search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix a few 'gcc -fanalyzer' warnings.
[pwmd.git] / src / crypto.c
blob8b549d7a752b891e7e056dddd18be3024e3e1e99
1 /*
2 Copyright (C) 2006-2023 Ben Kibbey <bjk@luxsci.net>
3
4 This file is part of pwmd.
5
6 Pwmd is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation.
9
10 Pwmd is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
17 */
18 #ifdef HAVE_CONFIG_H
19 #include <config.h>
20 #endif
21
22 #include <stdio.h>
23 #include <sys/types.h>
24 #include <sys/stat.h>
25 #ifdef HAVE_FCNTL_H
26 #include <fcntl.h>
27 #endif
28 #include <errno.h>
29 #include <pthread.h>
30
31 #ifdef WITH_LIBACL
32 #ifdef HAVE_SYS_ACL_H
33 #include <sys/acl.h>
34 #endif
35 #endif
36
37 #include "pwmd-error.h"
38 #include "util-misc.h"
39 #include "common.h"
40 #include "rcfile.h"
41 #include "crypto.h"
42 #include "cache.h"
43 #include "mem.h"
44 #include "util-string.h"
45 #include "rcfile.h"
46 #include "mutex.h"
47
48 static unsigned keepalive;
49 static pthread_mutex_t crypto_mutex = PTHREAD_MUTEX_INITIALIZER;
50
51 #define BUFSIZE 4096
52
53 #define STATUS_TIMEOUT_INIT(crypto) \
54 do { \
55 crypto->status_timeout = time (NULL); \
56 crypto->progress_rc = 0; \
57 } while (0)
58
59 #define STATUS_TIMEOUT_TEST(crypto, rc, s, line) \
60 do { \
61 time_t now = time (NULL); \
62 if (now - crypto->status_timeout >= keepalive && crypto->client_ctx) { \
63 rc = send_status (crypto->client_ctx, s, line); \
64 crypto->status_timeout = now; \
65 } \
66 } while (0)
67
68 static gpg_error_t
69 get_password_file (const char *keyfile, unsigned char **result, size_t *len)
70 {
71 struct stat st;
72 int fd;
73 unsigned char *buf = NULL;
74 gpg_error_t rc = 0;
75
76 log_write (_ ("obtaining passphrase from passphrase file"));
77 rc = open_check_file (keyfile, &fd, &st, 0);
78 if (rc)
79 return rc;
80
81 buf = xmalloc (st.st_size+1);
82 if (buf)
83 {
84 size_t rlen = read (fd, buf, st.st_size);
85
86 if (rlen != st.st_size)
87 rc = GPG_ERR_ASS_READ_ERROR;
88 else
89 {
90 buf[rlen] = 0;
91 /* The passphrase may have been truncated do to a nul byte before the
92 * EOF. Better to return an error here rather than passing the
93 * truncated passphrase on. */
94 if (rlen && strlen ((char *)buf) != rlen)
95 rc = GPG_ERR_INV_PASSPHRASE;
96
97 if (!rc)
98 {
99 *result = buf;
100 *len = rlen;
101 }
102 }
103 }
104 else
105 rc = GPG_ERR_ENOMEM;
106
107 close (fd);
108 if (rc)
109 xfree (buf);
110
111 return rc;
112 }
113
114 static gpgme_error_t
115 status_cb (void *data, const char *keyword, const char *args)
116 {
117 struct crypto_s *crypto = data;
118
119 // Cache pushing.
120 if (!crypto->client_ctx)
121 return 0;
122
123 if (!strcmp (keyword, "INQUIRE_MAXLEN") &&
124 (crypto->flags & CRYPTO_FLAG_KEYFILE))
125 return 0;
126
127 return assuan_write_status (crypto->client_ctx, keyword, args);
128 }
129
130 static gpgme_error_t
131 passphrase_cb (void *data, const char *hint, const char *info, int bad, int fd)
132 {
133 struct crypto_s *crypto = data;
134 unsigned char *result = NULL;
135 size_t len;
136 gpg_error_t rc = 0;
137
138 if (crypto->flags & CRYPTO_FLAG_KEYFILE)
139 rc = get_password_file (crypto->keyfile, &result, &len);
140 else
141 {
142 if (hint)
143 rc = assuan_write_status (crypto->client_ctx, "PASSPHRASE_HINT", hint);
144
145 if (!rc && info)
146 rc = assuan_write_status (crypto->client_ctx, "PASSPHRASE_INFO", info);
147
148 if (!rc)
149 {
150 const char *keyword = "PASSPHRASE";
151
152 if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD_SIGN)
153 keyword = "SIGN_PASSPHRASE";
154 else if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD_NEW)
155 {
156 crypto->flags |= CRYPTO_FLAG_PASSWD_SIGN;
157 keyword = "NEW_PASSPHRASE";
158 }
159 else if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD)
160 crypto->flags |= CRYPTO_FLAG_PASSWD_NEW;
161 else if (!bad && crypto->flags & CRYPTO_FLAG_NEWFILE)
162 {
163 keyword = "NEW_PASSPHRASE";
164 if (crypto->save.sigkey)
165 crypto->flags |= CRYPTO_FLAG_PASSWD_SIGN;
166 }
167
168 rc = assuan_inquire (crypto->client_ctx, keyword, &result, &len, 0);
169 }
170 }
171
172 if (!rc)
173 {
174 pthread_cleanup_push ((void *)xfree, result);
175
176 if (!len)
177 gpgme_io_writen (fd, "\n", 1);
178 else
179 {
180 int nl = result[len-1] == '\n';
181 int ret;
182
183 ret = gpgme_io_writen (fd, result, len);
184 if (!ret && !nl)
185 gpgme_io_writen (fd, "\n", 1);
186 else if (ret)
187 rc = GPG_ERR_CANCELED;
188 }
189
190 pthread_cleanup_pop (1);
191 }
192
193 return rc;
194 }
195
196 static void
197 progress_cb (void *data, const char *what, int type, int current, int total)
198 {
199 struct crypto_s *crypto = data;
200
201 crypto->progress_rc = send_status (crypto->client_ctx, STATUS_GPGME,
202 "%s %i %i %i", what, type, current, total);
203 }
204
205 gpgme_error_t
206 crypto_data_to_buf (const gpgme_data_t data, unsigned char **result,
207 size_t *rlen)
208 {
209 off_t ret = gpgme_data_seek (data, 0, SEEK_SET);
210 gpgme_error_t rc;
211 size_t total = 0, size = BUFSIZE;
212 unsigned char *buf = NULL;
213
214 *result = NULL;
215 *rlen = 0;
216
217 if (ret == -1)
218 return gpg_error_from_syserror ();
219
220 buf = xmalloc (size);
221 if (!buf)
222 return GPG_ERR_ENOMEM;
223
224 do
225 {
226 ret = gpgme_data_read (data, &buf[total], BUFSIZE);
227 if (ret > 0)
228 {
229 unsigned char *p;
230
231 total += ret;
232 size += BUFSIZE;
233 p = xrealloc (buf, size * sizeof (unsigned char));
234 if (!p)
235 {
236 xfree (buf);
237 return GPG_ERR_ENOMEM;
238 }
239
240 buf = p;
241 }
242 } while (ret > 0);
243
244 if (ret == -1)
245 {
246 rc = gpgme_err_code_from_syserror ();
247 xfree (buf);
248 return rc;
249 }
250
251 if (!total)
252 xfree (buf);
253 else
254 *result = buf;
255
256 *rlen = total;
257 return 0;
258 }
259
260 gpgme_error_t
261 crypto_list_keys (struct crypto_s *crypto, char *keys[], int secret,
262 gpgme_key_t **result)
263 {
264 gpgme_error_t rc;
265 gpgme_key_t key = NULL, *res = NULL;
266 size_t total = 0;
267
268 rc = gpgme_op_keylist_ext_start (crypto->ctx, (const char **)keys, secret, 0);
269 if (rc)
270 return rc;
271
272 STATUS_TIMEOUT_INIT (crypto);
273 do
274 {
275 gpgme_key_t *p;
276
277 pthread_cleanup_push ((void *)crypto_free_key_list, res);
278 rc = gpgme_op_keylist_next (crypto->ctx, &key);
279 pthread_cleanup_pop (0);
280 if (rc && gpgme_err_code(rc) != GPG_ERR_EOF)
281 break;
282
283 if (rc)
284 {
285 rc = 0;
286 break;
287 }
288
289 p = xrealloc (res, (total+2) * sizeof (gpgme_key_t));
290 if (!p)
291 {
292 rc = GPG_ERR_ENOMEM;
293 break;
294 }
295
296 res = p;
297 res[total++] = key;
298 res[total] = NULL;
299 pthread_cleanup_push ((void *)crypto_free_key_list, res);
300 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
301 pthread_cleanup_pop (0);
302 } while (!rc);
303
304 if (!rc)
305 {
306 rc = gpgme_op_keylist_end (crypto->ctx);
307 if (!rc)
308 {
309 *result = res;
310 rc = total ? 0 : secret ? GPG_ERR_NO_SECKEY : GPG_ERR_NO_PUBKEY;
311 }
312 }
313 else
314 crypto_free_key_list (res);
315
316 return rc;
317 }
318
319 void
320 crypto_free_save (struct save_s *save)
321 {
322 if (!save)
323 return;
324
325 strv_free (save->pubkey);
326 xfree (save->sigkey);
327 xfree (save->userid);
328 xfree (save->algo);
329 crypto_free_key_list (save->mainkey);
330
331 memset (save, 0, sizeof (struct save_s));
332 }
333
334 static void
335 free_gpgme_data_cb (void *data)
336 {
337 gpgme_data_t d = data;
338 char *t;
339 size_t len;
340
341 if (!data)
342 return;
343
344 t = gpgme_data_release_and_get_mem (d, &len);
345 if (t)
346 wipememory (t, 0, len);
347
348 gpgme_free (t);
349 }
350
351 void
352 crypto_free_non_keys (struct crypto_s *crypto)
353 {
354 if (!crypto)
355 return;
356
357 if (crypto->ctx)
358 gpgme_release (crypto->ctx);
359
360 crypto->ctx = NULL;
361 xfree (crypto->plaintext);
362 crypto->plaintext = NULL;
363 crypto->plaintext_size = 0;
364
365 if (crypto->cipher)
366 free_gpgme_data_cb (crypto->cipher);
367
368 crypto->cipher = NULL;
369 crypto_free_save (&crypto->save);
370 xfree (crypto->keyfile);
371 crypto->keyfile = NULL;
372 crypto->flags &= ~CRYPTO_FLAG_KEYFILE;
373 }
374
375 void
376 crypto_free (struct crypto_s *crypto)
377 {
378 if (!crypto)
379 return;
380
381 crypto_free_non_keys (crypto);
382 strv_free (crypto->pubkey);
383 xfree (crypto->sigkey);
384 xfree (crypto->filename);
385 xfree (crypto);
386 }
387
388 gpgme_error_t
389 crypto_init_ctx (struct crypto_s *crypto, int no_pinentry,
390 char *passphrase_file)
391 {
392 gpgme_ctx_t ctx;
393 gpgme_keylist_mode_t keylist_mode;
394 gpgme_error_t rc;
395
396 rc = gpgme_new (&ctx);
397 if (rc)
398 return rc;
399
400 rc = gpgme_set_protocol (ctx, GPGME_PROTOCOL_OPENPGP);
401 if (!rc)
402 {
403 keylist_mode = gpgme_get_keylist_mode (ctx);
404 keylist_mode |= GPGME_KEYLIST_MODE_LOCAL|GPGME_KEYLIST_MODE_WITH_SECRET;
405 rc = gpgme_set_keylist_mode (ctx, keylist_mode);
406 if (!rc)
407 {
408 if (no_pinentry || passphrase_file)
409 rc = gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK);
410 else
411 rc = gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_DEFAULT);
412
413 if (!rc)
414 {
415 gpgme_set_ctx_flag (ctx, "no-symkey-cache", "1");
416 gpgme_set_passphrase_cb (ctx, passphrase_cb, crypto);
417 gpgme_set_progress_cb (ctx, progress_cb, crypto);
418 gpgme_set_status_cb (ctx, status_cb, crypto);
419 crypto->ctx = ctx;
420 crypto->flags = 0;
421
422 if (passphrase_file)
423 {
424 crypto->keyfile = passphrase_file;
425 crypto->flags |= CRYPTO_FLAG_KEYFILE;
426 }
427 }
428 }
429 }
430
431 if (rc)
432 gpgme_release (ctx);
433
434 return rc;
435 }
436
437 void
438 crypto_set_keepalive ()
439 {
440 keepalive = config_get_integer ("global", "keepalive_interval");
441 }
442
443 gpg_error_t
444 crypto_init (struct crypto_s **crypto, void *ctx, const char *filename,
445 int no_pinentry, char *passphrase_file)
446 {
447 struct crypto_s *new = xcalloc (1, sizeof (struct crypto_s));
448 gpgme_error_t rc;
449
450 crypto_set_keepalive ();
451
452 if (!new)
453 return GPG_ERR_ENOMEM;
454
455 rc = crypto_init_ctx (new, no_pinentry, passphrase_file);
456 if (rc)
457 goto fail;
458
459 if (filename)
460 {
461 new->filename = str_dup (filename);
462 if (!new->filename)
463 {
464 rc = GPG_ERR_ENOMEM;
465 goto fail;
466 }
467 }
468
469 new->client_ctx = ctx;
470 *crypto = new;
471 return 0;
472
473 fail:
474 crypto_free (new);
475 return rc;
476 }
477
478 /* Converts a 40 byte key id to the 16 byte form. Needed for comparison of
479 * gpgme_recipient_t.keyid. */
480 gpg_error_t
481 crypto_keyid_to_16b_once (char *key)
482 {
483 size_t len = strlen (key);
484
485 if (len < 16)
486 return GPG_ERR_INV_ARG;
487
488 memmove (&key[0], &key[len-16], 16);
489 key[16] = 0;
490 return 0;
491 }
492
493 gpg_error_t
494 crypto_keyid_to_16b (char **keys)
495 {
496 char **p;
497
498 for (p = keys; p && *p; p++)
499 {
500 gpg_error_t rc = crypto_keyid_to_16b_once (*p);
501 if (rc)
502 return rc;
503 }
504
505 return 0;
506 }
507
508 gpgme_error_t
509 crypto_decrypt (struct client_s *client, struct crypto_s *crypto)
510 {
511 gpgme_data_t plain;
512 gpgme_error_t rc;
513 gpgme_data_t cipher;
514 int fd = -1;
515 struct stat st;
516 char **new_recipients = NULL;
517 char **new_signers = NULL;
518 char **pp;
519 gpgme_decrypt_result_t result;
520
521 rc = gpgme_data_new (&plain);
522 if (rc)
523 return rc;
524
525 if (gpgme_check_version ("1.16.0"))
526 {
527 gpgme_data_set_flag (plain, "io-buffer-size", "4096");
528 gpgme_data_set_flag (plain, "sensitive", "1");
529 }
530
531 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
532 rc = open_check_file (crypto->filename, &fd, &st, 1);
533 if (!rc)
534 {
535 pthread_cleanup_push ((void *)close_fd_cb, &fd);
536 rc = gpgme_data_new_from_fd (&cipher, fd);
537 if (!rc)
538 {
539 pthread_cleanup_push ((void *)free_gpgme_data_cb, cipher);
540 rc = send_status (client ? client->ctx : NULL, STATUS_DECRYPT, NULL);
541 if (!rc)
542 {
543 MUTEX_TRYLOCK ((client ? client->ctx : NULL), &crypto_mutex, rc,
544 (client ? client->lock_timeout : -1));
545 if (!rc)
546 {
547 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
548 rc = gpgme_op_decrypt_verify_start (crypto->ctx, cipher, plain);
549 if (!rc)
550 {
551 STATUS_TIMEOUT_INIT(crypto);
552 do
553 {
554 if (!rc && crypto->progress_rc)
555 rc = crypto->progress_rc;
556 if (!rc)
557 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_DECRYPT, NULL);
558 TEST_CANCEL ();
559 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
560 }
561 pthread_cleanup_pop (1); // release_mutex_cb
562 }
563 }
564 pthread_cleanup_pop (1); // free_gpgme_data_cb (cipher)
565 }
566
567 pthread_cleanup_pop (1); // close (fd)
568 }
569
570 pthread_cleanup_pop (0); // free_gpgme_data_cb (plain)
571
572 if (rc)
573 {
574 free_gpgme_data_cb (plain);
575 return rc;
576 }
577
578 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
579 result = gpgme_op_decrypt_result (crypto->ctx);
580 if (!result->unsupported_algorithm && !result->wrong_key_usage)
581 {
582 gpgme_recipient_t r;
583
584 for (r = result->recipients; r; r = r->next)
585 {
586 pthread_cleanup_push ((void *)strv_free, new_recipients);
587 log_write1 (_ ("%s: recipient: %s, status=%u"),
588 crypto->filename, r->keyid, r->status);
589 pthread_cleanup_pop (0);
590 pp = strv_cat(new_recipients, str_dup (r->keyid));
591 if (!pp)
592 {
593 rc = GPG_ERR_ENOMEM;
594 break;
595 }
596
597 new_recipients = pp;
598 }
599 }
600 else if (result->wrong_key_usage)
601 rc = GPG_ERR_WRONG_KEY_USAGE;
602 else if (result->unsupported_algorithm)
603 rc = GPG_ERR_UNSUPPORTED_ALGORITHM;
604
605 if (!rc)
606 {
607 gpgme_verify_result_t verify;
608 gpgme_signature_t s;
609
610 verify = gpgme_op_verify_result (crypto->ctx);
611 for (s = verify->signatures; s; s = s->next)
612 {
613 unsigned flags = s->summary;
614
615 pthread_cleanup_push ((void *)strv_free, new_signers);
616 log_write1 (_ ("%s: signer: %s, status=%u"),
617 crypto->filename, s->fpr, s->status);
618 pthread_cleanup_pop (0);
619
620 flags &= ~(GPGME_SIGSUM_KEY_EXPIRED|GPGME_SIGSUM_SIG_EXPIRED);
621 if (!flags)
622 flags |= GPGME_SIGSUM_VALID;
623
624 if (gpg_err_code (s->status) == GPG_ERR_KEY_EXPIRED)
625 s->status = 0;
626
627 if (s->status || s->wrong_key_usage || !(flags & GPGME_SIGSUM_VALID))
628 continue;
629
630 pp = strv_cat (new_signers, str_dup (s->fpr));
631 if (!pp)
632 {
633 rc = GPG_ERR_ENOMEM;
634 break;
635 }
636
637 new_signers = pp;
638 }
639
640 if (verify->signatures && !new_signers)
641 rc = GPG_ERR_BAD_SIGNATURE;
642
643 if (!rc)
644 {
645 xfree (crypto->plaintext);
646 crypto->plaintext = NULL;
647 crypto->plaintext_size = 0;
648 pthread_cleanup_push ((void *)strv_free, new_recipients);
649 pthread_cleanup_push ((void *)strv_free, new_signers);
650 rc = crypto_data_to_buf (plain, &crypto->plaintext,
651 &crypto->plaintext_size);
652 pthread_cleanup_pop (0);
653 pthread_cleanup_pop (0);
654 if (!rc)
655 {
656 strv_free (crypto->pubkey);
657 crypto->pubkey = new_recipients;
658 crypto_keyid_to_16b (crypto->pubkey);
659
660 xfree (crypto->sigkey);
661 crypto->sigkey = NULL;
662 if (new_signers)
663 {
664 crypto->sigkey = str_dup (*new_signers);
665 strv_free (new_signers);
666 crypto_keyid_to_16b_once (crypto->sigkey);
667 }
668 }
669 }
670 }
671
672 if (rc)
673 {
674 strv_free (new_recipients);
675 strv_free (new_signers);
676 }
677
678 pthread_cleanup_pop (1); // free_gpgme_data_cb (plain)
679 return rc;
680 }
681
682 void
683 crypto_free_key_list (gpgme_key_t *keys)
684 {
685 int i;
686
687 for (i = 0; keys && keys[i]; i++)
688 gpgme_key_unref (keys[i]);
689
690 xfree (keys);
691 }
692
693 /* Removes strings in 'prune' from 'a'. */
694 static char **
695 prune_keys (char **a, char **prune)
696 {
697 char **p;
698
699 for (p = prune; p && *p; p++)
700 {
701 char **ap;
702
703 for (ap = a; ap && *ap; ap++)
704 {
705 if (!strcmp (*ap, *p))
706 {
707 while (*ap)
708 {
709 *ap = *(ap+1);
710 ap++;
711 }
712 }
713 }
714 }
715
716 return a;
717 }
718
719 static void
720 remove_duplicates (char **a)
721 {
722 char **p;
723
724 for (p = a; p && *p; p++)
725 {
726 char **t;
727
728 for (t = p+1; t && *t; t++)
729 {
730 if (!strcmp (*p, *t))
731 {
732 char *tmp = *t;
733
734 while (*(t+1))
735 {
736 *t = *(t+1);
737 t++;
738 }
739
740 *t = NULL;
741 xfree (tmp);
742 remove_duplicates (a);
743 return;
744 }
745 }
746 }
747 }
748
749 gpgme_error_t
750 crypto_encrypt (struct client_s *client, struct crypto_s *crypto)
751 {
752 gpgme_error_t rc;
753 gpgme_data_t cipher = NULL;
754 gpgme_key_t *keys = NULL;
755 gpgme_key_t *sigkeys = NULL;
756 unsigned flags = 0;
757 int sign = 0;
758
759 if (!((crypto->flags & CRYPTO_FLAG_SYMMETRIC)))
760 {
761 crypto_keyid_to_16b (crypto->save.pubkey);
762 remove_duplicates (crypto->save.pubkey);
763 rc = crypto_list_keys (crypto, crypto->save.pubkey, 0, &keys);
764 if (rc)
765 return rc;
766 }
767
768 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
769 rc = gpgme_data_new (&cipher);
770 pthread_cleanup_push ((void *)free_gpgme_data_cb, cipher);
771 if (!rc)
772 rc = gpgme_data_set_file_name (cipher, crypto->filename);
773
774 if (!rc && crypto->save.sigkey)
775 {
776 char **tmp = NULL;
777
778 crypto_keyid_to_16b_once (crypto->save.sigkey);
779 strv_printf (&tmp, "%s", crypto->save.sigkey);
780 pthread_cleanup_push ((void *)strv_free, tmp);
781 rc = crypto_list_keys (crypto, tmp, 1, &sigkeys);
782 pthread_cleanup_pop (1);
783 if (gpg_err_code (rc) == GPG_ERR_NO_DATA)
784 rc = 0;
785 }
786
787 if (!rc)
788 {
789 gpgme_data_t plain = NULL;
790
791 pthread_cleanup_push ((void *)crypto_free_key_list, sigkeys);
792 rc = gpgme_data_new_from_mem (&plain, (char *)crypto->plaintext,
793 crypto->plaintext_size, 0);
794 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
795 if (!rc)
796 {
797 int i;
798
799 gpgme_signers_clear (crypto->ctx);
800
801 for (i = 0; sigkeys && sigkeys[i]; i++)
802 gpgme_signers_add (crypto->ctx, sigkeys[i]);
803 }
804
805 if (!rc)
806 {
807 gpgme_data_set_encoding (cipher, GPGME_DATA_ENCODING_ARMOR);
808 rc = send_status (client ? client->ctx : NULL, STATUS_ENCRYPT, NULL);
809 }
810
811 if (!rc)
812 {
813 int f = config_get_boolean ("global", "encrypt_to");
814
815 if (!f)
816 flags |= GPGME_ENCRYPT_NO_ENCRYPT_TO;
817
818 f = config_get_boolean ("global", "always_trust");
819 if (f)
820 flags |= GPGME_ENCRYPT_ALWAYS_TRUST;
821
822 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC)
823 || (crypto->flags & CRYPTO_FLAG_SYMMETRIC && sigkeys))
824 sign = 1;
825 }
826
827 if (!rc)
828 MUTEX_TRYLOCK ((client ? client->ctx : NULL), &crypto_mutex, rc,
829 (client ? client->lock_timeout : -1));
830
831 if (!rc)
832 {
833 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
834 if (sign)
835 rc = gpgme_op_encrypt_sign_start (crypto->ctx, keys, flags, plain,
836 cipher);
837 else
838 rc = gpgme_op_encrypt_start (crypto->ctx, NULL, flags, plain,
839 cipher);
840 if (!rc)
841 {
842 STATUS_TIMEOUT_INIT (crypto);
843 do
844 {
845 if (!rc && crypto->progress_rc)
846 rc = crypto->progress_rc;
847 if (!rc)
848 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_ENCRYPT, NULL);
849 TEST_CANCEL();
850 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
851 }
852 pthread_cleanup_pop (1);
853
854 if (!rc)
855 {
856 gpgme_encrypt_result_t result;
857 gpgme_sign_result_t sresult;
858 gpgme_invalid_key_t inv;
859 gpgme_new_signature_t sigs;
860 char **prune = NULL;
861 char **p = NULL;
862
863 result = gpgme_op_encrypt_result (crypto->ctx);
864 inv = result->invalid_recipients;
865 while (inv)
866 {
867 pthread_cleanup_push ((void *)strv_free, prune);
868 log_write1 (_ ("%s: invalid recipient: %s, rc=%u"),
869 crypto->filename, inv->fpr, inv->reason);
870 pthread_cleanup_pop (0);
871 p = strv_cat (prune, str_dup(inv->fpr));
872 if (!p)
873 {
874 rc = GPG_ERR_ENOMEM;
875 strv_free (prune);
876 break;
877 }
878
879 prune = p;
880 inv = inv->next;
881 }
882
883 if (prune)
884 {
885 p = prune_keys (crypto->save.pubkey, prune);
886 crypto->save.pubkey = p;
887 strv_free (prune);
888 }
889
890 crypto_keyid_to_16b (crypto->save.pubkey);
891 sresult = gpgme_op_sign_result (crypto->ctx);
892 inv = sresult ? sresult->invalid_signers : NULL;
893 while (!rc && inv)
894 {
895 log_write1 (_ ("%s: invalid signer: %s, rc=%u"),
896 crypto->filename, inv->fpr, inv->reason);
897 inv = inv->next;
898 }
899
900 sigs = sresult ? sresult->signatures : NULL;
901 if (!rc && sigs)
902 {
903 p = NULL;
904
905 while (sigs)
906 {
907 char **pp;
908
909 pthread_cleanup_push ((void *)strv_free, p);
910 log_write1 (_ ("%s: signer: %s"), crypto->filename,
911 sigs->fpr);
912 pthread_cleanup_pop (0);
913
914 pp = strv_cat (p, str_dup (sigs->fpr));
915 if (!pp)
916 {
917 rc = GPG_ERR_ENOMEM;
918 strv_free (p);
919 break;
920 }
921
922 p = pp;
923 sigs = sigs->next;
924 }
925
926 if (!rc)
927 {
928 xfree (crypto->save.sigkey);
929 crypto->save.sigkey = str_dup (*p);
930 strv_free (p);
931 crypto_keyid_to_16b_once (crypto->save.sigkey);
932 crypto->cipher = cipher;
933 }
934 }
935 else if (!rc && crypto->flags & CRYPTO_FLAG_SYMMETRIC)
936 {
937 crypto->cipher = cipher;
938 }
939 else if (!rc)
940 {
941 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC)
942 || (crypto->flags & CRYPTO_FLAG_SYMMETRIC && sigkeys))
943 rc = GPG_ERR_NO_SIGNATURE_SCHEME;
944 }
945 }
946 }
947
948 pthread_cleanup_pop (1); // free_gpgme_data_cb (plain)
949 pthread_cleanup_pop (1); // crypto_free_key_list (sigkeys)
950 }
951
952 pthread_cleanup_pop (0); // free_gpgme_data_cb (cipher)
953 pthread_cleanup_pop (1); // crypto_free_key_list (keys)
954
955 if (rc)
956 free_gpgme_data_cb (cipher);
957
958 return rc;
959 }
960
961 gpgme_error_t
962 crypto_passwd (struct client_s *client, struct crypto_s *crypto)
963 {
964 gpgme_error_t rc;
965 gpgme_key_t *keys = NULL;
966
967 /* Use SAVE instead for symmetric files. */
968 rc = crypto_is_symmetric (client->filename);
969 if (!rc || rc != GPG_ERR_BAD_DATA)
970 return !rc ? GPG_ERR_NOT_SUPPORTED : rc;
971
972 /* Cannot change the passphrase of a key stored on a smartcard. Use
973 * gpg --card-edit instead. */
974 rc = cache_is_shadowed (client->filename);
975 if (!rc)
976 return GPG_ERR_NOT_SUPPORTED;
977 else if (rc != GPG_ERR_NO_DATA)
978 return rc;
979
980 rc = crypto_list_keys (crypto, crypto->pubkey, 1, &keys);
981 if (rc)
982 return rc;
983
984 crypto->flags |= CRYPTO_FLAG_PASSWD;
985 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
986 rc = send_status (client->ctx, STATUS_KEEPALIVE, NULL);
987 if (!rc)
988 MUTEX_TRYLOCK (client->ctx, &crypto_mutex, rc, client->lock_timeout);
989
990 if (!rc)
991 {
992 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
993 rc = gpgme_op_passwd_start (crypto->ctx, keys[0], 0);
994 if (!rc)
995 {
996 STATUS_TIMEOUT_INIT (crypto);
997 do
998 {
999 if (!rc && crypto->progress_rc)
1000 rc = crypto->progress_rc;
1001 if (!rc)
1002 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
1003 TEST_CANCEL();
1004 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
1005 }
1006 pthread_cleanup_pop (1);
1007 }
1008
1009 pthread_cleanup_pop (1);
1010 return rc;
1011 }
1012
1013 /* Generate a new key pair. The resulting keyid's are stored in crypto->save.
1014 */
1015 gpgme_error_t
1016 crypto_genkey (struct client_s *client, struct crypto_s *crypto)
1017 {
1018 gpgme_error_t rc;
1019
1020 rc = send_status (client ? client->ctx : NULL, STATUS_GENKEY, NULL);
1021 if (!rc)
1022 MUTEX_TRYLOCK ((client ? client->ctx : NULL), &crypto_mutex, rc,
1023 (client ? client->lock_timeout : 0));
1024
1025 if (!rc)
1026 {
1027 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
1028 if (crypto->save.mainkey)
1029 {
1030 rc = gpgme_op_createsubkey_start (crypto->ctx,
1031 crypto->save.mainkey[0],
1032 crypto->save.algo,
1033 0,
1034 crypto->save.expire,
1035 crypto->save.flags);
1036 }
1037 else
1038 {
1039 rc = gpgme_op_createkey_start (crypto->ctx,
1040 crypto->save.userid,
1041 crypto->save.algo,
1042 0,
1043 crypto->save.expire,
1044 NULL,
1045 crypto->save.flags);
1046 }
1047
1048 if (!rc)
1049 {
1050 STATUS_TIMEOUT_INIT (crypto);
1051 do
1052 {
1053 if (!rc && crypto->progress_rc)
1054 rc = crypto->progress_rc;
1055 if (!rc)
1056 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_GENKEY, NULL);
1057 TEST_CANCEL();
1058 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
1059 }
1060 pthread_cleanup_pop (1);
1061 }
1062
1063 if (!rc)
1064 {
1065 gpgme_key_t *keys = NULL;
1066 gpgme_genkey_result_t result;
1067
1068 result = gpgme_op_genkey_result (crypto->ctx);
1069 xfree (crypto->save.sigkey);
1070 crypto->save.sigkey = str_dup (result->fpr);
1071 crypto_keyid_to_16b_once (crypto->save.sigkey);
1072
1073 if (!rc)
1074 {
1075 char **tmp = NULL;
1076
1077 strv_printf (&tmp, "%s", crypto->save.sigkey);
1078 pthread_cleanup_push ((void *)strv_free, tmp);
1079 rc = crypto_list_keys (crypto, tmp, 1, &keys);
1080 pthread_cleanup_pop (1);
1081 }
1082
1083 if (!rc)
1084 {
1085 gpgme_subkey_t key = keys[0]->subkeys;
1086
1087 for (; key; key = key->next)
1088 {
1089 if (key->can_encrypt)
1090 break;
1091 }
1092
1093 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
1094 rc = send_status (client ? client->ctx : NULL, STATUS_GENKEY, "%s %s",
1095 crypto->save.sigkey, key ? key->fpr : "");
1096 if (!rc && key)
1097 {
1098 crypto->save.pubkey = strv_cat (crypto->save.pubkey,
1099 str_dup (key->fpr));
1100 crypto_keyid_to_16b (crypto->save.pubkey);
1101 }
1102
1103 pthread_cleanup_pop (1);
1104 }
1105 }
1106
1107 return rc;
1108 }
1109
1110 #ifdef WITH_LIBACL
1111 static void
1112 acl_free_cb (void *arg)
1113 {
1114 acl_t acl = arg ? (acl_t) arg : NULL;
1115
1116 if (acl)
1117 acl_free (acl);
1118 }
1119 #endif
1120
1121 /* The advisory lock should be obtained before calling this function. */
1122 gpg_error_t
1123 crypto_write_file (struct crypto_s *crypto, unsigned char **r_crc,
1124 size_t *r_crclen)
1125 {
1126 unsigned char *buf;
1127 size_t size, len;
1128 int fd;
1129 gpg_error_t rc;
1130 char tmp[PATH_MAX];
1131 struct stat st;
1132 mode_t mode = 0600;
1133 #ifdef WITH_LIBACL
1134 acl_t acl = NULL;
1135 #endif
1136
1137 if (crypto->filename)
1138 {
1139 if (lstat (crypto->filename, &st) == 0)
1140 {
1141 mode = st.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
1142
1143 if (!(mode & S_IWUSR))
1144 return GPG_ERR_EACCES;
1145 }
1146 else if (errno != ENOENT)
1147 return gpg_error_from_errno (errno);
1148
1149 snprintf (tmp, sizeof (tmp), "%s.XXXXXX", crypto->filename);
1150 mode_t tmode = umask (0600);
1151 fd = mkstemp (tmp);
1152 if (fd == -1)
1153 {
1154 rc = gpg_error_from_errno (errno);
1155 umask (tmode);
1156 log_write ("%s: %s", tmp, pwmd_strerror (rc));
1157 return rc;
1158 }
1159
1160 umask (tmode);
1161 }
1162 else
1163 fd = STDOUT_FILENO;
1164
1165 rc = crypto_data_to_buf (crypto->cipher, &buf, &size);
1166 if (rc)
1167 {
1168 if (crypto->filename)
1169 close (fd);
1170 return rc;
1171 }
1172
1173 pthread_cleanup_push ((void *)close_fd_cb, &fd);
1174 if (r_crc)
1175 rc = get_checksum_memory (buf, size, r_crc, r_crclen);
1176
1177 if (!rc)
1178 {
1179 pthread_cleanup_push ((void *)xfree, buf);
1180 len = write (fd, buf, size);
1181 pthread_cleanup_pop (1);
1182 if (len != size)
1183 rc = gpg_error_from_errno (errno);
1184 }
1185
1186 if (!rc)
1187 {
1188 if (fsync (fd) != -1)
1189 {
1190 if (crypto->filename && close (fd) != -1)
1191 {
1192 #ifdef WITH_LIBACL
1193 acl = acl_get_file (crypto->filename, ACL_TYPE_ACCESS);
1194 if (!acl && errno == ENOENT)
1195 acl = acl_get_file (".", ACL_TYPE_DEFAULT);
1196 if (!acl)
1197 log_write ("ACL: %s: %s", crypto->filename,
1198 pwmd_strerror (gpg_error_from_errno (errno)));
1199 pthread_cleanup_push ((void *)acl_free_cb, acl);
1200 #endif
1201
1202 fd = -1;
1203 if (config_get_boolean (crypto->filename, "backup"))
1204 {
1205 char tmp2[PATH_MAX];
1206
1207 snprintf (tmp2, sizeof (tmp2), "%s.backup", crypto->filename);
1208 if (rename (crypto->filename, tmp2) == -1)
1209 if (errno != ENOENT)
1210 rc = gpg_error_from_errno (errno);
1211 }
1212
1213 if (!rc && rename (tmp, crypto->filename) == -1)
1214 rc = gpg_error_from_errno (errno);
1215
1216 if (!rc)
1217 {
1218 if (chmod (crypto->filename, mode) == -1)
1219 log_write ("%s(%u): %s", __FILE__, __LINE__,
1220 pwmd_strerror (gpg_error_from_syserror ()));
1221 }
1222 #ifdef WITH_LIBACL
1223 if (!rc && acl && acl_set_file (crypto->filename,
1224 ACL_TYPE_ACCESS, acl))
1225 log_write ("ACL: %s: %s", crypto->filename,
1226 pwmd_strerror (gpg_error_from_errno (errno)));
1227 pthread_cleanup_pop (1);
1228 #endif
1229 }
1230 else if (crypto->filename)
1231 rc = gpg_error_from_errno (errno);
1232
1233 if (!rc && fd != -1)
1234 {
1235 char *datadir = str_asprintf ("%s/data", homedir);
1236
1237 if (datadir)
1238 {
1239 int dfd = open (datadir, O_RDONLY);
1240
1241 if (dfd != -1)
1242 {
1243 if (fsync (dfd) == -1)
1244 log_write ("%s %d: %s", __FILE__, __LINE__,
1245 pwmd_strerror (errno));
1246
1247 close (dfd);
1248 }
1249 else
1250 log_write ("%s %d: %s", __FILE__, __LINE__,
1251 pwmd_strerror (errno));
1252
1253 xfree (datadir);
1254 }
1255 }
1256 }
1257 else
1258 rc = gpg_error_from_errno (errno);
1259 }
1260
1261 pthread_cleanup_pop (0); // close (fd)
1262 if (fd != -1)
1263 close (fd);
1264
1265 return rc;
1266 }
1267
1268 char *
1269 crypto_key_info (const gpgme_key_t key)
1270 {
1271 struct string_s *string = string_new (NULL), *s;
1272 char *line = NULL;
1273 unsigned n, u;
1274 gpgme_subkey_t subkey;
1275 gpgme_user_id_t uid;
1276
1277 if (!string)
1278 return NULL;
1279
1280 for (u = 0, uid = key->uids; uid; uid = uid->next)
1281 u++;
1282
1283 for (n = 0, subkey = key->subkeys; subkey; subkey = subkey->next)
1284 n++;
1285
1286 s = string_append_printf (string, "%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%i:%s:%s:%s:%i:%u:%u",
1287 key->revoked, key->expired, key->disabled,
1288 key->invalid, key->can_encrypt, key->can_sign,
1289 key->can_certify, key->secret,
1290 key->can_authenticate, key->is_qualified,
1291 key->protocol,
1292 key->issuer_serial ? key->issuer_serial : "",
1293 key->issuer_name ? key->issuer_name : "",
1294 key->chain_id ? key->chain_id : "",
1295 key->owner_trust, u, n);
1296 if (!s)
1297 {
1298 string_free (string, 1);
1299 return NULL;
1300 }
1301
1302 string = s;
1303 for (subkey = key->subkeys; subkey; subkey = subkey->next)
1304 {
1305 char *tmp;
1306
1307 s = string_append_printf (string, ":%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%i:%u",
1308 subkey->revoked, subkey->expired,
1309 subkey->disabled, subkey->invalid,
1310 subkey->can_encrypt, subkey->can_sign,
1311 subkey->can_certify, subkey->secret,
1312 subkey->can_authenticate, subkey->is_qualified,
1313 subkey->is_cardkey, subkey->pubkey_algo,
1314 subkey->length);
1315 if (!s)
1316 {
1317 string_free (string, 1);
1318 return NULL;
1319 }
1320
1321 string = s;
1322 s = string_append_printf (string, ":%s:%s:%s:%li:%li:%s",
1323 subkey->keyid, subkey->fpr,
1324 subkey->keygrip ? subkey->keygrip : "",
1325 subkey->timestamp, subkey->expires,
1326 subkey->card_number ? subkey->card_number : "0");
1327 if (!s)
1328 {
1329 string_free (string, 1);
1330 return NULL;
1331 }
1332
1333 string = s;
1334 tmp = gnupg_escape (subkey->curve);
1335 s = string_append_printf (string, ":%s", tmp ? tmp : "");
1336 xfree (tmp);
1337 if (!s)
1338 {
1339 string_free (string, 1);
1340 return NULL;
1341 }
1342
1343 string = s;
1344 }
1345
1346 for (uid = key->uids; uid; uid = uid->next)
1347 {
1348 char *userid, *name, *email, *comment;
1349
1350 userid = gnupg_escape (uid->uid);
1351 name = gnupg_escape (uid->name);
1352 email = gnupg_escape (uid->email);
1353 comment = gnupg_escape (uid->comment);
1354 s = string_append_printf (string, ":%u:%u:%u:%s:%s:%s:%s",
1355 uid->revoked, uid->invalid, uid->validity,
1356 userid ? userid : "",
1357 name ? name : "",
1358 email ? email : "",
1359 comment ? comment : "");
1360 xfree (userid);
1361 xfree (name);
1362 xfree (email);
1363 xfree (comment);
1364 if (!s)
1365 {
1366 string_free (string, 1);
1367 return NULL;
1368 }
1369
1370 string = s;
1371 }
1372
1373 line = string->str;
1374 string_free (string, 0);
1375 return line;
1376 }
1377
1378 gpg_error_t
1379 crypto_try_decrypt (struct client_s *client, int no_pinentry)
1380 {
1381 struct crypto_s *crypto;
1382 gpg_error_t rc;
1383 char *keyfile = config_get_string (client->filename, "passphrase_file");
1384
1385 rc = crypto_init (&crypto, client->ctx, client->filename, no_pinentry,
1386 keyfile);
1387 if (!rc)
1388 {
1389 pthread_cleanup_push ((void *)crypto_free, crypto);
1390 rc = crypto_decrypt (client, crypto);
1391 pthread_cleanup_pop (1);
1392 }
1393 else
1394 xfree (keyfile);
1395
1396 return rc;
1397 }
1398
1399 /* The advisory lock should be obtained before calling this function. */
1400 gpg_error_t
1401 crypto_is_symmetric (const char *filename)
1402 {
1403 int fd;
1404 uint8_t magic[2];
1405 ssize_t len;
1406 gpg_error_t rc;
1407
1408 rc = open_check_file (filename, &fd, NULL, 1);
1409 if (rc)
1410 return rc;
1411
1412 len = read (fd, &magic, sizeof(magic));
1413 close (fd);
1414 if (len != sizeof (magic))
1415 return GPG_ERR_INV_VALUE;
1416
1417 // Always read as big endian.
1418 if (magic[0] != 0x8c || magic[1] != 0x0d)
1419 return GPG_ERR_BAD_DATA;
1420
1421 return 0;
1422 }
1423
1424 gpg_error_t
1425 crypto_delete_key (struct client_s *client, struct crypto_s *crypto,
1426 const gpgme_key_t key, int secret)
1427 {
1428 gpg_error_t rc;
1429
1430 STATUS_TIMEOUT_INIT (crypto);
1431 rc = gpgme_op_delete_ext_start (crypto->ctx, key, GPGME_DELETE_FORCE
1432 | GPGME_DELETE_ALLOW_SECRET);
1433 if (rc)
1434 return rc;
1435
1436 do
1437 {
1438 if (!rc && crypto->progress_rc)
1439 rc = crypto->progress_rc;
1440
1441 if (!rc)
1442 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
1443
1444 if (rc)
1445 break;
1446 } while (!gpgme_wait (crypto->ctx, &rc, 0) && !rc);
1447
1448 return rc;
1449 }
A server for managing passphrases and anything else.