diff options
| author | Ingo Klöcker <dev@ingo-kloecker.de> | 2023-02-08 14:44:38 +0100 |
|---|---|---|
| committer | Ingo Klöcker <dev@ingo-kloecker.de> | 2023-02-10 09:54:03 +0100 |
| commit | 41dc3bd22a3e0001abec8f2bea79b40ee5ad00be (patch) | |
| tree | 95bf13b97712f8acf074f28d8daf62a96415933a | |
| parent | 3aaed9cfbfd6821b2e812fbdd24448953d6ca279 (diff) | |
| download | gpgme-41dc3bd22a3e0001abec8f2bea79b40ee5ad00be.tar.gz | |
core: Allow finalization of signature verification of unencrypted data
* src/decrypt-verify.c (decrypt_verify_status_handler): Call
_gpgme_verify_status_handler on EOF even if
_gpgme_decrypt_status_handler returned NO DATA error.
* tests/gpg/t-decrypt-verify.c (normal_signed_message): New.
(main): Add test with signed, but not encrypted data.
--
This allows the verify status handler to finalize the verification of
the last signature even if the decrypt status handler returned a NO DATA
error because the input data wasn't encrypted.
GnuPG-bug-id: 6368
| -rw-r--r-- | src/decrypt-verify.c | 10 | ||||
| -rw-r--r-- | tests/gpg/t-decrypt-verify.c | 31 |
2 files changed, 38 insertions, 3 deletions
diff --git a/src/decrypt-verify.c b/src/decrypt-verify.c index b63318f2..3ff15feb 100644 --- a/src/decrypt-verify.c +++ b/src/decrypt-verify.c @@ -35,13 +35,17 @@ decrypt_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) { gpgme_error_t err; + gpgme_error_t err2; err = _gpgme_progress_status_handler (priv, code, args); if (!err) err = _gpgme_decrypt_status_handler (priv, code, args); - if (!err) - err = _gpgme_verify_status_handler (priv, code, args); - return err; + /* Allow finalization of signature verification even if previous handler + * returned NO DATA error which just means that the data wasn't encrypted. */ + if (!err + || (code == GPGME_STATUS_EOF && gpg_err_code (err) == GPG_ERR_NO_DATA)) + err2 = _gpgme_verify_status_handler (priv, code, args); + return err ? err : err2; } diff --git a/tests/gpg/t-decrypt-verify.c b/tests/gpg/t-decrypt-verify.c index 211f8129..424cc817 100644 --- a/tests/gpg/t-decrypt-verify.c +++ b/tests/gpg/t-decrypt-verify.c @@ -36,6 +36,16 @@ #include "t-support.h" +static const char normal_signed_message[] = +"-----BEGIN PGP MESSAGE-----\n" +"\n" +"owGbwMvMwCSoW1RzPCOz3IRxjXQSR0lqcYleSUWJTZOvjVdpcYmCu1+oQmaJIleH\n" +"GwuDIBMDGysTSIqBi1MApi+nlGGuwDeHao53HBr+FoVGP3xX+kvuu9fCMJvl6IOf\n" +"y1kvP4y+8D5a11ang0udywsA\n" +"=Crq6\n" +"-----END PGP MESSAGE-----\n"; + + static void check_verify_result (gpgme_verify_result_t result, unsigned int summary, const char *fpr, gpgme_error_t status, int validity) @@ -141,6 +151,27 @@ main (int argc, char *argv[]) gpgme_data_release (in); gpgme_data_release (out); + + /* Checking a signed, but not encrypted message. */ + err = gpgme_data_new_from_mem (&in, normal_signed_message, strlen (normal_signed_message), 0); + fail_if_err (err); + err = gpgme_data_new (&out); + fail_if_err (err); + err = gpgme_op_decrypt_verify (ctx, in, out); + /* should have returned "no data" because the message is not encrypted */ + if (gpgme_err_code (err) != GPG_ERR_NO_DATA) + { + fprintf (stderr, "%s:%i: Unexpected result of gpgme_op_decrypt_verify: %s\n", + __FILE__, __LINE__, gpgme_strerror (err)); + } + verify_result = gpgme_op_verify_result (ctx); + check_verify_result (verify_result, GPGME_SIGSUM_VALID|GPGME_SIGSUM_GREEN, + "A0FF4590BB6122EDEF6E3C542D727CC768697734", + GPG_ERR_NO_ERROR, GPGME_VALIDITY_FULL); + + gpgme_data_release (in); + gpgme_data_release (out); + gpgme_release (ctx); return 0; } |