diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 9a9a26ef..5e663e16 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1,3586 +1,3579 @@ /* engine-gpg.c - Gpg Engine. * Copyright (C) 2000 Werner Koch (dd9jn) * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, * 2009, 2010, 2012, 2013 g10 Code GmbH * * This file is part of GPGME. * * GPGME is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * GPGME is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this program; if not, see . * SPDX-License-Identifier: LGPL-2.1-or-later */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #ifdef HAVE_UNISTD_H # include #endif #ifdef HAVE_LOCALE_H #include #endif #include "gpgme.h" #include "util.h" #include "ops.h" #include "wait.h" #include "context.h" /*temp hack until we have GpmeData methods to do I/O */ #include "priv-io.h" #include "sema.h" #include "debug.h" #include "data.h" #include "mbox-util.h" #include "engine-backend.h" /* This type is used to build a list of gpg arguments and data sources/sinks. */ struct arg_and_data_s { struct arg_and_data_s *next; gpgme_data_t data; /* If this is not NULL, use arg below. */ int inbound; /* True if this is used for reading from gpg. */ int dup_to; int print_fd; /* Print the fd number and not the special form of it. */ int *arg_locp; /* Write back the argv idx of this argument when building command line to this location. */ char arg[1]; /* Used if data above is not used. */ }; struct fd_data_map_s { gpgme_data_t data; int inbound; /* true if this is used for reading from gpg */ int dup_to; int fd; /* the fd to use */ int peer_fd; /* the other side of the pipe */ int arg_loc; /* The index into the argv for translation purposes. */ void *tag; }; /* NB.: R_LINE is allocated an gpgrt function and thus gpgrt_free * shall be used to release it. This takes care of custom memory * allocators and avoids problems on Windows with different runtimes * used for libgpg-error/gpgrt and gpgme. */ typedef gpgme_error_t (*colon_preprocessor_t) (char *line, char **rline); struct engine_gpg { char *file_name; char *version; char *lc_messages; char *lc_ctype; struct arg_and_data_s *arglist; struct arg_and_data_s **argtail; struct { int fd[2]; int arg_loc; size_t bufsize; char *buffer; size_t readpos; int eof; engine_status_handler_t fnc; void *fnc_value; gpgme_status_cb_t mon_cb; void *mon_cb_value; void *tag; } status; /* This is a kludge - see the comment at colon_line_handler. */ struct { int fd[2]; int arg_loc; size_t bufsize; char *buffer; size_t readpos; int eof; engine_colon_line_handler_t fnc; /* this indicate use of this structrue */ void *fnc_value; void *tag; colon_preprocessor_t preprocess_fnc; } colon; char **argv; struct fd_data_map_s *fd_data_map; /* stuff needed for interactive (command) mode */ struct { int used; int fd; void *cb_data; int idx; /* Index in fd_data_map */ gpgme_status_code_t code; /* last code */ char *keyword; /* what has been requested (malloced) */ engine_command_handler_t fnc; void *fnc_value; } cmd; struct gpgme_io_cbs io_cbs; gpgme_pinentry_mode_t pinentry_mode; char request_origin[10]; char *auto_key_locate; char *trust_model; struct { unsigned int no_symkey_cache : 1; unsigned int offline : 1; unsigned int ignore_mdc_error : 1; unsigned int include_key_block : 1; unsigned int auto_key_import : 1; } flags; /* NULL or the data object fed to --override_session_key-fd. */ gpgme_data_t override_session_key; /* Memory data containing diagnostics (--logger-fd) of gpg */ gpgme_data_t diagnostics; }; typedef struct engine_gpg *engine_gpg_t; static void gpg_io_event (void *engine, gpgme_event_io_t type, void *type_data) { engine_gpg_t gpg = engine; TRACE (DEBUG_ENGINE, "gpgme:gpg_io_event", gpg, "event %p, type %d, type_data %p", gpg->io_cbs.event, type, type_data); if (gpg->io_cbs.event) (*gpg->io_cbs.event) (gpg->io_cbs.event_priv, type, type_data); } static void close_notify_handler (int fd, void *opaque) { engine_gpg_t gpg = opaque; assert (fd != -1); if (gpg->status.fd[0] == fd) { if (gpg->status.tag) (*gpg->io_cbs.remove) (gpg->status.tag); gpg->status.fd[0] = -1; } else if (gpg->status.fd[1] == fd) gpg->status.fd[1] = -1; else if (gpg->colon.fd[0] == fd) { if (gpg->colon.tag) (*gpg->io_cbs.remove) (gpg->colon.tag); gpg->colon.fd[0] = -1; } else if (gpg->colon.fd[1] == fd) gpg->colon.fd[1] = -1; else if (gpg->cmd.fd == fd) gpg->cmd.fd = -1; else if (gpg->fd_data_map) { int i; for (i = 0; gpg->fd_data_map[i].data; i++) { if (gpg->fd_data_map[i].fd == fd) { if (gpg->fd_data_map[i].tag) (*gpg->io_cbs.remove) (gpg->fd_data_map[i].tag); gpg->fd_data_map[i].fd = -1; break; } if (gpg->fd_data_map[i].peer_fd == fd) { gpg->fd_data_map[i].peer_fd = -1; break; } } } } /* If FRONT is true, push at the front of the list. Use this for options added late in the process. */ static gpgme_error_t _add_arg (engine_gpg_t gpg, const char *prefix, const char *arg, size_t arglen, int front, int *arg_locp) { struct arg_and_data_s *a; size_t prefixlen = prefix? strlen (prefix) : 0; assert (gpg); assert (arg); a = malloc (sizeof *a + prefixlen + arglen); if (!a) return gpg_error_from_syserror (); a->data = NULL; a->dup_to = -1; a->arg_locp = arg_locp; if (prefixlen) memcpy (a->arg, prefix, prefixlen); memcpy (a->arg + prefixlen, arg, arglen); a->arg[prefixlen + arglen] = 0; if (front) { a->next = gpg->arglist; if (!gpg->arglist) { /* If this is the first argument, we need to update the tail pointer. */ gpg->argtail = &a->next; } gpg->arglist = a; } else { a->next = NULL; *gpg->argtail = a; gpg->argtail = &a->next; } return 0; } static gpgme_error_t add_arg_ext (engine_gpg_t gpg, const char *arg, int front) { return _add_arg (gpg, NULL, arg, strlen (arg), front, NULL); } static gpgme_error_t add_arg_with_locp (engine_gpg_t gpg, const char *arg, int *locp) { return _add_arg (gpg, NULL, arg, strlen (arg), 0, locp); } static gpgme_error_t add_arg (engine_gpg_t gpg, const char *arg) { return _add_arg (gpg, NULL, arg, strlen (arg), 0, NULL); } static gpgme_error_t add_arg_pfx (engine_gpg_t gpg, const char *prefix, const char *arg) { return _add_arg (gpg, prefix, arg, strlen (arg), 0, NULL); } static gpgme_error_t add_arg_len (engine_gpg_t gpg, const char *prefix, const char *arg, size_t arglen) { return _add_arg (gpg, prefix, arg, arglen, 0, NULL); } static gpgme_error_t add_data (engine_gpg_t gpg, gpgme_data_t data, int dup_to, int inbound) { struct arg_and_data_s *a; assert (gpg); assert (data); a = malloc (sizeof *a - 1); if (!a) return gpg_error_from_syserror (); a->next = NULL; a->data = data; a->inbound = inbound; a->arg_locp = NULL; if (dup_to == -2) { a->print_fd = 1; a->dup_to = -1; } else { a->print_fd = 0; a->dup_to = dup_to; } *gpg->argtail = a; gpg->argtail = &a->next; return 0; } /* Return true if the engine's version is at least VERSION. */ static int have_gpg_version (engine_gpg_t gpg, const char *version) { return _gpgme_compare_versions (gpg->version, version); } static char * gpg_get_version (const char *file_name) { return _gpgme_get_program_version (file_name ? file_name : _gpgme_get_default_gpg_name ()); } static const char * gpg_get_req_version (void) { return "1.4.0"; } static void free_argv (char **argv) { int i; for (i = 0; argv[i]; i++) free (argv[i]); free (argv); } static void free_fd_data_map (struct fd_data_map_s *fd_data_map) { int i; if (!fd_data_map) return; for (i = 0; fd_data_map[i].data; i++) { if (fd_data_map[i].fd != -1) _gpgme_io_close (fd_data_map[i].fd); if (fd_data_map[i].peer_fd != -1) _gpgme_io_close (fd_data_map[i].peer_fd); /* Don't release data because this is only a reference. */ } free (fd_data_map); } static gpgme_error_t gpg_cancel (void *engine) { engine_gpg_t gpg = engine; if (!gpg) return gpg_error (GPG_ERR_INV_VALUE); /* If gpg may be waiting for a cmd, close the cmd fd first. On Windows, close operations block on the reader/writer thread. */ if (gpg->cmd.used) { if (gpg->cmd.fd != -1) _gpgme_io_close (gpg->cmd.fd); else if (gpg->fd_data_map && gpg->fd_data_map[gpg->cmd.idx].fd != -1) _gpgme_io_close (gpg->fd_data_map[gpg->cmd.idx].fd); } if (gpg->status.fd[0] != -1) _gpgme_io_close (gpg->status.fd[0]); if (gpg->status.fd[1] != -1) _gpgme_io_close (gpg->status.fd[1]); if (gpg->colon.fd[0] != -1) _gpgme_io_close (gpg->colon.fd[0]); if (gpg->colon.fd[1] != -1) _gpgme_io_close (gpg->colon.fd[1]); if (gpg->fd_data_map) { free_fd_data_map (gpg->fd_data_map); gpg->fd_data_map = NULL; } return 0; } static void gpg_release (void *engine) { engine_gpg_t gpg = engine; if (!gpg) return; gpg_cancel (engine); if (gpg->file_name) free (gpg->file_name); if (gpg->version) free (gpg->version); if (gpg->lc_messages) free (gpg->lc_messages); if (gpg->lc_ctype) free (gpg->lc_ctype); while (gpg->arglist) { struct arg_and_data_s *next = gpg->arglist->next; free (gpg->arglist); gpg->arglist = next; } if (gpg->status.buffer) free (gpg->status.buffer); if (gpg->colon.buffer) free (gpg->colon.buffer); if (gpg->argv) free_argv (gpg->argv); if (gpg->cmd.keyword) free (gpg->cmd.keyword); free (gpg->auto_key_locate); free (gpg->trust_model); gpgme_data_release (gpg->override_session_key); gpgme_data_release (gpg->diagnostics); free (gpg); } static gpgme_error_t gpg_new (void **engine, const char *file_name, const char *home_dir, const char *version) { engine_gpg_t gpg; gpgme_error_t rc = 0; char *dft_display = NULL; char dft_ttyname[64]; char *dft_ttytype = NULL; char *env_tty = NULL; gpg = calloc (1, sizeof *gpg); if (!gpg) return gpg_error_from_syserror (); if (file_name) { gpg->file_name = strdup (file_name); if (!gpg->file_name) { rc = gpg_error_from_syserror (); goto leave; } } if (version) { gpg->version = strdup (version); if (!gpg->version) { rc = gpg_error_from_syserror (); goto leave; } } gpg->argtail = &gpg->arglist; gpg->status.fd[0] = -1; gpg->status.fd[1] = -1; gpg->colon.fd[0] = -1; gpg->colon.fd[1] = -1; gpg->cmd.fd = -1; gpg->cmd.idx = -1; /* Allocate the read buffer for the status pipe. */ gpg->status.bufsize = 1024; gpg->status.readpos = 0; gpg->status.buffer = malloc (gpg->status.bufsize); if (!gpg->status.buffer) { rc = gpg_error_from_syserror (); goto leave; } /* In any case we need a status pipe - create it right here and don't handle it with our generic gpgme_data_t mechanism. */ if (_gpgme_io_pipe (gpg->status.fd, 1) == -1) { rc = gpg_error_from_syserror (); goto leave; } if (_gpgme_io_set_close_notify (gpg->status.fd[0], close_notify_handler, gpg) || _gpgme_io_set_close_notify (gpg->status.fd[1], close_notify_handler, gpg)) { rc = gpg_error (GPG_ERR_GENERAL); goto leave; } gpg->status.eof = 0; if (home_dir) { rc = add_arg (gpg, "--homedir"); if (!rc) rc = add_arg (gpg, home_dir); if (rc) goto leave; } rc = add_arg (gpg, "--status-fd"); if (rc) goto leave; { char buf[25]; _gpgme_io_fd2str (buf, sizeof (buf), gpg->status.fd[1]); rc = add_arg_with_locp (gpg, buf, &gpg->status.arg_loc); if (rc) goto leave; } rc = add_arg (gpg, "--no-tty"); if (!rc) rc = add_arg (gpg, "--charset"); if (!rc) rc = add_arg (gpg, "utf8"); if (!rc) rc = add_arg (gpg, "--enable-progress-filter"); if (!rc && have_gpg_version (gpg, "2.1.11")) rc = add_arg (gpg, "--exit-on-status-write-error"); if (rc) goto leave; rc = _gpgme_getenv ("DISPLAY", &dft_display); if (rc) goto leave; if (dft_display) { rc = add_arg (gpg, "--display"); if (!rc) rc = add_arg (gpg, dft_display); free (dft_display); if (rc) goto leave; } rc = _gpgme_getenv ("GPG_TTY", &env_tty); if (isatty (1) || env_tty || rc) { int err = 0; if (rc) goto leave; else if (env_tty) { snprintf (dft_ttyname, sizeof (dft_ttyname), "%s", env_tty); free (env_tty); } else err = ttyname_r (1, dft_ttyname, sizeof (dft_ttyname)); /* Even though isatty() returns 1, ttyname_r() may fail in many ways, e.g., when /dev/pts is not accessible under chroot. */ if (!err) { if (*dft_ttyname) { rc = add_arg (gpg, "--ttyname"); if (!rc) rc = add_arg (gpg, dft_ttyname); } else rc = 0; if (!rc) { rc = _gpgme_getenv ("TERM", &dft_ttytype); if (rc) goto leave; if (dft_ttytype) { rc = add_arg (gpg, "--ttytype"); if (!rc) rc = add_arg (gpg, dft_ttytype); } free (dft_ttytype); } if (rc) goto leave; } } rc = gpgme_data_new (&gpg->diagnostics); if (rc) goto leave; rc = add_arg (gpg, "--logger-fd"); if (rc) goto leave; rc = add_data (gpg, gpg->diagnostics, -2, 1); leave: if (rc) gpg_release (gpg); else *engine = gpg; return rc; } /* Copy flags from CTX into the engine object. */ static void gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx) { engine_gpg_t gpg = engine; if (ctx->request_origin && have_gpg_version (gpg, "2.2.6")) { if (strlen (ctx->request_origin) + 1 > sizeof gpg->request_origin) strcpy (gpg->request_origin, "xxx"); /* Too long - force error */ else strcpy (gpg->request_origin, ctx->request_origin); } else *gpg->request_origin = 0; if (ctx->auto_key_locate && have_gpg_version (gpg, "2.1.18")) { if (gpg->auto_key_locate) free (gpg->auto_key_locate); gpg->auto_key_locate = _gpgme_strconcat ("--auto-key-locate=", ctx->auto_key_locate, NULL); } if (ctx->trust_model && strlen (ctx->trust_model)) { if (gpg->trust_model) free (gpg->trust_model); gpg->trust_model = _gpgme_strconcat ("--trust-model=", ctx->trust_model, NULL); } gpg->flags.no_symkey_cache = (ctx->no_symkey_cache && have_gpg_version (gpg, "2.2.7")); gpg->flags.offline = (ctx->offline && have_gpg_version (gpg, "2.1.23")); gpg->flags.ignore_mdc_error = !!ctx->ignore_mdc_error; if (have_gpg_version (gpg, "2.2.20")) { if (ctx->auto_key_import) gpg->flags.auto_key_import = 1; if (ctx->include_key_block) gpg->flags.include_key_block = 1; } } static gpgme_error_t gpg_set_locale (void *engine, int category, const char *value) { engine_gpg_t gpg = engine; if (0) ; #ifdef LC_CTYPE else if (category == LC_CTYPE) { if (gpg->lc_ctype) { free (gpg->lc_ctype); gpg->lc_ctype = NULL; } if (value) { gpg->lc_ctype = strdup (value); if (!gpg->lc_ctype) return gpg_error_from_syserror (); } } #endif #ifdef LC_MESSAGES else if (category == LC_MESSAGES) { if (gpg->lc_messages) { free (gpg->lc_messages); gpg->lc_messages = NULL; } if (value) { gpg->lc_messages = strdup (value); if (!gpg->lc_messages) return gpg_error_from_syserror (); } } #endif /* LC_MESSAGES */ else return gpg_error (GPG_ERR_INV_VALUE); return 0; } /* This sets a status callback for monitoring status lines before they * are passed to a caller set handler. */ static void gpg_set_status_cb (void *engine, gpgme_status_cb_t cb, void *cb_value) { engine_gpg_t gpg = engine; gpg->status.mon_cb = cb; gpg->status.mon_cb_value = cb_value; } /* Note, that the status_handler is allowed to modify the args value. */ static void gpg_set_status_handler (void *engine, engine_status_handler_t fnc, void *fnc_value) { engine_gpg_t gpg = engine; gpg->status.fnc = fnc; gpg->status.fnc_value = fnc_value; } /* Kludge to process --with-colon output. */ static gpgme_error_t gpg_set_colon_line_handler (void *engine, engine_colon_line_handler_t fnc, void *fnc_value) { engine_gpg_t gpg = engine; gpg->colon.bufsize = 1024; gpg->colon.readpos = 0; gpg->colon.buffer = malloc (gpg->colon.bufsize); if (!gpg->colon.buffer) return gpg_error_from_syserror (); if (_gpgme_io_pipe (gpg->colon.fd, 1) == -1) { int saved_err = gpg_error_from_syserror (); free (gpg->colon.buffer); gpg->colon.buffer = NULL; return saved_err; } if (_gpgme_io_set_close_notify (gpg->colon.fd[0], close_notify_handler, gpg) || _gpgme_io_set_close_notify (gpg->colon.fd[1], close_notify_handler, gpg)) return gpg_error (GPG_ERR_GENERAL); gpg->colon.eof = 0; gpg->colon.fnc = fnc; gpg->colon.fnc_value = fnc_value; return 0; } static gpgme_error_t command_handler (void *opaque, int fd) { struct io_cb_data *data = (struct io_cb_data *) opaque; engine_gpg_t gpg = (engine_gpg_t) data->handler_value; gpgme_error_t err; int processed = 0; assert (gpg->cmd.used); assert (gpg->cmd.code); assert (gpg->cmd.fnc); err = gpg->cmd.fnc (gpg->cmd.fnc_value, gpg->cmd.code, gpg->cmd.keyword, fd, &processed); gpg->cmd.code = 0; /* And sleep again until read_status will wake us up again. */ /* XXX We must check if there are any more fds active after removing this one. */ (*gpg->io_cbs.remove) (gpg->fd_data_map[gpg->cmd.idx].tag); gpg->cmd.fd = gpg->fd_data_map[gpg->cmd.idx].fd; gpg->fd_data_map[gpg->cmd.idx].fd = -1; if (err) return err; /* We always need to send at least a newline character. */ if (!processed) _gpgme_io_write (fd, "\n", 1); return 0; } /* The FNC will be called to get a value for one of the commands with * a key KEY. If the code passed to FNC is 0, the function may * release resources associated with the returned value from another * call. To match such a second call to a first call, the returned * value from the first call is passed as keyword. */ static gpgme_error_t gpg_set_command_handler (void *engine, engine_command_handler_t fnc, void *fnc_value) { engine_gpg_t gpg = engine; gpgme_error_t rc; rc = add_arg (gpg, "--command-fd"); if (rc) return rc; /* This is a hack. We don't have a real data object. The only thing that matters is that we use something unique, so we use the address of the cmd structure in the gpg object. */ rc = add_data (gpg, (void *) &gpg->cmd, -2, 0); if (rc) return rc; gpg->cmd.fnc = fnc; gpg->cmd.cb_data = (void *) &gpg->cmd; gpg->cmd.fnc_value = fnc_value; gpg->cmd.used = 1; return 0; } static gpgme_error_t build_argv (engine_gpg_t gpg, const char *pgmname) { gpgme_error_t err; struct arg_and_data_s *a; struct fd_data_map_s *fd_data_map; size_t datac=0, argc=0, allocated_argc=0; char **argv; int need_special = 0; int use_agent = 0; char *p; if (_gpgme_in_gpg_one_mode ()) { /* In GnuPG-1 mode we don't want to use the agent with a malformed environment variable. This is only a very basic test but sufficient to make our life in the regression tests easier. With GnuPG-2 the agent is anyway required and on modern installations GPG_AGENT_INFO is optional. */ err = _gpgme_getenv ("GPG_AGENT_INFO", &p); if (err) return err; use_agent = (p && strchr (p, ':')); if (p) free (p); } if (gpg->argv) { free_argv (gpg->argv); gpg->argv = NULL; } if (gpg->fd_data_map) { free_fd_data_map (gpg->fd_data_map); gpg->fd_data_map = NULL; } argc++; /* For argv[0]. */ for (a = gpg->arglist; a; a = a->next) { argc++; if (a->data) { /*fprintf (stderr, "build_argv: data\n" );*/ datac++; if (a->dup_to == -1 && !a->print_fd) need_special = 1; } else { /* fprintf (stderr, "build_argv: arg=`%s'\n", a->arg );*/ } } if (need_special) argc++; if (use_agent) argc++; if (*gpg->request_origin) argc++; if (gpg->auto_key_locate) argc++; if (gpg->trust_model) argc++; if (gpg->flags.no_symkey_cache) argc++; if (gpg->flags.ignore_mdc_error) argc++; if (gpg->flags.offline) argc++; if (gpg->pinentry_mode) argc++; if (!gpg->cmd.used) argc++; /* --batch */ argc++; /* --no-sk-comments */ argv = calloc (argc + 1, sizeof *argv); allocated_argc = argc; if (!argv) return gpg_error_from_syserror (); fd_data_map = calloc (datac + 1, sizeof *fd_data_map); if (!fd_data_map) { int saved_err = gpg_error_from_syserror (); free_argv (argv); return saved_err; } argc = datac = 0; argv[argc] = strdup (_gpgme_get_basename (pgmname)); /* argv[0] */ if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; if (need_special) { argv[argc] = strdup ("--enable-special-filenames"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (use_agent) { argv[argc] = strdup ("--use-agent"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } /* NOTE: If you add a new argument here. Ensure that argc is counted up above to allocate enough memory. */ if (*gpg->request_origin) { argv[argc] = _gpgme_strconcat ("--request-origin=", gpg->request_origin, NULL); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (gpg->auto_key_locate) { argv[argc] = strdup (gpg->auto_key_locate); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (gpg->trust_model) { argv[argc] = strdup (gpg->trust_model); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (gpg->flags.no_symkey_cache) { argv[argc] = strdup ("--no-symkey-cache"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (gpg->flags.ignore_mdc_error) { argv[argc] = strdup ("--ignore-mdc-error"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (gpg->flags.offline) { argv[argc] = strdup ("--disable-dirmngr"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } if (gpg->pinentry_mode && have_gpg_version (gpg, "2.1.0")) { const char *s = NULL; switch (gpg->pinentry_mode) { case GPGME_PINENTRY_MODE_DEFAULT: break; case GPGME_PINENTRY_MODE_ASK: s = "--pinentry-mode=ask"; break; case GPGME_PINENTRY_MODE_CANCEL: s = "--pinentry-mode=cancel"; break; case GPGME_PINENTRY_MODE_ERROR: s = "--pinentry-mode=error"; break; case GPGME_PINENTRY_MODE_LOOPBACK:s = "--pinentry-mode=loopback"; break; } if (s) { argv[argc] = strdup (s); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } } if (!gpg->cmd.used) { argv[argc] = strdup ("--batch"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } argv[argc] = strdup ("--no-sk-comments"); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; for (a = gpg->arglist; a; a = a->next) { if (a->arg_locp) *(a->arg_locp) = argc; if (a->data) { /* Create a pipe to pass it down to gpg. */ fd_data_map[datac].inbound = a->inbound; /* Create a pipe. */ { int fds[2]; if (_gpgme_io_pipe (fds, fd_data_map[datac].inbound ? 1 : 0) == -1) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } if (_gpgme_io_set_close_notify (fds[0], close_notify_handler, gpg) || _gpgme_io_set_close_notify (fds[1], close_notify_handler, gpg)) { /* We leak fd_data_map and the fds. This is not easy to avoid and given that we reach this here only after a malloc failure for a small object, it is probably better not to do anything. */ return gpg_error (GPG_ERR_GENERAL); } /* If the data_type is FD, we have to do a dup2 here. */ if (fd_data_map[datac].inbound) { fd_data_map[datac].fd = fds[0]; fd_data_map[datac].peer_fd = fds[1]; } else { fd_data_map[datac].fd = fds[1]; fd_data_map[datac].peer_fd = fds[0]; } } /* Hack to get hands on the fd later. */ if (gpg->cmd.used) { if (gpg->cmd.cb_data == a->data) { assert (gpg->cmd.idx == -1); gpg->cmd.idx = datac; } } fd_data_map[datac].data = a->data; fd_data_map[datac].dup_to = a->dup_to; if (a->dup_to == -1) { char *ptr; int buflen = 25; argv[argc] = malloc (buflen); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } ptr = argv[argc]; if (!a->print_fd) { *(ptr++) = '-'; *(ptr++) = '&'; buflen -= 2; } _gpgme_io_fd2str (ptr, buflen, fd_data_map[datac].peer_fd); fd_data_map[datac].arg_loc = argc; argc++; } datac++; } else { argv[argc] = strdup (a->arg); if (!argv[argc]) { int saved_err = gpg_error_from_syserror (); free (fd_data_map); free_argv (argv); return saved_err; } argc++; } } /* Saveguard against adding a new argument without properly counting up the argc used for allocation at the beginning of this function. It would be better to use a dynamically allocated array like ccparray in gnupg. */ assert (argc <= allocated_argc); gpg->argv = argv; gpg->fd_data_map = fd_data_map; return 0; } static gpgme_error_t add_io_cb (engine_gpg_t gpg, int fd, int dir, gpgme_io_cb_t handler, void *data, void **tag) { gpgme_error_t err; err = (*gpg->io_cbs.add) (gpg->io_cbs.add_priv, fd, dir, handler, data, tag); if (err) return err; if (!dir) /* FIXME Kludge around poll() problem. */ err = _gpgme_io_set_nonblocking (fd); return err; } /* Handle the status output of GnuPG. This function does read entire lines and passes them as C strings to the callback function (we can use C Strings because the status output is always UTF-8 encoded). Of course we have to buffer the lines to cope with long lines e.g. with a large user ID. Note: We can optimize this to only cope with status line code we know about and skip all other stuff without buffering (i.e. without extending the buffer). */ static gpgme_error_t read_status (engine_gpg_t gpg) { char *p; int nread; size_t bufsize = gpg->status.bufsize; char *buffer = gpg->status.buffer; size_t readpos = gpg->status.readpos; gpgme_error_t err; assert (buffer); if (bufsize - readpos < 256) { /* Need more room for the read. */ bufsize += 1024; buffer = realloc (buffer, bufsize); if (!buffer) return gpg_error_from_syserror (); } nread = _gpgme_io_read (gpg->status.fd[0], buffer + readpos, bufsize-readpos); if (nread == -1) return gpg_error_from_syserror (); if (!nread) { err = 0; gpg->status.eof = 1; if (gpg->status.mon_cb) err = gpg->status.mon_cb (gpg->status.mon_cb_value, "", ""); if (gpg->status.fnc) { char emptystring[1] = {0}; err = gpg->status.fnc (gpg->status.fnc_value, GPGME_STATUS_EOF, emptystring); if (gpg_err_code (err) == GPG_ERR_FALSE) err = 0; /* Drop special error code. */ } return err; } while (nread > 0) { for (p = buffer + readpos; nread; nread--, p++) { if (*p == '\n') { /* (we require that the last line is terminated by a LF) */ if (p > buffer && p[-1] == '\r') p[-1] = 0; *p = 0; if (!strncmp (buffer, "[GNUPG:] ", 9) && buffer[9] >= 'A' && buffer[9] <= 'Z') { char *rest; gpgme_status_code_t r; rest = strchr (buffer + 9, ' '); if (!rest) rest = p; /* Set to an empty string. */ else *rest++ = 0; r = _gpgme_parse_status (buffer + 9); if (gpg->status.mon_cb && r != GPGME_STATUS_PROGRESS) { /* Note that we call the monitor even if we do * not know the status code (r < 0). */ err = gpg->status.mon_cb (gpg->status.mon_cb_value, buffer + 9, rest); if (err) return err; } if (r >= 0) { if (gpg->cmd.used && (r == GPGME_STATUS_GET_BOOL || r == GPGME_STATUS_GET_LINE || r == GPGME_STATUS_GET_HIDDEN)) { gpg->cmd.code = r; if (gpg->cmd.keyword) free (gpg->cmd.keyword); gpg->cmd.keyword = strdup (rest); if (!gpg->cmd.keyword) return gpg_error_from_syserror (); /* This should be the last thing we have received and the next thing will be that the command handler does its action. */ if (nread > 1) TRACE (DEBUG_CTX, "gpgme:read_status", 0, "error: unexpected data"); add_io_cb (gpg, gpg->cmd.fd, 0, command_handler, gpg, &gpg->fd_data_map[gpg->cmd.idx].tag); gpg->fd_data_map[gpg->cmd.idx].fd = gpg->cmd.fd; gpg->cmd.fd = -1; } else if (gpg->status.fnc) { err = gpg->status.fnc (gpg->status.fnc_value, r, rest); if (gpg_err_code (err) == GPG_ERR_FALSE) err = 0; /* Drop special error code. */ if (err) return err; } } } /* To reuse the buffer for the next line we have to shift the remaining data to the buffer start and restart the loop Hmmm: We can optimize this function by looking forward in the buffer to see whether a second complete line is available and in this case avoid the memmove for this line. */ nread--; p++; if (nread) memmove (buffer, p, nread); readpos = 0; break; /* the for loop */ } else readpos++; } } /* Update the gpg object. */ gpg->status.bufsize = bufsize; gpg->status.buffer = buffer; gpg->status.readpos = readpos; return 0; } static gpgme_error_t status_handler (void *opaque, int fd) { struct io_cb_data *data = (struct io_cb_data *) opaque; engine_gpg_t gpg = (engine_gpg_t) data->handler_value; int err; assert (fd == gpg->status.fd[0]); err = read_status (gpg); if (err) return err; if (gpg->status.eof) _gpgme_io_close (fd); return 0; } static gpgme_error_t read_colon_line (engine_gpg_t gpg) { char *p; int nread; size_t bufsize = gpg->colon.bufsize; char *buffer = gpg->colon.buffer; size_t readpos = gpg->colon.readpos; assert (buffer); if (bufsize - readpos < 256) { /* Need more room for the read. */ bufsize += 1024; buffer = realloc (buffer, bufsize); if (!buffer) return gpg_error_from_syserror (); } nread = _gpgme_io_read (gpg->colon.fd[0], buffer+readpos, bufsize-readpos); if (nread == -1) return gpg_error_from_syserror (); if (!nread) { gpg->colon.eof = 1; assert (gpg->colon.fnc); gpg->colon.fnc (gpg->colon.fnc_value, NULL); return 0; } while (nread > 0) { for (p = buffer + readpos; nread; nread--, p++) { if ( *p == '\n' ) { /* (we require that the last line is terminated by a LF) and we skip empty lines. Note: we use UTF8 encoding and escaping of special characters. We require at least one colon to cope with some other printed information. */ *p = 0; if (*buffer && strchr (buffer, ':')) { char *line = NULL; if (gpg->colon.preprocess_fnc) { gpgme_error_t err; err = gpg->colon.preprocess_fnc (buffer, &line); if (err) return err; } assert (gpg->colon.fnc); if (line) { char *linep = line; char *endp; do { endp = strchr (linep, '\n'); if (endp) *endp++ = 0; gpg->colon.fnc (gpg->colon.fnc_value, linep); linep = endp; } while (linep && *linep); gpgrt_free (line); } else gpg->colon.fnc (gpg->colon.fnc_value, buffer); } /* To reuse the buffer for the next line we have to shift the remaining data to the buffer start and restart the loop Hmmm: We can optimize this function by looking forward in the buffer to see whether a second complete line is available and in this case avoid the memmove for this line. */ nread--; p++; if (nread) memmove (buffer, p, nread); readpos = 0; break; /* The for loop. */ } else readpos++; } } /* Update the gpg object. */ gpg->colon.bufsize = bufsize; gpg->colon.buffer = buffer; gpg->colon.readpos = readpos; return 0; } /* This colonline handler thing is not the clean way to do it. It might be better to enhance the gpgme_data_t object to act as a wrapper for a callback. Same goes for the status thing. For now we use this thing here because it is easier to implement. */ static gpgme_error_t colon_line_handler (void *opaque, int fd) { struct io_cb_data *data = (struct io_cb_data *) opaque; engine_gpg_t gpg = (engine_gpg_t) data->handler_value; gpgme_error_t rc = 0; assert (fd == gpg->colon.fd[0]); rc = read_colon_line (gpg); if (rc) return rc; if (gpg->colon.eof) _gpgme_io_close (fd); return 0; } static gpgme_error_t start (engine_gpg_t gpg) { gpgme_error_t rc; int i, n; int status; struct spawn_fd_item_s *fd_list; pid_t pid; const char *pgmname; if (!gpg) return gpg_error (GPG_ERR_INV_VALUE); if (!gpg->file_name && !_gpgme_get_default_gpg_name ()) return trace_gpg_error (GPG_ERR_INV_ENGINE); if (gpg->lc_ctype) { rc = add_arg_ext (gpg, gpg->lc_ctype, 1); if (!rc) rc = add_arg_ext (gpg, "--lc-ctype", 1); if (rc) return rc; } if (gpg->lc_messages) { rc = add_arg_ext (gpg, gpg->lc_messages, 1); if (!rc) rc = add_arg_ext (gpg, "--lc-messages", 1); if (rc) return rc; } pgmname = gpg->file_name ? gpg->file_name : _gpgme_get_default_gpg_name (); rc = build_argv (gpg, pgmname); if (rc) return rc; /* status_fd, colon_fd and end of list. */ n = 3; for (i = 0; gpg->fd_data_map[i].data; i++) n++; fd_list = calloc (n, sizeof *fd_list); if (! fd_list) return gpg_error_from_syserror (); /* Build the fd list for the child. */ n = 0; fd_list[n].fd = gpg->status.fd[1]; fd_list[n].dup_to = -1; fd_list[n].arg_loc = gpg->status.arg_loc; n++; if (gpg->colon.fnc) { fd_list[n].fd = gpg->colon.fd[1]; fd_list[n].dup_to = 1; n++; } for (i = 0; gpg->fd_data_map[i].data; i++) { fd_list[n].fd = gpg->fd_data_map[i].peer_fd; fd_list[n].dup_to = gpg->fd_data_map[i].dup_to; fd_list[n].arg_loc = gpg->fd_data_map[i].arg_loc; n++; } fd_list[n].fd = -1; fd_list[n].dup_to = -1; status = _gpgme_io_spawn (pgmname, gpg->argv, (IOSPAWN_FLAG_DETACHED |IOSPAWN_FLAG_ALLOW_SET_FG), fd_list, NULL, NULL, &pid); { int saved_err = gpg_error_from_syserror (); free (fd_list); if (status == -1) return saved_err; } /*_gpgme_register_term_handler ( closure, closure_value, pid );*/ rc = add_io_cb (gpg, gpg->status.fd[0], 1, status_handler, gpg, &gpg->status.tag); if (rc) /* FIXME: kill the child */ return rc; if (gpg->colon.fnc) { assert (gpg->colon.fd[0] != -1); rc = add_io_cb (gpg, gpg->colon.fd[0], 1, colon_line_handler, gpg, &gpg->colon.tag); if (rc) /* FIXME: kill the child */ return rc; } for (i = 0; gpg->fd_data_map[i].data; i++) { if (gpg->cmd.used && i == gpg->cmd.idx) { /* Park the cmd fd. */ gpg->cmd.fd = gpg->fd_data_map[i].fd; gpg->fd_data_map[i].fd = -1; } else { rc = add_io_cb (gpg, gpg->fd_data_map[i].fd, gpg->fd_data_map[i].inbound, gpg->fd_data_map[i].inbound ? _gpgme_data_inbound_handler : _gpgme_data_outbound_handler, gpg->fd_data_map[i].data, &gpg->fd_data_map[i].tag); if (rc) /* FIXME: kill the child */ return rc; } } gpg_io_event (gpg, GPGME_EVENT_START, NULL); /* fixme: check what data we can release here */ return 0; } /* Add the --input-size-hint option if requested. */ static gpgme_error_t add_input_size_hint (engine_gpg_t gpg, gpgme_data_t data) { gpgme_error_t err; gpgme_off_t value = _gpgme_data_get_size_hint (data); char numbuf[50]; /* Large enough for even 2^128 in base-10. */ char *p; if (!value || !have_gpg_version (gpg, "2.1.15")) return 0; err = add_arg (gpg, "--input-size-hint"); if (!err) { p = numbuf + sizeof numbuf; *--p = 0; do { *--p = '0' + (value % 10); value /= 10; } while (value); err = add_arg (gpg, p); } return err; } static gpgme_error_t gpg_decrypt (void *engine, gpgme_decrypt_flags_t flags, gpgme_data_t ciph, gpgme_data_t plain, int export_session_key, const char *override_session_key, int auto_key_retrieve) { engine_gpg_t gpg = engine; gpgme_error_t err; err = add_arg (gpg, "--decrypt"); if (!err && (flags & GPGME_DECRYPT_UNWRAP)) { if (!have_gpg_version (gpg, "2.1.12")) err = gpg_error (GPG_ERR_NOT_SUPPORTED); else err = add_arg (gpg, "--unwrap"); } if (!err && export_session_key) err = add_arg (gpg, "--show-session-key"); if (!err && auto_key_retrieve) err = add_arg (gpg, "--auto-key-retrieve"); if (!err && gpg->flags.auto_key_import) err = add_arg (gpg, "--auto-key-import"); if (!err && override_session_key && *override_session_key) { if (have_gpg_version (gpg, "2.1.16")) { gpgme_data_release (gpg->override_session_key); TRACE (DEBUG_ENGINE, "override", gpg, "seskey='%s' len=%zu\n", override_session_key, strlen (override_session_key)); err = gpgme_data_new_from_mem (&gpg->override_session_key, override_session_key, strlen (override_session_key), 1); if (!err) { /* When we are not trying to verify signatures as well, * we add --no-keyring because a keyring is not required * for decryption when overriding the session key. It would * work without that option but --no-keyring avoids that * gpg return a failure due to a missing key log_error() * diagnostic. --no-keyring is supported since 2.1.14. */ if (!(flags & GPGME_DECRYPT_VERIFY)) err = add_arg (gpg, "--no-keyring"); if (!err) err = add_arg (gpg, "--override-session-key-fd"); if (!err) err = add_data (gpg, gpg->override_session_key, -2, 0); } } else { /* Using that option may leak the session key via ps(1). */ err = add_arg (gpg, "--override-session-key"); if (!err) err = add_arg (gpg, override_session_key); } } /* Tell the gpg object about the data. */ if (!err) err = add_arg (gpg, "--output"); if (!err) err = add_arg (gpg, "-"); if (!err) err = add_data (gpg, plain, 1, 1); if (!err) err = add_input_size_hint (gpg, ciph); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, ciph, -1, 0); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_delete (void *engine, gpgme_key_t key, unsigned int flags) { engine_gpg_t gpg = engine; gpgme_error_t err = 0; int allow_secret = flags & GPGME_DELETE_ALLOW_SECRET; int force = flags & GPGME_DELETE_FORCE; if (force) err = add_arg (gpg, "--yes"); if (!err) err = add_arg (gpg, allow_secret ? "--delete-secret-and-public-key" : "--delete-key"); if (!err) err = add_arg (gpg, "--"); if (!err) { if (!key->subkeys || !key->subkeys->fpr) return gpg_error (GPG_ERR_INV_VALUE); else err = add_arg (gpg, key->subkeys->fpr); } if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_passwd (void *engine, gpgme_key_t key, unsigned int flags) { engine_gpg_t gpg = engine; gpgme_error_t err; (void)flags; if (!key || !key->subkeys || !key->subkeys->fpr) return gpg_error (GPG_ERR_INV_CERT_OBJ); err = add_arg (gpg, "--passwd"); if (!err) err = add_arg (gpg, key->subkeys->fpr); if (!err) err = start (gpg); return err; } static gpgme_error_t append_args_from_signers (engine_gpg_t gpg, gpgme_ctx_t ctx /* FIXME */) { gpgme_error_t err = 0; int i; gpgme_key_t key; for (i = 0; (key = gpgme_signers_enum (ctx, i)); i++) { const char *s = key->subkeys ? key->subkeys->keyid : NULL; if (s) { if (!err) err = add_arg (gpg, "-u"); if (!err) err = add_arg (gpg, s); } gpgme_key_unref (key); if (err) break; } return err; } static gpgme_error_t append_args_from_sender (engine_gpg_t gpg, gpgme_ctx_t ctx) { gpgme_error_t err; if (ctx->sender && have_gpg_version (gpg, "2.1.15")) { err = add_arg (gpg, "--sender"); if (!err) err = add_arg (gpg, ctx->sender); } else err = 0; return err; } #define NOTATION_FLAG_SIG 1 /* Use --sig-notation (default)*/ #define NOTATION_FLAG_CERT 2 /* Use --cert-notation */ #define NOTATION_FLAG_SET 3 /* Use --set-notation */ static gpgme_error_t append_args_from_sig_notations (engine_gpg_t gpg, gpgme_ctx_t ctx /* FIXME */, int flags) { gpgme_error_t err = 0; gpgme_sig_notation_t notation; notation = gpgme_sig_notation_get (ctx); while (!err && notation) { if (notation->name && !(notation->flags & GPGME_SIG_NOTATION_HUMAN_READABLE)) err = gpg_error (GPG_ERR_INV_VALUE); else if (notation->name) { char *arg; /* Maximum space needed is one byte for the "critical" flag, the name, one byte for '=', the value, and a terminating '\0'. */ arg = malloc (1 + notation->name_len + 1 + notation->value_len + 1); if (!arg) err = gpg_error_from_syserror (); if (!err) { char *argp = arg; if (notation->critical) *(argp++) = '!'; memcpy (argp, notation->name, notation->name_len); argp += notation->name_len; *(argp++) = '='; /* We know that notation->name is '\0' terminated. */ strcpy (argp, notation->value); } if (!err) { if ((flags & NOTATION_FLAG_SET)) err = add_arg (gpg, "--set-notation"); else if ((flags & NOTATION_FLAG_CERT)) err = add_arg (gpg, "--cert-notation"); else err = add_arg (gpg, "--sig-notation"); } if (!err) err = add_arg (gpg, arg); if (arg) free (arg); } else { /* This is a policy URL. */ char *value; if (notation->critical) { value = malloc (1 + notation->value_len + 1); if (!value) err = gpg_error_from_syserror (); else { value[0] = '!'; /* We know that notation->value is '\0' terminated. */ strcpy (&value[1], notation->value); } } else value = notation->value; if (!err) err = add_arg (gpg, "--sig-policy-url"); if (!err) err = add_arg (gpg, value); if (value != notation->value) free (value); } notation = notation->next; } return err; } static gpgme_error_t gpg_edit (void *engine, int type, gpgme_key_t key, gpgme_data_t out, gpgme_ctx_t ctx /* FIXME */) { engine_gpg_t gpg = engine; gpgme_error_t err; err = add_arg (gpg, "--with-colons"); if (!err && ctx->extended_edit) err = add_arg (gpg, "--expert"); if (!err) err = append_args_from_signers (gpg, ctx); if (!err) err = append_args_from_sig_notations (gpg, ctx, NOTATION_FLAG_CERT); if (!err) err = add_arg (gpg, type == 0 ? "--edit-key" : "--card-edit"); if (!err) err = add_data (gpg, out, 1, 1); if (!err) err = add_arg (gpg, "--"); if (!err && type == 0) { const char *s = key->subkeys ? key->subkeys->fpr : NULL; if (!s) err = gpg_error (GPG_ERR_INV_VALUE); else err = add_arg (gpg, s); } if (!err) err = start (gpg); return err; } /* Add a single argument from a key to an -r option. */ static gpg_error_t add_arg_recipient (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, gpgme_key_t key) { gpg_error_t err; if ((flags & GPGME_ENCRYPT_WANT_ADDRESS)) { /* We have no way to figure out which mail address was * requested. FIXME: It would be possible to figure this out by * consulting the SENDER property of the context. */ err = gpg_error (GPG_ERR_INV_USER_ID); } else err = add_arg (gpg, key->subkeys->fpr); return err; } /* Add a single argument from a USERID string to an -r option. */ static gpg_error_t add_arg_recipient_string (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, const char *userid, int useridlen) { gpg_error_t err; if ((flags & GPGME_ENCRYPT_WANT_ADDRESS)) { char *tmpstr, *mbox; tmpstr = malloc (useridlen + 1); if (!tmpstr) err = gpg_error_from_syserror (); else { memcpy (tmpstr, userid, useridlen); tmpstr[useridlen] = 0; mbox = _gpgme_mailbox_from_userid (tmpstr); if (!mbox) { err = gpg_error_from_syserror (); if (gpg_err_code (err) == GPG_ERR_EINVAL) err = gpg_error (GPG_ERR_INV_USER_ID); } else err = add_arg (gpg, mbox); free (mbox); free (tmpstr); } } else err = add_arg_len (gpg, NULL, userid, useridlen); return err; } static gpgme_error_t append_args_from_recipients (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, gpgme_key_t recp[]) { gpgme_error_t err = 0; int i = 0; while (recp[i]) { if (!recp[i]->subkeys || !recp[i]->subkeys->fpr) err = gpg_error (GPG_ERR_INV_VALUE); if (!err) err = add_arg (gpg, "-r"); if (!err) err = add_arg_recipient (gpg, flags, recp[i]); if (err) break; i++; } return err; } /* Take recipients from the LF delimited STRING and add -r args. */ static gpg_error_t append_args_from_recipients_string (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, const char *string) { gpg_error_t err = 0; gpgme_encrypt_flags_t orig_flags = flags; int any = 0; int ignore = 0; int hidden = 0; int file = 0; const char *s; int n; do { /* Skip leading white space */ while (*string == ' ' || *string == '\t') string++; if (!*string) break; /* Look for the LF. */ s = strchr (string, '\n'); if (s) n = s - string; else n = strlen (string); while (n && (string[n-1] == ' ' || string[n-1] == '\t')) n--; if (!ignore && n == 2 && !memcmp (string, "--", 2)) ignore = 1; else if (!ignore && n == 8 && !memcmp (string, "--hidden", 8)) hidden = 1; else if (!ignore && n == 11 && !memcmp (string, "--no-hidden", 11)) hidden = 0; else if (!ignore && n == 6 && !memcmp (string, "--file", 6)) { file = 1; /* Because the key is used as is we need to ignore this flag: */ flags &= ~GPGME_ENCRYPT_WANT_ADDRESS; } else if (!ignore && n == 9 && !memcmp (string, "--no-file", 9)) { file = 0; flags = orig_flags; } else if (!ignore && n > 2 && !memcmp (string, "--", 2)) err = gpg_error (GPG_ERR_UNKNOWN_OPTION); else if (n) /* Not empty - use it. */ { err = add_arg (gpg, file? (hidden? "-F":"-f") : (hidden? "-R":"-r")); if (!err) err = add_arg_recipient_string (gpg, flags, string, n); if (!err) any = 1; } string += n + !!s; } while (!err); if (!err && !any) err = gpg_error (GPG_ERR_MISSING_KEY); return err; } static gpgme_error_t gpg_encrypt (void *engine, gpgme_key_t recp[], const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor) { engine_gpg_t gpg = engine; gpgme_error_t err = 0; if (recp || recpstring) err = add_arg (gpg, "--encrypt"); if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || (!recp && !recpstring))) err = add_arg (gpg, "--symmetric"); if (!err && use_armor) err = add_arg (gpg, "--armor"); if (!err && (flags & GPGME_ENCRYPT_WRAP)) { /* gpg is current not able to detect already compressed * packets. Thus when using * gpg --unwrap -d | gpg --no-literal -e * the encryption would add an additional compression layer. * We better suppress that. */ flags |= GPGME_ENCRYPT_NO_COMPRESS; err = add_arg (gpg, "--no-literal"); } if (!err && (flags & GPGME_ENCRYPT_NO_COMPRESS)) err = add_arg (gpg, "--compress-algo=none"); if (!err && (flags & GPGME_ENCRYPT_THROW_KEYIDS)) err = add_arg (gpg, "--throw-keyids"); if (gpgme_data_get_encoding (plain) == GPGME_DATA_ENCODING_MIME && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); if (!err && gpg->flags.include_key_block) err = add_arg (gpg, "--include-key-block"); if (recp || recpstring) { /* If we know that all recipients are valid (full or ultimate trust) we can suppress further checks. */ if (!err && (flags & GPGME_ENCRYPT_ALWAYS_TRUST)) err = add_arg (gpg, "--always-trust"); if (!err && (flags & GPGME_ENCRYPT_NO_ENCRYPT_TO)) err = add_arg (gpg, "--no-encrypt-to"); if (!err && !recp && recpstring) err = append_args_from_recipients_string (gpg, flags, recpstring); else if (!err) err = append_args_from_recipients (gpg, flags, recp); } /* Tell the gpg object about the data. */ if (!err) err = add_arg (gpg, "--output"); if (!err) err = add_arg (gpg, "-"); if (!err) err = add_data (gpg, ciph, 1, 1); if (gpgme_data_get_file_name (plain)) { if (!err) err = add_arg (gpg, "--set-filename"); if (!err) err = add_arg (gpg, gpgme_data_get_file_name (plain)); } if (!err) err = add_input_size_hint (gpg, plain); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, plain, -1, 0); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_encrypt_sign (void *engine, gpgme_key_t recp[], const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor, gpgme_ctx_t ctx /* FIXME */) { engine_gpg_t gpg = engine; gpgme_error_t err = 0; if (recp || recpstring) err = add_arg (gpg, "--encrypt"); if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || (!recp && !recpstring))) err = add_arg (gpg, "--symmetric"); if (!err) err = add_arg (gpg, "--sign"); if (!err && use_armor) err = add_arg (gpg, "--armor"); if (!err && (flags & GPGME_ENCRYPT_NO_COMPRESS)) err = add_arg (gpg, "--compress-algo=none"); if (!err && (flags & GPGME_ENCRYPT_THROW_KEYIDS)) err = add_arg (gpg, "--throw-keyids"); if (gpgme_data_get_encoding (plain) == GPGME_DATA_ENCODING_MIME && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); if (!err && gpg->flags.include_key_block) err = add_arg (gpg, "--include-key-block"); if (recp || recpstring) { /* If we know that all recipients are valid (full or ultimate trust) we can suppress further checks. */ if (!err && (flags & GPGME_ENCRYPT_ALWAYS_TRUST)) err = add_arg (gpg, "--always-trust"); if (!err && (flags & GPGME_ENCRYPT_NO_ENCRYPT_TO)) err = add_arg (gpg, "--no-encrypt-to"); if (!err && !recp && recpstring) err = append_args_from_recipients_string (gpg, flags, recpstring); else if (!err) err = append_args_from_recipients (gpg, flags, recp); } if (!err) err = append_args_from_signers (gpg, ctx); if (!err) err = append_args_from_sender (gpg, ctx); if (!err) err = append_args_from_sig_notations (gpg, ctx, NOTATION_FLAG_SIG); /* Tell the gpg object about the data. */ if (!err) err = add_arg (gpg, "--output"); if (!err) err = add_arg (gpg, "-"); if (!err) err = add_data (gpg, ciph, 1, 1); if (gpgme_data_get_file_name (plain)) { if (!err) err = add_arg (gpg, "--set-filename"); if (!err) err = add_arg (gpg, gpgme_data_get_file_name (plain)); } if (!err) err = add_input_size_hint (gpg, plain); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, plain, -1, 0); if (!err) err = start (gpg); return err; } static gpgme_error_t export_common (engine_gpg_t gpg, gpgme_export_mode_t mode, gpgme_data_t keydata, int use_armor) { gpgme_error_t err = 0; if ((mode & ~(GPGME_EXPORT_MODE_EXTERN |GPGME_EXPORT_MODE_MINIMAL |GPGME_EXPORT_MODE_SSH |GPGME_EXPORT_MODE_SECRET))) return gpg_error (GPG_ERR_NOT_SUPPORTED); if ((mode & GPGME_EXPORT_MODE_MINIMAL)) { - if ((mode & GPGME_EXPORT_MODE_NOUID)) - err = add_arg (gpg, "--export-options=export-minimal,export-drop-uids"); - else - err = add_arg (gpg, "--export-options=export-minimal"); + err = add_arg (gpg, "--export-options=export-minimal"); } - else if ((mode & GPGME_EXPORT_MODE_NOUID)) - err = add_arg (gpg, "--export-options=export-drop-uids"); if (err) ; else if ((mode & GPGME_EXPORT_MODE_SSH)) { if (have_gpg_version (gpg, "2.1.11")) err = add_arg (gpg, "--export-ssh-key"); else err = gpg_error (GPG_ERR_NOT_SUPPORTED); if (!err) err = add_data (gpg, keydata, 1, 1); } else if ((mode & GPGME_EXPORT_MODE_EXTERN)) { err = add_arg (gpg, "--send-keys"); - if (!err && (mode & GPGME_EXPORT_MODE_NOUID)) - err = add_arg (gpg, "--keyserver-options=export-drop-uids"); } else { if ((mode & GPGME_EXPORT_MODE_SECRET)) err = add_arg (gpg, "--export-secret-keys"); else err = add_arg (gpg, "--export"); if (!err && use_armor) err = add_arg (gpg, "--armor"); if (!err) err = add_data (gpg, keydata, 1, 1); } if (!err) err = add_arg (gpg, "--"); return err; } static gpgme_error_t gpg_export (void *engine, const char *pattern, gpgme_export_mode_t mode, gpgme_data_t keydata, int use_armor) { engine_gpg_t gpg = engine; gpgme_error_t err; err = export_common (gpg, mode, keydata, use_armor); if (!err && pattern && *pattern) err = add_arg (gpg, pattern); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_export_ext (void *engine, const char *pattern[], gpgme_export_mode_t mode, gpgme_data_t keydata, int use_armor) { engine_gpg_t gpg = engine; gpgme_error_t err; err = export_common (gpg, mode, keydata, use_armor); if (pattern) { while (!err && *pattern && **pattern) err = add_arg (gpg, *(pattern++)); } if (!err) err = start (gpg); return err; } /* Helper to add algo, usage, and expire to the list of args. */ static gpgme_error_t gpg_add_algo_usage_expire (engine_gpg_t gpg, const char *algo, unsigned long expires, unsigned int flags) { gpg_error_t err; /* This condition is only required to allow the use of gpg < 2.1.16 */ if (algo || (flags & (GPGME_CREATE_SIGN | GPGME_CREATE_ENCR | GPGME_CREATE_CERT | GPGME_CREATE_AUTH | GPGME_CREATE_NOEXPIRE)) || expires) { err = add_arg (gpg, algo? algo : "default"); if (!err) { char tmpbuf[5*4+1]; snprintf (tmpbuf, sizeof tmpbuf, "%s%s%s%s", (flags & GPGME_CREATE_SIGN)? " sign":"", (flags & GPGME_CREATE_ENCR)? " encr":"", (flags & GPGME_CREATE_CERT)? " cert":"", (flags & GPGME_CREATE_AUTH)? " auth":""); err = add_arg (gpg, *tmpbuf? tmpbuf : "default"); } if (!err) { if ((flags & GPGME_CREATE_NOEXPIRE)) err = add_arg (gpg, "never"); else if (expires == 0) err = add_arg (gpg, "-"); else { char tmpbuf[8+20]; snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expires); err = add_arg (gpg, tmpbuf); } } } else err = 0; return err; } static gpgme_error_t gpg_createkey_from_param (engine_gpg_t gpg, gpgme_data_t help_data, unsigned int extraflags) { gpgme_error_t err; err = add_arg (gpg, "--gen-key"); if (!err && (extraflags & GENKEY_EXTRAFLAG_ARMOR)) err = add_arg (gpg, "--armor"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, help_data, -1, 0); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_createkey (engine_gpg_t gpg, const char *userid, const char *algo, unsigned long expires, unsigned int flags, unsigned int extraflags) { gpgme_error_t err; err = add_arg (gpg, "--quick-gen-key"); if (!err && (extraflags & GENKEY_EXTRAFLAG_ARMOR)) err = add_arg (gpg, "--armor"); if (!err && (flags & GPGME_CREATE_NOPASSWD)) { err = add_arg (gpg, "--passphrase"); if (!err) err = add_arg (gpg, ""); if (!err) err = add_arg (gpg, "--batch"); } if (!err && (flags & GPGME_CREATE_FORCE)) err = add_arg (gpg, "--yes"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, userid); if (!err) err = gpg_add_algo_usage_expire (gpg, algo, expires, flags); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_addkey (engine_gpg_t gpg, const char *algo, unsigned long expires, gpgme_key_t key, unsigned int flags, unsigned int extraflags) { gpgme_error_t err; if (!key || !key->fpr) return gpg_error (GPG_ERR_INV_ARG); err = add_arg (gpg, "--quick-addkey"); if (!err && (extraflags & GENKEY_EXTRAFLAG_ARMOR)) err = add_arg (gpg, "--armor"); if (!err && (flags & GPGME_CREATE_NOPASSWD)) { err = add_arg (gpg, "--passphrase"); if (!err) err = add_arg (gpg, ""); if (!err) err = add_arg (gpg, "--batch"); } if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, key->fpr); if (!err) err = gpg_add_algo_usage_expire (gpg, algo, expires, flags); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_adduid (engine_gpg_t gpg, gpgme_key_t key, const char *userid, unsigned int extraflags) { gpgme_error_t err; if (!key || !key->fpr || !userid) return gpg_error (GPG_ERR_INV_ARG); if ((extraflags & GENKEY_EXTRAFLAG_SETPRIMARY)) { if (!have_gpg_version (gpg, "2.1.20")) err = gpg_error (GPG_ERR_NOT_SUPPORTED); else err = add_arg (gpg, "--quick-set-primary-uid"); } else if ((extraflags & GENKEY_EXTRAFLAG_REVOKE)) err = add_arg (gpg, "--quick-revuid"); else err = add_arg (gpg, "--quick-adduid"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, key->fpr); if (!err) err = add_arg (gpg, userid); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_genkey (void *engine, const char *userid, const char *algo, unsigned long reserved, unsigned long expires, gpgme_key_t key, unsigned int flags, gpgme_data_t help_data, unsigned int extraflags, gpgme_data_t pubkey, gpgme_data_t seckey) { engine_gpg_t gpg = engine; gpgme_error_t err; (void)reserved; if (!gpg) return gpg_error (GPG_ERR_INV_VALUE); /* If HELP_DATA is given the use of the old interface * (gpgme_op_genkey) has been requested. The other modes are: * * USERID && !KEY - Create a new keyblock. * !USERID && KEY - Add a new subkey to KEY (gpg >= 2.1.14) * USERID && KEY && !ALGO - Add a new user id to KEY (gpg >= 2.1.14). * or set a flag on a user id. */ if (help_data) { /* We need a special mechanism to get the fd of a pipe here, so that we can use this for the %pubring and %secring parameters. We don't have this yet, so we implement only the adding to the standard keyrings. */ if (pubkey || seckey) err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); else err = gpg_createkey_from_param (gpg, help_data, extraflags); } else if (!have_gpg_version (gpg, "2.1.13")) err = gpg_error (GPG_ERR_NOT_SUPPORTED); else if (userid && !key) err = gpg_createkey (gpg, userid, algo, expires, flags, extraflags); else if (!userid && key) err = gpg_addkey (gpg, algo, expires, key, flags, extraflags); else if (userid && key && !algo) err = gpg_adduid (gpg, key, userid, extraflags); else err = gpg_error (GPG_ERR_INV_VALUE); return err; } /* Return the next DELIM delimited string from DATA as a C-string. The caller needs to provide the address of a pointer variable which he has to set to NULL before the first call. After the last call to this function, this function needs to be called once more with DATA set to NULL so that the function can release its internal state. After that the pointer variable is free for use again. Note that we use a delimiter and thus a trailing delimiter is not required. DELIM may not be changed after the first call. */ static const char * string_from_data (gpgme_data_t data, int delim, void **helpptr, gpgme_error_t *r_err) { #define MYBUFLEN 2000 /* Fixme: We don't support URLs longer than that. */ struct { int eof_seen; int nbytes; /* Length of the last returned string including the delimiter. */ int buflen; /* Valid length of BUF. */ char buf[MYBUFLEN+1]; /* Buffer with one byte extra space. */ } *self; char *p; int nread; *r_err = 0; if (!data) { if (*helpptr) { free (*helpptr); *helpptr = NULL; } return NULL; } if (*helpptr) self = *helpptr; else { self = malloc (sizeof *self); if (!self) { *r_err = gpg_error_from_syserror (); return NULL; } *helpptr = self; self->eof_seen = 0; self->nbytes = 0; self->buflen = 0; } if (self->eof_seen) return NULL; assert (self->nbytes <= self->buflen); memmove (self->buf, self->buf + self->nbytes, self->buflen - self->nbytes); self->buflen -= self->nbytes; self->nbytes = 0; do { /* Fixme: This is fairly infective scanning because we may scan the buffer several times. */ p = memchr (self->buf, delim, self->buflen); if (p) { *p = 0; self->nbytes = p - self->buf + 1; return self->buf; } if ( !(MYBUFLEN - self->buflen) ) { /* Not enough space - URL too long. */ *r_err = gpg_error (GPG_ERR_TOO_LARGE); return NULL; } nread = gpgme_data_read (data, self->buf + self->buflen, MYBUFLEN - self->buflen); if (nread < 0) { *r_err = gpg_error_from_syserror (); return NULL; } self->buflen += nread; } while (nread); /* EOF reached. If we have anything in the buffer, append a Nul and return it. */ self->eof_seen = 1; if (self->buflen) { self->buf[self->buflen] = 0; /* (we allocated one extra byte) */ return self->buf; } return NULL; #undef MYBUFLEN } static gpgme_error_t gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray) { engine_gpg_t gpg = engine; gpgme_error_t err; int idx; gpgme_data_encoding_t dataenc; if (keydata && keyarray) return gpg_error (GPG_ERR_INV_VALUE); /* Only one is allowed. */ dataenc = gpgme_data_get_encoding (keydata); if (keyarray) { err = add_arg (gpg, "--recv-keys"); if (!err) err = add_arg (gpg, "--"); for (idx=0; !err && keyarray[idx]; idx++) { if (keyarray[idx]->protocol != GPGME_PROTOCOL_OpenPGP) ; else if (!keyarray[idx]->subkeys) ; else if (keyarray[idx]->subkeys->fpr && *keyarray[idx]->subkeys->fpr) err = add_arg (gpg, keyarray[idx]->subkeys->fpr); else if (*keyarray[idx]->subkeys->keyid) err = add_arg (gpg, keyarray[idx]->subkeys->keyid); } } else if (dataenc == GPGME_DATA_ENCODING_URL || dataenc == GPGME_DATA_ENCODING_URL0) { void *helpptr; const char *string; gpgme_error_t xerr; int delim = (dataenc == GPGME_DATA_ENCODING_URL)? '\n': 0; /* FIXME: --fetch-keys is probably not correct because it can't grok all kinds of URLs. On Unix it should just work but on Windows we will build the command line and that may fail for some embedded control characters. It is anyway limited to the maximum size of the command line. We need another command which can take its input from a file. Maybe we should use an option to gpg to modify such commands (ala --multifile). */ err = add_arg (gpg, "--fetch-keys"); if (!err) err = add_arg (gpg, "--"); helpptr = NULL; while (!err && (string = string_from_data (keydata, delim, &helpptr, &xerr))) err = add_arg (gpg, string); if (!err) err = xerr; string_from_data (NULL, delim, &helpptr, &xerr); } else if (dataenc == GPGME_DATA_ENCODING_URLESC) { /* Already escaped URLs are not yet supported. */ err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); } else { err = add_arg (gpg, "--import"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, keydata, -1, 0); } if (!err) err = start (gpg); return err; } /* The output for external keylistings in GnuPG is different from all the other key listings. We catch this here with a special preprocessor that reformats the colon handler lines. */ static gpgme_error_t gpg_keylist_preprocess (char *line, char **r_line) { enum { RT_NONE, RT_INFO, RT_PUB, RT_UID } rectype = RT_NONE; #define NR_FIELDS 16 char *field[NR_FIELDS]; int fields = 0; size_t n; *r_line = NULL; while (line && fields < NR_FIELDS) { field[fields++] = line; line = strchr (line, ':'); if (line) *(line++) = '\0'; } if (!strcmp (field[0], "info")) rectype = RT_INFO; else if (!strcmp (field[0], "pub")) rectype = RT_PUB; else if (!strcmp (field[0], "uid")) rectype = RT_UID; else rectype = RT_NONE; switch (rectype) { case RT_INFO: /* FIXME: Eventually, check the version number at least. */ return 0; case RT_PUB: if (fields < 7) return 0; /* The format is: pub:::::: as defined in 5.2. Machine Readable Indexes of the OpenPGP HTTP Keyserver Protocol (draft). Modern versions of the SKS keyserver return the fingerprint instead of the keyid. We detect this here and use the v4 fingerprint format to convert it to a key id. We want: pub:o::::::::::::: */ n = strlen (field[1]); if (n > 16) { if (gpgrt_asprintf (r_line, "pub:o%s:%s:%s:%s:%s:%s::::::::\n" "fpr:::::::::%s:", field[6], field[3], field[2], field[1] + n - 16, field[4], field[5], field[1]) < 0) return gpg_error_from_syserror (); } else { if (gpgrt_asprintf (r_line, "pub:o%s:%s:%s:%s:%s:%s::::::::", field[6], field[3], field[2], field[1], field[4], field[5]) < 0) return gpg_error_from_syserror (); } return 0; case RT_UID: /* The format is: uid:::: as defined in 5.2. Machine Readable Indexes of the OpenPGP HTTP Keyserver Protocol (draft). For an ldap keyserver the format is: uid: We want: uid:o::::::::: */ { /* The user ID is percent escaped, but we want c-coded. Because we have to replace each '%HL' by '\xHL', we need at most 4/3 th the number of bytes. But because we also need to escape the backslashes we allocate twice as much. */ char *uid = malloc (2 * strlen (field[1]) + 1); char *src; char *dst; if (! uid) return gpg_error_from_syserror (); src = field[1]; dst = uid; while (*src) { if (*src == '%') { *(dst++) = '\\'; *(dst++) = 'x'; src++; /* Copy the next two bytes unconditionally. */ if (*src) *(dst++) = *(src++); if (*src) *(dst++) = *(src++); } else if (*src == '\\') { *dst++ = '\\'; *dst++ = '\\'; src++; } else *(dst++) = *(src++); } *dst = '\0'; if (fields < 4) { if (gpgrt_asprintf (r_line, "uid:o::::::::%s:", uid) < 0) return gpg_error_from_syserror (); } else { if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:", field[4], field[2], field[3], uid) < 0) return gpg_error_from_syserror (); } } return 0; case RT_NONE: /* Unknown record. */ break; } return 0; } static gpg_error_t gpg_keylist_build_options (engine_gpg_t gpg, int secret_only, gpgme_keylist_mode_t mode) { gpg_error_t err; err = add_arg (gpg, "--with-colons"); /* Since gpg 2.1.15 fingerprints are always printed, thus there is * no more need to explicitly request them. */ if (!have_gpg_version (gpg, "2.1.15")) { if (!err) err = add_arg (gpg, "--fixed-list-mode"); if (!err) err = add_arg (gpg, "--with-fingerprint"); if (!err) err = add_arg (gpg, "--with-fingerprint"); } if (!err && (mode & GPGME_KEYLIST_MODE_WITH_TOFU) && have_gpg_version (gpg, "2.1.16")) err = add_arg (gpg, "--with-tofu-info"); if (!err && (mode & GPGME_KEYLIST_MODE_WITH_SECRET)) { err = add_arg (gpg, "--with-secret"); err = add_arg (gpg, "--with-keygrip"); } else if (!err && (mode & GPGME_KEYLIST_MODE_WITH_KEYGRIP)) { /* Explicitly requests the keygrip. */ err = add_arg (gpg, "--with-keygrip"); } if (!err && (mode & GPGME_KEYLIST_MODE_SIGS) && have_gpg_version (gpg, "2.0.10")) { err = add_arg (gpg, "--with-sig-check"); } if (!err && (mode & GPGME_KEYLIST_MODE_SIGS) && (mode & GPGME_KEYLIST_MODE_SIG_NOTATIONS)) { err = add_arg (gpg, "--list-options"); if (!err) err = add_arg (gpg, "show-sig-subpackets=\"20,26\""); } if (!err) { if ( (mode & GPGME_KEYLIST_MODE_EXTERN) ) { if (secret_only) err = gpg_error (GPG_ERR_NOT_SUPPORTED); else if ( (mode & GPGME_KEYLIST_MODE_LOCAL)) { /* The local+extern mode is special. It works only with gpg >= 2.0.10. FIXME: We should check that we have such a version to that we can return a proper error code. The problem is that we don't know the context here and thus can't access the cached version number for the engine info structure. */ err = add_arg (gpg, "--locate-keys"); if ((mode & GPGME_KEYLIST_MODE_SIGS)) err = add_arg (gpg, "--with-sig-check"); } else { err = add_arg (gpg, "--search-keys"); gpg->colon.preprocess_fnc = gpg_keylist_preprocess; } } else { err = add_arg (gpg, secret_only ? "--list-secret-keys" : ((mode & GPGME_KEYLIST_MODE_SIGS) ? "--check-sigs" : "--list-keys")); } } if (!err) err = add_arg (gpg, "--"); return err; } static gpgme_error_t gpg_keylist (void *engine, const char *pattern, int secret_only, gpgme_keylist_mode_t mode, int engine_flags) { engine_gpg_t gpg = engine; gpgme_error_t err; (void)engine_flags; err = gpg_keylist_build_options (gpg, secret_only, mode); if (!err && pattern && *pattern) err = add_arg (gpg, pattern); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_keylist_ext (void *engine, const char *pattern[], int secret_only, int reserved, gpgme_keylist_mode_t mode, int engine_flags) { engine_gpg_t gpg = engine; gpgme_error_t err; (void)engine_flags; if (reserved) return gpg_error (GPG_ERR_INV_VALUE); err = gpg_keylist_build_options (gpg, secret_only, mode); if (pattern) { while (!err && *pattern && **pattern) err = add_arg (gpg, *(pattern++)); } if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_keylist_data (void *engine, gpgme_data_t data) { engine_gpg_t gpg = engine; gpgme_error_t err; if (!have_gpg_version (gpg, "2.1.14")) return gpg_error (GPG_ERR_NOT_SUPPORTED); err = add_arg (gpg, "--with-colons"); if (!err) err = add_arg (gpg, "--with-fingerprint"); if (!err) err = add_arg (gpg, "--import-options"); if (!err) err = add_arg (gpg, "import-show"); if (!err) err = add_arg (gpg, "--dry-run"); if (!err) err = add_arg (gpg, "--import"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, data, -1, 0); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_keysign (void *engine, gpgme_key_t key, const char *userid, unsigned long expire, unsigned int flags, gpgme_ctx_t ctx) { engine_gpg_t gpg = engine; gpgme_error_t err; const char *s; if (!key || !key->fpr) return gpg_error (GPG_ERR_INV_ARG); if (!have_gpg_version (gpg, "2.1.12")) return gpg_error (GPG_ERR_NOT_SUPPORTED); if ((flags & GPGME_KEYSIGN_LOCAL)) err = add_arg (gpg, "--quick-lsign-key"); else err = add_arg (gpg, "--quick-sign-key"); if (!err) err = append_args_from_signers (gpg, ctx); /* If an expiration time has been given use that. If none has been * given the default from gpg.conf is used. To make sure not to set * an expiration time at all the flag GPGME_KEYSIGN_NOEXPIRE can be * used. */ if (!err && (expire || (flags & GPGME_KEYSIGN_NOEXPIRE))) { char tmpbuf[8+20]; if ((flags & GPGME_KEYSIGN_NOEXPIRE)) expire = 0; snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expire); err = add_arg (gpg, "--default-cert-expire"); if (!err) err = add_arg (gpg, tmpbuf); } if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, key->fpr); if (!err && userid) { if ((flags & GPGME_KEYSIGN_LFSEP)) { for (; !err && (s = strchr (userid, '\n')); userid = s + 1) if ((s - userid)) err = add_arg_len (gpg, "=", userid, s - userid); if (!err && *userid) err = add_arg_pfx (gpg, "=", userid); } else err = add_arg_pfx (gpg, "=", userid); } if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_revsig (void *engine, gpgme_key_t key, gpgme_key_t signing_key, const char *userid, unsigned int flags) { engine_gpg_t gpg = engine; gpgme_error_t err; const char *s; if (!key || !key->fpr) return gpg_error (GPG_ERR_INV_ARG); if (!have_gpg_version (gpg, "2.2.24")) return gpg_error (GPG_ERR_NOT_SUPPORTED); err = add_arg (gpg, "--quick-revoke-sig"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, key->fpr); if (!err) err = add_arg (gpg, signing_key->fpr); if (!err && userid) { if ((flags & GPGME_REVSIG_LFSEP)) { for (; !err && (s = strchr (userid, '\n')); userid = s + 1) if ((s - userid)) err = add_arg_len (gpg, "=", userid, s - userid); if (!err && *userid) err = add_arg_pfx (gpg, "=", userid); } else err = add_arg_pfx (gpg, "=", userid); } if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_tofu_policy (void *engine, gpgme_key_t key, gpgme_tofu_policy_t policy) { engine_gpg_t gpg = engine; gpgme_error_t err; const char *policystr = NULL; if (!key || !key->fpr) return gpg_error (GPG_ERR_INV_ARG); switch (policy) { case GPGME_TOFU_POLICY_NONE: break; case GPGME_TOFU_POLICY_AUTO: policystr = "auto"; break; case GPGME_TOFU_POLICY_GOOD: policystr = "good"; break; case GPGME_TOFU_POLICY_BAD: policystr = "bad"; break; case GPGME_TOFU_POLICY_ASK: policystr = "ask"; break; case GPGME_TOFU_POLICY_UNKNOWN: policystr = "unknown"; break; } if (!policystr) return gpg_error (GPG_ERR_INV_VALUE); if (!have_gpg_version (gpg, "2.1.10")) return gpg_error (GPG_ERR_NOT_SUPPORTED); err = add_arg (gpg, "--tofu-policy"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, policystr); if (!err) err = add_arg (gpg, key->fpr); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_sign (void *engine, gpgme_data_t in, gpgme_data_t out, gpgme_sig_mode_t mode, int use_armor, int use_textmode, int include_certs, gpgme_ctx_t ctx /* FIXME */) { engine_gpg_t gpg = engine; gpgme_error_t err; (void)include_certs; if (mode == GPGME_SIG_MODE_CLEAR) err = add_arg (gpg, "--clearsign"); else { err = add_arg (gpg, "--sign"); if (!err && mode == GPGME_SIG_MODE_DETACH) err = add_arg (gpg, "--detach"); if (!err && use_armor) err = add_arg (gpg, "--armor"); if (!err) { if (gpgme_data_get_encoding (in) == GPGME_DATA_ENCODING_MIME && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); else if (use_textmode) err = add_arg (gpg, "--textmode"); } } if (!err && gpg->flags.include_key_block) err = add_arg (gpg, "--include-key-block"); if (!err) err = append_args_from_signers (gpg, ctx); if (!err) err = append_args_from_sender (gpg, ctx); if (!err) err = append_args_from_sig_notations (gpg, ctx, NOTATION_FLAG_SIG); if (gpgme_data_get_file_name (in)) { if (!err) err = add_arg (gpg, "--set-filename"); if (!err) err = add_arg (gpg, gpgme_data_get_file_name (in)); } /* Tell the gpg object about the data. */ if (!err) err = add_input_size_hint (gpg, in); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, in, -1, 0); if (!err) err = add_data (gpg, out, 1, 1); if (!err) err = start (gpg); return err; } static gpgme_error_t gpg_verify (void *engine, gpgme_data_t sig, gpgme_data_t signed_text, gpgme_data_t plaintext, gpgme_ctx_t ctx) { engine_gpg_t gpg = engine; gpgme_error_t err; err = append_args_from_sender (gpg, ctx); if (!err && gpg->flags.auto_key_import) err = add_arg (gpg, "--auto-key-import"); if (!err && ctx->auto_key_retrieve) err = add_arg (gpg, "--auto-key-retrieve"); if (err) ; else if (plaintext) { /* Normal or cleartext signature. */ err = add_arg (gpg, "--output"); if (!err) err = add_arg (gpg, "-"); if (!err) err = add_input_size_hint (gpg, sig); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, sig, -1, 0); if (!err) err = add_data (gpg, plaintext, 1, 1); } else { err = add_arg (gpg, "--verify"); if (!err) err = add_input_size_hint (gpg, signed_text); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_data (gpg, sig, -1, 0); if (!err && signed_text) err = add_data (gpg, signed_text, -1, 0); } if (!err) err = start (gpg); return err; } static void gpg_set_io_cbs (void *engine, gpgme_io_cbs_t io_cbs) { engine_gpg_t gpg = engine; gpg->io_cbs = *io_cbs; } static gpgme_error_t gpg_set_pinentry_mode (void *engine, gpgme_pinentry_mode_t mode) { engine_gpg_t gpg = engine; gpg->pinentry_mode = mode; return 0; } static gpgme_error_t gpg_getauditlog (void *engine, gpgme_data_t output, unsigned int flags) { engine_gpg_t gpg = engine; #define MYBUFLEN 4096 char buf[MYBUFLEN]; int nread; int any_written = 0; if (!(flags & GPGME_AUDITLOG_DIAG)) { return gpg_error (GPG_ERR_NOT_IMPLEMENTED); } if (!gpg || !output) { return gpg_error (GPG_ERR_INV_VALUE); } if (!gpg->diagnostics) { return gpg_error (GPG_ERR_GENERAL); } gpgme_data_rewind (gpg->diagnostics); while ((nread = gpgme_data_read (gpg->diagnostics, buf, MYBUFLEN)) > 0) { any_written = 1; if (gpgme_data_write (output, buf, nread) == -1) return gpg_error_from_syserror (); } if (!any_written) { return gpg_error (GPG_ERR_NO_DATA); } if (nread == -1) return gpg_error_from_syserror (); gpgme_data_rewind (output); return 0; #undef MYBUFLEN } static gpgme_error_t gpg_setexpire (void *engine, gpgme_key_t key, unsigned long expires, const char *subfprs, unsigned int reserved) { engine_gpg_t gpg = engine; gpgme_error_t err; const char *s; if (reserved) return gpg_error (GPG_ERR_INV_VALUE); if (!key || !key->fpr) return gpg_error (GPG_ERR_INV_ARG); if (!have_gpg_version (gpg, "2.1.22")) return gpg_error (GPG_ERR_NOT_SUPPORTED); err = add_arg (gpg, "--quick-set-expire"); if (!err) err = add_arg (gpg, "--"); if (!err) err = add_arg (gpg, key->fpr); if (!err) { char tmpbuf[8+20]; snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expires); err = add_arg (gpg, tmpbuf); } if (!err && subfprs) { for (; !err && (s = strchr (subfprs, '\n')); subfprs = s + 1) { if ((s - subfprs)) { err = add_arg_len (gpg, NULL, subfprs, s - subfprs); } } if (!err && *subfprs) { err = add_arg (gpg, subfprs); } } if (!err) err = start (gpg); return err; } struct engine_ops _gpgme_engine_ops_gpg = { /* Static functions. */ _gpgme_get_default_gpg_name, NULL, gpg_get_version, gpg_get_req_version, gpg_new, /* Member functions. */ gpg_release, NULL, /* reset */ gpg_set_status_cb, gpg_set_status_handler, gpg_set_command_handler, gpg_set_colon_line_handler, gpg_set_locale, NULL, /* set_protocol */ gpg_set_engine_flags, /* set_engine_flags */ gpg_decrypt, gpg_delete, gpg_edit, gpg_encrypt, gpg_encrypt_sign, gpg_export, gpg_export_ext, gpg_genkey, gpg_import, gpg_keylist, gpg_keylist_ext, gpg_keylist_data, gpg_keysign, gpg_revsig, gpg_tofu_policy, /* tofu_policy */ gpg_sign, gpg_verify, gpg_getauditlog, gpg_setexpire, NULL, /* opassuan_transact */ NULL, /* conf_load */ NULL, /* conf_save */ NULL, /* conf_dir */ NULL, /* query_swdb */ gpg_set_io_cbs, gpg_io_event, gpg_cancel, NULL, /* cancel_op */ gpg_passwd, gpg_set_pinentry_mode, NULL /* opspawn */ }; diff --git a/src/export.c b/src/export.c index 879a54f9..4cee0ef9 100644 --- a/src/export.c +++ b/src/export.c @@ -1,502 +1,501 @@ /* export.c - Export a key. * Copyright (C) 2000 Werner Koch (dd9jn) * Copyright (C) 2001-2004, 2010, 2014 g10 Code GmbH * * This file is part of GPGME. * * GPGME is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * GPGME is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this program; if not, see . * SPDX-License-Identifier: LGPL-2.1-or-later */ #if HAVE_CONFIG_H #include #endif #include #include #include "gpgme.h" #include "util.h" #include "debug.h" #include "context.h" #include "ops.h" /* Local operation data. */ typedef struct { gpg_error_t err; /* Error encountered during the export. */ } *op_data_t; static void release_op_data (void *hook) { op_data_t opd = (op_data_t) hook; (void)opd; /* Nothing to release here. */ } /* Parse an error status line. Return the error location and the error code. The function may modify ARGS. */ static char * parse_error (char *args, gpg_error_t *r_err) { char *where = strchr (args, ' '); char *which; if (where) { *where = '\0'; which = where + 1; where = strchr (which, ' '); if (where) *where = '\0'; where = args; } else { *r_err = trace_gpg_error (GPG_ERR_INV_ENGINE); return NULL; } *r_err = atoi (which); return where; } static gpgme_error_t export_status_handler (void *priv, gpgme_status_code_t code, char *args) { gpgme_ctx_t ctx = (gpgme_ctx_t) priv; gpgme_error_t err; void *hook; op_data_t opd; const char *loc; err = _gpgme_passphrase_status_handler (priv, code, args); if (err) return err; err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook, -1, NULL); opd = hook; if (err) return err; switch (code) { case GPGME_STATUS_ERROR: loc = parse_error (args, &err); if (!loc) return err; else if (opd->err) ; /* We only want to report the first error. */ else if (!strcmp (loc, "keyserver_send")) opd->err = err; break; default: break; } return 0; } static gpgme_error_t export_start (gpgme_ctx_t ctx, int synchronous, const char *pattern, gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; void *hook; op_data_t opd; if ((mode & ~(GPGME_EXPORT_MODE_EXTERN |GPGME_EXPORT_MODE_MINIMAL |GPGME_EXPORT_MODE_SECRET |GPGME_EXPORT_MODE_SSH |GPGME_EXPORT_MODE_RAW - |GPGME_EXPORT_MODE_NOUID |GPGME_EXPORT_MODE_PKCS12))) return gpg_error (GPG_ERR_INV_VALUE); /* Invalid flags in MODE. */ if ((mode & GPGME_EXPORT_MODE_SECRET)) { if ((mode & GPGME_EXPORT_MODE_EXTERN)) return gpg_error (GPG_ERR_INV_FLAG); /* Combination not allowed. */ if ((mode & GPGME_EXPORT_MODE_RAW) && (mode & GPGME_EXPORT_MODE_PKCS12)) return gpg_error (GPG_ERR_INV_FLAG); /* Combination not allowed. */ if (ctx->protocol != GPGME_PROTOCOL_CMS && (mode & (GPGME_EXPORT_MODE_RAW|GPGME_EXPORT_MODE_PKCS12))) return gpg_error (GPG_ERR_INV_FLAG); /* Only supported for X.509. */ } if ((mode & GPGME_EXPORT_MODE_EXTERN)) { if (keydata) return gpg_error (GPG_ERR_INV_VALUE); } else { if (!keydata) return gpg_error (GPG_ERR_INV_VALUE); } err = _gpgme_op_reset (ctx, synchronous); if (err) return err; err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook, sizeof (*opd), release_op_data); opd = hook; if (err) return err; if (ctx->passphrase_cb) { err = _gpgme_engine_set_command_handler (ctx->engine, _gpgme_passphrase_command_handler, ctx); if (err) return err; } _gpgme_engine_set_status_handler (ctx->engine, export_status_handler, ctx); return _gpgme_engine_op_export (ctx->engine, pattern, mode, keydata, ctx->use_armor); } /* Export the keys listed in PATTERN into KEYDATA. */ gpgme_error_t gpgme_op_export_start (gpgme_ctx_t ctx, const char *pattern, gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; TRACE_BEG (DEBUG_CTX, "gpgme_op_export_start", ctx, "pattern=%s, mode=0x%x, keydata=%p", pattern, mode, keydata); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); err = export_start (ctx, 0, pattern, mode, keydata); return TRACE_ERR (err); } /* Export the keys listed in PATTERN into KEYDATA. */ gpgme_error_t gpgme_op_export (gpgme_ctx_t ctx, const char *pattern, gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; TRACE_BEG (DEBUG_CTX, "gpgme_op_export", ctx, "pattern=%s, mode=0x%x, keydata=%p", pattern, mode, keydata); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); err = export_start (ctx, 1, pattern, mode, keydata); if (!err) err = _gpgme_wait_one (ctx); return err; } static gpgme_error_t export_ext_start (gpgme_ctx_t ctx, int synchronous, const char *pattern[], gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; void *hook; op_data_t opd; if ((mode & ~(GPGME_EXPORT_MODE_EXTERN |GPGME_EXPORT_MODE_MINIMAL |GPGME_EXPORT_MODE_SECRET |GPGME_EXPORT_MODE_SSH |GPGME_EXPORT_MODE_RAW |GPGME_EXPORT_MODE_PKCS12))) return gpg_error (GPG_ERR_INV_VALUE); /* Invalid flags in MODE. */ if ((mode & GPGME_EXPORT_MODE_SECRET)) { if ((mode & GPGME_EXPORT_MODE_EXTERN)) return gpg_error (GPG_ERR_INV_FLAG); /* Combination not allowed. */ if ((mode & GPGME_EXPORT_MODE_RAW) && (mode & GPGME_EXPORT_MODE_PKCS12)) return gpg_error (GPG_ERR_INV_FLAG); /* Combination not allowed. */ if (ctx->protocol != GPGME_PROTOCOL_CMS && (mode & (GPGME_EXPORT_MODE_RAW|GPGME_EXPORT_MODE_PKCS12))) return gpg_error (GPG_ERR_INV_FLAG); /* Only supported for X.509. */ } if ((mode & GPGME_EXPORT_MODE_EXTERN)) { if (keydata) return gpg_error (GPG_ERR_INV_VALUE); } else { if (!keydata) return gpg_error (GPG_ERR_INV_VALUE); } err = _gpgme_op_reset (ctx, synchronous); if (err) return err; err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook, sizeof (*opd), release_op_data); opd = hook; if (err) return err; if (ctx->passphrase_cb) { err = _gpgme_engine_set_command_handler (ctx->engine, _gpgme_passphrase_command_handler, ctx); if (err) return err; } _gpgme_engine_set_status_handler (ctx->engine, export_status_handler, ctx); return _gpgme_engine_op_export_ext (ctx->engine, pattern, mode, keydata, ctx->use_armor); } /* Export the keys listed in PATTERN into KEYDATA. */ gpgme_error_t gpgme_op_export_ext_start (gpgme_ctx_t ctx, const char *pattern[], gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; TRACE_BEG (DEBUG_CTX, "gpgme_op_export_ext_start", ctx, "mode=0x%x, keydata=%p", mode, keydata); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); if (_gpgme_debug_trace () && pattern) { int i = 0; while (pattern[i]) { TRACE_LOG ("pattern[%i] = %s", i, pattern[i]); i++; } } err = export_ext_start (ctx, 0, pattern, mode, keydata); return TRACE_ERR (err); } /* Export the keys listed in PATTERN into KEYDATA. */ gpgme_error_t gpgme_op_export_ext (gpgme_ctx_t ctx, const char *pattern[], gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; TRACE_BEG (DEBUG_CTX, "gpgme_op_export_ext_start", ctx, "mode=0x%x, keydata=%p", mode, keydata); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); if (_gpgme_debug_trace () && pattern) { int i = 0; while (pattern[i]) { TRACE_LOG ("pattern[%i] = %s", i, pattern[i]); i++; } } err = export_ext_start (ctx, 1, pattern, mode, keydata); if (!err) { err = _gpgme_wait_one (ctx); if (!err) { /* For this synchronous operation we check for operational errors and return them. For asynchronous operations there is currently no way to do this - we need to add a gpgme_op_export_result function to fix that. */ void *hook; op_data_t opd; err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook, -1, NULL); opd = hook; if (!err) err = opd->err; } } return TRACE_ERR (err); } static gpgme_error_t export_keys_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t keys[], gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; int nkeys, idx; char **pattern; if (!keys) return gpg_error (GPG_ERR_INV_VALUE); /* Create a list of pattern from the keys. */ for (idx=nkeys=0; keys[idx]; idx++) if (keys[idx]->protocol == ctx->protocol) nkeys++; if (!nkeys) return gpg_error (GPG_ERR_NO_DATA); pattern = calloc (nkeys+1, sizeof *pattern); if (!pattern) return gpg_error_from_syserror (); for (idx=nkeys=0; keys[idx]; idx++) if (keys[idx]->protocol == ctx->protocol && keys[idx]->subkeys && keys[idx]->subkeys->fpr && *keys[idx]->subkeys->fpr) { pattern[nkeys] = strdup (keys[idx]->subkeys->fpr); if (!pattern[nkeys]) { err = gpg_error_from_syserror (); goto leave; } nkeys++; } /* Pass on to the regular function. */ err = export_ext_start (ctx, synchronous, (const char**)pattern, mode, keydata); leave: for (idx=0; pattern[idx]; idx++) free (pattern[idx]); free (pattern); return err; } /* Export the keys from the array KEYS into KEYDATA. Only keys of the current protocol are exported and only those which have a fingerprint set; that is keys received with some external search methods are silently skipped. */ gpgme_error_t gpgme_op_export_keys_start (gpgme_ctx_t ctx, gpgme_key_t keys[], gpgme_export_mode_t mode, gpgme_data_t keydata) { gpg_error_t err; TRACE_BEG (DEBUG_CTX, "gpgme_op_export_keys_start", ctx, "mode=0x%x, keydata=%p", mode, keydata); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); if (_gpgme_debug_trace () && keys) { int i = 0; while (keys[i]) { TRACE_LOG ("keys[%i] = %p (%s)", i, keys[i], (keys[i]->subkeys && keys[i]->subkeys->fpr) ? keys[i]->subkeys->fpr : "invalid"); i++; } } err = export_keys_start (ctx, 0, keys, mode, keydata); return TRACE_ERR (err); } gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t ctx, gpgme_key_t keys[], gpgme_export_mode_t mode, gpgme_data_t keydata) { gpgme_error_t err; TRACE_BEG (DEBUG_CTX, "gpgme_op_export_keys", ctx, "mode=0x%x, keydata=%p", mode, keydata); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); if (_gpgme_debug_trace () && keys) { int i = 0; while (keys[i]) { TRACE_LOG ("keys[%i] = %p (%s)", i, keys[i], (keys[i]->subkeys && keys[i]->subkeys->fpr) ? keys[i]->subkeys->fpr : "invalid"); i++; } } err = export_keys_start (ctx, 1, keys, mode, keydata); if (!err) { err = _gpgme_wait_one (ctx); if (!err) { /* For this synchronous operation we check for operational errors and return them. For asynchronous operations there is currently no way to do this - we need to add a gpgme_op_export_result function to fix that. */ void *hook; op_data_t opd; err = _gpgme_op_data_lookup (ctx, OPDATA_EXPORT, &hook, -1, NULL); opd = hook; if (!err) err = opd->err; } } return TRACE_ERR (err); } diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 1defa4df..9e98816d 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1,2824 +1,2828 @@ /* gpgme.h - Public interface to GnuPG Made Easy. -*- c -*- * Copyright (C) 2000 Werner Koch (dd9jn) * Copyright (C) 2001-2018 g10 Code GmbH * * This file is part of GPGME. * * GPGME is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * GPGME is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this program; if not, see . * SPDX-License-Identifier: LGPL-2.1-or-later * * Generated from gpgme.h.in for @GPGME_CONFIG_HOST@. */ #ifndef GPGME_H #define GPGME_H /* Include stdio.h for the FILE type definition. */ #include #include #include #ifdef __cplusplus extern "C" { #if 0 /*(Make Emacsen's auto-indent happy.)*/ } #endif #endif /* __cplusplus */ /* The version of this header should match the one of the library. Do * not use this symbol in your application, use gpgme_check_version * instead. The purpose of this macro is to let autoconf (using the * AM_PATH_GPGME macro) check that this header matches the installed * library. */ #define GPGME_VERSION "@PACKAGE_VERSION@" /* The version number of this header. It may be used to handle minor * API incompatibilities. */ #define GPGME_VERSION_NUMBER @VERSION_NUMBER@ /* System specific typedefs. */ @INSERT__TYPEDEFS_FOR_GPGME_H@ /* * Check for compiler features. */ #ifdef GPGRT_INLINE # define _GPGME_INLINE GPGRT_INLINE #elif defined(__GNUC__) # define _GPGME_INLINE __inline__ #elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L # define _GPGME_INLINE inline #else # define _GPGME_INLINE #endif /* The deprecated macro takes the version number of GPGME which * introduced the deprecation as parameter for documentation. */ #ifdef GPGRT_ATTR_DEPRECATED # define _GPGME_DEPRECATED(a,b) GPGRT_ATTR_DEPRECATED #elif defined(__GNUC__) # define _GPGME_GCC_VERSION (__GNUC__ * 10000 \ + __GNUC_MINOR__ * 100 \ + __GNUC_PATCHLEVEL__) # if _GPGME_GCC_VERSION > 30100 # define _GPGME_DEPRECATED(a,b) __attribute__ ((__deprecated__)) # else # define _GPGME_DEPRECATED(a,b) # endif #else # define _GPGME_DEPRECATED(a,b) #endif /* The macro _GPGME_DEPRECATED_OUTSIDE_GPGME suppresses warnings for * fields we must access in GPGME for ABI compatibility. */ #ifdef _GPGME_IN_GPGME #define _GPGME_DEPRECATED_OUTSIDE_GPGME(a,b) #else #define _GPGME_DEPRECATED_OUTSIDE_GPGME(a,b) _GPGME_DEPRECATED(a,b) #endif /* We used to use some symbols which clash with keywords in some * languages. This macro is used to obsolete them. */ #if defined(__cplusplus) || defined(SWIGPYTHON) # define _GPGME_OBSOLETE_SOME_SYMBOLS 1 #endif /* Check for a matching _FILE_OFFSET_BITS definition. */ #if @NEED__FILE_OFFSET_BITS@ #ifndef _FILE_OFFSET_BITS #error GPGME was compiled with _FILE_OFFSET_BITS = @NEED__FILE_OFFSET_BITS@, please see the section "Largefile support (LFS)" in the GPGME manual. #else #if (_FILE_OFFSET_BITS) != (@NEED__FILE_OFFSET_BITS@) #error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely @NEED__FILE_OFFSET_BITS@, please see the section "Largefile support (LFS)" in the GPGME manual. #endif #endif #endif /* * Some opaque data types used by GPGME. */ /* The context holds some global state and configuration options, as * well as the results of a crypto operation. */ struct gpgme_context; typedef struct gpgme_context *gpgme_ctx_t; /* The data object is used by GPGME to exchange arbitrary data. */ struct gpgme_data; typedef struct gpgme_data *gpgme_data_t; /* * Wrappers for the libgpg-error library. They are generally not * needed and the gpg-error versions may be used instead. */ typedef gpg_error_t gpgme_error_t; typedef gpg_err_code_t gpgme_err_code_t; typedef gpg_err_source_t gpgme_err_source_t; static _GPGME_INLINE gpgme_error_t gpgme_err_make (gpgme_err_source_t source, gpgme_err_code_t code) { return gpg_err_make (source, code); } /* The user can define GPGME_ERR_SOURCE_DEFAULT before including this * file to specify a default source for gpgme_error. */ #ifndef GPGME_ERR_SOURCE_DEFAULT #define GPGME_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1 #endif static _GPGME_INLINE gpgme_error_t gpgme_error (gpgme_err_code_t code) { return gpgme_err_make (GPGME_ERR_SOURCE_DEFAULT, code); } static _GPGME_INLINE gpgme_err_code_t gpgme_err_code (gpgme_error_t err) { return gpg_err_code (err); } static _GPGME_INLINE gpgme_err_source_t gpgme_err_source (gpgme_error_t err) { return gpg_err_source (err); } /* Return a pointer to a string containing a description of the error * code in the error value ERR. This function is not thread safe. */ const char *gpgme_strerror (gpgme_error_t err); /* Return the error string for ERR in the user-supplied buffer BUF of * size BUFLEN. This function is, in contrast to gpg_strerror, * thread-safe if a thread-safe strerror_r() function is provided by * the system. If the function succeeds, 0 is returned and BUF * contains the string describing the error. If the buffer was not * large enough, ERANGE is returned and BUF contains as much of the * beginning of the error string as fits into the buffer. */ int gpgme_strerror_r (gpg_error_t err, char *buf, size_t buflen); /* Return a pointer to a string containing a description of the error * source in the error value ERR. */ const char *gpgme_strsource (gpgme_error_t err); /* Retrieve the error code for the system error ERR. This returns * GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report * this). */ gpgme_err_code_t gpgme_err_code_from_errno (int err); /* Retrieve the system error for the error code CODE. This returns 0 * if CODE is not a system error code. */ int gpgme_err_code_to_errno (gpgme_err_code_t code); /* Retrieve the error code directly from the ERRNO variable. This * returns GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped * (report this) and GPG_ERR_MISSING_ERRNO if ERRNO has the value 0. */ gpgme_err_code_t gpgme_err_code_from_syserror (void); /* Set the ERRNO variable. This function is the preferred way to set * ERRNO due to peculiarities on WindowsCE. */ void gpgme_err_set_errno (int err); /* Return an error value with the error source SOURCE and the system * error ERR. FIXME: Should be inline. */ gpgme_error_t gpgme_err_make_from_errno (gpgme_err_source_t source, int err); /* Return an error value with the system error ERR. * inline. */ gpgme_error_t gpgme_error_from_errno (int err); static _GPGME_INLINE gpgme_error_t gpgme_error_from_syserror (void) { return gpgme_error (gpgme_err_code_from_syserror ()); } /* * Various constants and types */ /* The possible encoding mode of gpgme_data_t objects. */ typedef enum { GPGME_DATA_ENCODING_NONE = 0, /* Not specified. */ GPGME_DATA_ENCODING_BINARY = 1, GPGME_DATA_ENCODING_BASE64 = 2, GPGME_DATA_ENCODING_ARMOR = 3, /* Either PEM or OpenPGP Armor. */ GPGME_DATA_ENCODING_URL = 4, /* LF delimited URL list. */ GPGME_DATA_ENCODING_URLESC = 5, /* Ditto, but percent escaped. */ GPGME_DATA_ENCODING_URL0 = 6, /* Nul delimited URL list. */ GPGME_DATA_ENCODING_MIME = 7 /* Data is a MIME part. */ } gpgme_data_encoding_t; /* Known data types. */ typedef enum { GPGME_DATA_TYPE_INVALID = 0, /* Not detected. */ GPGME_DATA_TYPE_UNKNOWN = 1, GPGME_DATA_TYPE_PGP_SIGNED = 0x10, GPGME_DATA_TYPE_PGP_ENCRYPTED= 0x11, GPGME_DATA_TYPE_PGP_OTHER = 0x12, GPGME_DATA_TYPE_PGP_KEY = 0x13, GPGME_DATA_TYPE_PGP_SIGNATURE= 0x18, /* Detached signature */ GPGME_DATA_TYPE_CMS_SIGNED = 0x20, GPGME_DATA_TYPE_CMS_ENCRYPTED= 0x21, GPGME_DATA_TYPE_CMS_OTHER = 0x22, GPGME_DATA_TYPE_X509_CERT = 0x23, GPGME_DATA_TYPE_PKCS12 = 0x24, } gpgme_data_type_t; /* Public key algorithms. */ typedef enum { GPGME_PK_RSA = 1, GPGME_PK_RSA_E = 2, GPGME_PK_RSA_S = 3, GPGME_PK_ELG_E = 16, GPGME_PK_DSA = 17, GPGME_PK_ECC = 18, GPGME_PK_ELG = 20, GPGME_PK_ECDSA = 301, GPGME_PK_ECDH = 302, GPGME_PK_EDDSA = 303 } gpgme_pubkey_algo_t; /* Hash algorithms (the values match those from libgcrypt). */ typedef enum { GPGME_MD_NONE = 0, GPGME_MD_MD5 = 1, GPGME_MD_SHA1 = 2, GPGME_MD_RMD160 = 3, GPGME_MD_MD2 = 5, GPGME_MD_TIGER = 6, /* TIGER/192. */ GPGME_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */ GPGME_MD_SHA256 = 8, GPGME_MD_SHA384 = 9, GPGME_MD_SHA512 = 10, GPGME_MD_SHA224 = 11, GPGME_MD_MD4 = 301, GPGME_MD_CRC32 = 302, GPGME_MD_CRC32_RFC1510 = 303, GPGME_MD_CRC24_RFC2440 = 304 } gpgme_hash_algo_t; /* The available signature modes. */ typedef enum { GPGME_SIG_MODE_NORMAL = 0, GPGME_SIG_MODE_DETACH = 1, GPGME_SIG_MODE_CLEAR = 2 } gpgme_sig_mode_t; /* The available validities for a key. */ typedef enum { GPGME_VALIDITY_UNKNOWN = 0, GPGME_VALIDITY_UNDEFINED = 1, GPGME_VALIDITY_NEVER = 2, GPGME_VALIDITY_MARGINAL = 3, GPGME_VALIDITY_FULL = 4, GPGME_VALIDITY_ULTIMATE = 5 } gpgme_validity_t; /* The TOFU policies. */ typedef enum { GPGME_TOFU_POLICY_NONE = 0, GPGME_TOFU_POLICY_AUTO = 1, GPGME_TOFU_POLICY_GOOD = 2, GPGME_TOFU_POLICY_UNKNOWN = 3, GPGME_TOFU_POLICY_BAD = 4, GPGME_TOFU_POLICY_ASK = 5 } gpgme_tofu_policy_t; /* The key origin values. */ typedef enum { GPGME_KEYORG_UNKNOWN = 0, GPGME_KEYORG_KS = 1, GPGME_KEYORG_DANE = 3, GPGME_KEYORG_WKD = 4, GPGME_KEYORG_URL = 5, GPGME_KEYORG_FILE = 6, GPGME_KEYORG_SELF = 7, GPGME_KEYORG_OTHER = 31 } gpgme_keyorg_t; /* The available protocols. */ typedef enum { GPGME_PROTOCOL_OpenPGP = 0, /* The default mode. */ GPGME_PROTOCOL_CMS = 1, GPGME_PROTOCOL_GPGCONF = 2, /* Special code for gpgconf. */ GPGME_PROTOCOL_ASSUAN = 3, /* Low-level access to an Assuan server. */ GPGME_PROTOCOL_G13 = 4, GPGME_PROTOCOL_UISERVER= 5, GPGME_PROTOCOL_SPAWN = 6, /* Direct access to any program. */ GPGME_PROTOCOL_DEFAULT = 254, GPGME_PROTOCOL_UNKNOWN = 255 } gpgme_protocol_t; /* Convenience macro for the surprisingly mixed spelling. */ #define GPGME_PROTOCOL_OPENPGP GPGME_PROTOCOL_OpenPGP /* The available keylist mode flags. */ #define GPGME_KEYLIST_MODE_LOCAL 1 #define GPGME_KEYLIST_MODE_EXTERN 2 #define GPGME_KEYLIST_MODE_SIGS 4 #define GPGME_KEYLIST_MODE_SIG_NOTATIONS 8 #define GPGME_KEYLIST_MODE_WITH_SECRET 16 #define GPGME_KEYLIST_MODE_WITH_TOFU 32 #define GPGME_KEYLIST_MODE_WITH_KEYGRIP 64 #define GPGME_KEYLIST_MODE_EPHEMERAL 128 #define GPGME_KEYLIST_MODE_VALIDATE 256 #define GPGME_KEYLIST_MODE_LOCATE (1|2) typedef unsigned int gpgme_keylist_mode_t; /* The pinentry modes. */ typedef enum { GPGME_PINENTRY_MODE_DEFAULT = 0, GPGME_PINENTRY_MODE_ASK = 1, GPGME_PINENTRY_MODE_CANCEL = 2, GPGME_PINENTRY_MODE_ERROR = 3, GPGME_PINENTRY_MODE_LOOPBACK = 4 } gpgme_pinentry_mode_t; /* The available export mode flags. */ #define GPGME_EXPORT_MODE_EXTERN 2 #define GPGME_EXPORT_MODE_MINIMAL 4 #define GPGME_EXPORT_MODE_SECRET 16 #define GPGME_EXPORT_MODE_RAW 32 #define GPGME_EXPORT_MODE_PKCS12 64 -#define GPGME_EXPORT_MODE_NOUID 128 /* Experimental(!)*/ #define GPGME_EXPORT_MODE_SSH 256 typedef unsigned int gpgme_export_mode_t; /* Flags for the audit log functions. */ #define GPGME_AUDITLOG_DEFAULT 0 #define GPGME_AUDITLOG_HTML 1 #define GPGME_AUDITLOG_DIAG 2 #define GPGME_AUDITLOG_WITH_HELP 128 /* The available signature notation flags. */ #define GPGME_SIG_NOTATION_HUMAN_READABLE 1 #define GPGME_SIG_NOTATION_CRITICAL 2 typedef unsigned int gpgme_sig_notation_flags_t; /* An object to hold information about notation data. This structure * shall be considered read-only and an application must not allocate * such a structure on its own. */ struct _gpgme_sig_notation { struct _gpgme_sig_notation *next; /* If NAME is a null pointer, then VALUE contains a policy URL * rather than a notation. */ char *name; /* The value of the notation data. */ char *value; /* The length of the name of the notation data. */ int name_len; /* The length of the value of the notation data. */ int value_len; /* The accumulated flags. */ gpgme_sig_notation_flags_t flags; /* Notation data is human-readable. */ unsigned int human_readable : 1; /* Notation data is critical. */ unsigned int critical : 1; /* Internal to GPGME, do not use. */ int _unused : 30; }; typedef struct _gpgme_sig_notation *gpgme_sig_notation_t; /* * Public structures. */ /* The engine information structure. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_engine_info { struct _gpgme_engine_info *next; /* The protocol ID. */ gpgme_protocol_t protocol; /* The file name of the engine binary. */ char *file_name; /* The version string of the installed engine. */ char *version; /* The minimum version required for GPGME. */ const char *req_version; /* The home directory used, or NULL if default. */ char *home_dir; }; typedef struct _gpgme_engine_info *gpgme_engine_info_t; /* An object with TOFU information. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_tofu_info { struct _gpgme_tofu_info *next; /* The TOFU validity: * 0 := conflict * 1 := key without history * 2 := key with too little history * 3 := key with enough history for basic trust * 4 := key with a lot of history */ unsigned int validity : 3; /* The TOFU policy (gpgme_tofu_policy_t). */ unsigned int policy : 4; unsigned int _rfu : 25; /* Number of signatures seen for this binding. Capped at USHRT_MAX. */ unsigned short signcount; /* Number of encryptions done with this binding. Capped at USHRT_MAX. */ unsigned short encrcount; /* Number of seconds since Epoch when the first and the most * recently seen message were verified/decrypted. 0 means unknown. */ unsigned long signfirst; unsigned long signlast; unsigned long encrfirst; unsigned long encrlast; /* If non-NULL a human readable string summarizing the TOFU data. */ char *description; }; typedef struct _gpgme_tofu_info *gpgme_tofu_info_t; /* A subkey from a key. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_subkey { struct _gpgme_subkey *next; /* True if subkey is revoked. */ unsigned int revoked : 1; /* True if subkey is expired. */ unsigned int expired : 1; /* True if subkey is disabled. */ unsigned int disabled : 1; /* True if subkey is invalid. */ unsigned int invalid : 1; /* True if subkey can be used for encryption. */ unsigned int can_encrypt : 1; /* True if subkey can be used for signing. */ unsigned int can_sign : 1; /* True if subkey can be used for certification. */ unsigned int can_certify : 1; /* True if subkey is secret. */ unsigned int secret : 1; /* True if subkey can be used for authentication. */ unsigned int can_authenticate : 1; /* True if subkey is qualified for signatures according to German law. */ unsigned int is_qualified : 1; /* True if the secret key is stored on a smart card. */ unsigned int is_cardkey : 1; /* True if the key is compliant to the de-vs mode. */ unsigned int is_de_vs : 1; /* Internal to GPGME, do not use. */ unsigned int _unused : 20; /* Public key algorithm supported by this subkey. */ gpgme_pubkey_algo_t pubkey_algo; /* Length of the subkey. */ unsigned int length; /* The key ID of the subkey. */ char *keyid; /* Internal to GPGME, do not use. */ char _keyid[16 + 1]; /* The fingerprint of the subkey in hex digit form. */ char *fpr; /* The creation timestamp, -1 if invalid, 0 if not available. */ long int timestamp; /* The expiration timestamp, 0 if the subkey does not expire. */ long int expires; /* The serial number of a smart card holding this key or NULL. */ char *card_number; /* The name of the curve for ECC algorithms or NULL. */ char *curve; /* The keygrip of the subkey in hex digit form or NULL if not available. */ char *keygrip; }; typedef struct _gpgme_subkey *gpgme_subkey_t; /* A signature on a user ID. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_key_sig { struct _gpgme_key_sig *next; /* True if the signature is a revocation signature. */ unsigned int revoked : 1; /* True if the signature is expired. */ unsigned int expired : 1; /* True if the signature is invalid. */ unsigned int invalid : 1; /* True if the signature should be exported. */ unsigned int exportable : 1; /* Internal to GPGME, do not use. */ unsigned int _unused : 28; /* The public key algorithm used to create the signature. */ gpgme_pubkey_algo_t pubkey_algo; /* The key ID of key used to create the signature. */ char *keyid; /* Internal to GPGME, do not use. */ char _keyid[16 + 1]; /* The creation timestamp, -1 if invalid, 0 if not available. */ long int timestamp; /* The expiration timestamp, 0 if the subkey does not expire. */ long int expires; /* Same as in gpgme_signature_t. */ gpgme_error_t status; /* Deprecated; use SIG_CLASS instead. */ #ifdef _GPGME_OBSOLETE_SOME_SYMBOLS unsigned int _obsolete_class _GPGME_DEPRECATED(0,4); #else unsigned int class _GPGME_DEPRECATED_OUTSIDE_GPGME(0,4); #endif /* The user ID string. */ char *uid; /* The name part of the user ID. */ char *name; /* The email part of the user ID. */ char *email; /* The comment part of the user ID. */ char *comment; /* Crypto backend specific signature class. */ unsigned int sig_class; /* Notation data and policy URLs. */ gpgme_sig_notation_t notations; /* Internal to GPGME, do not use. */ gpgme_sig_notation_t _last_notation; }; typedef struct _gpgme_key_sig *gpgme_key_sig_t; /* An user ID from a key. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_user_id { struct _gpgme_user_id *next; /* True if the user ID is revoked. */ unsigned int revoked : 1; /* True if the user ID is invalid. */ unsigned int invalid : 1; /* Internal to GPGME, do not use. */ unsigned int _unused : 25; /* Origin of this user ID. */ unsigned int origin : 5; /* The validity of the user ID. */ gpgme_validity_t validity; /* The user ID string. */ char *uid; /* The name part of the user ID. */ char *name; /* The email part of the user ID. */ char *email; /* The comment part of the user ID. */ char *comment; /* The signatures of the user ID. */ gpgme_key_sig_t signatures; /* Internal to GPGME, do not use. */ gpgme_key_sig_t _last_keysig; /* The mail address (addr-spec from RFC5322) of the UID string. * This is general the same as the EMAIL part of this struct but * might be slightly different. If no mail address is available * NULL is stored. */ char *address; /* The malloced TOFU information or NULL. */ gpgme_tofu_info_t tofu; /* Time of the last refresh of this user id. 0 if unknown. */ unsigned long last_update; /* The string to exactly identify a userid. Might be NULL. */ char *uidhash; }; typedef struct _gpgme_user_id *gpgme_user_id_t; /* A key from the keyring. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_key { /* Internal to GPGME, do not use. */ unsigned int _refs; /* True if key is revoked. */ unsigned int revoked : 1; /* True if key is expired. */ unsigned int expired : 1; /* True if key is disabled. */ unsigned int disabled : 1; /* True if key is invalid. */ unsigned int invalid : 1; /* True if key can be used for encryption. */ unsigned int can_encrypt : 1; /* True if key can be used for signing. */ unsigned int can_sign : 1; /* True if key can be used for certification. */ unsigned int can_certify : 1; /* True if key is secret. */ unsigned int secret : 1; /* True if key can be used for authentication. */ unsigned int can_authenticate : 1; /* True if subkey is qualified for signatures according to German law. */ unsigned int is_qualified : 1; /* Internal to GPGME, do not use. */ unsigned int _unused : 17; /* Origin of this key. */ unsigned int origin : 5; /* This is the protocol supported by this key. */ gpgme_protocol_t protocol; /* If protocol is GPGME_PROTOCOL_CMS, this string contains the issuer serial. */ char *issuer_serial; /* If protocol is GPGME_PROTOCOL_CMS, this string contains the issuer name. */ char *issuer_name; /* If protocol is GPGME_PROTOCOL_CMS, this string contains the chain ID. */ char *chain_id; /* If protocol is GPGME_PROTOCOL_OpenPGP, this field contains the owner trust. */ gpgme_validity_t owner_trust; /* The subkeys of the key. */ gpgme_subkey_t subkeys; /* The user IDs of the key. */ gpgme_user_id_t uids; /* Internal to GPGME, do not use. */ gpgme_subkey_t _last_subkey; /* Internal to GPGME, do not use. */ gpgme_user_id_t _last_uid; /* The keylist mode that was active when listing the key. */ gpgme_keylist_mode_t keylist_mode; /* This field gives the fingerprint of the primary key. Note that * this is a copy of the FPR of the first subkey. We need it here * to allow for an incomplete key object. */ char *fpr; /* Time of the last refresh of the entire key. 0 if unknown. */ unsigned long last_update; }; typedef struct _gpgme_key *gpgme_key_t; /* An invalid key object. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_invalid_key { struct _gpgme_invalid_key *next; /* The string used to request the key. Despite the name this may * not be a fingerprint. */ char *fpr; /* The error code. */ gpgme_error_t reason; }; typedef struct _gpgme_invalid_key *gpgme_invalid_key_t; /* * Types for callback functions. */ /* Request a passphrase from the user. */ typedef gpgme_error_t (*gpgme_passphrase_cb_t) (void *hook, const char *uid_hint, const char *passphrase_info, int prev_was_bad, int fd); /* Inform the user about progress made. */ typedef void (*gpgme_progress_cb_t) (void *opaque, const char *what, int type, int current, int total); /* Status messages from gpg. */ typedef gpgme_error_t (*gpgme_status_cb_t) (void *opaque, const char *keyword, const char *args); /* Interact with the user about an edit operation. */ typedef gpgme_error_t (*gpgme_interact_cb_t) (void *opaque, const char *keyword, const char *args, int fd); /* * Context management functions. */ /* Create a new context and return it in CTX. */ gpgme_error_t gpgme_new (gpgme_ctx_t *ctx); /* Release the context CTX. */ void gpgme_release (gpgme_ctx_t ctx); /* Set the flag NAME for CTX to VALUE. */ gpgme_error_t gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value); /* Get the value of the flag NAME from CTX. */ const char *gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name); /* Set the protocol to be used by CTX to PROTO. */ gpgme_error_t gpgme_set_protocol (gpgme_ctx_t ctx, gpgme_protocol_t proto); /* Get the protocol used with CTX */ gpgme_protocol_t gpgme_get_protocol (gpgme_ctx_t ctx); /* Set the crypto protocol to be used by CTX to PROTO. * gpgme_set_protocol actually sets the backend engine. This sets the * crypto protocol used in engines that support more than one crypto * prococol (for example, an UISERVER can support OpenPGP and CMS). * This is reset to the default with gpgme_set_protocol. */ gpgme_error_t gpgme_set_sub_protocol (gpgme_ctx_t ctx, gpgme_protocol_t proto); /* Get the sub protocol. */ gpgme_protocol_t gpgme_get_sub_protocol (gpgme_ctx_t ctx); /* Get the string describing protocol PROTO, or NULL if invalid. */ const char *gpgme_get_protocol_name (gpgme_protocol_t proto); /* If YES is non-zero, enable armor mode in CTX, disable it otherwise. */ void gpgme_set_armor (gpgme_ctx_t ctx, int yes); /* Return non-zero if armor mode is set in CTX. */ int gpgme_get_armor (gpgme_ctx_t ctx); /* If YES is non-zero, enable text mode in CTX, disable it otherwise. */ void gpgme_set_textmode (gpgme_ctx_t ctx, int yes); /* Return non-zero if text mode is set in CTX. */ int gpgme_get_textmode (gpgme_ctx_t ctx); /* If YES is non-zero, enable offline mode in CTX, disable it otherwise. */ void gpgme_set_offline (gpgme_ctx_t ctx, int yes); /* Return non-zero if offline mode is set in CTX. */ int gpgme_get_offline (gpgme_ctx_t ctx); /* Use whatever the default of the backend crypto engine is. */ #define GPGME_INCLUDE_CERTS_DEFAULT -256 /* Include up to NR_OF_CERTS certificates in an S/MIME message. */ void gpgme_set_include_certs (gpgme_ctx_t ctx, int nr_of_certs); /* Return the number of certs to include in an S/MIME message. */ int gpgme_get_include_certs (gpgme_ctx_t ctx); /* Set keylist mode in CTX to MODE. */ gpgme_error_t gpgme_set_keylist_mode (gpgme_ctx_t ctx, gpgme_keylist_mode_t mode); /* Get keylist mode in CTX. */ gpgme_keylist_mode_t gpgme_get_keylist_mode (gpgme_ctx_t ctx); /* Set the pinentry mode for CTX to MODE. */ gpgme_error_t gpgme_set_pinentry_mode (gpgme_ctx_t ctx, gpgme_pinentry_mode_t mode); /* Get the pinentry mode of CTX. */ gpgme_pinentry_mode_t gpgme_get_pinentry_mode (gpgme_ctx_t ctx); /* Set the passphrase callback function in CTX to CB. HOOK_VALUE is * passed as first argument to the passphrase callback function. */ void gpgme_set_passphrase_cb (gpgme_ctx_t ctx, gpgme_passphrase_cb_t cb, void *hook_value); /* Get the current passphrase callback function in *CB and the current * hook value in *HOOK_VALUE. */ void gpgme_get_passphrase_cb (gpgme_ctx_t ctx, gpgme_passphrase_cb_t *cb, void **hook_value); /* Set the progress callback function in CTX to CB. HOOK_VALUE is * passed as first argument to the progress callback function. */ void gpgme_set_progress_cb (gpgme_ctx_t c, gpgme_progress_cb_t cb, void *hook_value); /* Get the current progress callback function in *CB and the current * hook value in *HOOK_VALUE. */ void gpgme_get_progress_cb (gpgme_ctx_t ctx, gpgme_progress_cb_t *cb, void **hook_value); /* Set the status callback function in CTX to CB. HOOK_VALUE is * passed as first argument to the status callback function. */ void gpgme_set_status_cb (gpgme_ctx_t c, gpgme_status_cb_t cb, void *hook_value); /* Get the current status callback function in *CB and the current * hook value in *HOOK_VALUE. */ void gpgme_get_status_cb (gpgme_ctx_t ctx, gpgme_status_cb_t *cb, void **hook_value); /* This function sets the locale for the context CTX, or the default * locale if CTX is a null pointer. */ gpgme_error_t gpgme_set_locale (gpgme_ctx_t ctx, int category, const char *value); /* Get the information about the configured engines. A pointer to the * first engine in the statically allocated linked list is returned. * The returned data is valid until the next gpgme_ctx_set_engine_info. */ gpgme_engine_info_t gpgme_ctx_get_engine_info (gpgme_ctx_t ctx); /* Set the engine info for the context CTX, protocol PROTO, to the * file name FILE_NAME and the home directory HOME_DIR. */ gpgme_error_t gpgme_ctx_set_engine_info (gpgme_ctx_t ctx, gpgme_protocol_t proto, const char *file_name, const char *home_dir); /* Delete all signers from CTX. */ void gpgme_signers_clear (gpgme_ctx_t ctx); /* Add KEY to list of signers in CTX. */ gpgme_error_t gpgme_signers_add (gpgme_ctx_t ctx, const gpgme_key_t key); /* Return the number of signers in CTX. */ unsigned int gpgme_signers_count (const gpgme_ctx_t ctx); /* Return the SEQth signer's key in CTX. */ gpgme_key_t gpgme_signers_enum (const gpgme_ctx_t ctx, int seq); /* Clear all notation data from the context. */ void gpgme_sig_notation_clear (gpgme_ctx_t ctx); /* Add the human-readable notation data with name NAME and value VALUE * to the context CTX, using the flags FLAGS. If NAME is NULL, then * VALUE should be a policy URL. The flag * GPGME_SIG_NOTATION_HUMAN_READABLE is forced to be true for notation * data, and false for policy URLs. */ gpgme_error_t gpgme_sig_notation_add (gpgme_ctx_t ctx, const char *name, const char *value, gpgme_sig_notation_flags_t flags); /* Get the sig notations for this context. */ gpgme_sig_notation_t gpgme_sig_notation_get (gpgme_ctx_t ctx); /* Store a sender address in the context. */ gpgme_error_t gpgme_set_sender (gpgme_ctx_t ctx, const char *address); /* Get the sender address from the context. */ const char *gpgme_get_sender (gpgme_ctx_t ctx); /* * Run control. */ /* The type of an I/O callback function. */ typedef gpgme_error_t (*gpgme_io_cb_t) (void *data, int fd); /* The type of a function that can register FNC as the I/O callback * function for the file descriptor FD with direction dir (0: for writing, * 1: for reading). FNC_DATA should be passed as DATA to FNC. The * function should return a TAG suitable for the corresponding * gpgme_remove_io_cb_t, and an error value. */ typedef gpgme_error_t (*gpgme_register_io_cb_t) (void *data, int fd, int dir, gpgme_io_cb_t fnc, void *fnc_data, void **tag); /* The type of a function that can remove a previously registered I/O * callback function given TAG as returned by the register * function. */ typedef void (*gpgme_remove_io_cb_t) (void *tag); typedef enum { GPGME_EVENT_START, GPGME_EVENT_DONE, GPGME_EVENT_NEXT_KEY, GPGME_EVENT_NEXT_TRUSTITEM /* NOT USED. */ } gpgme_event_io_t; struct gpgme_io_event_done_data { /* A fatal IPC error or an operational error in state-less * protocols. */ gpgme_error_t err; /* An operational errors in session-based protocols. */ gpgme_error_t op_err; }; typedef struct gpgme_io_event_done_data *gpgme_io_event_done_data_t; /* The type of a function that is called when a context finished an * operation. */ typedef void (*gpgme_event_io_cb_t) (void *data, gpgme_event_io_t type, void *type_data); struct gpgme_io_cbs { gpgme_register_io_cb_t add; void *add_priv; gpgme_remove_io_cb_t remove; gpgme_event_io_cb_t event; void *event_priv; }; typedef struct gpgme_io_cbs *gpgme_io_cbs_t; /* Set the I/O callback functions in CTX to IO_CBS. */ void gpgme_set_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs); /* Get the current I/O callback functions. */ void gpgme_get_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs); /* Wrappers around the internal I/O functions for use with * gpgme_passphrase_cb_t and gpgme_interact_cb_t. */ @API__SSIZE_T@ gpgme_io_read (int fd, void *buffer, size_t count); @API__SSIZE_T@ gpgme_io_write (int fd, const void *buffer, size_t count); int gpgme_io_writen (int fd, const void *buffer, size_t count); /* Process the pending operation and, if HANG is non-zero, wait for * the pending operation to finish. */ gpgme_ctx_t gpgme_wait (gpgme_ctx_t ctx, gpgme_error_t *status, int hang); gpgme_ctx_t gpgme_wait_ext (gpgme_ctx_t ctx, gpgme_error_t *status, gpgme_error_t *op_err, int hang); /* Cancel a pending asynchronous operation. */ gpgme_error_t gpgme_cancel (gpgme_ctx_t ctx); /* Cancel a pending operation asynchronously. */ gpgme_error_t gpgme_cancel_async (gpgme_ctx_t ctx); /* * Functions to handle data objects. */ /* Read up to SIZE bytes into buffer BUFFER from the data object with * the handle HANDLE. Return the number of characters read, 0 on EOF * and -1 on error. If an error occurs, errno is set. */ typedef @API__SSIZE_T@ (*gpgme_data_read_cb_t) (void *handle, void *buffer, size_t size); /* Write up to SIZE bytes from buffer BUFFER to the data object with * the handle HANDLE. Return the number of characters written, or -1 * on error. If an error occurs, errno is set. */ typedef @API__SSIZE_T@ (*gpgme_data_write_cb_t) (void *handle, const void *buffer, size_t size); /* Set the current position from where the next read or write starts * in the data object with the handle HANDLE to OFFSET, relativ to * WHENCE. Returns the new offset in bytes from the beginning of the * data object. */ typedef @API__OFF_T@ (*gpgme_data_seek_cb_t) (void *handle, @API__OFF_T@ offset, int whence); /* Close the data object with the handle HANDLE. */ typedef void (*gpgme_data_release_cb_t) (void *handle); struct gpgme_data_cbs { gpgme_data_read_cb_t read; gpgme_data_write_cb_t write; gpgme_data_seek_cb_t seek; gpgme_data_release_cb_t release; }; typedef struct gpgme_data_cbs *gpgme_data_cbs_t; /* Read up to SIZE bytes into buffer BUFFER from the data object with * the handle DH. Return the number of characters read, 0 on EOF and * -1 on error. If an error occurs, errno is set. */ @API__SSIZE_T@ gpgme_data_read (gpgme_data_t dh, void *buffer, size_t size); /* Write up to SIZE bytes from buffer BUFFER to the data object with * the handle DH. Return the number of characters written, or -1 on * error. If an error occurs, errno is set. */ @API__SSIZE_T@ gpgme_data_write (gpgme_data_t dh, const void *buffer, size_t size); /* Set the current position from where the next read or write starts * in the data object with the handle DH to OFFSET, relativ to WHENCE. * Returns the new offset in bytes from the beginning of the data * object. */ @API__OFF_T@ gpgme_data_seek (gpgme_data_t dh, @API__OFF_T@ offset, int whence); /* Create a new data buffer and return it in R_DH. */ gpgme_error_t gpgme_data_new (gpgme_data_t *r_dh); /* Destroy the data buffer DH. */ void gpgme_data_release (gpgme_data_t dh); /* Create a new data buffer filled with SIZE bytes starting from * BUFFER. If COPY is zero, copying is delayed until necessary, and * the data is taken from the original location when needed. */ gpgme_error_t gpgme_data_new_from_mem (gpgme_data_t *r_dh, const char *buffer, size_t size, int copy); /* Destroy the data buffer DH and return a pointer to its content. * The memory has be to released with gpgme_free() by the user. It's * size is returned in R_LEN. */ char *gpgme_data_release_and_get_mem (gpgme_data_t dh, size_t *r_len); /* Release the memory returned by gpgme_data_release_and_get_mem() and * some other functions. */ void gpgme_free (void *buffer); gpgme_error_t gpgme_data_new_from_cbs (gpgme_data_t *dh, gpgme_data_cbs_t cbs, void *handle); gpgme_error_t gpgme_data_new_from_fd (gpgme_data_t *dh, int fd); gpgme_error_t gpgme_data_new_from_stream (gpgme_data_t *dh, FILE *stream); gpgme_error_t gpgme_data_new_from_estream (gpgme_data_t *r_dh, gpgrt_stream_t stream); /* Return the encoding attribute of the data buffer DH */ gpgme_data_encoding_t gpgme_data_get_encoding (gpgme_data_t dh); /* Set the encoding attribute of data buffer DH to ENC */ gpgme_error_t gpgme_data_set_encoding (gpgme_data_t dh, gpgme_data_encoding_t enc); /* Get the file name associated with the data object with handle DH, or * NULL if there is none. */ char *gpgme_data_get_file_name (gpgme_data_t dh); /* Set the file name associated with the data object with handle DH to * FILE_NAME. */ gpgme_error_t gpgme_data_set_file_name (gpgme_data_t dh, const char *file_name); /* Set a flag for the data object DH. See the manual for details. */ gpg_error_t gpgme_data_set_flag (gpgme_data_t dh, const char *name, const char *value); /* Try to identify the type of the data in DH. */ gpgme_data_type_t gpgme_data_identify (gpgme_data_t dh, int reserved); /* Create a new data buffer filled with the content of file FNAME. * COPY must be non-zero. For delayed read, please use * gpgme_data_new_from_fd or gpgme_data_new_from_stream instead. */ gpgme_error_t gpgme_data_new_from_file (gpgme_data_t *r_dh, const char *fname, int copy); /* Create a new data buffer filled with LENGTH bytes starting from * OFFSET within the file FNAME or stream FP (exactly one must be * non-zero). */ gpgme_error_t gpgme_data_new_from_filepart (gpgme_data_t *r_dh, const char *fname, FILE *fp, @API__OFF_T@ offset, size_t length); /* Convenience function to do a gpgme_data_seek (dh, 0, SEEK_SET). */ gpgme_error_t gpgme_data_rewind (gpgme_data_t dh); /* * Key and trust functions. */ /* Get the key with the fingerprint FPR from the crypto backend. If * SECRET is true, get the secret key. */ gpgme_error_t gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key, int secret); /* Create a dummy key to specify an email address. */ gpgme_error_t gpgme_key_from_uid (gpgme_key_t *key, const char *name); /* Acquire a reference to KEY. */ void gpgme_key_ref (gpgme_key_t key); /* Release a reference to KEY. If this was the last one the key is * destroyed. */ void gpgme_key_unref (gpgme_key_t key); void gpgme_key_release (gpgme_key_t key); /* * Encryption. */ /* An object to return results from an encryption operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_encrypt_result { /* The list of invalid recipients. */ gpgme_invalid_key_t invalid_recipients; }; typedef struct _gpgme_op_encrypt_result *gpgme_encrypt_result_t; /* Retrieve a pointer to the result of the encrypt operation. */ gpgme_encrypt_result_t gpgme_op_encrypt_result (gpgme_ctx_t ctx); /* The valid encryption flags. */ typedef enum { GPGME_ENCRYPT_ALWAYS_TRUST = 1, GPGME_ENCRYPT_NO_ENCRYPT_TO = 2, GPGME_ENCRYPT_PREPARE = 4, GPGME_ENCRYPT_EXPECT_SIGN = 8, GPGME_ENCRYPT_NO_COMPRESS = 16, GPGME_ENCRYPT_SYMMETRIC = 32, GPGME_ENCRYPT_THROW_KEYIDS = 64, GPGME_ENCRYPT_WRAP = 128, GPGME_ENCRYPT_WANT_ADDRESS = 256 } gpgme_encrypt_flags_t; /* Encrypt plaintext PLAIN within CTX for the recipients RECP and * store the resulting ciphertext in CIPHER. */ gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt_ext_start (gpgme_ctx_t ctx, gpgme_key_t recp[], const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); /* Encrypt plaintext PLAIN within CTX for the recipients RECP and * store the resulting ciphertext in CIPHER. Also sign the ciphertext * with the signers in CTX. */ gpgme_error_t gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt_sign_ext_start (gpgme_ctx_t ctx, gpgme_key_t recp[], const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt_sign_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher); /* * Decryption. */ /* An object to hold information about a recipient. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_recipient { struct _gpgme_recipient *next; /* The key ID of key for which the text was encrypted. */ char *keyid; /* Internal to GPGME, do not use. */ char _keyid[16 + 1]; /* The public key algorithm of the recipient key. */ gpgme_pubkey_algo_t pubkey_algo; /* The status of the recipient. */ gpgme_error_t status; }; typedef struct _gpgme_recipient *gpgme_recipient_t; /* An object to return results from a decryption operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_decrypt_result { char *unsupported_algorithm; /* Key should not have been used for encryption. */ unsigned int wrong_key_usage : 1; /* True if the message was encrypted in compliance to the de-vs * mode. */ unsigned int is_de_vs : 1; /* The message claims that the content is a MIME object. */ unsigned int is_mime : 1; /* The message was made by a legacy algorithm without any integrity * protection. This might be an old but legitimate message. */ unsigned int legacy_cipher_nomdc : 1; /* Internal to GPGME, do not use. */ int _unused : 28; gpgme_recipient_t recipients; /* The original file name of the plaintext message, if * available. */ char *file_name; /* A textual representation of the session key used to decrypt the * message, if available */ char *session_key; /* A string with the symmetric encryption algorithm and mode using * the format ".". */ char *symkey_algo; }; typedef struct _gpgme_op_decrypt_result *gpgme_decrypt_result_t; /* Retrieve a pointer to the result of the decrypt operation. */ gpgme_decrypt_result_t gpgme_op_decrypt_result (gpgme_ctx_t ctx); /* The valid decryption flags. */ typedef enum { GPGME_DECRYPT_VERIFY = 1, GPGME_DECRYPT_UNWRAP = 128 } gpgme_decrypt_flags_t; /* Decrypt ciphertext CIPHER within CTX and store the resulting * plaintext in PLAIN. */ gpgme_error_t gpgme_op_decrypt_start (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); gpgme_error_t gpgme_op_decrypt (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); /* Decrypt ciphertext CIPHER and make a signature verification within * CTX and store the resulting plaintext in PLAIN. */ gpgme_error_t gpgme_op_decrypt_verify_start (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); gpgme_error_t gpgme_op_decrypt_verify (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); /* Decrypt ciphertext CIPHER within CTX and store the resulting * plaintext in PLAIN. With the flag GPGME_DECRYPT_VERIFY also do a * signature verification pn the plaintext. */ gpgme_error_t gpgme_op_decrypt_ext_start (gpgme_ctx_t ctx, gpgme_decrypt_flags_t flags, gpgme_data_t cipher, gpgme_data_t plain); gpgme_error_t gpgme_op_decrypt_ext (gpgme_ctx_t ctx, gpgme_decrypt_flags_t flags, gpgme_data_t cipher, gpgme_data_t plain); /* * Signing. */ /* An object with signatures data. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_new_signature { struct _gpgme_new_signature *next; /* The type of the signature. */ gpgme_sig_mode_t type; /* The public key algorithm used to create the signature. */ gpgme_pubkey_algo_t pubkey_algo; /* The hash algorithm used to create the signature. */ gpgme_hash_algo_t hash_algo; /* Internal to GPGME, do not use. Must be set to the same value as * CLASS below. */ unsigned long _obsolete_class; /* Signature creation time. */ long int timestamp; /* The fingerprint of the signature. */ char *fpr; /* Deprecated; use SIG_CLASS instead. */ #ifdef _GPGME_OBSOLETE_SOME_SYMBOLS unsigned int _obsolete_class_2; #else unsigned int class _GPGME_DEPRECATED_OUTSIDE_GPGME(0,4); #endif /* Crypto backend specific signature class. */ unsigned int sig_class; }; typedef struct _gpgme_new_signature *gpgme_new_signature_t; /* An object to return results from a signing operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_sign_result { /* The list of invalid signers. */ gpgme_invalid_key_t invalid_signers; gpgme_new_signature_t signatures; }; typedef struct _gpgme_op_sign_result *gpgme_sign_result_t; /* Retrieve a pointer to the result of the signing operation. */ gpgme_sign_result_t gpgme_op_sign_result (gpgme_ctx_t ctx); /* Sign the plaintext PLAIN and store the signature in SIG. */ gpgme_error_t gpgme_op_sign_start (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig, gpgme_sig_mode_t mode); gpgme_error_t gpgme_op_sign (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig, gpgme_sig_mode_t mode); /* * Verify. */ /* Flags used for the SUMMARY field in a gpgme_signature_t. */ typedef enum { GPGME_SIGSUM_VALID = 0x0001, /* The signature is fully valid. */ GPGME_SIGSUM_GREEN = 0x0002, /* The signature is good. */ GPGME_SIGSUM_RED = 0x0004, /* The signature is bad. */ GPGME_SIGSUM_KEY_REVOKED = 0x0010, /* One key has been revoked. */ GPGME_SIGSUM_KEY_EXPIRED = 0x0020, /* One key has expired. */ GPGME_SIGSUM_SIG_EXPIRED = 0x0040, /* The signature has expired. */ GPGME_SIGSUM_KEY_MISSING = 0x0080, /* Can't verify: key missing. */ GPGME_SIGSUM_CRL_MISSING = 0x0100, /* CRL not available. */ GPGME_SIGSUM_CRL_TOO_OLD = 0x0200, /* Available CRL is too old. */ GPGME_SIGSUM_BAD_POLICY = 0x0400, /* A policy was not met. */ GPGME_SIGSUM_SYS_ERROR = 0x0800, /* A system error occurred. */ GPGME_SIGSUM_TOFU_CONFLICT=0x1000 /* Tofu conflict detected. */ } gpgme_sigsum_t; /* An object to hold the verification status of a signature. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_signature { struct _gpgme_signature *next; /* A summary of the signature status. */ gpgme_sigsum_t summary; /* The fingerprint of the signature. This can be a subkey. */ char *fpr; /* The status of the signature. */ gpgme_error_t status; /* Notation data and policy URLs. */ gpgme_sig_notation_t notations; /* Signature creation time. */ unsigned long timestamp; /* Signature expiration time or 0. */ unsigned long exp_timestamp; /* Key should not have been used for signing. */ unsigned int wrong_key_usage : 1; /* PKA status: 0 = not available, 1 = bad, 2 = okay, 3 = RFU. */ unsigned int pka_trust : 2; /* Validity has been verified using the chain model. */ unsigned int chain_model : 1; /* True if the signature is in compliance to the de-vs mode. */ unsigned int is_de_vs : 1; /* Internal to GPGME, do not use. */ int _unused : 27; gpgme_validity_t validity; gpgme_error_t validity_reason; /* The public key algorithm used to create the signature. */ gpgme_pubkey_algo_t pubkey_algo; /* The hash algorithm used to create the signature. */ gpgme_hash_algo_t hash_algo; /* The mailbox from the PKA information or NULL. */ char *pka_address; /* If non-NULL, a possible incomplete key object with the data * available for the signature. */ gpgme_key_t key; }; typedef struct _gpgme_signature *gpgme_signature_t; /* An object to return the results of a verify operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_verify_result { gpgme_signature_t signatures; /* The original file name of the plaintext message, if available. * Warning: This information is not covered by the signature. */ char *file_name; /* The message claims that the content is a MIME object. */ /* Warning: This flag is not covered by the signature. */ unsigned int is_mime : 1; /* Internal to GPGME; do not use. */ unsigned int _unused : 31; }; typedef struct _gpgme_op_verify_result *gpgme_verify_result_t; /* Retrieve a pointer to the result of the verify operation. */ gpgme_verify_result_t gpgme_op_verify_result (gpgme_ctx_t ctx); /* Verify within CTX that SIG is a valid signature for TEXT. */ gpgme_error_t gpgme_op_verify_start (gpgme_ctx_t ctx, gpgme_data_t sig, gpgme_data_t signed_text, gpgme_data_t plaintext); gpgme_error_t gpgme_op_verify (gpgme_ctx_t ctx, gpgme_data_t sig, gpgme_data_t signed_text, gpgme_data_t plaintext); /* * Import/Export */ #define GPGME_IMPORT_NEW 1 /* The key was new. */ #define GPGME_IMPORT_UID 2 /* The key contained new user IDs. */ #define GPGME_IMPORT_SIG 4 /* The key contained new signatures. */ #define GPGME_IMPORT_SUBKEY 8 /* The key contained new sub keys. */ #define GPGME_IMPORT_SECRET 16 /* The key contained a secret key. */ /* An object to hold results for one imported key. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_import_status { struct _gpgme_import_status *next; /* Fingerprint. */ char *fpr; /* If a problem occurred, the reason why the key could not be imported. Otherwise GPGME_No_Error. */ gpgme_error_t result; /* The result of the import, the GPGME_IMPORT_* values bit-wise ORed. 0 means the key was already known and no new components have been added. */ unsigned int status; }; typedef struct _gpgme_import_status *gpgme_import_status_t; /* Import result object. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_import_result { /* Number of considered keys. */ int considered; /* Keys without user ID. */ int no_user_id; /* Imported keys. */ int imported; /* Imported RSA keys. */ int imported_rsa; /* Unchanged keys. */ int unchanged; /* Number of new user ids. */ int new_user_ids; /* Number of new sub keys. */ int new_sub_keys; /* Number of new signatures. */ int new_signatures; /* Number of new revocations. */ int new_revocations; /* Number of secret keys read. */ int secret_read; /* Number of secret keys imported. */ int secret_imported; /* Number of secret keys unchanged. */ int secret_unchanged; /* Number of new keys skipped. */ int skipped_new_keys; /* Number of keys not imported. */ int not_imported; /* List of keys for which an import was attempted. */ gpgme_import_status_t imports; /* Number of v3 keys skipped. */ int skipped_v3_keys; }; typedef struct _gpgme_op_import_result *gpgme_import_result_t; /* Retrieve a pointer to the result of the import operation. */ gpgme_import_result_t gpgme_op_import_result (gpgme_ctx_t ctx); /* Import the key in KEYDATA into the keyring. */ gpgme_error_t gpgme_op_import_start (gpgme_ctx_t ctx, gpgme_data_t keydata); gpgme_error_t gpgme_op_import (gpgme_ctx_t ctx, gpgme_data_t keydata); /* Import the keys from the array KEYS into the keyring. */ gpgme_error_t gpgme_op_import_keys_start (gpgme_ctx_t ctx, gpgme_key_t keys[]); gpgme_error_t gpgme_op_import_keys (gpgme_ctx_t ctx, gpgme_key_t keys[]); /* Export the keys found by PATTERN into KEYDATA. */ gpgme_error_t gpgme_op_export_start (gpgme_ctx_t ctx, const char *pattern, gpgme_export_mode_t mode, gpgme_data_t keydata); gpgme_error_t gpgme_op_export (gpgme_ctx_t ctx, const char *pattern, gpgme_export_mode_t mode, gpgme_data_t keydata); gpgme_error_t gpgme_op_export_ext_start (gpgme_ctx_t ctx, const char *pattern[], gpgme_export_mode_t mode, gpgme_data_t keydata); gpgme_error_t gpgme_op_export_ext (gpgme_ctx_t ctx, const char *pattern[], gpgme_export_mode_t mode, gpgme_data_t keydata); /* Export the keys from the array KEYS into KEYDATA. */ gpgme_error_t gpgme_op_export_keys_start (gpgme_ctx_t ctx, gpgme_key_t keys[], gpgme_export_mode_t mode, gpgme_data_t keydata); gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t ctx, gpgme_key_t keys[], gpgme_export_mode_t mode, gpgme_data_t keydata); /* * Key generation. */ /* Flags for the key creation functions. */ #define GPGME_CREATE_SIGN (1 << 0) /* Allow usage: signing. */ #define GPGME_CREATE_ENCR (1 << 1) /* Allow usage: encryption. */ #define GPGME_CREATE_CERT (1 << 2) /* Allow usage: certification. */ #define GPGME_CREATE_AUTH (1 << 3) /* Allow usage: authentication. */ #define GPGME_CREATE_NOPASSWD (1 << 7) /* Create w/o passphrase. */ #define GPGME_CREATE_SELFSIGNED (1 << 8) /* Create self-signed cert. */ #define GPGME_CREATE_NOSTORE (1 << 9) /* Do not store the key. */ #define GPGME_CREATE_WANTPUB (1 << 10) /* Return the public key. */ #define GPGME_CREATE_WANTSEC (1 << 11) /* Return the secret key. */ #define GPGME_CREATE_FORCE (1 << 12) /* Force creation. */ #define GPGME_CREATE_NOEXPIRE (1 << 13) /* Create w/o expiration. */ /* An object to return result from a key generation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_genkey_result { /* A primary key was generated. */ unsigned int primary : 1; /* A sub key was generated. */ unsigned int sub : 1; /* A user id was generated. */ unsigned int uid : 1; /* Internal to GPGME, do not use. */ unsigned int _unused : 29; /* The fingerprint of the generated key. */ char *fpr; /* A memory data object with the created public key. Only set when * GPGME_CREATE_WANTPUB has been used. */ gpgme_data_t pubkey; /* A memory data object with the created secret key. Only set when * GPGME_CREATE_WANTSEC has been used. */ gpgme_data_t seckey; }; typedef struct _gpgme_op_genkey_result *gpgme_genkey_result_t; /* Generate a new keypair and add it to the keyring. PUBKEY and * SECKEY should be null for now. PARMS specifies what keys should be * generated. */ gpgme_error_t gpgme_op_genkey_start (gpgme_ctx_t ctx, const char *parms, gpgme_data_t pubkey, gpgme_data_t seckey); gpgme_error_t gpgme_op_genkey (gpgme_ctx_t ctx, const char *parms, gpgme_data_t pubkey, gpgme_data_t seckey); /* Generate a key pair using the modern interface. */ gpgme_error_t gpgme_op_createkey_start (gpgme_ctx_t ctx, const char *userid, const char *algo, unsigned long reserved, unsigned long expires, gpgme_key_t certkey, unsigned int flags); gpgme_error_t gpgme_op_createkey (gpgme_ctx_t ctx, const char *userid, const char *algo, unsigned long reserved, unsigned long expires, gpgme_key_t certkey, unsigned int flags); /* Add a new subkey to KEY. */ gpgme_error_t gpgme_op_createsubkey_start (gpgme_ctx_t ctx, gpgme_key_t key, const char *algo, unsigned long reserved, unsigned long expires, unsigned int flags); gpgme_error_t gpgme_op_createsubkey (gpgme_ctx_t ctx, gpgme_key_t key, const char *algo, unsigned long reserved, unsigned long expires, unsigned int flags); /* Add USERID to an existing KEY. */ gpgme_error_t gpgme_op_adduid_start (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, unsigned int reserved); gpgme_error_t gpgme_op_adduid (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, unsigned int reserved); /* Revoke a USERID from a KEY. */ gpgme_error_t gpgme_op_revuid_start (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, unsigned int reserved); gpgme_error_t gpgme_op_revuid (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, unsigned int reserved); /* Set a flag on the USERID of KEY. See the manual for supported flags. */ gpgme_error_t gpgme_op_set_uid_flag_start (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, const char *name, const char *value); gpgme_error_t gpgme_op_set_uid_flag (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, const char *name, const char *value); /* Change the expiry of a key. */ gpgme_error_t gpgme_op_setexpire_start (gpgme_ctx_t ctx, gpgme_key_t key, unsigned long expires, const char *subfprs, unsigned int reserved); gpgme_error_t gpgme_op_setexpire (gpgme_ctx_t ctx, gpgme_key_t key, unsigned long expires, const char *subfprs, unsigned int reserved); /* Retrieve a pointer to the result of a genkey, createkey, or * createsubkey operation. */ gpgme_genkey_result_t gpgme_op_genkey_result (gpgme_ctx_t ctx); /* Delete KEY from the keyring. If ALLOW_SECRET is non-zero, secret * keys are also deleted. */ gpgme_error_t gpgme_op_delete_start (gpgme_ctx_t ctx, const gpgme_key_t key, int allow_secret); gpgme_error_t gpgme_op_delete (gpgme_ctx_t ctx, const gpgme_key_t key, int allow_secret); /* Flags for the key delete functions. */ #define GPGME_DELETE_ALLOW_SECRET (1 << 0) /* Also delete secret key. */ #define GPGME_DELETE_FORCE (1 << 1) /* Do not ask user to confirm. */ gpgme_error_t gpgme_op_delete_ext_start (gpgme_ctx_t ctx, const gpgme_key_t key, unsigned int flags); gpgme_error_t gpgme_op_delete_ext (gpgme_ctx_t ctx, const gpgme_key_t key, unsigned int flags); /* * Key signing interface */ /* Flags for the key signing functions. */ #define GPGME_KEYSIGN_LOCAL (1 << 7) /* Create a local signature. */ #define GPGME_KEYSIGN_LFSEP (1 << 8) /* Indicate LF separated user ids. */ #define GPGME_KEYSIGN_NOEXPIRE (1 << 9) /* Force no expiration. */ /* Sign the USERID of KEY using the current set of signers. */ gpgme_error_t gpgme_op_keysign_start (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, unsigned long expires, unsigned int flags); gpgme_error_t gpgme_op_keysign (gpgme_ctx_t ctx, gpgme_key_t key, const char *userid, unsigned long expires, unsigned int flags); /* Flags for the signature revoking functions. */ #define GPGME_REVSIG_LFSEP (1 << 8) /* Indicate LF separated user ids. */ /* Revoke the signatures made with SIGNING_KEY on the USERID(s) of KEY. */ gpgme_error_t gpgme_op_revsig_start (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_key_t signing_key, const char *userid, unsigned int flags); gpgme_error_t gpgme_op_revsig (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_key_t signing_key, const char *userid, unsigned int flags); /* * Key edit interface */ /* Flags to select the mode of the interact. */ #define GPGME_INTERACT_CARD (1 << 0) /* Use --card-edit mode. */ /* Edit the KEY. Send status and command requests to FNC and output of edit commands to OUT. */ gpgme_error_t gpgme_op_interact_start (gpgme_ctx_t ctx, gpgme_key_t key, unsigned int flags, gpgme_interact_cb_t fnc, void *fnc_value, gpgme_data_t out); gpgme_error_t gpgme_op_interact (gpgme_ctx_t ctx, gpgme_key_t key, unsigned int flags, gpgme_interact_cb_t fnc, void *fnc_value, gpgme_data_t out); /* Set the Tofu policy of KEY to POLCIY. */ gpgme_error_t gpgme_op_tofu_policy_start (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_tofu_policy_t policy); gpgme_error_t gpgme_op_tofu_policy (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_tofu_policy_t policy); /* * Key listing */ /* An object to return results from a key listing operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_keylist_result { unsigned int truncated : 1; /* Internal to GPGME, do not use. */ unsigned int _unused : 31; }; typedef struct _gpgme_op_keylist_result *gpgme_keylist_result_t; /* Retrieve a pointer to the result of the key listing operation. */ gpgme_keylist_result_t gpgme_op_keylist_result (gpgme_ctx_t ctx); /* Start a keylist operation within CTX, searching for keys which * match PATTERN. If SECRET_ONLY is true, only secret keys are * returned. */ gpgme_error_t gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only); gpgme_error_t gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[], int secret_only, int reserved); /* List the keys contained in DATA. */ gpgme_error_t gpgme_op_keylist_from_data_start (gpgme_ctx_t ctx, gpgme_data_t data, int reserved); /* Return the next key from the keylist in R_KEY. */ gpgme_error_t gpgme_op_keylist_next (gpgme_ctx_t ctx, gpgme_key_t *r_key); /* Terminate a pending keylist operation within CTX. */ gpgme_error_t gpgme_op_keylist_end (gpgme_ctx_t ctx); /* * Protecting keys */ /* Change the passphrase for KEY. FLAGS is reserved for future use * and must be passed as 0. */ gpgme_error_t gpgme_op_passwd_start (gpgme_ctx_t ctx, gpgme_key_t key, unsigned int flags); gpgme_error_t gpgme_op_passwd (gpgme_ctx_t ctx, gpgme_key_t key, unsigned int flags); /* * Trust items and operations. DO NOT USE. * Note: This does not work because the experimental support in the * GnuPG engine has been removed a very long time; for API and ABI * compatibilty we keep the functions but let them return an error. * See https://dev.gnupg.org/T4834 */ struct _gpgme_trust_item { unsigned int _refs; char *keyid; char _keyid[16 + 1]; int type; int level; char *owner_trust; char _owner_trust[2]; char *validity; char _validity[2]; char *name; }; typedef struct _gpgme_trust_item *gpgme_trust_item_t; gpgme_error_t gpgme_op_trustlist_start (gpgme_ctx_t ctx, const char *pattern, int max_level); gpgme_error_t gpgme_op_trustlist_next (gpgme_ctx_t ctx, gpgme_trust_item_t *r_item); gpgme_error_t gpgme_op_trustlist_end (gpgme_ctx_t ctx); void gpgme_trust_item_ref (gpgme_trust_item_t item); void gpgme_trust_item_unref (gpgme_trust_item_t item); /* * Audit log */ /* Return the auditlog for the current session. This may be called after a successful or failed operation. If no audit log is available GPG_ERR_NO_DATA is returned. */ gpgme_error_t gpgme_op_getauditlog_start (gpgme_ctx_t ctx, gpgme_data_t output, unsigned int flags); gpgme_error_t gpgme_op_getauditlog (gpgme_ctx_t ctx, gpgme_data_t output, unsigned int flags); /* * Spawn interface */ /* Flags for the spawn operations. */ #define GPGME_SPAWN_DETACHED 1 #define GPGME_SPAWN_ALLOW_SET_FG 2 #define GPGME_SPAWN_SHOW_WINDOW 4 /* Run the command FILE with the arguments in ARGV. Connect stdin to * DATAIN, stdout to DATAOUT, and STDERR to DATAERR. If one the data * streams is NULL, connect to /dev/null instead. */ gpgme_error_t gpgme_op_spawn_start (gpgme_ctx_t ctx, const char *file, const char *argv[], gpgme_data_t datain, gpgme_data_t dataout, gpgme_data_t dataerr, unsigned int flags); gpgme_error_t gpgme_op_spawn (gpgme_ctx_t ctx, const char *file, const char *argv[], gpgme_data_t datain, gpgme_data_t dataout, gpgme_data_t dataerr, unsigned int flags); /* * Low-level Assuan protocol access. */ typedef gpgme_error_t (*gpgme_assuan_data_cb_t) (void *opaque, const void *data, size_t datalen); typedef gpgme_error_t (*gpgme_assuan_inquire_cb_t) (void *opaque, const char *name, const char *args, gpgme_data_t *r_data); typedef gpgme_error_t (*gpgme_assuan_status_cb_t) (void *opaque, const char *status, const char *args); /* Send the Assuan COMMAND and return results via the callbacks. * Asynchronous variant. */ gpgme_error_t gpgme_op_assuan_transact_start (gpgme_ctx_t ctx, const char *command, gpgme_assuan_data_cb_t data_cb, void *data_cb_value, gpgme_assuan_inquire_cb_t inq_cb, void *inq_cb_value, gpgme_assuan_status_cb_t stat_cb, void *stat_cb_value); /* Send the Assuan COMMAND and return results via the callbacks. * Synchronous variant. */ gpgme_error_t gpgme_op_assuan_transact_ext (gpgme_ctx_t ctx, const char *command, gpgme_assuan_data_cb_t data_cb, void *data_cb_value, gpgme_assuan_inquire_cb_t inq_cb, void *inq_cb_value, gpgme_assuan_status_cb_t stat_cb, void *stat_cb_value, gpgme_error_t *op_err); /* * Crypto container support. */ /* An object to return results from a VFS mount operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_vfs_mount_result { char *mount_dir; }; typedef struct _gpgme_op_vfs_mount_result *gpgme_vfs_mount_result_t; gpgme_vfs_mount_result_t gpgme_op_vfs_mount_result (gpgme_ctx_t ctx); /* The container is automatically unmounted when the context is reset * or destroyed. Transmission errors are returned directly, * operational errors are returned in OP_ERR. */ gpgme_error_t gpgme_op_vfs_mount (gpgme_ctx_t ctx, const char *container_file, const char *mount_dir, unsigned int flags, gpgme_error_t *op_err); gpgme_error_t gpgme_op_vfs_create (gpgme_ctx_t ctx, gpgme_key_t recp[], const char *container_file, unsigned int flags, gpgme_error_t *op_err); /* * Interface to gpgconf(1). */ /* The expert level at which a configuration option or group of * options should be displayed. See the gpgconf(1) documentation for * more details. */ typedef enum { GPGME_CONF_BASIC = 0, GPGME_CONF_ADVANCED = 1, GPGME_CONF_EXPERT = 2, GPGME_CONF_INVISIBLE = 3, GPGME_CONF_INTERNAL = 4 } gpgme_conf_level_t; /* The data type of a configuration option argument. See the gpgconf(1) * documentation for more details. */ typedef enum { /* Basic types. */ GPGME_CONF_NONE = 0, GPGME_CONF_STRING = 1, GPGME_CONF_INT32 = 2, GPGME_CONF_UINT32 = 3, /* Complex types. */ GPGME_CONF_FILENAME = 32, GPGME_CONF_LDAP_SERVER = 33, GPGME_CONF_KEY_FPR = 34, GPGME_CONF_PUB_KEY = 35, GPGME_CONF_SEC_KEY = 36, GPGME_CONF_ALIAS_LIST = 37 } gpgme_conf_type_t; /* For now, compatibility. */ #define GPGME_CONF_PATHNAME GPGME_CONF_FILENAME /* This represents a single argument for a configuration option. * Which of the members of value is used depends on the ALT_TYPE. */ typedef struct gpgme_conf_arg { struct gpgme_conf_arg *next; /* True if the option appears without an (optional) argument. */ unsigned int no_arg; union { unsigned int count; unsigned int uint32; int int32; char *string; } value; } *gpgme_conf_arg_t; /* The flags of a configuration option. See the gpgconf * documentation for details. */ #define GPGME_CONF_GROUP (1 << 0) #define GPGME_CONF_OPTIONAL (1 << 1) #define GPGME_CONF_LIST (1 << 2) #define GPGME_CONF_RUNTIME (1 << 3) #define GPGME_CONF_DEFAULT (1 << 4) #define GPGME_CONF_DEFAULT_DESC (1 << 5) #define GPGME_CONF_NO_ARG_DESC (1 << 6) #define GPGME_CONF_NO_CHANGE (1 << 7) /* The representation of a single configuration option. See the * gpg-conf documentation for details. */ typedef struct gpgme_conf_opt { struct gpgme_conf_opt *next; /* The option name. */ char *name; /* The flags for this option. */ unsigned int flags; /* The level of this option. */ gpgme_conf_level_t level; /* The localized description of this option. */ char *description; /* The type and alternate type of this option. */ gpgme_conf_type_t type; gpgme_conf_type_t alt_type; /* The localized (short) name of the argument, if any. */ char *argname; /* The default value. */ gpgme_conf_arg_t default_value; char *default_description; /* The default value if the option is not set. */ gpgme_conf_arg_t no_arg_value; char *no_arg_description; /* The current value if the option is set. */ gpgme_conf_arg_t value; /* The new value, if any. NULL means reset to default. */ int change_value; gpgme_conf_arg_t new_value; /* Free for application use. */ void *user_data; } *gpgme_conf_opt_t; /* The representation of a component that can be configured. See the * gpg-conf documentation for details. */ typedef struct gpgme_conf_comp { struct gpgme_conf_comp *next; /* Internal to GPGME, do not use! */ gpgme_conf_opt_t *_last_opt_p; /* The component name. */ char *name; /* A human-readable description for the component. */ char *description; /* The program name (an absolute path to the program). */ char *program_name; /* A linked list of options for this component. */ struct gpgme_conf_opt *options; } *gpgme_conf_comp_t; /* Allocate a new gpgme_conf_arg_t. If VALUE is NULL, a "no arg * default" is prepared. If type is a string type, VALUE should point * to the string. Else, it should point to an unsigned or signed * integer respectively. */ gpgme_error_t gpgme_conf_arg_new (gpgme_conf_arg_t *arg_p, gpgme_conf_type_t type, const void *value); /* This also releases all chained argument structures! */ void gpgme_conf_arg_release (gpgme_conf_arg_t arg, gpgme_conf_type_t type); /* Register a change for the value of OPT to ARG. If RESET is 1 (do * not use any values but 0 or 1), ARG is ignored and the option is * not changed (reverting a previous change). Otherwise, if ARG is * NULL, the option is cleared or reset to its default. The change * is done with gpgconf's --runtime option to immediately take effect. */ gpgme_error_t gpgme_conf_opt_change (gpgme_conf_opt_t opt, int reset, gpgme_conf_arg_t arg); /* Release a set of configurations. */ void gpgme_conf_release (gpgme_conf_comp_t conf); /* Retrieve the current configurations. */ gpgme_error_t gpgme_op_conf_load (gpgme_ctx_t ctx, gpgme_conf_comp_t *conf_p); /* Save the configuration of component comp. This function does not follow chained components! */ gpgme_error_t gpgme_op_conf_save (gpgme_ctx_t ctx, gpgme_conf_comp_t comp); /* Retrieve the configured directory. */ gpgme_error_t gpgme_op_conf_dir(gpgme_ctx_t ctx, const char *what, char **result); /* Information about software versions. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ typedef struct _gpgme_op_query_swdb_result { /* RFU */ struct _gpgme_op_query_swdb_result *next; /* The name of the package (e.g. "gpgme", "gnupg") */ char *name; /* The version number of the installed version. */ char *iversion; /* The time the online info was created. */ unsigned long created; /* The time the online info was retrieved. */ unsigned long retrieved; /* This bit is set if an error occured or some of the information * in this structure may not be set. */ unsigned int warning : 1; /* An update is available. */ unsigned int update : 1; /* The update is important. */ unsigned int urgent : 1; /* No information at all available. */ unsigned int noinfo : 1; /* The package name is not known. */ unsigned int unknown : 1; /* The information here is too old. */ unsigned int tooold : 1; /* Other error. */ unsigned int error : 1; unsigned int _reserved : 25; /* The version number of the latest released version. */ char *version; /* The release date of that version. */ unsigned long reldate; } *gpgme_query_swdb_result_t; /* Run the gpgconf --query-swdb command. */ gpgme_error_t gpgme_op_query_swdb (gpgme_ctx_t ctx, const char *name, const char *iversion, unsigned int reserved); /* Return the result from the last query_swdb operation. */ gpgme_query_swdb_result_t gpgme_op_query_swdb_result (gpgme_ctx_t ctx); /* * Various functions. */ /* Set special global flags; consult the manual before use. */ int gpgme_set_global_flag (const char *name, const char *value); /* Check that the library fulfills the version requirement. Note: * This is here only for the case where a user takes a pointer from * the old version of this function. The new version and macro for * run-time checks are below. */ const char *gpgme_check_version (const char *req_version); /* Do not call this directly; use the macro below. */ const char *gpgme_check_version_internal (const char *req_version, size_t offset_sig_validity); /* Check that the library fulfills the version requirement and check * for struct layout mismatch involving bitfields. */ #define gpgme_check_version(req_version) \ gpgme_check_version_internal (req_version, \ offsetof (struct _gpgme_signature, validity)) /* Return the default values for various directories. */ const char *gpgme_get_dirinfo (const char *what); /* Get the information about the configured and installed engines. A * pointer to the first engine in the statically allocated linked list * is returned in *INFO. If an error occurs, it is returned. The * returned data is valid until the next gpgme_set_engine_info. */ gpgme_error_t gpgme_get_engine_info (gpgme_engine_info_t *engine_info); /* Set the default engine info for the protocol PROTO to the file name * FILE_NAME and the home directory HOME_DIR. */ gpgme_error_t gpgme_set_engine_info (gpgme_protocol_t proto, const char *file_name, const char *home_dir); /* Verify that the engine implementing PROTO is installed and * available. */ gpgme_error_t gpgme_engine_check_version (gpgme_protocol_t proto); /* Reference counting for result objects. */ void gpgme_result_ref (void *result); void gpgme_result_unref (void *result); /* Return a public key algorithm string (e.g. "rsa2048"). Caller must * free using gpgme_free. */ char *gpgme_pubkey_algo_string (gpgme_subkey_t subkey); /* Return a statically allocated string with the name of the public * key algorithm ALGO, or NULL if that name is not known. */ const char *gpgme_pubkey_algo_name (gpgme_pubkey_algo_t algo); /* Return a statically allocated string with the name of the hash * algorithm ALGO, or NULL if that name is not known. */ const char *gpgme_hash_algo_name (gpgme_hash_algo_t algo); /* Return the addr-spec from a user id. Caller must free the result * with gpgme_free. */ char *gpgme_addrspec_from_uid (const char *uid); /* * Deprecated types, constants and functions. */ +/* This is a former experimental only features. The constant is + * provided to not break existing code in the compiler phase. */ +#define GPGME_EXPORT_MODE_NOUID 128 /* Do not use! */ + + /* The possible stati for gpgme_op_edit. The use of that function and * these status codes are deprecated in favor of gpgme_op_interact. */ typedef enum { GPGME_STATUS_EOF = 0, /* mkstatus processing starts here */ GPGME_STATUS_ENTER = 1, GPGME_STATUS_LEAVE = 2, GPGME_STATUS_ABORT = 3, GPGME_STATUS_GOODSIG = 4, GPGME_STATUS_BADSIG = 5, GPGME_STATUS_ERRSIG = 6, GPGME_STATUS_BADARMOR = 7, GPGME_STATUS_RSA_OR_IDEA = 8, /* (legacy) */ GPGME_STATUS_KEYEXPIRED = 9, GPGME_STATUS_KEYREVOKED = 10, GPGME_STATUS_TRUST_UNDEFINED = 11, GPGME_STATUS_TRUST_NEVER = 12, GPGME_STATUS_TRUST_MARGINAL = 13, GPGME_STATUS_TRUST_FULLY = 14, GPGME_STATUS_TRUST_ULTIMATE = 15, GPGME_STATUS_SHM_INFO = 16, /* (legacy) */ GPGME_STATUS_SHM_GET = 17, /* (legacy) */ GPGME_STATUS_SHM_GET_BOOL = 18, /* (legacy) */ GPGME_STATUS_SHM_GET_HIDDEN = 19, /* (legacy) */ GPGME_STATUS_NEED_PASSPHRASE = 20, GPGME_STATUS_VALIDSIG = 21, GPGME_STATUS_SIG_ID = 22, GPGME_STATUS_ENC_TO = 23, GPGME_STATUS_NODATA = 24, GPGME_STATUS_BAD_PASSPHRASE = 25, GPGME_STATUS_NO_PUBKEY = 26, GPGME_STATUS_NO_SECKEY = 27, GPGME_STATUS_NEED_PASSPHRASE_SYM = 28, GPGME_STATUS_DECRYPTION_FAILED = 29, GPGME_STATUS_DECRYPTION_OKAY = 30, GPGME_STATUS_MISSING_PASSPHRASE = 31, GPGME_STATUS_GOOD_PASSPHRASE = 32, GPGME_STATUS_GOODMDC = 33, GPGME_STATUS_BADMDC = 34, GPGME_STATUS_ERRMDC = 35, GPGME_STATUS_IMPORTED = 36, GPGME_STATUS_IMPORT_OK = 37, GPGME_STATUS_IMPORT_PROBLEM = 38, GPGME_STATUS_IMPORT_RES = 39, GPGME_STATUS_FILE_START = 40, GPGME_STATUS_FILE_DONE = 41, GPGME_STATUS_FILE_ERROR = 42, GPGME_STATUS_BEGIN_DECRYPTION = 43, GPGME_STATUS_END_DECRYPTION = 44, GPGME_STATUS_BEGIN_ENCRYPTION = 45, GPGME_STATUS_END_ENCRYPTION = 46, GPGME_STATUS_DELETE_PROBLEM = 47, GPGME_STATUS_GET_BOOL = 48, GPGME_STATUS_GET_LINE = 49, GPGME_STATUS_GET_HIDDEN = 50, GPGME_STATUS_GOT_IT = 51, GPGME_STATUS_PROGRESS = 52, GPGME_STATUS_SIG_CREATED = 53, GPGME_STATUS_SESSION_KEY = 54, GPGME_STATUS_NOTATION_NAME = 55, GPGME_STATUS_NOTATION_DATA = 56, GPGME_STATUS_POLICY_URL = 57, GPGME_STATUS_BEGIN_STREAM = 58, /* (legacy) */ GPGME_STATUS_END_STREAM = 59, /* (legacy) */ GPGME_STATUS_KEY_CREATED = 60, GPGME_STATUS_USERID_HINT = 61, GPGME_STATUS_UNEXPECTED = 62, GPGME_STATUS_INV_RECP = 63, GPGME_STATUS_NO_RECP = 64, GPGME_STATUS_ALREADY_SIGNED = 65, GPGME_STATUS_SIGEXPIRED = 66, /* (legacy) */ GPGME_STATUS_EXPSIG = 67, GPGME_STATUS_EXPKEYSIG = 68, GPGME_STATUS_TRUNCATED = 69, GPGME_STATUS_ERROR = 70, GPGME_STATUS_NEWSIG = 71, GPGME_STATUS_REVKEYSIG = 72, GPGME_STATUS_SIG_SUBPACKET = 73, GPGME_STATUS_NEED_PASSPHRASE_PIN = 74, GPGME_STATUS_SC_OP_FAILURE = 75, GPGME_STATUS_SC_OP_SUCCESS = 76, GPGME_STATUS_CARDCTRL = 77, GPGME_STATUS_BACKUP_KEY_CREATED = 78, GPGME_STATUS_PKA_TRUST_BAD = 79, GPGME_STATUS_PKA_TRUST_GOOD = 80, GPGME_STATUS_PLAINTEXT = 81, GPGME_STATUS_INV_SGNR = 82, GPGME_STATUS_NO_SGNR = 83, GPGME_STATUS_SUCCESS = 84, GPGME_STATUS_DECRYPTION_INFO = 85, GPGME_STATUS_PLAINTEXT_LENGTH = 86, GPGME_STATUS_MOUNTPOINT = 87, GPGME_STATUS_PINENTRY_LAUNCHED = 88, GPGME_STATUS_ATTRIBUTE = 89, GPGME_STATUS_BEGIN_SIGNING = 90, GPGME_STATUS_KEY_NOT_CREATED = 91, GPGME_STATUS_INQUIRE_MAXLEN = 92, GPGME_STATUS_FAILURE = 93, GPGME_STATUS_KEY_CONSIDERED = 94, GPGME_STATUS_TOFU_USER = 95, GPGME_STATUS_TOFU_STATS = 96, GPGME_STATUS_TOFU_STATS_LONG = 97, GPGME_STATUS_NOTATION_FLAGS = 98, GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE = 99, GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE = 100, GPGME_STATUS_CANCELED_BY_USER = 101 } gpgme_status_code_t; /* The callback type used by the deprecated functions gpgme_op_edit * and gpgme_op_card_edit. */ typedef gpgme_error_t (*gpgme_edit_cb_t) (void *opaque, gpgme_status_code_t status, const char *args, int fd); gpgme_error_t gpgme_op_edit_start (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_edit_cb_t fnc, void *fnc_value, gpgme_data_t out) _GPGME_DEPRECATED(1,7); gpgme_error_t gpgme_op_edit (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_edit_cb_t fnc, void *fnc_value, gpgme_data_t out) _GPGME_DEPRECATED(1,7); gpgme_error_t gpgme_op_card_edit_start (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_edit_cb_t fnc, void *fnc_value, gpgme_data_t out) _GPGME_DEPRECATED(1,7); gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_edit_cb_t fnc, void *fnc_value, gpgme_data_t out) _GPGME_DEPRECATED(1,7); /* The possible signature stati. Deprecated, use error value in sig * status. */ typedef enum { GPGME_SIG_STAT_NONE = 0, GPGME_SIG_STAT_GOOD = 1, GPGME_SIG_STAT_BAD = 2, GPGME_SIG_STAT_NOKEY = 3, GPGME_SIG_STAT_NOSIG = 4, GPGME_SIG_STAT_ERROR = 5, GPGME_SIG_STAT_DIFF = 6, GPGME_SIG_STAT_GOOD_EXP = 7, GPGME_SIG_STAT_GOOD_EXPKEY = 8 } _gpgme_sig_stat_t; typedef _gpgme_sig_stat_t gpgme_sig_stat_t _GPGME_DEPRECATED(0,4); /* The available key and signature attributes. Deprecated, use the * individual result structures instead. */ typedef enum { GPGME_ATTR_KEYID = 1, GPGME_ATTR_FPR = 2, GPGME_ATTR_ALGO = 3, GPGME_ATTR_LEN = 4, GPGME_ATTR_CREATED = 5, GPGME_ATTR_EXPIRE = 6, GPGME_ATTR_OTRUST = 7, GPGME_ATTR_USERID = 8, GPGME_ATTR_NAME = 9, GPGME_ATTR_EMAIL = 10, GPGME_ATTR_COMMENT = 11, GPGME_ATTR_VALIDITY = 12, GPGME_ATTR_LEVEL = 13, GPGME_ATTR_TYPE = 14, GPGME_ATTR_IS_SECRET = 15, GPGME_ATTR_KEY_REVOKED = 16, GPGME_ATTR_KEY_INVALID = 17, GPGME_ATTR_UID_REVOKED = 18, GPGME_ATTR_UID_INVALID = 19, GPGME_ATTR_KEY_CAPS = 20, GPGME_ATTR_CAN_ENCRYPT = 21, GPGME_ATTR_CAN_SIGN = 22, GPGME_ATTR_CAN_CERTIFY = 23, GPGME_ATTR_KEY_EXPIRED = 24, GPGME_ATTR_KEY_DISABLED = 25, GPGME_ATTR_SERIAL = 26, GPGME_ATTR_ISSUER = 27, GPGME_ATTR_CHAINID = 28, GPGME_ATTR_SIG_STATUS = 29, GPGME_ATTR_ERRTOK = 30, GPGME_ATTR_SIG_SUMMARY = 31, GPGME_ATTR_SIG_CLASS = 32 } _gpgme_attr_t; typedef _gpgme_attr_t gpgme_attr_t _GPGME_DEPRECATED(0,4); /* Retrieve the signature status of signature IDX in CTX after a * successful verify operation in R_STAT (if non-null). The creation * time stamp of the signature is returned in R_CREATED (if non-null). * The function returns a string containing the fingerprint. * Deprecated, use verify result directly. */ const char *gpgme_get_sig_status (gpgme_ctx_t ctx, int idx, _gpgme_sig_stat_t *r_stat, time_t *r_created) _GPGME_DEPRECATED(0,4); /* Retrieve certain attributes of a signature. IDX is the index * number of the signature after a successful verify operation. WHAT * is an attribute where GPGME_ATTR_EXPIRE is probably the most useful * one. WHATIDX is to be passed as 0 for most attributes . */ unsigned long gpgme_get_sig_ulong_attr (gpgme_ctx_t c, int idx, _gpgme_attr_t what, int whatidx) _GPGME_DEPRECATED(0,4); const char *gpgme_get_sig_string_attr (gpgme_ctx_t c, int idx, _gpgme_attr_t what, int whatidx) _GPGME_DEPRECATED(0,4); /* Get the key used to create signature IDX in CTX and return it in * R_KEY. */ gpgme_error_t gpgme_get_sig_key (gpgme_ctx_t ctx, int idx, gpgme_key_t *r_key) _GPGME_DEPRECATED(0,4); /* Create a new data buffer which retrieves the data from the callback * function READ_CB. Deprecated, please use gpgme_data_new_from_cbs * instead. */ gpgme_error_t gpgme_data_new_with_read_cb (gpgme_data_t *r_dh, int (*read_cb) (void*,char *, size_t,size_t*), void *read_cb_value) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of KEY, which has to be * representable by a string. IDX specifies the sub key or user ID * for attributes related to sub keys or user IDs. Deprecated, use * key structure directly instead. */ const char *gpgme_key_get_string_attr (gpgme_key_t key, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of KEY, which has to be * representable by an unsigned integer. IDX specifies the sub key or * user ID for attributes related to sub keys or user IDs. * Deprecated, use key structure directly instead. */ unsigned long gpgme_key_get_ulong_attr (gpgme_key_t key, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of a signature on user ID * UID_IDX in KEY, which has to be representable by a string. IDX * specifies the signature. Deprecated, use key structure directly * instead. */ const char *gpgme_key_sig_get_string_attr (gpgme_key_t key, int uid_idx, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of a signature on user ID * UID_IDX in KEY, which has to be representable by an unsigned * integer string. IDX specifies the signature. Deprecated, use key * structure directly instead. */ unsigned long gpgme_key_sig_get_ulong_attr (gpgme_key_t key, int uid_idx, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t ctx, gpgme_data_t keydata, int *nr) _GPGME_DEPRECATED(0,4); /* DO NOT USE. */ void gpgme_trust_item_release (gpgme_trust_item_t item) _GPGME_DEPRECATED(0,4); /* DO NOT USE. */ const char *gpgme_trust_item_get_string_attr (gpgme_trust_item_t item, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* DO NOT USE. */ int gpgme_trust_item_get_int_attr (gpgme_trust_item_t item, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Compat. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ struct _gpgme_op_assuan_result { /* Deprecated. Use the second value in a DONE event or the synchronous variant gpgme_op_assuan_transact_ext. */ gpgme_error_t err _GPGME_DEPRECATED_OUTSIDE_GPGME(1,2); }; typedef struct _gpgme_op_assuan_result *gpgme_assuan_result_t; /* Return the result of the last Assuan command. */ gpgme_assuan_result_t gpgme_op_assuan_result (gpgme_ctx_t ctx) _GPGME_DEPRECATED(1,2); gpgme_error_t gpgme_op_assuan_transact (gpgme_ctx_t ctx, const char *command, gpgme_assuan_data_cb_t data_cb, void *data_cb_value, gpgme_assuan_inquire_cb_t inq_cb, void *inq_cb_value, gpgme_assuan_status_cb_t status_cb, void *status_cb_value) _GPGME_DEPRECATED(1,2); typedef gpgme_ctx_t GpgmeCtx _GPGME_DEPRECATED(0,4); typedef gpgme_data_t GpgmeData _GPGME_DEPRECATED(0,4); typedef gpgme_error_t GpgmeError _GPGME_DEPRECATED(0,4); typedef gpgme_data_encoding_t GpgmeDataEncoding _GPGME_DEPRECATED(0,4); typedef gpgme_pubkey_algo_t GpgmePubKeyAlgo _GPGME_DEPRECATED(0,4); typedef gpgme_hash_algo_t GpgmeHashAlgo _GPGME_DEPRECATED(0,4); typedef gpgme_sig_stat_t GpgmeSigStat _GPGME_DEPRECATED(0,4); typedef gpgme_sig_mode_t GpgmeSigMode _GPGME_DEPRECATED(0,4); typedef gpgme_attr_t GpgmeAttr _GPGME_DEPRECATED(0,4); typedef gpgme_validity_t GpgmeValidity _GPGME_DEPRECATED(0,4); typedef gpgme_protocol_t GpgmeProtocol _GPGME_DEPRECATED(0,4); typedef gpgme_engine_info_t GpgmeEngineInfo _GPGME_DEPRECATED(0,4); typedef gpgme_subkey_t GpgmeSubkey _GPGME_DEPRECATED(0,4); typedef gpgme_key_sig_t GpgmeKeySig _GPGME_DEPRECATED(0,4); typedef gpgme_user_id_t GpgmeUserID _GPGME_DEPRECATED(0,4); typedef gpgme_key_t GpgmeKey _GPGME_DEPRECATED(0,4); typedef gpgme_passphrase_cb_t GpgmePassphraseCb _GPGME_DEPRECATED(0,4); typedef gpgme_progress_cb_t GpgmeProgressCb _GPGME_DEPRECATED(0,4); typedef gpgme_io_cb_t GpgmeIOCb _GPGME_DEPRECATED(0,4); typedef gpgme_register_io_cb_t GpgmeRegisterIOCb _GPGME_DEPRECATED(0,4); typedef gpgme_remove_io_cb_t GpgmeRemoveIOCb _GPGME_DEPRECATED(0,4); typedef gpgme_event_io_t GpgmeEventIO _GPGME_DEPRECATED(0,4); typedef gpgme_event_io_cb_t GpgmeEventIOCb _GPGME_DEPRECATED(0,4); #define GpgmeIOCbs gpgme_io_cbs typedef gpgme_data_read_cb_t GpgmeDataReadCb _GPGME_DEPRECATED(0,4); typedef gpgme_data_write_cb_t GpgmeDataWriteCb _GPGME_DEPRECATED(0,4); typedef gpgme_data_seek_cb_t GpgmeDataSeekCb _GPGME_DEPRECATED(0,4); typedef gpgme_data_release_cb_t GpgmeDataReleaseCb _GPGME_DEPRECATED(0,4); #define GpgmeDataCbs gpgme_data_cbs typedef gpgme_encrypt_result_t GpgmeEncryptResult _GPGME_DEPRECATED(0,4); typedef gpgme_sig_notation_t GpgmeSigNotation _GPGME_DEPRECATED(0,4); typedef gpgme_signature_t GpgmeSignature _GPGME_DEPRECATED(0,4); typedef gpgme_verify_result_t GpgmeVerifyResult _GPGME_DEPRECATED(0,4); typedef gpgme_import_status_t GpgmeImportStatus _GPGME_DEPRECATED(0,4); typedef gpgme_import_result_t GpgmeImportResult _GPGME_DEPRECATED(0,4); typedef gpgme_genkey_result_t GpgmeGenKeyResult _GPGME_DEPRECATED(0,4); typedef gpgme_trust_item_t GpgmeTrustItem _GPGME_DEPRECATED(0,4); typedef gpgme_status_code_t GpgmeStatusCode _GPGME_DEPRECATED(0,4); #ifdef __cplusplus } #endif #endif /* GPGME_H */ /* @emacs_local_vars_begin@ @emacs_local_vars_read_only@ @emacs_local_vars_end@ */