gpg_signing: handle early termination of gpg command in verify path

Also fixes missing wait() on I/O error. We have the same problem in several
places. I'll fix them in another batch.
This commit is contained in:
Yuya Nishihara 2024-03-02 19:24:43 +09:00
parent a0c31134ba
commit 24868e5192
2 changed files with 18 additions and 4 deletions

View file

@ -18,7 +18,7 @@ use std::ffi::OsString;
use std::fmt::Debug;
use std::io::Write;
use std::process::{Command, ExitStatus, Stdio};
use std::str;
use std::{io, str};
use thiserror::Error;
@ -82,9 +82,15 @@ fn run_sign_command(command: &mut Command, input: &[u8]) -> Result<Vec<u8>, GpgE
fn run_verify_command(command: &mut Command, input: &[u8]) -> Result<Vec<u8>, GpgError> {
let process = command.stderr(Stdio::null()).spawn()?;
process.stdin.as_ref().unwrap().write_all(input)?;
let write_result = process.stdin.as_ref().unwrap().write_all(input);
let output = process.wait_with_output()?;
Ok(output.stdout)
match write_result {
Ok(()) => Ok(output.stdout),
// If the signature format is invalid, gpg will terminate early. Writing
// more input data will fail in that case.
Err(err) if err.kind() == io::ErrorKind::BrokenPipe => Ok(vec![]),
Err(err) => Err(err.into()),
}
}
#[derive(Debug)]

View file

@ -200,8 +200,16 @@ fn invalid_signature() {
super duper invalid
-----END PGP SIGNATURE-----";
// Small data: gpg command will exit late.
assert_matches!(
backend.verify(b"hello world", signature),
backend.verify(b"a", signature),
Err(SignError::InvalidSignatureFormat)
);
// Large data: gpg command will exit early because the signature is invalid.
assert_matches!(
backend.verify(&b"a".repeat(100 * 1024), signature),
Err(SignError::InvalidSignatureFormat)
);
}