search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Include <sys/types.h> when checking for SO_BINDTODEVICE.
[libpwmd.git] / src / agent.c
blob6a4a1a363fd43df0141cd8b8fd24f34c9cfb81ee
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012
3 Ben Kibbey <bjk@luxsci.net>
4
5 This file is part of pwmd.
6
7 Pwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
11
12 Pwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
19 */
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include <stdlib.h>
25 #include <errno.h>
26 #include <pwd.h>
27 #include <sys/types.h>
28 #include <signal.h>
29 #include <sys/wait.h>
30 #include <fcntl.h>
31 #include <dirent.h>
32
33 #ifdef WITH_LIBACL
34 #include <sys/acl.h>
35 #endif
36
37 #ifdef HAVE_LIMITS_H
38 #include <limits.h>
39 #endif
40
41 #include "pwmd-error.h"
42 #include "mem.h"
43 #include "common.h"
44 #include "commands.h"
45 #include "agent.h"
46 #include "util-misc.h"
47 #include "util-string.h"
48 #include "mutex.h"
49 #include "rcfile.h"
50 #include "cache.h"
51 #include "cipher.h"
52
53 static uint8_t pwmd_magic[5] = { '\177', 'P', 'W', 'M', 'D' };
54
55 static gpg_error_t
56 mem_realloc_cb (void *data, const void *buffer, size_t len)
57 {
58 membuf_t *mem = (membuf_t *) data;
59 void *p;
60
61 if (!buffer)
62 return 0;
63
64 if ((p = xrealloc (mem->buf, mem->len + len)) == NULL)
65 return 1;
66
67 mem->buf = p;
68 memcpy ((char *) mem->buf + mem->len, buffer, len);
69 mem->len += len;
70 return 0;
71 }
72
73 static gpg_error_t
74 status_cb (void *data, const char *line)
75 {
76 struct agent_s *agent = data;
77
78 agent->inquire_maxlen = 0;
79
80 if (!strncmp (line, "INQUIRE_MAXLEN ", 15))
81 {
82 agent->inquire_maxlen = atoi (line + 15);
83 if (!agent->client_ctx)
84 return 0;
85 }
86
87 return send_status (agent->client_ctx, STATUS_AGENT, "%s", line);
88 }
89
90 static gpg_error_t
91 assuan_command (struct agent_s *a, char **result,
92 size_t * len, const char *cmd)
93 {
94 gpg_error_t rc;
95
96 a->data.len = 0;
97 a->data.buf = NULL;
98 if (result)
99 *result = NULL;
100 if (len)
101 *len = 0;
102 rc = assuan_transact (a->ctx, cmd, mem_realloc_cb, &a->data,
103 a->inquire_cb, a->inquire_data, status_cb, a);
104
105 if (rc)
106 xfree (a->data.buf);
107 else
108 {
109 if (a->data.buf)
110 {
111 mem_realloc_cb (&a->data, "", 1);
112 if (result)
113 *result = (char *) a->data.buf;
114 else
115 xfree (a->data.buf);
116
117 if (len)
118 *len = a->data.len;
119 }
120 }
121
122 return rc;
123 }
124
125 /* This commands are sent from launch_agent() after reconnecting to the agent
126 * and also from the initial client connection. */
127 static gpg_error_t
128 send_agent_common_options (struct agent_s *agent)
129 {
130 gpg_error_t rc;
131
132 rc = send_to_agent (agent, NULL, NULL, "OPTION cache-ttl-opt-preset=-1");
133 return rc;
134 }
135
136 static gpg_error_t
137 launch_agent (struct agent_s *agent)
138 {
139 gpg_error_t rc;
140 assuan_context_t ctx;
141 const char *t = NULL;
142 static struct assuan_malloc_hooks mhooks = { xmalloc, xrealloc, xfree };
143 char *s, buf[LINE_MAX];
144 FILE *fp;
145
146 s = config_get_string ("global", "agent_env_file");
147 if (s)
148 {
149 char *ss = expand_homedir (s);
150 char *p;
151
152 fp = fopen (ss, "r");
153 xfree (ss);
154
155 if (fp)
156 {
157 while ((p = fgets (buf, sizeof (buf), fp)))
158 {
159 p = str_chomp (p);
160 if (!strncmp (p, "GPG_AGENT_INFO=", strlen ("GPG_AGENT_INFO=")))
161 {
162 setenv ("GPG_AGENT_INFO", p + strlen ("GPG_AGENT_INFO="),
163 1);
164 break;
165 }
166 }
167
168 fclose (fp);
169 }
170 else
171 log_write ("%s: %s", s, pwmd_strerror (gpg_error_from_syserror ()));
172
173 xfree (s);
174 }
175
176 t = getenv ("GPG_AGENT_INFO");
177 if (!t)
178 return gpg_error (GPG_ERR_NO_AGENT);
179
180 rc = assuan_new_ext (&ctx, GPG_ERR_SOURCE_DEFAULT, &mhooks,
181 debug_level ? assuan_log_cb : NULL, "AGENT ");
182 if (rc)
183 return rc;
184
185 char **fields = str_split (t, ":", 0);
186 rc = assuan_socket_connect (ctx, fields[0], ASSUAN_INVALID_PID, 0);
187 strv_free (fields);
188 if (rc)
189 {
190 assuan_release (ctx);
191 return rc;
192 }
193
194 if (agent->ctx)
195 {
196 /* Restore the previous agent settings for this new context. */
197 assuan_release (agent->ctx);
198 agent->ctx = ctx;
199 rc = send_agent_common_options (agent);
200 if (!rc && agent->display)
201 rc = set_agent_option (agent, "display", agent->display);
202
203 if (!rc && agent->ttyname)
204 rc = set_agent_option (agent, "ttyname", agent->ttyname);
205
206 if (!rc && agent->ttytype)
207 rc = set_agent_option (agent, "ttytype", agent->ttytype);
208
209 if (!rc && agent->lc_messages)
210 rc = set_agent_option (agent, "lc-messages", agent->lc_messages);
211
212 if (!rc && agent->lc_ctype)
213 rc = set_agent_option (agent, "lc-ctype", agent->lc_ctype);
214 }
215
216 agent->ctx = ctx;
217 return 0;
218 }
219
220 gpg_error_t
221 send_to_agent (struct agent_s * agent, char **result, size_t * len,
222 const char *fmt, ...)
223 {
224 gpg_error_t rc = 0;
225 va_list ap;
226 char *cmd;
227
228 if (!agent->ctx)
229 {
230 rc = launch_agent (agent);
231 if (rc)
232 return rc;
233 }
234
235 va_start (ap, fmt);
236 if (str_vasprintf (&cmd, fmt, ap) > 0)
237 {
238 rc = assuan_command (agent, result, len, cmd);
239 if (!agent->restart && gpg_err_source (rc) == GPG_ERR_SOURCE_DEFAULT
240 && (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED
241 || gpg_err_code (rc) == GPG_ERR_EPIPE))
242 {
243 unsetenv ("GPG_AGENT_INFO");
244 agent->restart = 1;
245 rc = launch_agent (agent);
246 if (!rc)
247 rc = assuan_command (agent, result, len, cmd);
248 }
249
250 agent->restart = 0;
251 xfree (cmd);
252 }
253 else
254 rc = GPG_ERR_ENOMEM;
255
256 va_end (ap);
257 return rc;
258 }
259
260 static void
261 agent_disconnect (struct agent_s *agent)
262 {
263 if (!agent)
264 return;
265
266 if (agent->ctx)
267 assuan_release (agent->ctx);
268
269 agent->ctx = NULL;
270 }
271
272 void
273 cleanup_agent (struct agent_s *agent)
274 {
275 if (!agent)
276 return;
277
278 xfree (agent->desc);
279 xfree (agent->display);
280 xfree (agent->ttyname);
281 xfree (agent->ttytype);
282 xfree (agent->lc_messages);
283 xfree (agent->lc_ctype);
284
285 if (agent->ctx)
286 agent_disconnect (agent);
287
288 xfree (agent);
289 }
290
291 gpg_error_t
292 agent_init (struct agent_s **agent)
293 {
294 struct agent_s *new = xcalloc (1, sizeof (struct agent_s));
295
296 if (!new)
297 return GPG_ERR_ENOMEM;
298
299 *agent = new;
300 return 0;
301 }
302
303 void
304 set_header_defaults (file_header_t * hdr)
305 {
306 char *s = config_get_string (NULL, "cipher");
307 int flags = cipher_string_to_cipher (s);
308
309 xfree (s);
310 memset (hdr, 0, sizeof (file_header_t));
311 memcpy (hdr->magic, pwmd_magic, sizeof (hdr->magic));
312 if (flags == -1)
313 log_write (_
314 ("Invalid 'cipher' in configuration file. Using a default of aes256."));
315 hdr->flags = flags == -1 ? PWMD_CIPHER_AES256 : flags;
316 hdr->version = VERSION_HEX;
317 }
318
319 gpg_error_t
320 read_data_header (const char *filename, file_header_t * rhdr,
321 struct stat *rst, int *rfd)
322 {
323 gpg_error_t rc = 0;
324 size_t len;
325 struct stat st;
326 file_header_t hdr;
327 int fd;
328
329 if (lstat (filename, &st) == -1)
330 return gpg_error_from_syserror ();
331
332 if (!S_ISREG (st.st_mode))
333 return GPG_ERR_ENOANO;
334
335 fd = open (filename, O_RDONLY);
336 if (fd == -1)
337 return gpg_error_from_syserror ();
338
339 len = read (fd, &hdr, sizeof (file_header_t));
340 if (len != sizeof (file_header_t))
341 rc = rc == -1 ? gpg_error_from_syserror () : GPG_ERR_BAD_DATA;
342
343 if (!rc && memcmp (hdr.magic, pwmd_magic, sizeof (hdr.magic)))
344 rc = GPG_ERR_BAD_DATA;
345 else if (hdr.version < 0x030000)
346 rc = GPG_ERR_UNKNOWN_VERSION;
347
348 if (rc)
349 close (fd);
350 else
351 {
352 if (rhdr)
353 *rhdr = hdr;
354 if (rst)
355 *rst = st;
356 if (rfd)
357 *rfd = fd;
358 else
359 close (fd);
360 }
361
362 return rc;
363 }
364
365 gpg_error_t
366 read_data_file (const char *filename, struct crypto_s * crypto)
367 {
368 int fd;
369 gpg_error_t rc = 0;
370 size_t len, rlen;
371 char *buf = NULL;
372 struct stat st;
373
374 cleanup_crypto_stage1 (crypto);
375 rc = read_data_header (filename, &crypto->hdr, &st, &fd);
376 if (rc)
377 return rc;
378
379 crypto->ciphertext_len = crypto->hdr.datalen;
380 crypto->ciphertext = xmalloc (crypto->hdr.datalen);
381 if (!crypto->ciphertext)
382 {
383 rc = GPG_ERR_ENOMEM;
384 goto fail;
385 }
386
387 rlen = read (fd, crypto->grip, 20);
388 if (rlen != 20)
389 {
390 rc = rc == -1 ? gpg_error_from_syserror () : GPG_ERR_BAD_DATA;
391 goto fail;
392 }
393
394 rlen = read (fd, crypto->sign_grip, 20);
395 if (rlen != 20)
396 {
397 rc = rc == -1 ? gpg_error_from_syserror () : GPG_ERR_BAD_DATA;
398 goto fail;
399 }
400
401 len = read (fd, crypto->ciphertext, crypto->hdr.datalen);
402 if (len != crypto->hdr.datalen)
403 {
404 rc = rc == -1 ? gpg_error_from_syserror () : GPG_ERR_BAD_DATA;
405 goto fail;
406 }
407
408 len = st.st_size - sizeof (file_header_t) - crypto->hdr.datalen - 40;
409 buf = xmalloc (len);
410 if (!buf)
411 {
412 rc = GPG_ERR_ENOMEM;
413 goto fail;
414 }
415
416 rlen = read (fd, buf, len);
417 if (rlen != len)
418 {
419 rc = rc == -1 ? gpg_error_from_syserror () : GPG_ERR_BAD_DATA;
420 goto fail;
421 }
422
423 rc = gcry_sexp_new (&crypto->ciphertext_sexp, buf, rlen, 1);
424 if (rc)
425 goto fail;
426
427 if (crypto->pkey_sexp)
428 gcry_sexp_release (crypto->pkey_sexp);
429
430 if (crypto->sigpkey_sexp)
431 gcry_sexp_release (crypto->sigpkey_sexp);
432
433 crypto->pkey_sexp = crypto->sigpkey_sexp = NULL;
434 rc = get_pubkey_bin (crypto, crypto->grip, &crypto->pkey_sexp);
435 if (!rc)
436 rc = get_pubkey_bin (crypto, crypto->sign_grip, &crypto->sigpkey_sexp);
437
438 fail:
439 close (fd);
440 xfree (buf);
441 return rc;
442 }
443
444 static gpg_error_t
445 inquire_cb (void *user, const char *keyword)
446 {
447 struct inquire_data_s *idata = user;
448
449 if (!idata->preset && (!strcmp (keyword, "PASSPHRASE")
450 || !strcmp (keyword, "NEW_PASSPHRASE")))
451 {
452 return agent_loopback_cb (idata->crypto, keyword);
453 }
454 // SAVE --inquire-keyparam
455 else if (idata->preset && !strcmp (keyword, "KEYPARAM"))
456 {
457 idata->preset = 0;
458 return agent_loopback_cb (idata->crypto, keyword);
459 }
460
461 if (idata->crypto->agent->inquire_maxlen
462 && idata->len > idata->crypto->agent->inquire_maxlen)
463 {
464 log_write (_("Inquired data too large: have=%u, max=%u"), idata->len,
465 idata->crypto->agent->inquire_maxlen);
466 return GPG_ERR_TOO_LARGE;
467 }
468
469 idata->crypto->agent->inquire_maxlen = 0;
470 return assuan_send_data (idata->crypto->agent->ctx, idata->line,
471 idata->len);
472 }
473
474 static gpg_error_t
475 extract_key (struct crypto_s *crypto, unsigned char **result,
476 size_t * result_len)
477 {
478 gpg_error_t rc;
479 gcry_sexp_t enc_sexp = NULL, tmp_sexp;
480 struct inquire_data_s idata = { 0 };
481 char *hexgrip = NULL;
482 char *key;
483 size_t keylen, keysize;
484 char *tmp;
485 int algo = cipher_to_gcrypt (crypto->hdr.flags);
486 int shadowed;
487
488 rc = gcry_cipher_algo_info (algo, GCRYCTL_GET_KEYLEN, NULL, &keysize);
489 if (rc)
490 return rc;
491
492 tmp_sexp = gcry_sexp_find_token (crypto->ciphertext_sexp, "enc-val", 0);
493 if (!tmp_sexp)
494 return GPG_ERR_BAD_DATA;
495
496 hexgrip = bin2hex (crypto->grip, sizeof (crypto->grip));
497 if (!hexgrip)
498 {
499 rc = GPG_ERR_ENOMEM;
500 goto fail;
501 }
502
503 rc = cache_is_shadowed (hexgrip);
504 if (rc && rc != GPG_ERR_NO_DATA)
505 goto fail;
506
507 shadowed = !rc ? 1 : 0;
508 if (!shadowed)
509 {
510 gcry_sexp_t tmp2_sexp = gcry_sexp_cdr (tmp_sexp);
511 gcry_sexp_release (tmp_sexp);
512 tmp_sexp = gcry_sexp_nth (tmp2_sexp, 0);
513 gcry_sexp_release (tmp2_sexp);
514 rc = gcry_sexp_build (&enc_sexp, NULL, "(enc-val (flags pkcs1) %S)",
515 tmp_sexp);
516 }
517 else
518 rc = gcry_sexp_build (&enc_sexp, NULL, "%S", tmp_sexp);
519
520 gcry_sexp_release (tmp_sexp);
521 if (rc)
522 return rc;
523
524 crypto->agent->inquire_cb = inquire_cb;
525 idata.crypto = crypto;
526 idata.len = gcry_sexp_sprint (enc_sexp, GCRYSEXP_FMT_CANON, NULL, 0);
527 idata.line = xmalloc (idata.len);
528 if (!idata.line)
529 {
530 rc = GPG_ERR_ENOMEM;
531 goto fail;
532 }
533
534 idata.len = gcry_sexp_sprint (enc_sexp, GCRYSEXP_FMT_CANON, idata.line,
535 idata.len);
536 crypto->agent->inquire_data = &idata;
537 gcry_sexp_release (enc_sexp);
538 enc_sexp = NULL;
539 log_write1 (_("Keygrip is %s, bits=%i"), hexgrip,
540 gcry_pk_get_nbits (crypto->pkey_sexp));
541 rc = send_to_agent (crypto->agent, NULL, NULL, "SETKEY %s", hexgrip);
542 if (rc)
543 goto fail;
544
545 if (!crypto->agent->desc)
546 {
547 tmp =
548 plus_escape (_
549 ("A %s is required to unlock the secret key for the "
550 "encrypted data file \"%s\". Please enter the %s "
551 "below."), shadowed ? "PIN" : _("passphrase"),
552 crypto->filename, shadowed ? "PIN" : _("passphrase"));
553 }
554 else
555 tmp = plus_escape (crypto->agent->desc);
556
557 rc = send_to_agent (crypto->agent, NULL, NULL, "SETKEYDESC %s", tmp);
558 xfree (tmp);
559 if (rc)
560 goto fail;
561
562 assuan_begin_confidential (crypto->agent->ctx);
563 rc = send_to_agent (crypto->agent, &key, &keylen, "PKDECRYPT");
564 assuan_end_confidential (crypto->agent->ctx);
565 if (rc)
566 goto fail;
567
568 rc = gcry_sexp_new (&tmp_sexp, key, keylen, 1);
569 xfree (key);
570 if (rc)
571 goto fail;
572
573 key = (char *) gcry_sexp_nth_data (tmp_sexp, 1, result_len);
574 if (key)
575 {
576 *result = gcry_malloc (*result_len);
577 if (!*result)
578 rc = GPG_ERR_ENOMEM;
579 else
580 memcpy (*result, key, *result_len);
581 }
582 else
583 rc = GPG_ERR_BAD_DATA;
584
585 gcry_sexp_release (tmp_sexp);
586
587 fail:
588 xfree (idata.line);
589 xfree (hexgrip);
590
591 if (enc_sexp)
592 gcry_sexp_release (enc_sexp);
593
594 return rc;
595 }
596
597 static gpg_error_t
598 verify (gcry_sexp_t pkey, gcry_sexp_t sig_sexp, const void *data, size_t len)
599 {
600 gpg_error_t rc;
601 unsigned hashlen = gcry_md_get_algo_dlen (GCRY_MD_SHA256);
602 unsigned char *hash;
603 gcry_sexp_t data_sexp;
604
605 hash = gcry_malloc (hashlen);
606 if (!hash)
607 return GPG_ERR_ENOMEM;
608
609 gcry_md_hash_buffer (GCRY_MD_SHA256, hash, data, len);
610 rc = gcry_sexp_build (&data_sexp, NULL,
611 "(data (flags pkcs1) (hash sha256 %b))", hashlen,
612 hash);
613 gcry_free (hash);
614 if (!rc)
615 {
616 rc = gcry_pk_verify (sig_sexp, data_sexp, pkey);
617 gcry_sexp_release (data_sexp);
618 }
619
620 return rc;
621 }
622
623 #define CRYPTO_BLOCKSIZE(c) (blocksize * 1024)
624
625 /*
626 * Useful for a large amount of data. Rather than doing all of the data in one
627 * iteration do it in chunks. This lets the command be cancelable rather than
628 * waiting for it to complete.
629 */
630 static gpg_error_t
631 iterate_crypto_once (gcry_cipher_hd_t h, unsigned char *inbuf,
632 size_t insize, size_t blocksize, status_msg_t which)
633 {
634 gpg_error_t rc = 0;
635 off_t len = CRYPTO_BLOCKSIZE (blocksize);
636 void *p = gcry_malloc (len);
637 off_t total = 0;
638 unsigned char *inbuf2;
639
640 if (!p)
641 return GPG_ERR_ENOMEM;
642
643 if (insize < CRYPTO_BLOCKSIZE (blocksize))
644 len = insize;
645
646 pthread_cleanup_push (gcry_free, p);
647
648 for (;;)
649 {
650 inbuf2 = inbuf + total;
651 unsigned char *tmp;
652
653 if (len + total > insize)
654 len = blocksize;
655
656 if (which == STATUS_ENCRYPT)
657 rc = gcry_cipher_encrypt (h, p, len, inbuf2, len);
658 else
659 rc = gcry_cipher_decrypt (h, p, len, inbuf2, len);
660
661 if (rc)
662 break;
663
664 tmp = inbuf + total;
665 memmove (tmp, p, len);
666 total += len;
667 if (total >= insize)
668 break;
669
670 #ifdef HAVE_PTHREAD_TESTCANCEL
671 pthread_testcancel ();
672 #endif
673 }
674
675 pthread_cleanup_pop (1);
676 return rc;
677 }
678
679 static void
680 cleanup_cipher (void *arg)
681 {
682 gcry_cipher_close ((gcry_cipher_hd_t) arg);
683 }
684
685 gpg_error_t
686 decrypt_data (assuan_context_t ctx, struct crypto_s *crypto)
687 {
688 gpg_error_t rc;
689 unsigned char *key = NULL;
690 size_t keylen = 0;
691 gcry_cipher_hd_t h = NULL;
692 size_t blocksize, keysize;
693 int algo = cipher_to_gcrypt (crypto->hdr.flags);
694 void *outbuf = NULL;
695 gcry_sexp_t sig_sexp;
696 uint64_t n = crypto->hdr.iterations;
697 long progress = 0;
698
699 rc = extract_key (crypto, &key, &keylen);
700 if (rc)
701 return rc;
702
703 sig_sexp = gcry_sexp_find_token (crypto->ciphertext_sexp, "sig-val", 0);
704 if (!sig_sexp)
705 {
706 gcry_free (key);
707 return GPG_ERR_BAD_DATA;
708 }
709
710 pthread_cleanup_push (gcry_free, key);
711 rc =
712 verify (crypto->sigpkey_sexp, sig_sexp, crypto->ciphertext,
713 crypto->ciphertext_len);
714 gcry_sexp_release (sig_sexp);
715
716 if (!rc)
717 {
718 rc = gcry_cipher_open (&h, algo, GCRY_CIPHER_MODE_CBC, 0);
719 if (!rc)
720 {
721 rc = gcry_cipher_algo_info (algo, GCRYCTL_GET_KEYLEN, NULL,
722 &keysize);
723 if (!rc)
724 {
725 rc = gcry_cipher_algo_info (algo, GCRYCTL_GET_BLKLEN, NULL,
726 &blocksize);
727 if (!rc)
728 {
729 rc = gcry_cipher_setiv (h, crypto->hdr.iv,
730 sizeof (crypto->hdr.iv));
731 if (!rc)
732 {
733 rc = gcry_cipher_setkey (h, key, keylen);
734 }
735 }
736 }
737 }
738 }
739
740 pthread_cleanup_push (cleanup_cipher, rc ? NULL : h);
741
742 if (!rc)
743 {
744 outbuf = gcry_malloc (crypto->hdr.datalen);
745 if (!outbuf)
746 rc = GPG_ERR_ENOMEM;
747 }
748
749 pthread_cleanup_push (gcry_free, outbuf);
750
751 if (!rc)
752 {
753 memcpy (outbuf, crypto->ciphertext, crypto->hdr.datalen);
754 rc = iterate_crypto_once (h, outbuf, crypto->hdr.datalen, blocksize,
755 STATUS_DECRYPT);
756 if (!rc)
757 {
758 key[0] ^= 1;
759 rc = gcry_cipher_setkey (h, key, keylen);
760 }
761 }
762
763 if (!rc)
764 {
765 progress = config_get_long (NULL, "cipher_progress");
766 if (progress == -1)
767 progress = strtol (DEFAULT_ITERATION_PROGRESS, NULL, 10);
768 }
769
770 if (!rc && ctx && crypto->hdr.iterations)
771 rc = send_status (ctx, STATUS_DECRYPT, "%llu %llu", 0,
772 crypto->hdr.iterations);
773
774 for (n = 0; !rc && n < crypto->hdr.iterations; n++)
775 {
776 if (ctx && !(n % progress))
777 {
778 rc = send_status (ctx, STATUS_DECRYPT, "%llu %llu", n,
779 crypto->hdr.iterations);
780 if (rc)
781 break;
782 }
783
784 rc = gcry_cipher_setiv (h, crypto->hdr.iv, sizeof (crypto->hdr.iv));
785 if (rc)
786 break;
787
788 rc = iterate_crypto_once (h, outbuf, crypto->hdr.datalen, blocksize,
789 STATUS_DECRYPT);
790 }
791
792 if (!rc && ctx && crypto->hdr.iterations)
793 rc = send_status (ctx, STATUS_DECRYPT, "%llu %llu", n,
794 crypto->hdr.iterations);
795
796 pthread_cleanup_pop (rc ? 1 : 0); // outbuf
797 pthread_cleanup_pop (1); // cipher
798 pthread_cleanup_pop (1); // key
799 if (!rc)
800 {
801 crypto->plaintext = outbuf;
802 crypto->plaintext_len = crypto->hdr.datalen;
803 }
804
805 return rc;
806 }
807
808 gpg_error_t
809 decrypt_xml (struct crypto_s * crypto, const void *data, size_t len)
810 {
811 gcry_cipher_hd_t h = NULL;
812 gpg_error_t rc;
813
814 rc = gcry_cipher_open (&h, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, 0);
815 if (rc)
816 return rc;
817
818 gcry_free (crypto->plaintext);
819 crypto->plaintext = gcry_malloc (len);
820 if (!crypto->plaintext)
821 {
822 rc = GPG_ERR_ENOMEM;
823 goto done;
824 }
825
826 rc = gcry_cipher_setiv (h, cache_iv, cache_blocksize);
827 if (rc)
828 goto done;
829
830 rc = gcry_cipher_setkey (h, cache_key, cache_keysize);
831 if (rc)
832 goto done;
833
834 rc = gcry_cipher_decrypt (h, crypto->plaintext, len, data, len);
835 if (rc)
836 {
837 gcry_free (crypto->plaintext);
838 crypto->plaintext = NULL;
839 }
840
841 crypto->plaintext_len = len;
842
843 done:
844 if (h)
845 gcry_cipher_close (h);
846
847 return rc;
848 }
849
850 gpg_error_t
851 encrypt_xml (assuan_context_t ctx, void *key, size_t keylen,
852 int algo, const void *xml, size_t len, void * *result, size_t
853 * result_len, unsigned char **iv, size_t * iv_len, uint64_t iter)
854 {
855 gpg_error_t rc;
856 gcry_cipher_hd_t h;
857 size_t blocksize, keysize;
858 void *inbuf = NULL;
859 size_t olen = len;
860 uint64_t n = 0;
861 long progress;
862 unsigned char *tmpkey = NULL;
863 int free_iv = *(iv_len) == 0;
864
865 rc = gcry_cipher_open (&h, algo, GCRY_CIPHER_MODE_CBC, 0);
866 if (rc)
867 return rc;
868
869 pthread_cleanup_push (cleanup_cipher, h);
870 rc = gcry_cipher_algo_info (algo, GCRYCTL_GET_KEYLEN, NULL, &keysize);
871 if (!rc)
872 rc = gcry_cipher_algo_info (algo, GCRYCTL_GET_BLKLEN, NULL, &blocksize);
873
874 if (!rc && *(iv_len) == 0)
875 {
876 *(iv) = xmalloc (blocksize);
877 if (!*(iv))
878 rc = GPG_ERR_ENOMEM;
879
880 gcry_create_nonce (*(iv), blocksize);
881 }
882
883 pthread_cleanup_push (xfree, *(iv_len) == 0 ? *(iv) : NULL);
884 if (!rc)
885 {
886 *iv_len = blocksize;
887 tmpkey = gcry_malloc (keylen);
888 if (!tmpkey)
889 rc = GPG_ERR_ENOMEM;
890 }
891
892 pthread_cleanup_push (gcry_free, tmpkey);
893
894 if (!rc)
895 {
896 memcpy (tmpkey, key, keylen);
897 tmpkey[0] ^= 1;
898 rc = gcry_cipher_setkey (h, tmpkey, keylen);
899 if (!rc)
900 {
901 if (len % blocksize)
902 len += blocksize - (len % blocksize);
903 }
904 }
905
906 if (!rc)
907 {
908 inbuf = gcry_malloc (len);
909 if (!inbuf)
910 rc = GPG_ERR_ENOMEM;
911 }
912
913 pthread_cleanup_push (gcry_free, inbuf);
914
915 if (!rc)
916 {
917 memset (inbuf, 0, len);
918 memcpy (inbuf, xml, olen);
919 progress = config_get_long (NULL, "cipher_progress");
920 if (progress == -1)
921 progress = strtol (DEFAULT_ITERATION_PROGRESS, NULL, 10);
922
923 if (!rc && ctx && iter)
924 rc = send_status (ctx, STATUS_ENCRYPT, "%llu %llu", 0, iter);
925
926 for (n = 0; !rc && n < iter; n++)
927 {
928 if (ctx && !(n % progress))
929 {
930 rc = send_status (ctx, STATUS_ENCRYPT, "%llu %llu", n, iter);
931 if (rc)
932 break;
933 }
934
935 rc = gcry_cipher_setiv (h, *(iv), blocksize);
936 if (rc)
937 break;
938
939 rc = iterate_crypto_once (h, inbuf, len, blocksize, STATUS_ENCRYPT);
940 }
941 }
942
943 if (!rc && ctx && iter)
944 rc = send_status (ctx, STATUS_ENCRYPT, "%llu %llu", n, iter);
945
946 if (!rc)
947 {
948 /* Do at least one iteration. */
949 rc = gcry_cipher_setiv (h, *(iv), blocksize);
950 if (!rc)
951 {
952 rc = gcry_cipher_setkey (h, key, keylen);
953 if (!rc)
954 rc = iterate_crypto_once (h, inbuf, len, blocksize,
955 STATUS_ENCRYPT);
956 }
957 }
958
959 pthread_cleanup_pop (rc ? 1 : 0); // inbuf
960 pthread_cleanup_pop (1); // tmpkey
961 pthread_cleanup_pop (rc && free_iv ? 1 : 0); // iv
962 pthread_cleanup_pop (1); // cipher
963 *result = rc ? NULL : inbuf;
964 *result_len = len;
965 return rc;
966 }
967
968 gpg_error_t
969 agent_loopback_cb (void *user, const char *keyword)
970 {
971 struct crypto_s *crypto = user;
972 gpg_error_t rc;
973 unsigned char *result;
974 size_t len;
975 int keyparam = 0;
976
977 if (!strcmp (keyword, "KEYPARAM"))
978 {
979 keyparam = 1;
980 rc = assuan_inquire (crypto->client_ctx, keyword, &result, &len, 0);
981 }
982 else
983 { // PASSPHRASE or NEW_PASSPHRASE
984 assuan_begin_confidential (crypto->client_ctx);
985 rc = assuan_inquire (crypto->client_ctx, keyword, &result, &len, 0);
986 assuan_end_confidential (crypto->client_ctx);
987 }
988
989 if (!rc)
990 {
991 if (keyparam && !len)
992 {
993 char *tmp = default_key_params (crypto);
994
995 if (!tmp)
996 return gpg_error (GPG_ERR_ENOMEM);
997
998 len = strlen (tmp);
999 result = xmalloc (len);
1000 memcpy (result, tmp, len);
1001 xfree (tmp);
1002 }
1003
1004 pthread_cleanup_push (xfree, result);
1005
1006 if (keyparam)
1007 rc = assuan_send_data (crypto->agent->ctx, result, len);
1008 else
1009 {
1010 assuan_begin_confidential (crypto->agent->ctx);
1011 rc = assuan_send_data (crypto->agent->ctx, result, len);
1012 assuan_end_confidential (crypto->agent->ctx);
1013 }
1014
1015 pthread_cleanup_pop (1);
1016 }
1017 else if (gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
1018 {
1019 gpg_error_t arc = assuan_write_line (crypto->agent->ctx, "CAN");
1020
1021 if (!arc)
1022 {
1023 char *line;
1024 size_t len;
1025
1026 arc = assuan_read_line (crypto->agent->ctx, &line, &len);
1027 if (arc)
1028 rc = arc;
1029 }
1030 else
1031 rc = arc;
1032 }
1033
1034 return rc;
1035 }
1036
1037 static gpg_error_t
1038 sign (gcry_sexp_t * rsexp, const char *sign_hexgrip,
1039 struct crypto_s *crypto, const void *data, size_t len)
1040 {
1041 gpg_error_t rc;
1042 char *result;
1043 char *tmp = sign_hexgrip ? str_dup (sign_hexgrip)
1044 : bin2hex (crypto->grip, sizeof (crypto->grip));
1045
1046 pthread_cleanup_push (xfree, tmp);
1047 log_write1 (_("Signed with keygrip %s"), tmp);
1048 rc = send_to_agent (crypto->agent, NULL, NULL, "SIGKEY %s", tmp);
1049 pthread_cleanup_pop (1);
1050 if (!rc)
1051 {
1052 unsigned char *hash;
1053 unsigned hashlen = gcry_md_get_algo_dlen (GCRY_MD_SHA256);
1054
1055 hash = gcry_malloc (hashlen);
1056 if (!hash)
1057 return GPG_ERR_ENOMEM;
1058
1059 gcry_md_hash_buffer (GCRY_MD_SHA256, hash, data, len);
1060 tmp = bin2hex (hash, hashlen);
1061 gcry_free (hash);
1062 pthread_cleanup_push (xfree, tmp);
1063 rc = send_to_agent (crypto->agent, NULL, NULL,
1064 "SETHASH --hash=sha256 %s", tmp);
1065 pthread_cleanup_pop (1);
1066 }
1067
1068 if (!rc)
1069 {
1070 struct inquire_data_s idata = { 0 };
1071
1072 idata.crypto = crypto;
1073 crypto->agent->inquire_data = &idata;
1074 crypto->agent->inquire_cb = inquire_cb;
1075 rc = send_to_agent (crypto->agent, &result, &len, "PKSIGN");
1076 if (!rc)
1077 {
1078 rc = gcry_sexp_sscan (rsexp, NULL, result, len);
1079 xfree (result);
1080 }
1081 }
1082
1083 return rc;
1084 }
1085
1086 #ifdef WITH_LIBACL
1087 static void
1088 cleanup_acl (void *arg)
1089 {
1090 acl_t acl = *(acl_t *) arg;
1091
1092 if (acl)
1093 acl_free (acl);
1094 }
1095 #endif
1096
1097 static gpg_error_t
1098 write_file (struct crypto_s *crypto, const char *filename,
1099 void *data, size_t data_len, void *sexp, size_t sexp_len,
1100 gcry_sexp_t pubkey, gcry_sexp_t sigpkey)
1101 {
1102 char tmp[FILENAME_MAX] = { 0 };
1103 mode_t mode = 0;
1104 struct stat st;
1105 int fd;
1106 gpg_error_t rc = 0;
1107 size_t len;
1108 #ifdef WITH_LIBACL
1109 acl_t acl = NULL;
1110 #endif
1111
1112 if (filename)
1113 {
1114 if (lstat (filename, &st) == 0)
1115 {
1116 mode = st.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
1117
1118 if (!(mode & S_IWUSR))
1119 return GPG_ERR_EACCES;
1120 }
1121 else if (errno != ENOENT)
1122 return gpg_error_from_syserror ();
1123
1124 snprintf (tmp, sizeof (tmp), "%s.XXXXXX", filename);
1125 fd = mkstemp (tmp);
1126 if (fd == -1)
1127 {
1128 rc = gpg_error_from_syserror ();
1129 log_write ("%s: %s", tmp, pwmd_strerror (rc));
1130 return rc;
1131 }
1132 }
1133 else
1134 {
1135 // xml_import() or convert_file() from command line.
1136 fd = STDOUT_FILENO;
1137 }
1138
1139 pthread_cleanup_push (cleanup_unlink_cb, tmp);
1140 crypto->save.hdr.version = VERSION_HEX;
1141 len = write (fd, &crypto->save.hdr, sizeof (file_header_t));
1142 if (len == sizeof (file_header_t))
1143 {
1144 unsigned char grip[20];
1145
1146 gcry_pk_get_keygrip (pubkey, grip);
1147 len = write (fd, grip, sizeof (grip));
1148 if (len == sizeof (grip))
1149 {
1150 gcry_pk_get_keygrip (sigpkey, grip);
1151 len = write (fd, grip, sizeof (grip));
1152 if (len == sizeof (grip))
1153 {
1154 len = write (fd, data, data_len);
1155 if (len == data_len)
1156 {
1157 len = write (fd, sexp, sexp_len);
1158 if (len != sexp_len)
1159 rc = gpg_error_from_syserror ();
1160 }
1161 else
1162 rc = gpg_error_from_syserror ();
1163 }
1164 }
1165 else
1166 rc = gpg_error_from_syserror ();
1167 }
1168 else
1169 rc = gpg_error_from_syserror ();
1170
1171 #ifdef WITH_LIBACL
1172 pthread_cleanup_push (cleanup_acl, &acl);
1173 #endif
1174 if (!rc)
1175 {
1176 if (fsync (fd) != -1)
1177 {
1178 if (filename && close (fd) != -1)
1179 {
1180 #ifdef WITH_LIBACL
1181 acl = acl_get_file (filename, ACL_TYPE_ACCESS);
1182 if (!acl && errno == ENOENT)
1183 acl = acl_get_file (".", ACL_TYPE_DEFAULT);
1184 if (!acl)
1185 log_write ("ACL: %s: %s", filename,
1186 pwmd_strerror (gpg_error_from_syserror ()));
1187 #endif
1188
1189 if (mode && config_get_boolean (filename, "backup"))
1190 {
1191 char tmp2[FILENAME_MAX];
1192
1193 snprintf (tmp2, sizeof (tmp2), "%s.backup", filename);
1194 if (rename (filename, tmp2) == -1)
1195 rc = gpg_error_from_syserror ();
1196 }
1197 }
1198 else if (filename)
1199 rc = gpg_error_from_syserror ();
1200 }
1201 else
1202 rc = gpg_error_from_syserror ();
1203 }
1204
1205 if (!rc)
1206 {
1207 if (filename && rename (tmp, filename) != -1)
1208 {
1209 tmp[0] = 0;
1210 if (filename && mode)
1211 chmod (filename, mode);
1212
1213 #ifdef WITH_LIBACL
1214 if (acl && acl_set_file (filename, ACL_TYPE_ACCESS, acl))
1215 log_write ("ACL: %s: %s", filename,
1216 pwmd_strerror (gpg_error_from_syserror ()));
1217 #endif
1218 }
1219 else
1220 rc = gpg_error_from_syserror ();
1221 }
1222
1223 #ifdef WITH_LIBACL
1224 pthread_cleanup_pop (1);
1225 #endif
1226 pthread_cleanup_pop (rc ? 1 : 0); // unlink
1227 return rc;
1228 }
1229
1230 gpg_error_t
1231 encrypt_data_file (assuan_context_t ctx, struct crypto_s * crypto,
1232 gcry_sexp_t pubkey, gcry_sexp_t sigpkey,
1233 const char *filename, const void *xml, size_t len)
1234 {
1235 gpg_error_t rc;
1236 void *data = NULL;
1237 size_t data_len = 0;
1238 void *enc_xml = NULL;
1239 size_t enc_xml_len = 0;
1240 unsigned char *iv = NULL;
1241 size_t iv_len = 0;
1242 int algo = cipher_to_gcrypt (crypto->save.hdr.flags);
1243 void *key = NULL;
1244 size_t keysize;
1245 unsigned char sig_grip[20];
1246 unsigned char grip[20];
1247
1248 rc = gcry_cipher_algo_info (algo, GCRYCTL_GET_KEYLEN, NULL, &keysize);
1249 if (rc)
1250 return rc;
1251
1252 pthread_cleanup_push (gcry_free, key);
1253 key = gcry_random_bytes_secure (keysize, GCRY_STRONG_RANDOM);
1254 #ifdef HAVE_PTHREAD_TESTCANCEL
1255 pthread_testcancel (); // may have been a long operation
1256 #endif
1257 pthread_cleanup_pop (0);
1258 if (!key)
1259 return GPG_ERR_ENOMEM;
1260
1261 gcry_pk_get_keygrip (pubkey, grip);
1262 gcry_pk_get_keygrip (sigpkey, sig_grip);
1263 pthread_cleanup_push (xfree, iv);
1264 pthread_cleanup_push (gcry_free, key);
1265 rc = encrypt_xml (ctx, key, keysize, algo, xml, len, &enc_xml, &enc_xml_len,
1266 &iv, &iv_len, crypto->save.hdr.iterations);
1267 if (!rc)
1268 {
1269 gcry_sexp_t sig_sexp = NULL;
1270 char *hexgrip = bin2hex (grip, 20);
1271
1272 log_write1 (_("Encrypted with keygrip %s"), hexgrip);
1273 xfree (hexgrip);
1274 hexgrip = bin2hex (sig_grip, 20);
1275 pthread_cleanup_push (gcry_free, enc_xml);
1276 rc = sign (&sig_sexp, hexgrip, crypto, enc_xml, enc_xml_len);
1277 xfree (hexgrip);
1278
1279 if (!rc)
1280 {
1281 rc = verify (sigpkey, sig_sexp, enc_xml, enc_xml_len);
1282
1283 if (!rc)
1284 {
1285 gcry_sexp_t tmp_sexp;
1286
1287 rc = gcry_sexp_build (&tmp_sexp, NULL,
1288 "(data (flags pkcs1) (value %b))",
1289 keysize, key);
1290 if (!rc)
1291 {
1292 gcry_sexp_t key_sexp;
1293
1294 pthread_cleanup_push ((void (*)(void *)) gcry_sexp_release,
1295 (void *) sig_sexp);
1296 rc = gcry_pk_encrypt (&key_sexp, tmp_sexp, pubkey);
1297 pthread_cleanup_pop (0);
1298 gcry_sexp_release (tmp_sexp);
1299
1300 if (!rc)
1301 {
1302 memcpy (crypto->save.hdr.iv, iv, iv_len);
1303 crypto->save.hdr.datalen = enc_xml_len;
1304 rc = gcry_sexp_build (&tmp_sexp, NULL, "%S%S", key_sexp,
1305 sig_sexp);
1306 gcry_sexp_release (key_sexp);
1307
1308 if (!rc)
1309 {
1310 data_len = gcry_sexp_sprint (tmp_sexp,
1311 GCRYSEXP_FMT_CANON,
1312 NULL, 0);
1313 data = xmalloc (data_len);
1314 if (data)
1315 gcry_sexp_sprint (tmp_sexp, GCRYSEXP_FMT_CANON,
1316 data, data_len);
1317 else
1318 rc = GPG_ERR_ENOMEM;
1319
1320 gcry_sexp_release (tmp_sexp);
1321 }
1322 }
1323 }
1324 }
1325 }
1326
1327 pthread_cleanup_pop (0); // enc_xml
1328
1329 if (sig_sexp)
1330 gcry_sexp_release (sig_sexp);
1331 }
1332
1333 pthread_cleanup_pop (1); // key
1334 pthread_cleanup_pop (1); // iv
1335
1336 if (!rc)
1337 {
1338 pthread_cleanup_push (gcry_free, enc_xml);
1339 rc = write_file (crypto, filename, enc_xml, enc_xml_len, data, data_len,
1340 pubkey, sigpkey);
1341 pthread_cleanup_pop (1); // enc_xml
1342 if (!rc)
1343 memcpy (&crypto->hdr, &crypto->save.hdr, sizeof (file_header_t));
1344 }
1345
1346 xfree (data);
1347 return rc;
1348 }
1349
1350 void
1351 cleanup_save (struct save_s *save)
1352 {
1353 if (!save)
1354 return;
1355
1356 if (save->pkey)
1357 gcry_sexp_release (save->pkey);
1358
1359 if (save->sigpkey)
1360 gcry_sexp_release (save->sigpkey);
1361
1362 memset (save, 0, sizeof (struct save_s));
1363 }
1364
1365 /* Keep the agent ctx to retain pinentry options which will be freed in
1366 * cleanup_cb(). Also keep .pubkey since it may be needed for a SAVE. */
1367 void
1368 cleanup_crypto_stage1 (struct crypto_s *cr)
1369 {
1370 if (!cr)
1371 return;
1372
1373 cleanup_save (&cr->save);
1374
1375 if (cr->ciphertext_sexp)
1376 gcry_sexp_release (cr->ciphertext_sexp);
1377
1378 if (cr->plaintext)
1379 gcry_free (cr->plaintext);
1380
1381 xfree (cr->ciphertext);
1382 xfree (cr->filename);
1383 cr->filename = NULL;
1384 cr->ciphertext_sexp = NULL;
1385 cr->ciphertext = NULL;
1386 cr->ciphertext_len = 0;
1387 cr->plaintext = NULL;
1388 cr->plaintext_len = 0;
1389 }
1390
1391 void
1392 cleanup_crypto_stage2 (struct crypto_s *cr)
1393 {
1394 if (!cr)
1395 return;
1396
1397 cleanup_crypto_stage1 (cr);
1398 set_header_defaults (&cr->hdr);
1399 }
1400
1401 void
1402 cleanup_crypto (struct crypto_s **c)
1403 {
1404 struct crypto_s *cr = *c;
1405
1406 if (!cr)
1407 return;
1408
1409 cleanup_crypto_stage2 (cr);
1410
1411 if (cr->pkey_sexp)
1412 gcry_sexp_release (cr->pkey_sexp);
1413
1414 if (cr->sigpkey_sexp)
1415 gcry_sexp_release (cr->sigpkey_sexp);
1416
1417 if (cr->agent)
1418 cleanup_agent (cr->agent);
1419
1420 xfree (cr);
1421 *c = NULL;
1422 }
1423
1424 gpg_error_t
1425 init_client_crypto (struct crypto_s **crypto)
1426 {
1427 struct crypto_s *new = xcalloc (1, sizeof (struct crypto_s));
1428 gpg_error_t rc;
1429
1430 if (!new)
1431 {
1432 log_write ("%s(%i): %s", __FILE__, __LINE__,
1433 pwmd_strerror (GPG_ERR_ENOMEM));
1434 return GPG_ERR_ENOMEM;
1435 }
1436
1437 rc = agent_init (&new->agent);
1438 if (!rc)
1439 {
1440 rc = send_agent_common_options (new->agent);
1441 if (!rc)
1442 rc = set_pinentry_options (new->agent);
1443 }
1444
1445 if (rc)
1446 {
1447 xfree (new);
1448 return rc;
1449 }
1450
1451 set_header_defaults (&new->hdr);
1452 *crypto = new;
1453 return 0;
1454 }
1455
1456 gpg_error_t
1457 generate_key (struct crypto_s * crypto, char *sexpstr, int empty, int preset)
1458 {
1459 gpg_error_t rc;
1460 char *pkey;
1461 size_t plen;
1462
1463 if (crypto->save.s2k_count)
1464 {
1465 rc = send_to_agent (crypto->agent, NULL, NULL,
1466 "OPTION s2k-count=%lu", crypto->save.s2k_count);
1467 if (rc)
1468 return rc;
1469 }
1470
1471 if (!crypto->agent->inquire_cb)
1472 crypto->agent->inquire_cb = inquire_cb;
1473
1474 rc = send_to_agent (crypto->agent, &pkey, &plen, "GENKEY %s%s",
1475 preset ? "--preset " : "",
1476 empty ? "--no-protection" : "");
1477 if (rc)
1478 return rc;
1479
1480 if (crypto->save.pkey)
1481 gcry_sexp_release (crypto->save.pkey);
1482
1483 crypto->save.pkey = NULL;
1484 rc = gcry_sexp_new (&crypto->save.pkey, pkey, plen, 1);
1485 if (!rc)
1486 {
1487 unsigned char grip[20];
1488
1489 gcry_pk_get_keygrip (crypto->save.pkey, grip);
1490 char *hexgrip = bin2hex (grip, sizeof (grip));
1491 log_write1 (_("Keygrip is %s"), hexgrip);
1492 xfree (hexgrip);
1493
1494 if (!crypto->save.sigpkey)
1495 {
1496 gcry_sexp_build ((gcry_sexp_t *) & crypto->save.sigpkey, NULL, "%S",
1497 crypto->save.pkey);
1498 }
1499 }
1500
1501 xfree (pkey);
1502 return rc;
1503 }
1504
1505 gpg_error_t
1506 set_agent_option (struct agent_s * agent, const char *name, const char *value)
1507 {
1508 return send_to_agent (agent, NULL, NULL, "OPTION %s=%s", name, value);
1509 }
1510
1511 gpg_error_t
1512 set_agent_passphrase (struct crypto_s * crypto, const char *key, size_t len)
1513 {
1514 char *hexgrip;
1515 struct inquire_data_s idata;
1516 gpg_error_t rc;
1517 int i;
1518
1519 /* This is for use with key files or passphrases obtained from an inquire.
1520 * gpg-agent uses strings as passphrases and will truncate the passphrase
1521 * at the first encountered null byte. It's only a warning because the
1522 * passphrase may belong to a key shared outside of pwmd. */
1523 for (i = 0; i < len; i++)
1524 {
1525 if (key[i] == 0)
1526 {
1527 log_write (_("WARNING: keylen=%i, truncated to %i."), len, i);
1528 break;
1529 }
1530 }
1531
1532 hexgrip = bin2hex (crypto->grip, 20);
1533 crypto->agent->inquire_cb = inquire_cb;
1534 crypto->agent->inquire_data = &idata;
1535 idata.crypto = crypto;
1536 idata.line = (char *) key, idata.len = len;
1537 idata.preset = 1;
1538 assuan_begin_confidential (crypto->agent->ctx);
1539 rc = send_to_agent (crypto->agent, NULL, NULL,
1540 "PRESET_PASSPHRASE --inquire %s -1", hexgrip);
1541 assuan_end_confidential (crypto->agent->ctx);
1542 idata.preset = 0;
1543 xfree (hexgrip);
1544 return rc;
1545 }
1546
1547 gpg_error_t
1548 set_pinentry_mode (struct agent_s * agent, const char *mode)
1549 {
1550 return set_agent_option (agent, "pinentry-mode", mode);
1551 }
1552
1553 gpg_error_t
1554 get_pubkey_bin (struct crypto_s * crypto, const unsigned char *grip,
1555 gcry_sexp_t * result)
1556 {
1557 char *hexgrip = bin2hex (grip, 20);
1558 gpg_error_t rc;
1559
1560 if (!hexgrip)
1561 return GPG_ERR_ENOMEM;
1562
1563 rc = get_pubkey (crypto, hexgrip, result);
1564 xfree (hexgrip);
1565 return rc;
1566 }
1567
1568 gpg_error_t
1569 get_pubkey (struct crypto_s * crypto, const char *grip, gcry_sexp_t * result)
1570 {
1571 char *pkey = NULL;
1572 size_t plen;
1573 gpg_error_t rc;
1574
1575 rc = send_to_agent (crypto->agent, &pkey, &plen, "READKEY %s", grip);
1576 if (!rc)
1577 rc = gcry_sexp_new (result, pkey, plen, 1);
1578
1579 xfree (pkey);
1580 return rc;
1581 }
1582
1583 gpg_error_t
1584 set_pinentry_options (struct agent_s * agent)
1585 {
1586 gpg_error_t rc = 0;
1587
1588 if (getenv ("DISPLAY"))
1589 {
1590 rc = set_agent_option (agent, "display", getenv ("DISPLAY"));
1591 if (!rc)
1592 {
1593 xfree (agent->display);
1594 agent->display = str_dup (getenv ("DISPLAY"));
1595 }
1596 }
1597 else if (ttyname (STDOUT_FILENO))
1598 {
1599 rc = set_agent_option (agent, "ttyname", ttyname (STDOUT_FILENO));
1600 if (!rc)
1601 {
1602 rc = set_agent_option (agent, "ttytype", getenv ("TERM"));
1603 if (!rc)
1604 {
1605 xfree (agent->ttyname);
1606 xfree (agent->ttytype);
1607 agent->ttyname = str_dup (ttyname (STDOUT_FILENO));
1608 agent->ttytype = str_dup (getenv ("TERM"));
1609 }
1610 }
1611 }
1612
1613 return rc;
1614 }
1615
1616 static gpg_error_t
1617 inquire_keyfile (void *user, const char *keyword)
1618 {
1619 struct crypto_s *crypto = user;
1620 char *filename = crypto->agent->inquire_data2;
1621 char *params = crypto->agent->inquire_data3;
1622 int fd;
1623 struct stat st;
1624 unsigned char *buf;
1625 size_t len;
1626 gpg_error_t rc;
1627
1628 if (!strcmp (keyword, "KEYPARAM"))
1629 return assuan_send_data (crypto->agent->ctx, params, strlen (params));
1630
1631 // This function is only used when generating a new keypair.
1632 if (strcmp (keyword, "NEW_PASSPHRASE"))
1633 return gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE);
1634
1635 if (stat (filename, &st) == -1)
1636 return gpg_error_from_syserror ();
1637
1638 if (crypto->agent->inquire_maxlen
1639 && st.st_size > crypto->agent->inquire_maxlen)
1640 {
1641 log_write (_("The passphrase is too large: have=%u, max=%u."),
1642 (unsigned) st.st_size, crypto->agent->inquire_maxlen);
1643 return GPG_ERR_TOO_LARGE;
1644 }
1645
1646 buf = gcry_malloc_secure (st.st_size);
1647 if (!buf)
1648 return GPG_ERR_ENOMEM;
1649
1650 fd = open (filename, O_RDONLY);
1651 if (fd == -1)
1652 rc = gpg_error_from_syserror ();
1653 else
1654 {
1655 len = read (fd, buf, st.st_size);
1656 if (len == st.st_size)
1657 {
1658 assuan_begin_confidential (crypto->agent->ctx);
1659 rc = assuan_send_data (crypto->agent->ctx, buf, len);
1660 assuan_end_confidential (crypto->agent->ctx);
1661 }
1662 else if (len == -1)
1663 rc = gpg_error_from_syserror ();
1664 else
1665 rc = GPG_ERR_BUFFER_TOO_SHORT;
1666 }
1667
1668 close (fd);
1669 gcry_free (buf);
1670 return rc;
1671 }
1672
1673 gpg_error_t
1674 export_common (struct crypto_s * crypto, const char *hexgrip,
1675 const char *sign_hexgrip, int no_passphrase,
1676 const void *data, size_t datalen, const char *outfile,
1677 const char *keyparams, const char *keyfile)
1678 {
1679 gpg_error_t rc = 0;
1680
1681 if (!sign_hexgrip && hexgrip)
1682 sign_hexgrip = hexgrip;
1683
1684 if (sign_hexgrip)
1685 {
1686 if (crypto->sigpkey_sexp)
1687 gcry_sexp_release (crypto->sigpkey_sexp);
1688
1689 crypto->sigpkey_sexp = NULL;
1690 rc = get_pubkey (crypto, sign_hexgrip, &crypto->save.sigpkey);
1691 if (rc)
1692 return rc;
1693
1694 gcry_pk_get_keygrip (crypto->save.sigpkey, crypto->sign_grip);
1695 }
1696
1697 if (hexgrip)
1698 {
1699 rc = get_pubkey (crypto, hexgrip, &crypto->save.pkey);
1700 if (!rc)
1701 gcry_pk_get_keygrip (crypto->save.pkey, crypto->grip);
1702 }
1703 else
1704 {
1705 struct inquire_data_s idata = { 0 };
1706 char *params = keyparams ? str_dup (keyparams)
1707 : default_key_params (crypto);
1708
1709 pthread_cleanup_push (xfree, params);
1710 log_write (_("Generating a new keypair ..."));
1711 if (keyfile)
1712 {
1713 log_write (_("Using passphrase obtained from file '%s'"), keyfile);
1714 rc = set_pinentry_mode (crypto->agent, "loopback");
1715 crypto->agent->inquire_cb = inquire_keyfile;
1716 crypto->agent->inquire_data = crypto;
1717 crypto->agent->inquire_data2 = (char *) keyfile;
1718 crypto->agent->inquire_data3 = params;
1719 }
1720 else
1721 {
1722 idata.line = params;
1723 idata.len = strlen (params);
1724 idata.crypto = crypto;
1725 crypto->agent->inquire_cb = inquire_cb;
1726 crypto->agent->inquire_data = &idata;
1727 }
1728
1729 if (!rc)
1730 {
1731 rc = generate_key (crypto, params, no_passphrase, 1);
1732 gcry_pk_get_keygrip (crypto->save.pkey, crypto->grip);
1733 }
1734
1735 (void) set_pinentry_mode (crypto->agent, "ask");
1736 pthread_cleanup_pop (1);
1737 }
1738
1739 if (!rc)
1740 {
1741 rc = encrypt_data_file (NULL, crypto, crypto->save.pkey,
1742 crypto->save.sigpkey, outfile, data, datalen);
1743 if (!rc)
1744 {
1745 char *tmp = bin2hex (crypto->grip, sizeof (crypto->grip));
1746
1747 log_write (_("Success! Keygrip is %s."), tmp);
1748 rc = send_to_agent (crypto->agent, NULL, NULL,
1749 "CLEAR_PASSPHRASE --mode=normal %s", tmp);
1750 xfree (tmp);
1751
1752 if (sign_hexgrip)
1753 {
1754 tmp = bin2hex (crypto->sign_grip, sizeof (crypto->sign_grip));
1755 log_write (_("Signed with keygrip %s."), tmp);
1756 xfree (tmp);
1757 }
1758 }
1759 }
1760
1761 return rc;
1762 }
1763
1764 char *
1765 default_key_params (struct crypto_s *crypto)
1766 {
1767 int len = config_get_integer (NULL, "nbits");
1768 char buf[32];
1769 char *algo = config_get_string (NULL, "algo");
1770 char *result;
1771
1772 snprintf (buf, sizeof (buf), "%i", len);
1773 result = str_asprintf ("(genkey (%s (nbits %lu:%i)))", algo, strlen (buf),
1774 len);
1775 xfree (algo);
1776 return result;
1777 }
1778
1779 gpg_error_t
1780 agent_passwd (struct crypto_s * crypto)
1781 {
1782 struct inquire_data_s idata = { 0 };
1783 gpg_error_t rc;
1784 char *tmp = bin2hex (crypto->grip, 20);
1785
1786 idata.crypto = crypto;
1787 crypto->agent->inquire_cb = inquire_cb;
1788 crypto->agent->inquire_data = &idata;
1789 rc = send_to_agent (crypto->agent, NULL, NULL, "PASSWD --preset %s", tmp);
1790 xfree (tmp);
1791 return rc;
1792 }
1793
1794 gpg_error_t
1795 kill_scd (struct agent_s * agent)
1796 {
1797 gpg_error_t rc = 0;
1798
1799 if (config_get_boolean (NULL, "kill_scd"))
1800 {
1801 rc = send_to_agent (agent, NULL, NULL, "SCD KILLSCD");
1802 if (rc && gpg_err_code (rc) != GPG_ERR_NO_SCDAEMON)
1803 log_write ("%s: %s", __FUNCTION__, pwmd_strerror (rc));
1804 }
1805
1806 return rc;
1807 }
An API for pwmd.