, "--armor"); ctrl->create_base64 = has_option (line, "--base64"); } line = skip_options (line); /* Break the line down into an strlist_t. */ list = NULL; for (p=line; *p; line = p) { while (*p && *p != ' ') p++; if (*p) *p++ = 0; if (*line) { sl = xtrymalloc (sizeof *sl + strlen (line)); if (!sl) { free_strlist (list); return out_of_core (); } sl->flags = 0; strcpy_escaped_plus (sl->d, line); sl->next = list; list = sl; } } if (use_data) { estream_t stream; stream = es_fopencookie (ctx, "w", data_line_cookie_functions); if (!stream) { free_strlist (list); return set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream"); } gpgsm_export (ctrl, list, stream); es_fclose (stream); } else { int fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); estream_t out_fp; if (fd == -1) { free_strlist (list); return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); } out_fp = es_fdopen_nc (fd, "w"); if (!out_fp) { free_strlist (list); return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } gpgsm_export (ctrl, list, out_fp); es_fclose (out_fp); } free_strlist (list); /* Close and reset the fds. */ close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return 0; }