diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-01-16 17:33:57 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-01-16 18:01:45 +0100 |
| commit | 9a30451890b61aa8121fde7570a7e1d1ebaa3778 (patch) | |
| tree | 831f7683a05ebb119e5a3f39cb61b31942cd5fdf | |
| parent | f1dabd075d78cf45c4e0b2e61334267c22d7145b (diff) | |
openpgp: Remove variant VerificationResult::BadChecksum.
- This is better expressed as an error.
| -rw-r--r-- | guide/src/chapter_01.md | 8 | ||||
| -rw-r--r-- | ipc/examples/gpg-agent-decrypt.rs | 3 | ||||
| -rw-r--r-- | ipc/tests/gpg-agent.rs | 2 | ||||
| -rw-r--r-- | openpgp-ffi/examples/decrypt-with.c | 14 | ||||
| -rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 6 | ||||
| -rw-r--r-- | openpgp-ffi/include/sequoia/openpgp/types.h | 4 | ||||
| -rw-r--r-- | openpgp-ffi/src/parse/stream.rs | 12 | ||||
| -rw-r--r-- | openpgp/examples/decrypt-with.rs | 3 | ||||
| -rw-r--r-- | openpgp/examples/generate-sign-verify.rs | 2 | ||||
| -rw-r--r-- | openpgp/src/parse/stream.rs | 26 | ||||
| -rw-r--r-- | tool/src/commands/mod.rs | 11 |
11 files changed, 19 insertions, 72 deletions
diff --git a/guide/src/chapter_01.md b/guide/src/chapter_01.md index 9770e089..16020b6b 100644 --- a/guide/src/chapter_01.md +++ b/guide/src/chapter_01.md @@ -128,8 +128,6 @@ fn main() { # Some(VerificationResult::Error { error, .. }) => # return Err(failure::err_msg( # format!("Bad signature: {:?}", error))), -# Some(VerificationResult::BadChecksum { .. }) => -# return Err(failure::err_msg("Bad signature")), # None => # return Err(failure::err_msg("No signature")), # } @@ -276,8 +274,6 @@ fn generate() -> openpgp::Result<openpgp::Cert> { # Some(VerificationResult::Error { error, .. }) => # return Err(failure::err_msg( # format!("Bad signature: {:?}", error))), -# Some(VerificationResult::BadChecksum { .. }) => -# return Err(failure::err_msg("Bad signature")), # None => # return Err(failure::err_msg("No signature")), # } @@ -424,8 +420,6 @@ fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert) # Some(VerificationResult::Error { error, .. }) => # return Err(failure::err_msg( # format!("Bad signature: {:?}", error))), -# Some(VerificationResult::BadChecksum { .. }) => -# return Err(failure::err_msg("Bad signature")), # None => # return Err(failure::err_msg("No signature")), # } @@ -583,8 +577,6 @@ impl<'a> VerificationHelper for Helper<'a> { Some(VerificationResult::Error { error, .. }) => return Err(failure::err_msg( format!("Bad signature: {:?}", error))), - Some(VerificationResult::BadChecksum { .. }) => - return Err(failure::err_msg("Bad signature")), None => return Err(failure::err_msg("No signature")), } diff --git a/ipc/examples/gpg-agent-decrypt.rs b/ipc/examples/gpg-agent-decrypt.rs index b1522f36..69ba9d3b 100644 --- a/ipc/examples/gpg-agent-decrypt.rs +++ b/ipc/examples/gpg-agent-decrypt.rs @@ -143,9 +143,6 @@ impl<'a> VerificationHelper for Helper<'a> { MissingKey { .. } => { eprintln!("No key to check signature"); }, - BadChecksum { cert, .. } => { - eprintln!("Bad signature from {}", cert); - }, Error { error, .. } => { eprintln!("Error verifying signature: {}", error); diff --git a/ipc/tests/gpg-agent.rs b/ipc/tests/gpg-agent.rs index dec09d6b..8cb3216f 100644 --- a/ipc/tests/gpg-agent.rs +++ b/ipc/tests/gpg-agent.rs @@ -170,8 +170,6 @@ fn sign() { Some(VerificationResult::MissingKey { .. }) => return Err(failure::err_msg( "Missing key to verify signature")), - Some(VerificationResult::BadChecksum { .. }) => - return Err(failure::err_msg("Bad signature")), Some(VerificationResult::Error { error, .. }) => return Err(error), None => diff --git a/openpgp-ffi/examples/decrypt-with.c b/openpgp-ffi/examples/decrypt-with.c index d395abd9..3f98c574 100644 --- a/openpgp-ffi/examples/decrypt-with.c +++ b/openpgp-ffi/examples/decrypt-with.c @@ -102,13 +102,15 @@ check_cb (void *cookie_opaque, pgp_message_structure_t structure) fprintf (stderr, "No key to check signature from %s\n", keyid_str); break; - case PGP_VERIFICATION_RESULT_BAD_CHECKSUM: - pgp_verification_result_bad_checksum (result, NULL, NULL, - &key, NULL, NULL); - keyid = pgp_key_keyid (key); - keyid_str = pgp_keyid_to_string (keyid); - fprintf (stderr, "Bad signature from %s\n", keyid_str); + case PGP_VERIFICATION_RESULT_ERROR: { + pgp_error_t err; + pgp_verification_result_error (result, NULL, &err); + char *err_str = pgp_error_to_string (err); + fprintf (stderr, "Bad signature: %s\n", err_str); + free (err_str); + pgp_error_free (err); break; + } default: assert (! "reachable"); diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 32794aa3..405cd2c6 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -1722,12 +1722,6 @@ bool pgp_verification_result_not_alive (pgp_verification_result_t, pgp_revocation_status_t *); bool pgp_verification_result_missing_key (pgp_verification_result_t, pgp_signature_t *); -bool pgp_verification_result_bad_checksum (pgp_verification_result_t, - pgp_signature_t *, - pgp_cert_t *, - pgp_key_t *, - pgp_signature_t *, - pgp_revocation_status_t *); bool pgp_verification_result_error (pgp_verification_result_t, pgp_signature_t *, pgp_error_t *); diff --git a/openpgp-ffi/include/sequoia/openpgp/types.h b/openpgp-ffi/include/sequoia/openpgp/types.h index e85916f3..e9bbc1b7 100644 --- a/openpgp-ffi/include/sequoia/openpgp/types.h +++ b/openpgp-ffi/include/sequoia/openpgp/types.h @@ -489,8 +489,8 @@ typedef struct pgp_verification_result_iter *pgp_verification_result_iter_t; typedef enum pgp_verification_result_variant { PGP_VERIFICATION_RESULT_GOOD_CHECKSUM = 1, PGP_VERIFICATION_RESULT_MISSING_KEY = 2, - PGP_VERIFICATION_RESULT_BAD_CHECKSUM = 3, - PGP_VERIFICATION_RESULT_NOT_ALIVE = 4, + PGP_VERIFICATION_RESULT_NOT_ALIVE = 3, + PGP_VERIFICATION_RESULT_ERROR = 4, /* Dummy value to make sure the enumeration has a defined size. Do not use this value. */ diff --git a/openpgp-ffi/src/parse/stream.rs b/openpgp-ffi/src/parse/stream.rs index 2237c41f..262ff596 100644 --- a/openpgp-ffi/src/parse/stream.rs +++ b/openpgp-ffi/src/parse/stream.rs @@ -171,9 +171,8 @@ fn pgp_verification_result_variant(result: *const VerificationResult) match result.ref_raw() { GoodChecksum { .. } => 1, MissingKey { .. } => 2, - BadChecksum { .. } => 3, - NotAlive { .. } => 4, - Error { .. } => 5, + NotAlive { .. } => 3, + Error { .. } => 4, } } @@ -272,13 +271,6 @@ fn pgp_verification_result_missing_key<'a>( } } -/// Decomposes a ``VerificationResult::BadChecksum`. -/// -/// Returns `true` iff the given value is a -/// `VerificationResult::BadChecksum`, and returns the variants -/// members in `sig_r` and the like iff `sig_r != NULL`. -make_decomposition_fn!(pgp_verification_result_bad_checksum, BadChecksum); - /// Decomposes a `VerificationResult::Error`. /// /// Returns `true` iff the given value is a diff --git a/openpgp/examples/decrypt-with.rs b/openpgp/examples/decrypt-with.rs index 9af4e197..3f470f0f 100644 --- a/openpgp/examples/decrypt-with.rs +++ b/openpgp/examples/decrypt-with.rs @@ -132,9 +132,6 @@ impl VerificationHelper for Helper { MissingKey { .. } => { eprintln!("No key to check signature"); }, - BadChecksum { cert, .. } => { - eprintln!("Bad signature from {}", cert); - }, Error { error, .. } => { eprintln!("Error: {}", error); }, diff --git a/openpgp/examples/generate-sign-verify.rs b/openpgp/examples/generate-sign-verify.rs index fefc8a20..8df9f1cf 100644 --- a/openpgp/examples/generate-sign-verify.rs +++ b/openpgp/examples/generate-sign-verify.rs @@ -116,8 +116,6 @@ impl<'a> VerificationHelper for Helper<'a> { Some(VerificationResult::MissingKey { .. }) => return Err(failure::err_msg( "Missing key to verify signature")), - Some(VerificationResult::BadChecksum { .. }) => - return Err(failure::err_msg("Bad signature")), Some(VerificationResult::Error { error, .. }) => return Err(error), None => diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 93ca9b7e..ec53635c 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -201,18 +201,6 @@ pub enum VerificationResult<'a> { sig: Signature, }, - /// The signature is bad. - BadChecksum { - /// The signature. - sig: Signature, - - /// The signature's issuer. - cert: &'a Cert, - - /// The signing key that made the signature. - ka: KeyAmalgamation<'a, key::PublicParts>, - }, - /// An error occured while verifying the signature. /// /// This could occur if the signature is invalid (e.g., no @@ -240,7 +228,6 @@ impl<'a> VerificationResult<'a> { GoodChecksum { sig, .. } => sig.level(), NotAlive { sig, .. } => sig.level(), MissingKey { sig, .. } => sig.level(), - BadChecksum { sig, .. } => sig.level(), Error { sig, .. } => sig.level(), } } @@ -757,10 +744,10 @@ impl<'a, H: VerificationHelper> Verifier<'a, H> { continue 'sigs; } Ok(false) => { - VerificationResult::BadChecksum { + VerificationResult::Error { sig: sig.clone(), - cert: ka.cert(), - ka, + error: + Error::ManipulatedMessage.into(), } } Err(err) => { @@ -1750,10 +1737,10 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { continue 'sigs; } Ok(false) => { - VerificationResult::BadChecksum { + VerificationResult::Error { sig: sig.clone(), - cert: ka.cert(), - ka, + error: + Error::ManipulatedMessage.into(), } } Err(err) => { @@ -1920,7 +1907,6 @@ mod test { GoodChecksum { .. } => self.good += 1, MissingKey { .. } => self.unknown += 1, NotAlive { .. } => self.bad += 1, - BadChecksum { .. } => self.bad += 1, Error { .. } => self.bad += 1, } } diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs index 7ca50253..1dc7b908 100644 --- a/tool/src/commands/mod.rs +++ b/tool/src/commands/mod.rs @@ -268,8 +268,7 @@ impl<'a> VHelper<'a> { } let (issuer, level) = match result { - GoodChecksum { sig, ka, .. } - | BadChecksum { sig, ka, .. } => + GoodChecksum { sig, ka, .. } => (ka.key().keyid(), sig.level()), NotAlive { sig, .. } => (sig.get_issuers().get(0) @@ -309,14 +308,6 @@ impl<'a> VHelper<'a> { self.bad_checksums += 1; } }, - BadChecksum { .. } => { - eprintln!("Bad {} from {}", what, label); - if trusted { - self.bad_signatures += 1; - } else { - self.bad_checksums += 1; - } - }, MissingKey { .. } => unreachable!("handled above"), Error { .. } => unreachable!("handled above"), } |