LCOV - code coverage report
Current view: top level - g10 - verify.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 30 101 29.7 %
Date: 2016-11-29 15:00:56 Functions: 2 5 40.0 %

          Line data    Source code
       1             : /* verify.c - Verify signed data
       2             :  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004, 2005, 2006,
       3             :  *               2007, 2010 Free Software Foundation, Inc.
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <https://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stdio.h>
      23             : #include <stdlib.h>
      24             : #include <string.h>
      25             : #include <errno.h>
      26             : 
      27             : #include "gpg.h"
      28             : #include "options.h"
      29             : #include "packet.h"
      30             : #include "status.h"
      31             : #include "iobuf.h"
      32             : #include "keydb.h"
      33             : #include "util.h"
      34             : #include "main.h"
      35             : #include "status.h"
      36             : #include "filter.h"
      37             : #include "ttyio.h"
      38             : #include "i18n.h"
      39             : 
      40             : 
      41             : /****************
      42             :  * Assume that the input is a signature and verify it without
      43             :  * generating any output.  With no arguments, the signature packet
      44             :  * is read from stdin (it may be a detached signature when not
      45             :  * used in batch mode). If only a sigfile is given, it may be a complete
      46             :  * signature or a detached signature in which case the signed stuff
      47             :  * is expected from stdin. With more than 1 argument, the first should
      48             :  * be a detached signature and the remaining files are the signed stuff.
      49             :  */
      50             : 
      51             : int
      52          68 : verify_signatures (ctrl_t ctrl, int nfiles, char **files )
      53             : {
      54             :     IOBUF fp;
      55          68 :     armor_filter_context_t *afx = NULL;
      56          68 :     progress_filter_context_t *pfx = new_progress_context ();
      57             :     const char *sigfile;
      58             :     int i, rc;
      59             :     strlist_t sl;
      60             : 
      61             :     /* Decide whether we should handle a detached or a normal signature,
      62             :      * which is needed so that the code later can hash the correct data and
      63             :      * not have a normal signature act as detached signature and ignoring the
      64             :      * indended signed material from the 2nd file or stdin.
      65             :      * 1. gpg <file        - normal
      66             :      * 2. gpg file         - normal (or detached)
      67             :      * 3. gpg file <file2  - detached
      68             :      * 4. gpg file file2   - detached
      69             :      * The question is how decide between case 2 and 3?  The only way
      70             :      * we can do it is by reading one byte from stdin and then unget
      71             :      * it; the problem here is that we may be reading from the
      72             :      * terminal (which could be detected using isatty() but won't work
      73             :      * when under contol of a pty using program (e.g. expect)) and
      74             :      * might get us in trouble when stdin is used for another purpose
      75             :      * (--passphrase-fd 0).  So we have to break with the behaviour
      76             :      * prior to gpg 1.0.4 by assuming that case 3 is a normal
      77             :      * signature (where file2 is ignored and require for a detached
      78             :      * signature to indicate signed material comes from stdin by using
      79             :      * case 4 with a file2 of "-".
      80             :      *
      81             :      * Actually we don't have to change anything here but can handle
      82             :      * that all quite easily in mainproc.c
      83             :      */
      84             : 
      85          68 :     sigfile = nfiles? *files : NULL;
      86             : 
      87             :     /* open the signature file */
      88          68 :     fp = iobuf_open(sigfile);
      89          68 :     if (fp && is_secured_file (iobuf_get_fd (fp)))
      90             :       {
      91           0 :         iobuf_close (fp);
      92           0 :         fp = NULL;
      93           0 :         gpg_err_set_errno (EPERM);
      94             :       }
      95          68 :     if( !fp ) {
      96           0 :         rc = gpg_error_from_syserror ();
      97           0 :         log_error(_("can't open '%s': %s\n"),
      98             :                   print_fname_stdin(sigfile), gpg_strerror (rc));
      99           0 :         goto leave;
     100             :     }
     101          68 :     handle_progress (pfx, fp, sigfile);
     102             : 
     103          68 :     if ( !opt.no_armor && use_armor_filter( fp ) )
     104             :       {
     105          22 :         afx = new_armor_context ();
     106          22 :         push_armor_filter (afx, fp);
     107             :       }
     108             : 
     109          68 :     sl = NULL;
     110          70 :     for(i=nfiles-1 ; i > 0 ; i-- )
     111           2 :         add_to_strlist( &sl, files[i] );
     112          68 :     rc = proc_signature_packets (ctrl, NULL, fp, sl, sigfile );
     113          65 :     free_strlist(sl);
     114          65 :     iobuf_close(fp);
     115          65 :     if( (afx && afx->no_openpgp_data && rc == -1)
     116          62 :         || gpg_err_code (rc) == GPG_ERR_NO_DATA ) {
     117           4 :         log_error(_("the signature could not be verified.\n"
     118             :                    "Please remember that the signature file (.sig or .asc)\n"
     119             :                    "should be the first file given on the command line.\n") );
     120           4 :         rc = 0;
     121             :     }
     122             : 
     123             :  leave:
     124          65 :     release_armor_context (afx);
     125          65 :     release_progress_context (pfx);
     126          65 :     return rc;
     127             : }
     128             : 
     129             : 
     130             : 
     131             : void
     132           3 : print_file_status( int status, const char *name, int what )
     133             : {
     134           3 :     char *p = xmalloc(strlen(name)+10);
     135           3 :     sprintf(p, "%d %s", what, name );
     136           3 :     write_status_text( status, p );
     137           3 :     xfree(p);
     138           3 : }
     139             : 
     140             : 
     141             : static int
     142           0 : verify_one_file (ctrl_t ctrl, const char *name )
     143             : {
     144             :     IOBUF fp;
     145           0 :     armor_filter_context_t *afx = NULL;
     146           0 :     progress_filter_context_t *pfx = new_progress_context ();
     147             :     int rc;
     148             : 
     149           0 :     print_file_status( STATUS_FILE_START, name, 1 );
     150           0 :     fp = iobuf_open(name);
     151           0 :     if (fp)
     152           0 :       iobuf_ioctl (fp, IOBUF_IOCTL_NO_CACHE, 1, NULL);
     153           0 :     if (fp && is_secured_file (iobuf_get_fd (fp)))
     154             :       {
     155           0 :         iobuf_close (fp);
     156           0 :         fp = NULL;
     157           0 :         gpg_err_set_errno (EPERM);
     158             :       }
     159           0 :     if( !fp ) {
     160           0 :         rc = gpg_error_from_syserror ();
     161           0 :         log_error(_("can't open '%s': %s\n"),
     162           0 :                   print_fname_stdin(name), strerror (errno));
     163           0 :         print_file_status( STATUS_FILE_ERROR, name, 1 );
     164           0 :         goto leave;
     165             :     }
     166           0 :     handle_progress (pfx, fp, name);
     167             : 
     168           0 :     if( !opt.no_armor ) {
     169           0 :         if( use_armor_filter( fp ) ) {
     170           0 :             afx = new_armor_context ();
     171           0 :             push_armor_filter (afx, fp);
     172             :         }
     173             :     }
     174             : 
     175           0 :     rc = proc_signature_packets (ctrl, NULL, fp, NULL, name );
     176           0 :     iobuf_close(fp);
     177           0 :     write_status( STATUS_FILE_DONE );
     178             : 
     179           0 :     reset_literals_seen();
     180             : 
     181             :  leave:
     182           0 :     release_armor_context (afx);
     183           0 :     release_progress_context (pfx);
     184           0 :     return rc;
     185             : }
     186             : 
     187             : /****************
     188             :  * Verify each file given in the files array or read the names of the
     189             :  * files from stdin.
     190             :  * Note:  This function can not handle detached signatures.
     191             :  */
     192             : int
     193           0 : verify_files (ctrl_t ctrl, int nfiles, char **files )
     194             : {
     195             :     int i;
     196             : 
     197           0 :     if( !nfiles ) { /* read the filenames from stdin */
     198             :         char line[2048];
     199           0 :         unsigned int lno = 0;
     200             : 
     201           0 :         while( fgets(line, DIM(line), stdin) ) {
     202           0 :             lno++;
     203           0 :             if( !*line || line[strlen(line)-1] != '\n' ) {
     204           0 :                 log_error(_("input line %u too long or missing LF\n"), lno );
     205           0 :                 return GPG_ERR_GENERAL;
     206             :             }
     207             :             /* This code does not work on MSDOS but how cares there are
     208             :              * also no script languages available.  We don't strip any
     209             :              * spaces, so that we can process nearly all filenames */
     210           0 :             line[strlen(line)-1] = 0;
     211           0 :             verify_one_file (ctrl, line );
     212             :         }
     213             : 
     214             :     }
     215             :     else {  /* take filenames from the array */
     216           0 :         for(i=0; i < nfiles; i++ )
     217           0 :             verify_one_file (ctrl, files[i] );
     218             :     }
     219           0 :     return 0;
     220             : }
     221             : 
     222             : 
     223             : 
     224             : 
     225             : /* Perform a verify operation.  To verify detached signatures, DATA_FD
     226             :    shall be the descriptor of the signed data; for regular signatures
     227             :    it needs to be -1.  If OUT_FP is not NULL and DATA_FD is not -1 the
     228             :    the signed material gets written that stream.
     229             : 
     230             :    FIXME: OUTFP is not yet implemented.
     231             : */
     232             : int
     233           0 : gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp)
     234             : {
     235             :   int rc;
     236             :   iobuf_t fp;
     237           0 :   armor_filter_context_t *afx = NULL;
     238           0 :   progress_filter_context_t *pfx = new_progress_context ();
     239             : 
     240             :   (void)ctrl;
     241             :   (void)out_fp;
     242             : 
     243           0 :   if (is_secured_file (sig_fd))
     244             :     {
     245           0 :       fp = NULL;
     246           0 :       gpg_err_set_errno (EPERM);
     247             :     }
     248             :   else
     249           0 :     fp = iobuf_fdopen_nc (sig_fd, "rb");
     250           0 :   if (!fp)
     251             :     {
     252           0 :       rc = gpg_error_from_syserror ();
     253           0 :       log_error (_("can't open fd %d: %s\n"), sig_fd, strerror (errno));
     254           0 :       goto leave;
     255             :     }
     256             : 
     257           0 :   handle_progress (pfx, fp, NULL);
     258             : 
     259           0 :   if ( !opt.no_armor && use_armor_filter (fp) )
     260             :     {
     261           0 :       afx = new_armor_context ();
     262           0 :       push_armor_filter (afx, fp);
     263             :     }
     264             : 
     265           0 :   rc = proc_signature_packets_by_fd (ctrl, NULL, fp, data_fd);
     266             : 
     267           0 :   if ( afx && afx->no_openpgp_data
     268           0 :        && (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF) )
     269           0 :     rc = gpg_error (GPG_ERR_NO_DATA);
     270             : 
     271             :  leave:
     272           0 :   iobuf_close (fp);
     273           0 :   release_progress_context (pfx);
     274           0 :   release_armor_context (afx);
     275           0 :   return rc;
     276             : }

Generated by: LCOV version 1.11