[Pkg-gnupg-commit] [gnupg2] 08/159: tools/gpgtar: Implement signing.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:23:48 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 45c814f348c89acd8d21d0607ffcf68e5c5c399e
Author: Justus Winter <justus at g10code.com>
Date: Mon Nov 30 18:39:00 2015 +0100
tools/gpgtar: Implement signing.
* tests/openpgp/gpgtar.test: Test signing.
* tools/gpgtar-create.c (gpgtar_create): Add 'sign' option, add the
appropriate gpg arguments to implement signing and selecting the local
user.
* tools/gpgtar.c (parse_options): We do handle '--local-user' now.
(main): Handle signing, encrypting, and doing both when creating an
archive.
* tools/gpgtar.h (gpgtar_create): Update prototype.
Signed-off-by: Justus Winter <justus at g10code.com>
---
tests/openpgp/gpgtar.test | 48 ++++++++++++++++++++++++++++++++++++++---------
tools/gpgtar-create.c | 20 ++++++++++++++------
tools/gpgtar.c | 8 ++++++--
tools/gpgtar.h | 2 +-
4 files changed, 60 insertions(+), 18 deletions(-)
diff --git a/tests/openpgp/gpgtar.test b/tests/openpgp/gpgtar.test
index acfaf3f..f71a883 100755
--- a/tests/openpgp/gpgtar.test
+++ b/tests/openpgp/gpgtar.test
@@ -25,35 +25,65 @@ TESTFILES="$plain_files $data_files"
TESTDIR=gpgtar.d
FILELIST="${TESTDIR}/filelist"
GPG=../../g10/gpg2
-GPGARGS="--trust-model=always"
+GPGARGS="$opt_always --no-permission-warning"
GPGTAR="../../tools/gpgtar"
GPGZIP="sh ../../tools/gpg-zip"
-for TOOL in "$GPGTAR" "$GPGZIP"
-do
+# Create, inspect, and extract an archive with the given options.
+#
+# $1 the tool to test
+# $2 options used to create the archive
+# $3 options used to inspect the archive
+# $4 options used to extract the archive
+do_test()
+{
+ (
+ TOOL="$1"
+ CREATE_FLAGS="$2"
+ INSPECT_FLAGS="$3"
+ EXTRACT_FLAGS="$4"
+
rm -rf -- "${TESTDIR}"
mkdir "${TESTDIR}"
- $TOOL --gpg "$GPG" --gpg-args "$GPGARGS" \
- --encrypt --recipient "$usrname2" \
+ $TOOL --gpg "$GPG" --gpg-args "$GPGARGS" $CREATE_FLAGS \
--output "${TESTDIR}/test.tar.pgp" $TESTFILES
- $TOOL --gpg "$GPG" --gpg-args "$GPGARGS" \
- --list-archive "${TESTDIR}/test.tar.pgp" \
+ $TOOL --gpg "$GPG" --gpg-args "$GPGARGS" $INSPECT_FLAGS \
+ "${TESTDIR}/test.tar.pgp" \
>"$FILELIST"
for F in $TESTFILES
do
grep -qe "\\b${F}\\b" "$FILELIST"
done
- $TOOL --gpg "$GPG" --gpg-args "$GPGARGS" \
+ $TOOL --gpg "$GPG" --gpg-args "$GPGARGS" $EXTRACT_FLAGS \
--tar-args --directory="${TESTDIR}" \
- --decrypt "${TESTDIR}/test.tar.pgp"
+ "${TESTDIR}/test.tar.pgp"
for F in $TESTFILES
do
diff -q "$F" "${TESTDIR}/$F"
done
+ )
+}
+
+for TOOL in "$GPGTAR" "$GPGZIP"
+do
+ do_test "$TOOL" \
+ "--encrypt --recipient $usrname2" \
+ "--list-archive" \
+ "--decrypt"
+
+ do_test "$TOOL" \
+ "--encrypt --recipient $usrname2 --sign --local-user $usrname3" \
+ "--list-archive" \
+ "--decrypt"
+
+ do_test "$TOOL" \
+ "--sign --local-user $usrname3" \
+ "--list-archive" \
+ "--decrypt"
done
# Success!
diff --git a/tools/gpgtar-create.c b/tools/gpgtar-create.c
index 8975fc6..d5e3bec 100644
--- a/tools/gpgtar-create.c
+++ b/tools/gpgtar-create.c
@@ -741,7 +741,7 @@ write_eof_mark (estream_t stream)
INPATTERN is NULL take the pattern as null terminated strings from
stdin. */
gpg_error_t
-gpgtar_create (char **inpattern, int encrypt)
+gpgtar_create (char **inpattern, int encrypt, int sign)
{
gpg_error_t err = 0;
struct scanctrl_s scanctrl_buffer;
@@ -865,7 +865,7 @@ gpgtar_create (char **inpattern, int encrypt)
if (outstream == es_stdout)
es_set_binary (es_stdout);
- if (encrypt)
+ if (encrypt || sign)
{
cipher_stream = outstream;
outstream = es_fopenmem (0, "rwb");
@@ -886,7 +886,7 @@ gpgtar_create (char **inpattern, int encrypt)
if (err)
goto leave;
- if (encrypt)
+ if (encrypt || sign)
{
int i;
strlist_t arg;
@@ -898,7 +898,7 @@ gpgtar_create (char **inpattern, int encrypt)
argv = xtrycalloc (strlist_length (opt.gpg_arguments)
+ 2 * strlist_length (opt.recipients)
- + 2,
+ + 1 + !!encrypt + !!sign + 2 * !!opt.user,
sizeof *argv);
if (argv == NULL)
{
@@ -906,7 +906,15 @@ gpgtar_create (char **inpattern, int encrypt)
goto leave;
}
i = 0;
- argv[i++] = "--encrypt";
+ if (encrypt)
+ argv[i++] = "--encrypt";
+ if (sign)
+ argv[i++] = "--sign";
+ if (opt.user)
+ {
+ argv[i++] = "--local-user";
+ argv[i++] = opt.user;
+ }
for (arg = opt.recipients; arg; arg = arg->next)
{
argv[i++] = "--recipient";
@@ -917,7 +925,7 @@ gpgtar_create (char **inpattern, int encrypt)
argv[i++] = NULL;
assert (i == strlist_length (opt.gpg_arguments)
+ 2 * strlist_length (opt.recipients)
- + 2);
+ + 1 + !!encrypt + !!sign + 2 * !!opt.user);
err = sh_exec_tool_stream (opt.gpg_program, argv,
outstream, cipher_stream);
diff --git a/tools/gpgtar.c b/tools/gpgtar.c
index 100fb16..8001654 100644
--- a/tools/gpgtar.c
+++ b/tools/gpgtar.c
@@ -318,7 +318,6 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
break;
case oUser:
- log_info ("note: ignoring option --user\n");
opt.user = pargs->r.ret_str;
break;
@@ -452,12 +451,17 @@ main (int argc, char **argv)
break;
case aEncrypt:
+ case aSign:
+ case aSignEncrypt:
if ((!argc && !null_names)
|| (argc && null_names))
usage (1);
if (opt.filename)
log_info ("note: ignoring option --set-filename\n");
- err = gpgtar_create (null_names? NULL :argv, !skip_crypto);
+ err = gpgtar_create (null_names? NULL :argv,
+ !skip_crypto
+ && (cmd == aEncrypt || cmd == aSignEncrypt),
+ cmd == aSign || cmd == aSignEncrypt);
if (err && log_get_errorcount (0) == 0)
log_error ("creating archive failed: %s\n", gpg_strerror (err));
break;
diff --git a/tools/gpgtar.h b/tools/gpgtar.h
index eadbcac..3f21ea1 100644
--- a/tools/gpgtar.h
+++ b/tools/gpgtar.h
@@ -119,7 +119,7 @@ gpg_error_t read_record (estream_t stream, void *record);
gpg_error_t write_record (estream_t stream, const void *record);
/*-- gpgtar-create.c --*/
-gpg_error_t gpgtar_create (char **inpattern, int encrypt);
+gpg_error_t gpgtar_create (char **inpattern, int encrypt, int sign);
/*-- gpgtar-extract.c --*/
gpg_error_t gpgtar_extract (const char *filename, int decrypt);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list