2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
5 This file is part of pwmd.
7 Pwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
12 Pwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
24 #include <gpg-error.h>
25 #include <sys/types.h>
31 #elif defined (HAVE_INTTYPES_H)
41 #define DEFAULT_KDFS2K_ITERATIONS 5000000
42 #define COMPAT_KDFS2K_ITERATIONS 1000
52 uint32_t datalen
; /* of the encrypted xml */
53 } __attribute__ ((packed
)) file_header_t
;
57 gcry_sexp_t pkey
; /* SAVE --keygrip */
58 gcry_sexp_t sigpkey
; /* SAVE --sign-keygrip */
59 uint64_t s2k_count
; /* SAVE|PASSWD --s2k-count */
65 assuan_context_t client_ctx
;
67 struct agent_s
*agent
;
70 gcry_sexp_t pkey_sexp
;
71 unsigned char grip
[20];
72 gcry_sexp_t sigpkey_sexp
;
73 unsigned char sign_grip
[20];
74 gcry_sexp_t ciphertext_sexp
;
76 size_t ciphertext_len
;
80 char *filename
; /* the currently opened data file */
84 #define IS_PKI(crypto) (use_agent && (crypto->hdr.flags & PWMD_FLAG_PKI))
86 void cleanup_save (struct save_s
*save
);
87 gpg_error_t
encrypt_xml (assuan_context_t ctx
, void *key
, size_t keylen
, int
88 algo
, const void *xml
, size_t len
, void **result
,
89 size_t * result_len
, unsigned char **iv
,
91 gpg_error_t
decrypt_cache (struct crypto_s
*crypto
, const void *data
,
93 gpg_error_t
read_data_file (const char *filename
, struct crypto_s
*crypto
);
94 gpg_error_t
read_data_header (const char *filename
, file_header_t
* fh
,
95 struct stat
*st
, int *fd
);
96 gpg_error_t
decrypt_data (assuan_context_t ctx
, struct crypto_s
*crypto
,
97 unsigned char *salted_key
, size_t keylen
);
98 void cleanup_crypto_stage1 (struct crypto_s
*cr
);
99 void cleanup_crypto_stage2 (struct crypto_s
*cr
);
100 void cleanup_crypto (struct crypto_s
**c
);
101 gpg_error_t
init_client_crypto (struct crypto_s
**crypto
);
102 gpg_error_t
write_file (struct crypto_s
*crypto
, const char *filename
,
103 void *data
, size_t data_len
, void *sexp
,
104 size_t sexp_len
, void *pubkey
, void *sigpkey
);
105 gpg_error_t
export_common (assuan_context_t ctx
, int inquire
,
106 struct crypto_s
* crypto
, const void *data
,
107 size_t datalen
, const char *outfile
,
108 const char *keyfile
, void **rkey
, size_t *rkeylen
,
109 int use_cache
, int force
, int no_passphrase
);
110 gpg_error_t
decrypt_common (assuan_context_t ctx
, int inquire
,
111 struct crypto_s
*crypto
, const char *filename
,
112 void **salted_key
, size_t *salted_keysize
,
113 unsigned char **rkey
, size_t *rkeylen
);
114 gpg_error_t
getpin_common (assuan_context_t ctx
, const char *filename
,
115 int which
, char **rkey
, size_t *rkeylen
);
116 gpg_error_t
save_common (const char *md5file
, struct crypto_s
*crypto
,
117 const unsigned char *data
, size_t datalen
,
118 const unsigned char *key
, size_t keylen
, int *cached
,
120 gpg_error_t
change_passwd (assuan_context_t ctx
, const char *filename
,
121 int inquire
, struct crypto_s
**rcrypto
,
123 gpg_error_t
inquire_passphrase (assuan_context_t ctx
, const char *keyword
,
124 unsigned char **result
, size_t *rlen
);
125 gpg_error_t
hash_key (int algo
, unsigned char *salt
, size_t salt_len
,
126 const void *key
, size_t keylen
, void **result
,
127 size_t *rlen
, unsigned long iterations
);
128 gpg_error_t
crypto_try_decrypt (assuan_context_t ctx
, int inquire
, const char *filename
,
129 struct crypto_s
**rcrypto
, unsigned char **key
,