diff options
Diffstat (limited to 'gpg-interface.c')
-rw-r--r-- | gpg-interface.c | 133 |
1 files changed, 74 insertions, 59 deletions
diff --git a/gpg-interface.c b/gpg-interface.c index 68b0c814f7..8672edaf48 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -3,6 +3,7 @@ #include "strbuf.h" #include "gpg-interface.h" #include "sigchain.h" +#include "tempfile.h" static char *configured_signing_key; static const char *gpg_program = "gpg"; @@ -60,6 +61,43 @@ void parse_gpg_output(struct signature_check *sigc) } } +int check_signature(const char *payload, size_t plen, const char *signature, + size_t slen, struct signature_check *sigc) +{ + struct strbuf gpg_output = STRBUF_INIT; + struct strbuf gpg_status = STRBUF_INIT; + int status; + + sigc->result = 'N'; + + status = verify_signed_buffer(payload, plen, signature, slen, + &gpg_output, &gpg_status); + if (status && !gpg_output.len) + goto out; + sigc->payload = xmemdupz(payload, plen); + sigc->gpg_output = strbuf_detach(&gpg_output, NULL); + sigc->gpg_status = strbuf_detach(&gpg_status, NULL); + parse_gpg_output(sigc); + + out: + strbuf_release(&gpg_status); + strbuf_release(&gpg_output); + + return sigc->result != 'G' && sigc->result != 'U'; +} + +void print_signature_buffer(const struct signature_check *sigc, unsigned flags) +{ + const char *output = flags & GPG_VERIFY_RAW ? + sigc->gpg_status : sigc->gpg_output; + + if (flags & GPG_VERIFY_VERBOSE && sigc->payload) + fputs(sigc->payload, stdout); + + if (output) + fputs(output, stderr); +} + /* * Look at GPG signed content (e.g. a signed tag object), whose * payload is followed by a detached signature on it. Return the @@ -113,42 +151,30 @@ const char *get_signing_key(void) int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key) { struct child_process gpg = CHILD_PROCESS_INIT; - const char *args[4]; - ssize_t len; + int ret; size_t i, j, bottom; + struct strbuf gpg_status = STRBUF_INIT; - gpg.argv = args; - gpg.in = -1; - gpg.out = -1; - args[0] = gpg_program; - args[1] = "-bsau"; - args[2] = signing_key; - args[3] = NULL; + argv_array_pushl(&gpg.args, + gpg_program, + "--status-fd=2", + "-bsau", signing_key, + NULL); - if (start_command(&gpg)) - return error(_("could not run gpg.")); + bottom = signature->len; /* * When the username signingkey is bad, program could be terminated * because gpg exits without reading and then write gets SIGPIPE. */ sigchain_push(SIGPIPE, SIG_IGN); - - if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) { - close(gpg.in); - close(gpg.out); - finish_command(&gpg); - return error(_("gpg did not accept the data")); - } - close(gpg.in); - - bottom = signature->len; - len = strbuf_read(signature, gpg.out, 1024); - close(gpg.out); - + ret = pipe_command(&gpg, buffer->buf, buffer->len, + signature, 1024, &gpg_status, 0); sigchain_pop(SIGPIPE); - if (finish_command(&gpg) || !len || len < 0) + ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED "); + strbuf_release(&gpg_status); + if (ret) return error(_("gpg failed to sign the data")); /* Strip CR from the line endings, in case we are on Windows. */ @@ -173,50 +199,39 @@ int verify_signed_buffer(const char *payload, size_t payload_size, struct strbuf *gpg_output, struct strbuf *gpg_status) { struct child_process gpg = CHILD_PROCESS_INIT; - const char *args_gpg[] = {NULL, "--status-fd=1", "--verify", "FILE", "-", NULL}; - char path[PATH_MAX]; + static struct tempfile temp; int fd, ret; struct strbuf buf = STRBUF_INIT; - struct strbuf *pbuf = &buf; - args_gpg[0] = gpg_program; - fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); + fd = mks_tempfile_t(&temp, ".git_vtag_tmpXXXXXX"); if (fd < 0) - return error(_("could not create temporary file '%s': %s"), - path, strerror(errno)); - if (write_in_full(fd, signature, signature_size) < 0) - return error(_("failed writing detached signature to '%s': %s"), - path, strerror(errno)); - close(fd); - - gpg.argv = args_gpg; - gpg.in = -1; - gpg.out = -1; - if (gpg_output) - gpg.err = -1; - args_gpg[3] = path; - if (start_command(&gpg)) { - unlink(path); - return error(_("could not run gpg.")); + return error_errno(_("could not create temporary file")); + if (write_in_full(fd, signature, signature_size) < 0) { + error_errno(_("failed writing detached signature to '%s'"), + temp.filename.buf); + delete_tempfile(&temp); + return -1; } + close(fd); - write_in_full(gpg.in, payload, payload_size); - close(gpg.in); + argv_array_pushl(&gpg.args, + gpg_program, + "--status-fd=1", + "--keyid-format=long", + "--verify", temp.filename.buf, "-", + NULL); - if (gpg_output) { - strbuf_read(gpg_output, gpg.err, 0); - close(gpg.err); - } - if (gpg_status) - pbuf = gpg_status; - strbuf_read(pbuf, gpg.out, 0); - close(gpg.out); + if (!gpg_status) + gpg_status = &buf; - ret = finish_command(&gpg); + sigchain_push(SIGPIPE, SIG_IGN); + ret = pipe_command(&gpg, payload, payload_size, + gpg_status, 0, gpg_output, 0); + sigchain_pop(SIGPIPE); - unlink_or_warn(path); + delete_tempfile(&temp); - ret |= !strstr(pbuf->buf, "\n[GNUPG:] GOODSIG "); + ret |= !strstr(gpg_status->buf, "\n[GNUPG:] GOODSIG "); strbuf_release(&buf); /* no matter it was used or not */ return ret; |