2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
4 Ben Kibbey <bjk@luxsci.net>
6 This file is part of libpwmd.
8 Libpwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
13 Libpwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with Libpwmd. If not, see <http://www.gnu.org/licenses/>.
25 #include <sys/types.h>
42 static gpg_error_t
set_pinentry_strings (pwm_t
* pwm
, pwmd_pinentry_t which
);
45 launch_pinentry (pwm_t
* pwm
)
49 int child_list
[] = { -1 };
51 const char **p
= argv
;
52 static struct assuan_malloc_hooks mhooks
= {
53 pwmd_malloc
, pwmd_realloc
, pwmd_free
56 if (!pwm
->pinentry_display
&& !pwm
->pinentry_tty
)
57 return GPG_ERR_ENOTTY
;
60 *p
++ = pwm
->pinentry_display
? "--display" : "--ttyname";
61 *p
++ = pwm
->pinentry_display
? pwm
->pinentry_display
: pwm
->pinentry_tty
;
63 if (pwm
->pinentry_lcctype
)
66 *p
++ = pwm
->pinentry_lcctype
;
69 if (pwm
->pinentry_lcmessages
)
71 *p
++ = "--lc-messages";
72 *p
++ = pwm
->pinentry_lcmessages
;
77 if (!pwm
->pinentry_display
)
80 *p
++ = pwm
->pinentry_term
? pwm
->pinentry_term
: getenv ("TERM");
84 rc
= assuan_new_ext (&ctx
, GPG_ERR_SOURCE_PINENTRY
, &mhooks
, NULL
, NULL
);
88 rc
= assuan_pipe_connect (ctx
,
89 pwm
->pinentry_path
? pwm
->
90 pinentry_path
: PINENTRY_PATH
, argv
, child_list
,
98 pwm
->pinentry_pid
= assuan_get_pid (ctx
);
100 rc
= set_pinentry_strings (pwm
, 0);
102 _pinentry_disconnect (pwm
);
108 pinentry_command (pwm_t
* pwm
, char **result
, size_t * len
, const char *cmd
)
118 gpg_error_t rc
= launch_pinentry (pwm
);
124 return _assuan_command (pwm
, pwm
->pctx
, result
, len
, cmd
);
129 quality_cb (void *data
, const char *line
)
131 #define MAX_ENTROPY 80 // in bits
136 if (strncmp (line
, "QUALITY ", 8))
137 return GPG_ERR_INV_ARG
;
139 match
= ZxcvbnMatch (line
+8, NULL
, NULL
);
140 match
= (match
/MAX_ENTROPY
)*100;
141 snprintf (buf
, sizeof (buf
), "%u", (unsigned)match
);
142 return assuan_send_data (pwm
->pctx
, buf
, strlen (buf
));
147 set_pinentry_strings (pwm_t
* pwm
, pwmd_pinentry_t which
)
149 char *tmp
, *desc
= NULL
;
152 if (which
!= PWMD_PINENTRY_USER
)
154 rc
= pinentry_command (pwm
, NULL
, NULL
, "SETERROR ");
159 tmp
= pwmd_malloc (ASSUAN_LINELENGTH
+ 1);
161 return gpg_error_from_errno (ENOMEM
);
163 if (!pwm
->pinentry_prompt
)
165 pwm
->pinentry_prompt
= pwmd_strdup (N_("Passphrase:"));
166 if (!pwm
->pinentry_prompt
)
169 return GPG_ERR_ENOMEM
;
173 if (!pwm
->pinentry_desc
)
175 if (which
== PWMD_PINENTRY_OPEN
|| which
== PWMD_PINENTRY_OPEN_FAILED
)
177 if (pwm
->passphrase_hint
&& pwm
->passphrase_info
)
179 char *hint
= pwmd_strdup (pwm
->passphrase_hint
), *hintp
= hint
;
180 char *info
= pwmd_strdup (pwm
->passphrase_info
), *infop
= info
;
181 char *userid
= strchr (hint
, ' ');
183 if (userid
&& *userid
)
186 infop
= strchr (info
, ' ');
189 char *p
= strchr (++infop
, ' ');
192 infop
[strlen(infop
)-strlen(p
)] = 0;
197 desc
= pwmd_strdup_printf (N_
198 ("Please enter the passphrase to unlock the OpenPGP secret key:%%0A%%0AClient: %s%%0AData file: %s%%0AKey id: %s (0x%s)%%0AMain key ID: 0x%s"), pwm
->name
? pwm
->name
: N_("unknown"), pwm
->filename
, userid
, hintp
, infop
);
204 desc
= pwmd_strdup_printf (N_ ("A passphrase is required to decrypt the encrypted data file \"%s\". Please enter the passphrase below."), pwm
->filename
);
207 else if (which
== PWMD_PINENTRY_SAVE
208 || which
== PWMD_PINENTRY_SAVE_FAILED
)
210 pwmd_strdup_printf (N_
211 ("Please enter the passphrase to use to encrypt the data file \"%s\"."),
213 else if (which
== PWMD_PINENTRY_SAVE_CONFIRM
)
215 pwmd_strdup_printf (N_
216 ("Please re-enter the passphrase for confirmation."),
222 return GPG_ERR_ENOMEM
;
226 desc
= pwm
->pinentry_desc
;
228 if (which
== PWMD_PINENTRY_USER
)
230 snprintf (tmp
, ASSUAN_LINELENGTH
, "SETERROR %s",
231 pwm
->pinentry_error
? pwm
->pinentry_error
: "");
232 rc
= pinentry_command (pwm
, NULL
, NULL
, tmp
);
239 snprintf (tmp
, ASSUAN_LINELENGTH
, "SETDESC %s",
240 pwm
->pinentry_desc
? pwm
->pinentry_desc
: "");
244 if (which
== PWMD_PINENTRY_SAVE_FAILED
245 || which
== PWMD_PINENTRY_OPEN_FAILED
)
247 if (which
== PWMD_PINENTRY_SAVE_FAILED
)
248 snprintf (tmp
, ASSUAN_LINELENGTH
, "SETERROR %s",
249 N_("Passphrases do not match, try again."));
252 if (pwm
->pinentry_tries
)
254 strcpy (tmp
, "SETERROR ");
255 snprintf (tmp
+ strlen ("SETERROR "), ASSUAN_LINELENGTH
,
256 N_("Bad passphrase (try %i of %i)"),
257 pwm
->pinentry_try
+ 1, pwm
->pinentry_tries
);
260 snprintf (tmp
, ASSUAN_LINELENGTH
, "SETERROR %s",
261 N_("Bad passphrase, try again"));
264 rc
= pinentry_command (pwm
, NULL
, NULL
, tmp
);
272 snprintf (tmp
, ASSUAN_LINELENGTH
, "SETDESC %s", desc
);
274 if (pwm
->pinentry_desc
!= desc
)
278 rc
= pinentry_command (pwm
, NULL
, NULL
, tmp
);
285 snprintf (tmp
, ASSUAN_LINELENGTH
, "SETPROMPT %s", pwm
->pinentry_prompt
);
286 rc
= pinentry_command (pwm
, NULL
, NULL
, tmp
);
290 if (!rc
&& (which
== PWMD_PINENTRY_SAVE
||
291 which
== PWMD_PINENTRY_SAVE_FAILED
))
293 rc
= pinentry_command (pwm
, NULL
, NULL
, "SETQUALITYBAR");
296 pwm
->_inquire_func
= quality_cb
;
297 pwm
->_inquire_data
= pwm
;
302 if (!rc
&& pwm
->pinentry_timeout
>= 0)
306 snprintf(buf
, sizeof(buf
), "SETTIMEOUT %i", pwm
->pinentry_timeout
);
307 rc
= pinentry_command(pwm
, NULL
, NULL
, buf
);
314 _pinentry_disconnect (pwm_t
* pwm
)
317 assuan_release (pwm
->pctx
);
320 pwm
->pinentry_pid
= -1;
324 _getpin (pwm_t
* pwm
, char **result
, size_t * len
, pwmd_pinentry_t which
)
326 gpg_error_t rc
= set_pinentry_strings (pwm
, which
);
330 _pinentry_disconnect (pwm
);
334 rc
= pinentry_command (pwm
, result
, len
,
335 which
== PWMD_PINENTRY_CONFIRM
? "CONFIRM" : "GETPIN");
338 _pinentry_disconnect (pwm
);
340 /* This lets PWMD_OPTION_PINENTRY_TIMEOUT work. Note that it is not
341 * thread safe do to the global variables. */
342 if (gpg_err_code (rc
) == GPG_ERR_EOF
)
343 rc
= GPG_ERR_CANCELED
;
345 else if (which
!= PWMD_PINENTRY_CONFIRM
&& len
&& result
)
348 *len
= strlen (*result
); // remove the null byte
351 *result
= pwmd_malloc (1);
361 _pwmd_getpin (pwm_t
* pwm
, const char *filename
, char **result
,
362 size_t * len
, pwmd_pinentry_t which
)
368 return GPG_ERR_INV_ARG
;
371 if (which
== PWMD_PINENTRY_CLOSE
)
373 _pinentry_disconnect (pwm
);
377 if (!result
&& which
!= PWMD_PINENTRY_CONFIRM
)
378 return GPG_ERR_INV_ARG
;
380 pwm
->filename
= (char *) filename
;
381 rc
= _getpin (pwm
, result
, len
, which
);