search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Reset signal_thread_key upon cancellation.
[libpwmd.git] / src / crypto.c
blob8f844d7f35964cce2b56c06ba69fa169b91465fe
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
3 2016
4 Ben Kibbey <bjk@luxsci.net>
5
6 This file is part of pwmd.
7
8 Pwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
12
13 Pwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
20 */
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <stdio.h>
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <fcntl.h>
29 #include <errno.h>
30
31 #ifdef WITH_LIBACL
32 #include <sys/acl.h>
33 #endif
34
35 #include "pwmd-error.h"
36 #include "util-misc.h"
37 #include "common.h"
38 #include "rcfile.h"
39 #include "crypto.h"
40 #include "cache.h"
41 #include "mem.h"
42 #include "util-string.h"
43 #include "rcfile.h"
44 #include "mutex.h"
45
46 static int keepalive;
47
48 #define BUFSIZE 4096
49
50 #define STATUS_TIMEOUT_INIT(crypto) \
51 do { \
52 crypto->status_timeout = time (NULL); \
53 crypto->progress_rc = 0; \
54 } while (0)
55
56 #define STATUS_TIMEOUT_TEST(crypto, rc, s, line) \
57 do { \
58 time_t now = time (NULL); \
59 if (now - crypto->status_timeout >= keepalive && crypto->client_ctx) { \
60 rc = send_status (crypto->client_ctx, s, line); \
61 crypto->status_timeout = now; \
62 } \
63 } while (0)
64
65 #if 0
66 static gpgme_error_t
67 show_key_output (gpgme_key_t key)
68 {
69 gpgme_subkey_t keyp; // first is primary
70
71 for (keyp = key->subkeys; keyp; keyp = keyp->next)
72 {
73 fprintf(stderr, "keyid: %s, revoked: %i, expired: %i, disabled: %i, invalid: %i,"
74 "encrypt: %i, sign: %i, cert: %i, auth: %i, secret: %i\n",
75 keyp->keyid, keyp->revoked, keyp->expired, keyp->disabled,
76 keyp->invalid, keyp->can_encrypt, keyp->can_sign,
77 keyp->can_certify, keyp->can_authenticate, keyp->secret);
78 }
79
80 return 0;
81 }
82 #endif
83
84 static gpg_error_t
85 get_password (const char *keyfile, unsigned char **result, size_t *len)
86 {
87 struct stat st;
88 int fd;
89 unsigned char *buf = NULL;
90 gpg_error_t rc = 0;
91
92 log_write (_ ("obtaining passphrase from passphrase file"));
93 if (stat (keyfile, &st) == -1)
94 return gpg_error_from_syserror ();
95
96 fd = open (keyfile, O_RDONLY);
97 if (fd == -1)
98 return gpg_error_from_syserror ();
99
100 buf = xmalloc (st.st_size+1);
101 if (buf)
102 {
103 size_t rlen = read (fd, buf, st.st_size);
104
105 if (rlen != st.st_size)
106 rc = GPG_ERR_ASS_READ_ERROR;
107 else
108 {
109 buf[rlen] = 0;
110 if (rlen && strlen ((char *)buf) != rlen)
111 rc = GPG_ERR_INV_PASSPHRASE;
112
113 if (!rc)
114 {
115 *result = buf;
116 *len = rlen;
117 }
118 }
119 }
120 else
121 rc = GPG_ERR_ENOMEM;
122
123 close (fd);
124 if (rc)
125 xfree (buf);
126
127 return rc;
128 }
129
130 static gpgme_error_t
131 status_cb (void *data, const char *keyword, const char *args)
132 {
133 struct crypto_s *crypto = data;
134
135 // Cache pushing.
136 if (!crypto->client_ctx)
137 return 0;
138
139 if (!strcmp (keyword, "INQUIRE_MAXLEN") &&
140 (crypto->flags & CRYPTO_FLAG_KEYFILE))
141 return 0;
142
143 return assuan_write_status (crypto->client_ctx, keyword, args);
144 }
145
146 static gpgme_error_t
147 passphrase_cb (void *data, const char *hint, const char *info, int bad, int fd)
148 {
149 struct crypto_s *crypto = data;
150 unsigned char *result = NULL;
151 size_t len;
152 gpg_error_t rc = 0;
153
154 if (crypto->flags & CRYPTO_FLAG_KEYFILE)
155 rc = get_password (crypto->keyfile, &result, &len);
156 else
157 {
158 if (hint)
159 rc = assuan_write_status (crypto->client_ctx, "PASSPHRASE_HINT", hint);
160
161 if (!rc && info)
162 rc = assuan_write_status (crypto->client_ctx, "PASSPHRASE_INFO", info);
163
164 if (!rc)
165 {
166 char *keyword = "PASSPHRASE";
167
168 /* FIXME: how to handle multiple signers */
169 if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD_SIGN)
170 keyword = "SIGN_PASSPHRASE";
171 else if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD_NEW)
172 {
173 crypto->flags |= CRYPTO_FLAG_PASSWD_SIGN;
174 keyword = "NEW_PASSPHRASE";
175 }
176 else if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD)
177 crypto->flags |= CRYPTO_FLAG_PASSWD_NEW;
178 else if (!bad && crypto->flags & CRYPTO_FLAG_NEWFILE)
179 {
180 keyword = "NEW_PASSPHRASE";
181 if (crypto->save.sigkey)
182 crypto->flags |= CRYPTO_FLAG_PASSWD_SIGN;
183 }
184
185 rc = assuan_inquire (crypto->client_ctx, keyword, &result, &len, 0);
186 }
187 }
188
189 if (!rc)
190 {
191 pthread_cleanup_push ((void *)xfree, result);
192
193 if (!len)
194 gpgme_io_writen (fd, "\n", 1);
195 else
196 {
197 int nl = result[len-1] == '\n';
198 int ret;
199
200 ret = gpgme_io_writen (fd, result, len);
201 if (!ret && !nl)
202 gpgme_io_writen (fd, "\n", 1);
203 else if (ret)
204 rc = GPG_ERR_CANCELED;
205 }
206
207 pthread_cleanup_pop (1);
208 }
209
210 return rc;
211 }
212
213 static void
214 progress_cb (void *data, const char *what, int type, int current, int total)
215 {
216 struct crypto_s *crypto = data;
217
218 crypto->progress_rc = send_status (crypto->client_ctx, STATUS_GPGME,
219 "%s %i %i %i", what, type, current, total);
220 }
221
222 gpgme_error_t
223 crypto_data_to_buf (const gpgme_data_t data, unsigned char **result,
224 size_t *rlen)
225 {
226 off_t ret = gpgme_data_seek (data, 0, SEEK_SET);
227 gpgme_error_t rc;
228 size_t total = 0, size = BUFSIZE;
229 unsigned char *buf;
230
231 if (ret == -1)
232 return gpg_error_from_syserror ();
233
234 buf = xmalloc (size);
235 if (!buf)
236 return GPG_ERR_ENOMEM;
237
238 do
239 {
240 pthread_cleanup_push ((void *)xfree, buf);
241 ret = gpgme_data_read (data, &buf[total], BUFSIZE);
242 pthread_cleanup_pop (0);
243 if (ret > 0)
244 {
245 unsigned char *p;
246
247 total += ret;
248 size += BUFSIZE;
249 p = xrealloc (buf, size * sizeof(char));
250 if (!p)
251 {
252 xfree (buf);
253 return GPG_ERR_ENOMEM;
254 }
255
256 buf = p;
257 }
258 } while (ret > 0);
259
260 if (ret == -1)
261 {
262 rc = gpgme_err_code_from_syserror ();
263 xfree (buf);
264 return rc;
265 }
266
267 *result = buf;
268 *rlen = total;
269 return 0;
270 }
271
272 gpgme_error_t
273 crypto_list_keys (struct crypto_s *crypto, char *keys[], int secret,
274 gpgme_key_t **result)
275 {
276 gpgme_error_t rc;
277 gpgme_key_t key = NULL, *res = NULL;
278 size_t total = 0;
279
280 STATUS_TIMEOUT_INIT (crypto);
281 rc = gpgme_op_keylist_ext_start (crypto->ctx, (const char **)keys, secret, 0);
282 if (rc)
283 return rc;
284
285 do
286 {
287 gpgme_key_t *p;
288
289 pthread_cleanup_push ((void *)crypto_free_key_list, res);
290 rc = gpgme_op_keylist_next (crypto->ctx, &key);
291 pthread_cleanup_pop (0);
292 if (rc && gpgme_err_code(rc) != GPG_ERR_EOF)
293 break;
294
295 if (rc)
296 {
297 rc = 0;
298 break;
299 }
300
301 p = xrealloc (res, (total+2) * sizeof (gpgme_key_t));
302 if (!p)
303 {
304 rc = GPG_ERR_ENOMEM;
305 break;
306 }
307
308 res = p;
309 res[total++] = key;
310 res[total] = NULL;
311 pthread_cleanup_push ((void *)crypto_free_key_list, res);
312 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
313 pthread_cleanup_pop (0);
314 } while (!rc);
315
316 if (!rc)
317 {
318 rc = gpgme_op_keylist_end (crypto->ctx);
319 if (!rc)
320 {
321 *result = res;
322 rc = total ? 0 : secret ? GPG_ERR_NO_SECKEY : GPG_ERR_NO_PUBKEY;
323 }
324 }
325 else
326 crypto_free_key_list (res);
327
328 return rc;
329 }
330
331 void
332 crypto_free_save (struct save_s *save)
333 {
334 if (!save)
335 return;
336
337 strv_free (save->pubkey);
338 strv_free (save->sigkey);
339 memset (save, 0, sizeof (struct save_s));
340 }
341
342 static gpg_error_t
343 crypto_kill_scd ()
344 {
345 return cache_kill_scd ();
346 }
347
348 static void
349 free_gpgme_data_cb (void *data)
350 {
351 gpgme_data_t d = data;
352 char *t;
353 size_t len;
354
355 if (!data)
356 return;
357
358 t = gpgme_data_release_and_get_mem (d, &len);
359 if (t)
360 wipememory (t, 0, len);
361
362 gpgme_free (t);
363 }
364
365 void
366 crypto_free_non_keys (struct crypto_s *crypto)
367 {
368 if (!crypto)
369 return;
370
371 if (crypto->ctx)
372 gpgme_release (crypto->ctx);
373
374 crypto->ctx = NULL;
375 xfree (crypto->plaintext);
376 crypto->plaintext = NULL;
377 crypto->plaintext_size = 0;
378
379 if (crypto->cipher)
380 free_gpgme_data_cb (crypto->cipher);
381
382 crypto->cipher = NULL;
383 crypto_free_save (&crypto->save);
384 xfree (crypto->keyfile);
385 crypto->keyfile = NULL;
386 crypto->flags &= ~CRYPTO_FLAG_KEYFILE;
387 (void)crypto_kill_scd ();
388 }
389
390 void
391 crypto_free (struct crypto_s *crypto)
392 {
393 if (!crypto)
394 return;
395
396 crypto_free_non_keys (crypto);
397 strv_free (crypto->pubkey);
398 strv_free (crypto->sigkey);
399 xfree (crypto->filename);
400 xfree (crypto);
401 }
402
403 gpgme_error_t
404 crypto_init_ctx (struct crypto_s *crypto, int no_pinentry,
405 char *passphrase_file)
406 {
407 gpgme_ctx_t ctx;
408 gpgme_keylist_mode_t keylist_mode;
409 gpgme_error_t rc;
410
411 rc = gpgme_new (&ctx);
412 if (rc)
413 return rc;
414
415 rc = gpgme_set_protocol (ctx, GPGME_PROTOCOL_OPENPGP);
416 if (!rc)
417 {
418 keylist_mode = gpgme_get_keylist_mode (ctx);
419 keylist_mode |= GPGME_KEYLIST_MODE_LOCAL|GPGME_KEYLIST_MODE_WITH_SECRET;
420 rc = gpgme_set_keylist_mode (ctx, keylist_mode);
421 if (!rc)
422 {
423 if (no_pinentry || passphrase_file)
424 rc = gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK);
425 else
426 rc = gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_DEFAULT);
427
428 if (!rc)
429 {
430 gpgme_set_passphrase_cb (ctx, passphrase_cb, crypto);
431 gpgme_set_progress_cb (ctx, progress_cb, crypto);
432 gpgme_set_status_cb (ctx, status_cb, crypto);
433 crypto->ctx = ctx;
434 crypto->flags = 0;
435 }
436
437 if (passphrase_file)
438 {
439 crypto->keyfile = passphrase_file;
440 crypto->flags |= CRYPTO_FLAG_KEYFILE;
441 }
442 }
443 }
444
445 if (rc)
446 gpgme_release (ctx);
447
448 return rc;
449 }
450
451 void
452 crypto_set_keepalive ()
453 {
454 keepalive = config_get_integer ("global", "keepalive_interval");
455 }
456
457 gpg_error_t
458 crypto_init (struct crypto_s **crypto, void *ctx, const char *filename,
459 int no_pinentry, char *passphrase_file)
460 {
461 struct crypto_s *new = xcalloc (1, sizeof (struct crypto_s));
462 gpgme_error_t rc;
463
464 crypto_set_keepalive ();
465
466 if (!new)
467 return GPG_ERR_ENOMEM;
468
469 rc = crypto_init_ctx (new, no_pinentry, passphrase_file);
470 if (rc)
471 goto fail;
472
473 if (filename)
474 {
475 new->filename = str_dup (filename);
476 if (!new->filename)
477 {
478 rc = GPG_ERR_ENOMEM;
479 goto fail;
480 }
481 }
482
483 new->client_ctx = ctx;
484 *crypto = new;
485 return 0;
486
487 fail:
488 crypto_free (new);
489 return rc;
490 }
491
492 /* Converts a 40 byte key id to the 16 byte form. Needed for comparison of
493 * gpgme_recipient_t.keyid. */
494 gpg_error_t
495 crypto_keyid_to_16b (char **keys)
496 {
497 char **p;
498
499 for (p = keys; p && *p; p++)
500 {
501 char *t = *p;
502 size_t len = strlen (t);
503
504 if (len < 16)
505 return GPG_ERR_INV_ARG;
506
507 memmove (&t[0], &t[len-16], 16);
508 t[16] = 0;
509 }
510
511 return 0;
512 }
513
514 gpgme_error_t
515 crypto_decrypt (struct client_s *client, struct crypto_s *crypto)
516 {
517 gpgme_data_t plain;
518 gpgme_error_t rc;
519 gpgme_data_t cipher;
520 int fd;
521 char **new_recipients = NULL;
522 char **new_signers = NULL;
523 char **pp;
524 gpgme_decrypt_result_t result;
525
526 rc = gpgme_data_new (&plain);
527 if (rc)
528 return rc;
529
530 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
531 fd = open (crypto->filename, O_RDONLY);
532 if (fd != -1)
533 {
534 pthread_cleanup_push ((void *)close_fd_cb, &fd);
535 rc = gpgme_data_new_from_fd (&cipher, fd);
536 if (!rc)
537 {
538 pthread_cleanup_push ((void *)free_gpgme_data_cb, cipher);
539 STATUS_TIMEOUT_INIT(crypto);
540 rc = send_status (client ? client->ctx : NULL, STATUS_DECRYPT, NULL);
541 if (!rc)
542 rc = gpgme_op_decrypt_verify_start (crypto->ctx, cipher, plain);
543
544 if (!rc)
545 {
546 do
547 {
548 if (!rc && crypto->progress_rc)
549 rc = crypto->progress_rc;
550
551 if (!rc)
552 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_DECRYPT, NULL);
553
554 if (rc)
555 break;
556 TEST_CANCEL ();
557 } while (!gpgme_wait (crypto->ctx, &rc, 0) && !rc);
558 }
559
560 pthread_cleanup_pop (1); // free_gpgme_data_cb (cipher)
561 }
562
563 pthread_cleanup_pop (1); // close (fd)
564 }
565 else
566 rc = gpgme_err_code_from_syserror ();
567
568 pthread_cleanup_pop (0); // free_gpgme_data_cb (plain)
569
570 if (rc)
571 {
572 free_gpgme_data_cb (plain);
573 return rc;
574 }
575
576 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
577 result = gpgme_op_decrypt_result (crypto->ctx);
578 if (!result->unsupported_algorithm && !result->wrong_key_usage)
579 {
580 gpgme_recipient_t r;
581
582 for (r = result->recipients; r; r = r->next)
583 {
584 pthread_cleanup_push ((void *)strv_free, new_recipients);
585 log_write1 (_ ("%s: recipient: %s, status=%u"),
586 crypto->filename, r->keyid, r->status);
587 pthread_cleanup_pop (0);
588 pp = strv_cat(new_recipients, str_dup (r->keyid));
589 if (!pp)
590 {
591 rc = GPG_ERR_ENOMEM;
592 break;
593 }
594
595 new_recipients = pp;
596 }
597 }
598 else if (result->wrong_key_usage)
599 rc = GPG_ERR_WRONG_KEY_USAGE;
600 else if (result->unsupported_algorithm)
601 rc = GPG_ERR_UNSUPPORTED_ALGORITHM;
602
603 if (!rc)
604 {
605 gpgme_verify_result_t result;
606 gpgme_signature_t s;
607
608 result = gpgme_op_verify_result (crypto->ctx);
609
610 for (s = result->signatures; s; s = s->next)
611 {
612 pthread_cleanup_push ((void *)strv_free, new_signers);
613 log_write1 (_ ("%s: signer: %s, status=%u"),
614 crypto->filename, s->fpr, s->status);
615 pthread_cleanup_pop (0);
616 if (s->status || s->wrong_key_usage
617 || !(s->summary & GPGME_SIGSUM_VALID))
618 continue;
619
620 pp = strv_cat (new_signers, str_dup (s->fpr));
621 if (!pp)
622 {
623 rc = GPG_ERR_ENOMEM;
624 break;
625 }
626
627 new_signers = pp;
628 }
629
630 if (result->signatures && !new_signers)
631 rc = GPG_ERR_BAD_SIGNATURE;
632
633 if (!rc)
634 {
635 xfree (crypto->plaintext);
636 crypto->plaintext = NULL;
637 crypto->plaintext_size = 0;
638 pthread_cleanup_push ((void *)strv_free, new_recipients);
639 pthread_cleanup_push ((void *)strv_free, new_signers);
640 rc = crypto_data_to_buf (plain, &crypto->plaintext,
641 &crypto->plaintext_size);
642 pthread_cleanup_pop (0);
643 pthread_cleanup_pop (0);
644 if (!rc)
645 {
646 strv_free (crypto->pubkey);
647 crypto->pubkey = new_recipients;
648 crypto_keyid_to_16b (crypto->pubkey);
649 strv_free (crypto->sigkey);
650 crypto->sigkey = new_signers;
651 crypto_keyid_to_16b (crypto->sigkey);
652 }
653 }
654 }
655
656 if (rc)
657 {
658 strv_free (new_recipients);
659 strv_free (new_signers);
660 }
661
662 pthread_cleanup_pop (1); // free_gpgme_data_cb (plain)
663 return rc;
664 }
665
666 void
667 crypto_free_key_list (gpgme_key_t *keys)
668 {
669 int i;
670
671 for (i = 0; keys && keys[i]; i++)
672 gpgme_key_unref (keys[i]);
673
674 xfree (keys);
675 }
676
677 /* Removes strings in 'prune' from 'a'. */
678 static char **
679 prune_keys (char **a, char **prune)
680 {
681 char **p;
682
683 for (p = prune; p && *p; p++)
684 {
685 char **ap;
686
687 for (ap = a; ap && *ap; ap++)
688 {
689 if (!strcmp (*ap, *p))
690 {
691 while (*ap)
692 {
693 *ap = *(ap+1);
694 ap++;
695 }
696 }
697 }
698 }
699
700 return a;
701 }
702
703 static void
704 remove_duplicates (char **a)
705 {
706 char **p;
707
708 for (p = a; p && *p; p++)
709 {
710 char **t;
711
712 for (t = p+1; t && *t; t++)
713 {
714 if (!strcmp (*p, *t))
715 {
716 char *tmp = *t;
717
718 while (*(t+1))
719 {
720 *t = *(t+1);
721 t++;
722 }
723
724 *t = NULL;
725 xfree (tmp);
726 remove_duplicates (a);
727 return;
728 }
729 }
730 }
731 }
732
733 gpgme_error_t
734 crypto_encrypt (struct client_s *client, struct crypto_s *crypto)
735 {
736 gpgme_error_t rc;
737 gpgme_data_t cipher = NULL;
738 gpgme_key_t *keys = NULL;
739 gpgme_key_t *sigkeys = NULL;
740
741 STATUS_TIMEOUT_INIT (crypto);
742 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC))
743 {
744 crypto_keyid_to_16b (crypto->save.pubkey);
745 remove_duplicates (crypto->save.pubkey);
746 rc = crypto_list_keys (crypto, crypto->save.pubkey, 0, &keys);
747 if (rc)
748 return rc;
749 }
750
751 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
752 rc = gpgme_data_new (&cipher);
753 pthread_cleanup_push ((void *)free_gpgme_data_cb, cipher);
754 if (!rc)
755 rc = gpgme_data_set_file_name (cipher, crypto->filename);
756
757 if (!rc && (crypto->save.sigkey
758 || !(crypto->flags & CRYPTO_FLAG_SYMMETRIC)))
759 {
760 crypto_keyid_to_16b (crypto->save.sigkey);
761 remove_duplicates (crypto->save.sigkey);
762 rc = crypto_list_keys (crypto, crypto->save.sigkey, 1, &sigkeys);
763 if (gpg_err_code (rc) == GPG_ERR_NO_DATA)
764 rc = 0;
765 }
766
767 if (!rc)
768 {
769 gpgme_data_t plain = NULL;
770
771 pthread_cleanup_push ((void *)crypto_free_key_list, sigkeys);
772 rc = gpgme_data_new_from_mem (&plain, (char *)crypto->plaintext,
773 crypto->plaintext_size, 0);
774 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
775 if (!rc)
776 {
777 int i;
778
779 gpgme_signers_clear (crypto->ctx);
780
781 for (i = 0; sigkeys && sigkeys[i]; i++)
782 gpgme_signers_add (crypto->ctx, sigkeys[i]);
783
784 if (!i && !(crypto->flags & CRYPTO_FLAG_SYMMETRIC))
785 rc = GPG_ERR_NO_SIGNATURE_SCHEME;
786 }
787
788 if (!rc)
789 {
790 gpgme_data_set_encoding (cipher, GPGME_DATA_ENCODING_ARMOR);
791
792 rc = send_status (client ? client->ctx : NULL, STATUS_ENCRYPT, NULL);
793 if (!rc)
794 {
795 unsigned flags = 0;
796 int f = config_get_boolean ("global", "encrypt_to");
797
798 if (!f)
799 flags |= GPGME_ENCRYPT_NO_ENCRYPT_TO;
800
801 f = config_get_boolean ("global", "always_trust");
802 if (f)
803 flags |= GPGME_ENCRYPT_ALWAYS_TRUST;
804
805 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC)
806 || (crypto->flags & CRYPTO_FLAG_SYMMETRIC && sigkeys))
807 rc = gpgme_op_encrypt_sign_start (crypto->ctx,
808 (crypto->flags & CRYPTO_FLAG_SYMMETRIC) ? NULL : keys,
809 flags, plain, cipher);
810 else
811 rc = gpgme_op_encrypt_start (crypto->ctx, NULL, flags,
812 plain, cipher);
813 }
814 }
815
816 if (!rc)
817 {
818 do
819 {
820 if (!rc && crypto->progress_rc)
821 rc = crypto->progress_rc;
822
823 if (!rc)
824 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_ENCRYPT, NULL);
825
826 if (rc)
827 break;
828 TEST_CANCEL();
829 } while (!gpgme_wait (crypto->ctx, &rc, 0) && !rc);
830
831 if (!rc)
832 {
833 gpgme_encrypt_result_t result;
834 gpgme_sign_result_t sresult;
835 gpgme_invalid_key_t inv;
836 gpgme_new_signature_t sigs;
837 char **prune = NULL;
838 char **p = NULL;
839
840 result = gpgme_op_encrypt_result (crypto->ctx);
841 inv = result->invalid_recipients;
842 while (inv)
843 {
844 pthread_cleanup_push ((void *)strv_free, prune);
845 log_write1 (_ ("%s: invalid recipient: %s, rc=%u"),
846 crypto->filename, inv->fpr, inv->reason);
847 pthread_cleanup_pop (0);
848 p = strv_cat (prune, str_dup(inv->fpr));
849 if (!p)
850 {
851 rc = GPG_ERR_ENOMEM;
852 strv_free (prune);
853 break;
854 }
855
856 prune = p;
857 inv = inv->next;
858 }
859
860 if (prune)
861 {
862 p = prune_keys (crypto->save.pubkey, prune);
863 crypto->save.pubkey = p;
864 }
865
866 crypto_keyid_to_16b (crypto->save.pubkey);
867 sresult = gpgme_op_sign_result (crypto->ctx);
868 inv = sresult ? sresult->invalid_signers : NULL;
869 while (!rc && inv)
870 {
871 log_write1 (_ ("%s: invalid signer: %s, rc=%u"),
872 crypto->filename, inv->fpr, inv->reason);
873 inv = inv->next;
874 }
875
876 sigs = sresult ? sresult->signatures : NULL;
877 if (!rc && sigs)
878 {
879 p = NULL;
880
881 while (sigs)
882 {
883 char **pp;
884
885 pthread_cleanup_push ((void *)strv_free, p);
886 log_write1 (_ ("%s: signer: %s"), crypto->filename,
887 sigs->fpr);
888 pthread_cleanup_pop (0);
889
890 pp = strv_cat (p, str_dup (sigs->fpr));
891 if (!pp)
892 {
893 rc = GPG_ERR_ENOMEM;
894 strv_free (p);
895 break;
896 }
897
898 p = pp;
899 sigs = sigs->next;
900 }
901
902 if (!rc)
903 {
904 strv_free (crypto->save.sigkey);
905 crypto->save.sigkey = p;
906 crypto_keyid_to_16b (crypto->save.sigkey);
907 crypto->cipher = cipher;
908 }
909 }
910 else if (!rc && crypto->flags & CRYPTO_FLAG_SYMMETRIC)
911 {
912 crypto->cipher = cipher;
913 }
914 else if (!rc)
915 {
916 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC)
917 || (crypto->flags & CRYPTO_FLAG_SYMMETRIC && sigkeys))
918 rc = GPG_ERR_NO_SIGNATURE_SCHEME;
919 }
920 }
921 }
922
923 pthread_cleanup_pop (1); // free_gpgme_data_cb (plain)
924 pthread_cleanup_pop (1); // crypto_free_key_list (sigkeys)
925 }
926
927 pthread_cleanup_pop (0); // free_gpgme_data_cb (cipher)
928 pthread_cleanup_pop (1); // crypto_free_key_list (keys)
929
930 if (rc)
931 free_gpgme_data_cb (cipher);
932
933 return rc;
934 }
935
936 gpgme_error_t
937 crypto_passwd (struct client_s *client, struct crypto_s *crypto)
938 {
939 gpgme_error_t rc;
940 gpgme_key_t *keys = NULL;
941
942 /* Use SAVE instead for symmetric files. */
943 rc = crypto_is_symmetric (client->filename);
944 if (!rc || rc != GPG_ERR_BAD_DATA)
945 return !rc ? GPG_ERR_NOT_SUPPORTED : rc;
946
947 rc = crypto_list_keys (crypto, crypto->pubkey, 1, &keys);
948 if (rc)
949 return rc;
950
951 crypto->flags |= CRYPTO_FLAG_PASSWD;
952 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
953 STATUS_TIMEOUT_INIT (crypto);
954 rc = send_status (client->ctx, STATUS_KEEPALIVE, NULL);
955 if (!rc)
956 rc = gpgme_op_passwd_start (crypto->ctx, keys[0], 0);
957
958 if (!rc)
959 {
960 do
961 {
962 if (!rc && crypto->progress_rc)
963 rc = crypto->progress_rc;
964
965 if (!rc)
966 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
967
968 if (rc)
969 break;
970 TEST_CANCEL();
971 } while (!gpgme_wait (crypto->ctx, &rc, 0) && !rc);
972 }
973
974 pthread_cleanup_pop (1);
975 return rc;
976 }
977
978 /* Generate a new key pair. The resulting keyid's are stored in crypto->save.
979 */
980 gpgme_error_t
981 crypto_genkey (struct client_s *client, struct crypto_s *crypto,
982 const unsigned char *params)
983 {
984 gpgme_genkey_result_t result;
985 gpgme_error_t rc;
986
987 if (strstr ((char *) params, "%pubring")
988 || strstr ((char *) params, "%secring"))
989 return GPG_ERR_INV_VALUE;
990
991 STATUS_TIMEOUT_INIT (crypto);
992 rc = send_status (client ? client->ctx : NULL, STATUS_GENKEY, NULL);
993 if (!rc)
994 rc = gpgme_op_genkey_start (crypto->ctx, (const char *)params, NULL, NULL);
995
996 if (rc)
997 return rc;
998
999 do
1000 {
1001 if (!rc && crypto->progress_rc)
1002 rc = crypto->progress_rc;
1003
1004 if (!rc)
1005 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_GENKEY, NULL);
1006
1007 if (rc)
1008 break;
1009 TEST_CANCEL();
1010 } while (!gpgme_wait (crypto->ctx, &rc, 0) && !rc);
1011
1012 if (!rc)
1013 {
1014 gpgme_key_t *keys = NULL;
1015
1016 result = gpgme_op_genkey_result (crypto->ctx);
1017 crypto->save.sigkey = strv_cat (crypto->save.sigkey,
1018 str_dup (result->fpr));
1019 crypto_keyid_to_16b (crypto->save.sigkey);
1020
1021 rc = crypto_list_keys (crypto, crypto->save.sigkey, 1, &keys);
1022 if (!rc)
1023 {
1024 gpgme_subkey_t key = keys[0]->subkeys;
1025
1026 for (; key; key = key->next)
1027 {
1028 if (key->can_encrypt)
1029 break;
1030 }
1031
1032 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
1033 rc = send_status (client ? client->ctx : NULL, STATUS_GENKEY, "%s %s",
1034 crypto->save.sigkey[0], key ? key->fpr : "");
1035 if (!rc)
1036 {
1037 crypto->save.pubkey = strv_cat (crypto->save.pubkey,
1038 str_dup (key->fpr));
1039 crypto_keyid_to_16b (crypto->save.pubkey);
1040 }
1041
1042 pthread_cleanup_pop (1);
1043 }
1044 }
1045
1046 return rc;
1047 }
1048
1049 char *
1050 crypto_default_key_params ()
1051 {
1052 char *user = get_username (getuid());
1053 char *params = str_asprintf(
1054 "<GnupgKeyParms format=\"internal\">\n"
1055 " Key-Type: default\n"
1056 " Subkey-Type: default\n"
1057 " Name-Real: %s\n"
1058 " Name-Email: %s\n"
1059 " Expire-Date: 0\n"
1060 "</GnupgKeyParms>",
1061 getenv ("REALNAME") ? getenv ("REALNAME") : user,
1062 getenv ("EMAIL") ? getenv ("EMAIL") : user);
1063
1064 xfree (user);
1065 return params;
1066 }
1067
1068 #ifdef WITH_LIBACL
1069 static void
1070 acl_free_cb (void *arg)
1071 {
1072 acl_t acl = arg ? (acl_t) arg : NULL;
1073
1074 if (acl)
1075 acl_free (acl);
1076 }
1077 #endif
1078
1079 /* The advisory lock should be obtained before calling this function. */
1080 gpg_error_t
1081 crypto_write_file (struct crypto_s *crypto)
1082 {
1083 unsigned char *buf;
1084 size_t size, len;
1085 int fd;
1086 gpg_error_t rc;
1087 char tmp[PATH_MAX];
1088 struct stat st;
1089 mode_t mode = 0600;
1090 #ifdef WITH_LIBACL
1091 acl_t acl = NULL;
1092 #endif
1093
1094 if (crypto->filename)
1095 {
1096 if (lstat (crypto->filename, &st) == 0)
1097 {
1098 mode = st.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
1099
1100 if (!(mode & S_IWUSR))
1101 return GPG_ERR_EACCES;
1102 }
1103 else if (errno != ENOENT)
1104 return gpg_error_from_errno (errno);
1105
1106 snprintf (tmp, sizeof (tmp), "%s.XXXXXX", crypto->filename);
1107 mode_t tmode = umask (0600);
1108 fd = mkstemp (tmp);
1109 if (fd == -1)
1110 {
1111 rc = gpg_error_from_errno (errno);
1112 umask (tmode);
1113 log_write ("%s: %s", tmp, pwmd_strerror (rc));
1114 return rc;
1115 }
1116
1117 umask (tmode);
1118 }
1119 else
1120 fd = STDOUT_FILENO;
1121
1122 rc = crypto_data_to_buf (crypto->cipher, &buf, &size);
1123 if (rc)
1124 {
1125 if (crypto->filename)
1126 close (fd);
1127 return rc;
1128 }
1129
1130 pthread_cleanup_push ((void *)close_fd_cb, &fd);
1131 pthread_cleanup_push ((void *)xfree, buf);
1132 len = write (fd, buf, size);
1133 pthread_cleanup_pop (1);
1134 if (len != size)
1135 rc = gpg_error_from_errno (errno);
1136
1137 if (!rc)
1138 {
1139 if (fsync (fd) != -1)
1140 {
1141 if (crypto->filename && close (fd) != -1)
1142 {
1143 #ifdef WITH_LIBACL
1144 acl = acl_get_file (crypto->filename, ACL_TYPE_ACCESS);
1145 if (!acl && errno == ENOENT)
1146 acl = acl_get_file (".", ACL_TYPE_DEFAULT);
1147 if (!acl)
1148 log_write ("ACL: %s: %s", crypto->filename,
1149 pwmd_strerror (gpg_error_from_errno (errno)));
1150 pthread_cleanup_push ((void *)acl_free_cb, acl);
1151 #endif
1152
1153 fd = -1;
1154 if (config_get_boolean (crypto->filename, "backup"))
1155 {
1156 char tmp2[PATH_MAX];
1157
1158 snprintf (tmp2, sizeof (tmp2), "%s.backup", crypto->filename);
1159 if (rename (crypto->filename, tmp2) == -1)
1160 if (errno != ENOENT)
1161 rc = gpg_error_from_errno (errno);
1162 }
1163
1164 if (!rc && rename (tmp, crypto->filename) == -1)
1165 rc = gpg_error_from_errno (errno);
1166
1167 if (!rc)
1168 chmod (crypto->filename, mode);
1169 #ifdef WITH_LIBACL
1170 if (!rc && acl && acl_set_file (crypto->filename,
1171 ACL_TYPE_ACCESS, acl))
1172 log_write ("ACL: %s: %s", crypto->filename,
1173 pwmd_strerror (gpg_error_from_errno (errno)));
1174 pthread_cleanup_pop (1);
1175 #endif
1176 }
1177 else if (crypto->filename)
1178 rc = gpg_error_from_errno (errno);
1179
1180 if (!rc && fd != -1)
1181 {
1182 char *tmp = str_asprintf ("%s/data", homedir);
1183
1184 if (tmp)
1185 {
1186 int dfd = open (tmp, O_RDONLY);
1187
1188 if (dfd != -1)
1189 {
1190 if (fsync (dfd) == -1)
1191 log_write ("%s %d: %s", __FILE__, __LINE__,
1192 pwmd_strerror (errno));
1193
1194 close (dfd);
1195 }
1196 else
1197 log_write ("%s %d: %s", __FILE__, __LINE__,
1198 pwmd_strerror (errno));
1199
1200 xfree (tmp);
1201 }
1202 }
1203 }
1204 else
1205 rc = gpg_error_from_errno (errno);
1206 }
1207
1208 pthread_cleanup_pop (0); // close (fd)
1209 if (fd != -1)
1210 close (fd);
1211 return rc;
1212 }
1213
1214 char *
1215 crypto_key_info (const gpgme_key_t key)
1216 {
1217 struct string_s *string = string_new (NULL), *s;
1218 char *line = NULL;
1219 unsigned n, u;
1220 gpgme_subkey_t subkey;
1221 gpgme_user_id_t uid;
1222
1223 if (!string)
1224 return NULL;
1225
1226 for (u = 0, uid = key->uids; uid; uid = uid->next)
1227 u++;
1228
1229 for (n = 0, subkey = key->subkeys; subkey; subkey = subkey->next)
1230 n++;
1231
1232 s = string_append_printf (string, "%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%i:%s:%s:%s:%i:%u:%u",
1233 key->revoked, key->expired, key->disabled,
1234 key->invalid, key->can_encrypt, key->can_sign,
1235 key->can_certify, key->secret,
1236 key->can_authenticate, key->is_qualified,
1237 key->protocol,
1238 key->issuer_serial ? key->issuer_serial : "",
1239 key->issuer_name ? key->issuer_name : "",
1240 key->chain_id ? key->chain_id : "",
1241 key->owner_trust, u, n);
1242 if (!s)
1243 {
1244 string_free (string, 1);
1245 return NULL;
1246 }
1247
1248 string = s;
1249 for (subkey = key->subkeys; subkey; subkey = subkey->next)
1250 {
1251 char *tmp;
1252
1253 s = string_append_printf (string, ":%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%i:%u",
1254 subkey->revoked, subkey->expired,
1255 subkey->disabled, subkey->invalid,
1256 subkey->can_encrypt, subkey->can_sign,
1257 subkey->can_certify, subkey->secret,
1258 subkey->can_authenticate, subkey->is_qualified,
1259 subkey->is_cardkey, subkey->pubkey_algo,
1260 subkey->length);
1261 if (!s)
1262 {
1263 string_free (string, 1);
1264 return NULL;
1265 }
1266
1267 string = s;
1268 s = string_append_printf (string, ":%s:%s:%s:%li:%li:%s",
1269 subkey->keyid, subkey->fpr,
1270 subkey->keygrip ? subkey->keygrip : "",
1271 subkey->timestamp, subkey->expires,
1272 subkey->card_number ? subkey->card_number : "0");
1273 if (!s)
1274 {
1275 string_free (string, 1);
1276 return NULL;
1277 }
1278
1279 string = s;
1280 tmp = gnupg_escape (subkey->curve);
1281 s = string_append_printf (string, ":%s", tmp ? tmp : "");
1282 xfree (tmp);
1283 if (!s)
1284 {
1285 string_free (string, 1);
1286 return NULL;
1287 }
1288
1289 string = s;
1290 }
1291
1292 for (uid = key->uids; uid; uid = uid->next)
1293 {
1294 char *userid, *name, *email, *comment;
1295
1296 userid = gnupg_escape (uid->uid);
1297 name = gnupg_escape (uid->name);
1298 email = gnupg_escape (uid->email);
1299 comment = gnupg_escape (uid->comment);
1300 s = string_append_printf (string, ":%u:%u:%u:%s:%s:%s:%s",
1301 uid->revoked, uid->invalid, uid->validity,
1302 userid ? userid : "",
1303 name ? name : "",
1304 email ? email : "",
1305 comment ? comment : "");
1306 xfree (userid);
1307 xfree (name);
1308 xfree (email);
1309 xfree (comment);
1310 if (!s)
1311 {
1312 string_free (string, 1);
1313 return NULL;
1314 }
1315
1316 string = s;
1317 }
1318
1319 line = string->str;
1320 string_free (string, 0);
1321 return line;
1322 }
1323
1324 gpg_error_t
1325 crypto_try_decrypt (struct client_s *client, int no_pinentry)
1326 {
1327 struct crypto_s *crypto;
1328 gpg_error_t rc;
1329 char *keyfile = config_get_string (client->filename, "passphrase_file");
1330
1331 rc = crypto_init (&crypto, client->ctx, client->filename, no_pinentry,
1332 keyfile);
1333 if (!rc)
1334 {
1335 pthread_cleanup_push ((void *)crypto_free, crypto);
1336 rc = crypto_decrypt (client, crypto);
1337 pthread_cleanup_pop (1);
1338 }
1339 else
1340 xfree (keyfile);
1341
1342 return rc;
1343 }
1344
1345 /* The advisory lock should be obtained before calling this function. */
1346 gpg_error_t
1347 crypto_is_symmetric (const char *filename)
1348 {
1349 int fd;
1350 uint8_t magic[2];
1351 ssize_t len;
1352
1353 fd = open (filename, O_RDONLY);
1354 if (fd == -1)
1355 return gpg_error_from_errno (errno);
1356
1357 len = read (fd, &magic, sizeof(magic));
1358 close (fd);
1359 if (len != sizeof (magic))
1360 return GPG_ERR_INV_VALUE;
1361
1362 // Always read as big endian.
1363 if (magic[0] != 0x8c || magic[1] != 0x0d)
1364 return GPG_ERR_BAD_DATA;
1365
1366 return 0;
1367 }
An API for pwmd.