PyGPGME

decryption with passphrase fails due to bugs in pygpgme_passphrase_cb

Bug #1190493 reported by mpb
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
PyGPGME
New
Undecided
Unassigned

Bug Description

According to the GPGME documentation, the user provided callback function must behave as follows:

"The user must write the passphrase, followed by a newline character, to the file descriptor fd. If the user returns 0 indicating success, the user must at least write a newline character before returning from the callback.

"If an error occurs, return the corresponding gpgme_error_t value. You can use the error code GPG_ERR_CANCELED to abort the operation. Otherwise, return 0."

( Source: http://www.gnupg.org/documentation/manuals/gpgme/Passphrase-Callback.html )

However, pygpgme_passphrase_cb is buggy and does not follow the behavior required by the GPGME documentation.

Specifically, pygpgme_passphrase_cb ignores the value return by the user provided callback.

Furthermore, pygpgme_passphrase_cb sets err to the value returned by pygpgme_check_pyerror. At a glance, I could not tell what pygpgme_check_pyerror was doing, but it was NOT returning zero.

I changed the last line of pygpgme_passphrase_cb from "return err;" to "return 0;", and then I was able to successfully decrypt. (Yes, "return 0;" is a kludge, but it allowed me to verify that decryption works.)

The pygpgme_passphrase_cb source code is here:
http://bazaar.launchpad.net/~jamesh/pygpgme/trunk/view/head:/src/pygpgme-context.c

I recommend the following change:

pygpgme_passphrase_cb should examine the value of ret, and if ret equals a Python integer with the value zero, then pygpgme_passphrase_cb should return 0 to GPGME. Otherwise, pygpgme_passphrase_cb should return an appropriate error code to GPGME.

Also note that if the user provided callback function raises an exception, I believe PyObject_CallFunction will return NULL (ie, zero) to pygpgme_passphrase_cb. So this is another error condition that should be checked.

(I also noticed that the unit tests humorously work around this bug by only using private keys that have no passphrase to protect them. Once this bug is fixed, the unit tests can be improved.)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.