search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix previous commit.
[pwmd.git] / src / crypto.c
blob88438f338703d6ecc3d1aa39cb27619fd771d6f8
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
3 2016, 2017
4 Ben Kibbey <bjk@luxsci.net>
5
6 This file is part of pwmd.
7
8 Pwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
12
13 Pwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
20 */
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <stdio.h>
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <fcntl.h>
29 #include <errno.h>
30 #include <pthread.h>
31
32 #ifdef WITH_LIBACL
33 #include <sys/acl.h>
34 #endif
35
36 #include "pwmd-error.h"
37 #include "util-misc.h"
38 #include "common.h"
39 #include "rcfile.h"
40 #include "crypto.h"
41 #include "cache.h"
42 #include "mem.h"
43 #include "util-string.h"
44 #include "rcfile.h"
45 #include "mutex.h"
46
47 static unsigned keepalive;
48 static pthread_mutex_t crypto_mutex = PTHREAD_MUTEX_INITIALIZER;
49
50 #define BUFSIZE 4096
51
52 #define STATUS_TIMEOUT_INIT(crypto) \
53 do { \
54 crypto->status_timeout = time (NULL); \
55 crypto->progress_rc = 0; \
56 } while (0)
57
58 #define STATUS_TIMEOUT_TEST(crypto, rc, s, line) \
59 do { \
60 time_t now = time (NULL); \
61 if (now - crypto->status_timeout >= keepalive && crypto->client_ctx) { \
62 rc = send_status (crypto->client_ctx, s, line); \
63 crypto->status_timeout = now; \
64 } \
65 } while (0)
66
67 static gpg_error_t
68 get_password_file (const char *keyfile, unsigned char **result, size_t *len)
69 {
70 struct stat st;
71 int fd;
72 unsigned char *buf = NULL;
73 gpg_error_t rc = 0;
74
75 log_write (_ ("obtaining passphrase from passphrase file"));
76 rc = open_check_file (keyfile, &fd, &st, 0);
77 if (rc)
78 return rc;
79
80 buf = xmalloc (st.st_size+1);
81 if (buf)
82 {
83 size_t rlen = read (fd, buf, st.st_size);
84
85 if (rlen != st.st_size)
86 rc = GPG_ERR_ASS_READ_ERROR;
87 else
88 {
89 buf[rlen] = 0;
90 /* The passphrase may have been truncated do to a nul byte before the
91 * EOF. Better to return an error here rather than passing the
92 * truncated passphrase on. */
93 if (rlen && strlen ((char *)buf) != rlen)
94 rc = GPG_ERR_INV_PASSPHRASE;
95
96 if (!rc)
97 {
98 *result = buf;
99 *len = rlen;
100 }
101 }
102 }
103 else
104 rc = GPG_ERR_ENOMEM;
105
106 close (fd);
107 if (rc)
108 xfree (buf);
109
110 return rc;
111 }
112
113 static gpgme_error_t
114 status_cb (void *data, const char *keyword, const char *args)
115 {
116 struct crypto_s *crypto = data;
117
118 // Cache pushing.
119 if (!crypto->client_ctx)
120 return 0;
121
122 if (!strcmp (keyword, "INQUIRE_MAXLEN") &&
123 (crypto->flags & CRYPTO_FLAG_KEYFILE))
124 return 0;
125
126 return assuan_write_status (crypto->client_ctx, keyword, args);
127 }
128
129 static gpgme_error_t
130 passphrase_cb (void *data, const char *hint, const char *info, int bad, int fd)
131 {
132 struct crypto_s *crypto = data;
133 unsigned char *result = NULL;
134 size_t len;
135 gpg_error_t rc = 0;
136
137 if (crypto->flags & CRYPTO_FLAG_KEYFILE)
138 rc = get_password_file (crypto->keyfile, &result, &len);
139 else
140 {
141 if (hint)
142 rc = assuan_write_status (crypto->client_ctx, "PASSPHRASE_HINT", hint);
143
144 if (!rc && info)
145 rc = assuan_write_status (crypto->client_ctx, "PASSPHRASE_INFO", info);
146
147 if (!rc)
148 {
149 const char *keyword = "PASSPHRASE";
150
151 if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD_SIGN)
152 keyword = "SIGN_PASSPHRASE";
153 else if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD_NEW)
154 {
155 crypto->flags |= CRYPTO_FLAG_PASSWD_SIGN;
156 keyword = "NEW_PASSPHRASE";
157 }
158 else if (!bad && crypto->flags & CRYPTO_FLAG_PASSWD)
159 crypto->flags |= CRYPTO_FLAG_PASSWD_NEW;
160 else if (!bad && crypto->flags & CRYPTO_FLAG_NEWFILE)
161 {
162 keyword = "NEW_PASSPHRASE";
163 if (crypto->save.sigkey)
164 crypto->flags |= CRYPTO_FLAG_PASSWD_SIGN;
165 }
166
167 rc = assuan_inquire (crypto->client_ctx, keyword, &result, &len, 0);
168 }
169 }
170
171 if (!rc)
172 {
173 pthread_cleanup_push ((void *)xfree, result);
174
175 if (!len)
176 gpgme_io_writen (fd, "\n", 1);
177 else
178 {
179 int nl = result[len-1] == '\n';
180 int ret;
181
182 ret = gpgme_io_writen (fd, result, len);
183 if (!ret && !nl)
184 gpgme_io_writen (fd, "\n", 1);
185 else if (ret)
186 rc = GPG_ERR_CANCELED;
187 }
188
189 pthread_cleanup_pop (1);
190 }
191
192 return rc;
193 }
194
195 static void
196 progress_cb (void *data, const char *what, int type, int current, int total)
197 {
198 struct crypto_s *crypto = data;
199
200 crypto->progress_rc = send_status (crypto->client_ctx, STATUS_GPGME,
201 "%s %i %i %i", what, type, current, total);
202 }
203
204 gpgme_error_t
205 crypto_data_to_buf (const gpgme_data_t data, unsigned char **result,
206 size_t *rlen)
207 {
208 off_t ret = gpgme_data_seek (data, 0, SEEK_SET);
209 gpgme_error_t rc;
210 size_t total = 0, size = BUFSIZE;
211 unsigned char *buf = NULL;
212
213 *result = NULL;
214 *rlen = 0;
215
216 if (ret == -1)
217 return gpg_error_from_syserror ();
218
219 buf = xmalloc (size);
220 if (!buf)
221 return GPG_ERR_ENOMEM;
222
223 do
224 {
225 ret = gpgme_data_read (data, &buf[total], BUFSIZE);
226 if (ret > 0)
227 {
228 unsigned char *p;
229
230 total += ret;
231 size += BUFSIZE;
232 p = xrealloc (buf, size * sizeof (unsigned char));
233 if (!p)
234 {
235 xfree (buf);
236 return GPG_ERR_ENOMEM;
237 }
238
239 buf = p;
240 }
241 } while (ret > 0);
242
243 if (ret == -1)
244 {
245 rc = gpgme_err_code_from_syserror ();
246 xfree (buf);
247 return rc;
248 }
249
250 if (!total)
251 xfree (buf);
252 else
253 *result = buf;
254
255 *rlen = total;
256 return 0;
257 }
258
259 gpgme_error_t
260 crypto_list_keys (struct crypto_s *crypto, char *keys[], int secret,
261 gpgme_key_t **result)
262 {
263 gpgme_error_t rc;
264 gpgme_key_t key = NULL, *res = NULL;
265 size_t total = 0;
266
267 rc = gpgme_op_keylist_ext_start (crypto->ctx, (const char **)keys, secret, 0);
268 if (rc)
269 return rc;
270
271 STATUS_TIMEOUT_INIT (crypto);
272 do
273 {
274 gpgme_key_t *p;
275
276 pthread_cleanup_push ((void *)crypto_free_key_list, res);
277 rc = gpgme_op_keylist_next (crypto->ctx, &key);
278 pthread_cleanup_pop (0);
279 if (rc && gpgme_err_code(rc) != GPG_ERR_EOF)
280 break;
281
282 if (rc)
283 {
284 rc = 0;
285 break;
286 }
287
288 p = xrealloc (res, (total+2) * sizeof (gpgme_key_t));
289 if (!p)
290 {
291 rc = GPG_ERR_ENOMEM;
292 break;
293 }
294
295 res = p;
296 res[total++] = key;
297 res[total] = NULL;
298 pthread_cleanup_push ((void *)crypto_free_key_list, res);
299 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
300 pthread_cleanup_pop (0);
301 } while (!rc);
302
303 if (!rc)
304 {
305 rc = gpgme_op_keylist_end (crypto->ctx);
306 if (!rc)
307 {
308 *result = res;
309 rc = total ? 0 : secret ? GPG_ERR_NO_SECKEY : GPG_ERR_NO_PUBKEY;
310 }
311 }
312 else
313 crypto_free_key_list (res);
314
315 return rc;
316 }
317
318 void
319 crypto_free_save (struct save_s *save)
320 {
321 if (!save)
322 return;
323
324 strv_free (save->pubkey);
325 xfree (save->sigkey);
326 xfree (save->userid);
327 xfree (save->algo);
328 crypto_free_key_list (save->mainkey);
329
330 memset (save, 0, sizeof (struct save_s));
331 }
332
333 static gpg_error_t
334 crypto_kill_scd ()
335 {
336 return cache_kill_scd ();
337 }
338
339 static void
340 free_gpgme_data_cb (void *data)
341 {
342 gpgme_data_t d = data;
343 char *t;
344 size_t len;
345
346 if (!data)
347 return;
348
349 t = gpgme_data_release_and_get_mem (d, &len);
350 if (t)
351 wipememory (t, 0, len);
352
353 gpgme_free (t);
354 }
355
356 void
357 crypto_free_non_keys (struct crypto_s *crypto)
358 {
359 if (!crypto)
360 return;
361
362 if (crypto->ctx)
363 gpgme_release (crypto->ctx);
364
365 crypto->ctx = NULL;
366 xfree (crypto->plaintext);
367 crypto->plaintext = NULL;
368 crypto->plaintext_size = 0;
369
370 if (crypto->cipher)
371 free_gpgme_data_cb (crypto->cipher);
372
373 crypto->cipher = NULL;
374 crypto_free_save (&crypto->save);
375 xfree (crypto->keyfile);
376 crypto->keyfile = NULL;
377 crypto->flags &= ~CRYPTO_FLAG_KEYFILE;
378 (void)crypto_kill_scd ();
379 }
380
381 void
382 crypto_free (struct crypto_s *crypto)
383 {
384 if (!crypto)
385 return;
386
387 crypto_free_non_keys (crypto);
388 strv_free (crypto->pubkey);
389 xfree (crypto->sigkey);
390 xfree (crypto->filename);
391 xfree (crypto);
392 }
393
394 gpgme_error_t
395 crypto_init_ctx (struct crypto_s *crypto, int no_pinentry,
396 char *passphrase_file)
397 {
398 gpgme_ctx_t ctx;
399 gpgme_keylist_mode_t keylist_mode;
400 gpgme_error_t rc;
401
402 rc = gpgme_new (&ctx);
403 if (rc)
404 return rc;
405
406 rc = gpgme_set_protocol (ctx, GPGME_PROTOCOL_OPENPGP);
407 if (!rc)
408 {
409 keylist_mode = gpgme_get_keylist_mode (ctx);
410 keylist_mode |= GPGME_KEYLIST_MODE_LOCAL|GPGME_KEYLIST_MODE_WITH_SECRET;
411 rc = gpgme_set_keylist_mode (ctx, keylist_mode);
412 if (!rc)
413 {
414 if (no_pinentry || passphrase_file)
415 rc = gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK);
416 else
417 rc = gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_DEFAULT);
418
419 if (!rc)
420 {
421 gpgme_set_passphrase_cb (ctx, passphrase_cb, crypto);
422 gpgme_set_progress_cb (ctx, progress_cb, crypto);
423 gpgme_set_status_cb (ctx, status_cb, crypto);
424 crypto->ctx = ctx;
425 crypto->flags = 0;
426
427 if (passphrase_file)
428 {
429 crypto->keyfile = passphrase_file;
430 crypto->flags |= CRYPTO_FLAG_KEYFILE;
431 }
432 }
433 }
434 }
435
436 if (rc)
437 gpgme_release (ctx);
438
439 return rc;
440 }
441
442 void
443 crypto_set_keepalive ()
444 {
445 keepalive = config_get_integer ("global", "keepalive_interval");
446 }
447
448 gpg_error_t
449 crypto_init (struct crypto_s **crypto, void *ctx, const char *filename,
450 int no_pinentry, char *passphrase_file)
451 {
452 struct crypto_s *new = xcalloc (1, sizeof (struct crypto_s));
453 gpgme_error_t rc;
454
455 crypto_set_keepalive ();
456
457 if (!new)
458 return GPG_ERR_ENOMEM;
459
460 rc = crypto_init_ctx (new, no_pinentry, passphrase_file);
461 if (rc)
462 goto fail;
463
464 if (filename)
465 {
466 new->filename = str_dup (filename);
467 if (!new->filename)
468 {
469 rc = GPG_ERR_ENOMEM;
470 goto fail;
471 }
472 }
473
474 new->client_ctx = ctx;
475 *crypto = new;
476 return 0;
477
478 fail:
479 crypto_free (new);
480 return rc;
481 }
482
483 /* Converts a 40 byte key id to the 16 byte form. Needed for comparison of
484 * gpgme_recipient_t.keyid. */
485 gpg_error_t
486 crypto_keyid_to_16b_once (char *key)
487 {
488 size_t len = strlen (key);
489
490 if (len < 16)
491 return GPG_ERR_INV_ARG;
492
493 memmove (&key[0], &key[len-16], 16);
494 key[16] = 0;
495 return 0;
496 }
497
498 gpg_error_t
499 crypto_keyid_to_16b (char **keys)
500 {
501 char **p;
502
503 for (p = keys; p && *p; p++)
504 {
505 gpg_error_t rc = crypto_keyid_to_16b_once (*p);
506 if (rc)
507 return rc;
508 }
509
510 return 0;
511 }
512
513 gpgme_error_t
514 crypto_decrypt (struct client_s *client, struct crypto_s *crypto)
515 {
516 gpgme_data_t plain;
517 gpgme_error_t rc;
518 gpgme_data_t cipher;
519 int fd = -1;
520 struct stat st;
521 char **new_recipients = NULL;
522 char **new_signers = NULL;
523 char **pp;
524 gpgme_decrypt_result_t result;
525
526 rc = gpgme_data_new (&plain);
527 if (rc)
528 return rc;
529
530 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
531 rc = open_check_file (crypto->filename, &fd, &st, 1);
532 if (!rc)
533 {
534 pthread_cleanup_push ((void *)close_fd_cb, &fd);
535 rc = gpgme_data_new_from_fd (&cipher, fd);
536 if (!rc)
537 {
538 pthread_cleanup_push ((void *)free_gpgme_data_cb, cipher);
539 rc = send_status (client ? client->ctx : NULL, STATUS_DECRYPT, NULL);
540 if (!rc)
541 {
542 MUTEX_TRYLOCK (client->ctx, &crypto_mutex, rc,
543 client->lock_timeout);
544 if (!rc)
545 {
546 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
547 rc = gpgme_op_decrypt_verify_start (crypto->ctx, cipher, plain);
548 if (!rc)
549 {
550 STATUS_TIMEOUT_INIT(crypto);
551 do
552 {
553 if (!rc && crypto->progress_rc)
554 rc = crypto->progress_rc;
555 if (!rc)
556 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_DECRYPT, NULL);
557 TEST_CANCEL ();
558 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
559 }
560 pthread_cleanup_pop (1); // release_mutex_cb
561 }
562 }
563 pthread_cleanup_pop (1); // free_gpgme_data_cb (cipher)
564 }
565
566 pthread_cleanup_pop (1); // close (fd)
567 }
568
569 pthread_cleanup_pop (0); // free_gpgme_data_cb (plain)
570
571 if (rc)
572 {
573 free_gpgme_data_cb (plain);
574 return rc;
575 }
576
577 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
578 result = gpgme_op_decrypt_result (crypto->ctx);
579 if (!result->unsupported_algorithm && !result->wrong_key_usage)
580 {
581 gpgme_recipient_t r;
582
583 for (r = result->recipients; r; r = r->next)
584 {
585 pthread_cleanup_push ((void *)strv_free, new_recipients);
586 log_write1 (_ ("%s: recipient: %s, status=%u"),
587 crypto->filename, r->keyid, r->status);
588 pthread_cleanup_pop (0);
589 pp = strv_cat(new_recipients, str_dup (r->keyid));
590 if (!pp)
591 {
592 rc = GPG_ERR_ENOMEM;
593 break;
594 }
595
596 new_recipients = pp;
597 }
598 }
599 else if (result->wrong_key_usage)
600 rc = GPG_ERR_WRONG_KEY_USAGE;
601 else if (result->unsupported_algorithm)
602 rc = GPG_ERR_UNSUPPORTED_ALGORITHM;
603
604 if (!rc)
605 {
606 gpgme_verify_result_t verify;
607 gpgme_signature_t s;
608
609 verify = gpgme_op_verify_result (crypto->ctx);
610 for (s = verify->signatures; s; s = s->next)
611 {
612 unsigned flags = s->summary;
613
614 pthread_cleanup_push ((void *)strv_free, new_signers);
615 log_write1 (_ ("%s: signer: %s, status=%u"),
616 crypto->filename, s->fpr, s->status);
617 pthread_cleanup_pop (0);
618
619 flags &= ~(GPGME_SIGSUM_KEY_EXPIRED|GPGME_SIGSUM_SIG_EXPIRED);
620 if (!flags)
621 flags |= GPGME_SIGSUM_VALID;
622
623 if (gpg_err_code (s->status) == GPG_ERR_KEY_EXPIRED)
624 s->status = 0;
625
626 if (s->status || s->wrong_key_usage || !(flags & GPGME_SIGSUM_VALID))
627 continue;
628
629 pp = strv_cat (new_signers, str_dup (s->fpr));
630 if (!pp)
631 {
632 rc = GPG_ERR_ENOMEM;
633 break;
634 }
635
636 new_signers = pp;
637 }
638
639 if (verify->signatures && !new_signers)
640 rc = GPG_ERR_BAD_SIGNATURE;
641
642 if (!rc)
643 {
644 xfree (crypto->plaintext);
645 crypto->plaintext = NULL;
646 crypto->plaintext_size = 0;
647 pthread_cleanup_push ((void *)strv_free, new_recipients);
648 pthread_cleanup_push ((void *)strv_free, new_signers);
649 rc = crypto_data_to_buf (plain, &crypto->plaintext,
650 &crypto->plaintext_size);
651 pthread_cleanup_pop (0);
652 pthread_cleanup_pop (0);
653 if (!rc)
654 {
655 strv_free (crypto->pubkey);
656 crypto->pubkey = new_recipients;
657 crypto_keyid_to_16b (crypto->pubkey);
658
659 xfree (crypto->sigkey);
660 crypto->sigkey = NULL;
661 if (new_signers)
662 {
663 crypto->sigkey = str_dup (*new_signers);
664 strv_free (new_signers);
665 crypto_keyid_to_16b_once (crypto->sigkey);
666 }
667 }
668 }
669 }
670
671 if (rc)
672 {
673 strv_free (new_recipients);
674 strv_free (new_signers);
675 }
676
677 pthread_cleanup_pop (1); // free_gpgme_data_cb (plain)
678 return rc;
679 }
680
681 void
682 crypto_free_key_list (gpgme_key_t *keys)
683 {
684 int i;
685
686 for (i = 0; keys && keys[i]; i++)
687 gpgme_key_unref (keys[i]);
688
689 xfree (keys);
690 }
691
692 /* Removes strings in 'prune' from 'a'. */
693 static char **
694 prune_keys (char **a, char **prune)
695 {
696 char **p;
697
698 for (p = prune; p && *p; p++)
699 {
700 char **ap;
701
702 for (ap = a; ap && *ap; ap++)
703 {
704 if (!strcmp (*ap, *p))
705 {
706 while (*ap)
707 {
708 *ap = *(ap+1);
709 ap++;
710 }
711 }
712 }
713 }
714
715 return a;
716 }
717
718 static void
719 remove_duplicates (char **a)
720 {
721 char **p;
722
723 for (p = a; p && *p; p++)
724 {
725 char **t;
726
727 for (t = p+1; t && *t; t++)
728 {
729 if (!strcmp (*p, *t))
730 {
731 char *tmp = *t;
732
733 while (*(t+1))
734 {
735 *t = *(t+1);
736 t++;
737 }
738
739 *t = NULL;
740 xfree (tmp);
741 remove_duplicates (a);
742 return;
743 }
744 }
745 }
746 }
747
748 gpgme_error_t
749 crypto_encrypt (struct client_s *client, struct crypto_s *crypto)
750 {
751 gpgme_error_t rc;
752 gpgme_data_t cipher = NULL;
753 gpgme_key_t *keys = NULL;
754 gpgme_key_t *sigkeys = NULL;
755 unsigned flags = 0;
756 int sign = 0;
757
758 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC))
759 {
760 crypto_keyid_to_16b (crypto->save.pubkey);
761 remove_duplicates (crypto->save.pubkey);
762 rc = crypto_list_keys (crypto, crypto->save.pubkey, 0, &keys);
763 if (rc)
764 return rc;
765 }
766
767 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
768 rc = gpgme_data_new (&cipher);
769 pthread_cleanup_push ((void *)free_gpgme_data_cb, cipher);
770 if (!rc)
771 rc = gpgme_data_set_file_name (cipher, crypto->filename);
772
773 if (!rc && crypto->save.sigkey)
774 {
775 char **tmp = NULL;
776
777 crypto_keyid_to_16b_once (crypto->save.sigkey);
778 strv_printf (&tmp, "%s", crypto->save.sigkey);
779 pthread_cleanup_push ((void *)strv_free, tmp);
780 rc = crypto_list_keys (crypto, tmp, 1, &sigkeys);
781 pthread_cleanup_pop (1);
782 if (gpg_err_code (rc) == GPG_ERR_NO_DATA)
783 rc = 0;
784 }
785
786 if (!rc)
787 {
788 gpgme_data_t plain = NULL;
789
790 pthread_cleanup_push ((void *)crypto_free_key_list, sigkeys);
791 rc = gpgme_data_new_from_mem (&plain, (char *)crypto->plaintext,
792 crypto->plaintext_size, 0);
793 pthread_cleanup_push ((void *)free_gpgme_data_cb, plain);
794 if (!rc)
795 {
796 int i;
797
798 gpgme_signers_clear (crypto->ctx);
799
800 for (i = 0; sigkeys && sigkeys[i]; i++)
801 gpgme_signers_add (crypto->ctx, sigkeys[i]);
802 }
803
804 if (!rc)
805 {
806 gpgme_data_set_encoding (cipher, GPGME_DATA_ENCODING_ARMOR);
807 rc = send_status (client ? client->ctx : NULL, STATUS_ENCRYPT, NULL);
808 }
809
810 if (!rc)
811 {
812 int f = config_get_boolean ("global", "encrypt_to");
813
814 if (!f)
815 flags |= GPGME_ENCRYPT_NO_ENCRYPT_TO;
816
817 f = config_get_boolean ("global", "always_trust");
818 if (f)
819 flags |= GPGME_ENCRYPT_ALWAYS_TRUST;
820
821 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC)
822 || (crypto->flags & CRYPTO_FLAG_SYMMETRIC && sigkeys))
823 sign = 1;
824 }
825
826 if (!rc)
827 MUTEX_TRYLOCK (client->ctx, &crypto_mutex, rc, client->lock_timeout);
828
829 if (!rc)
830 {
831 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
832 if (sign)
833 rc = gpgme_op_encrypt_sign_start (crypto->ctx, keys, flags, plain,
834 cipher);
835 else
836 rc = gpgme_op_encrypt_start (crypto->ctx, NULL, flags, plain,
837 cipher);
838 if (!rc)
839 {
840 STATUS_TIMEOUT_INIT (crypto);
841 do
842 {
843 if (!rc && crypto->progress_rc)
844 rc = crypto->progress_rc;
845 if (!rc)
846 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_ENCRYPT, NULL);
847 TEST_CANCEL();
848 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
849 }
850 pthread_cleanup_pop (1);
851
852 if (!rc)
853 {
854 gpgme_encrypt_result_t result;
855 gpgme_sign_result_t sresult;
856 gpgme_invalid_key_t inv;
857 gpgme_new_signature_t sigs;
858 char **prune = NULL;
859 char **p = NULL;
860
861 result = gpgme_op_encrypt_result (crypto->ctx);
862 inv = result->invalid_recipients;
863 while (inv)
864 {
865 pthread_cleanup_push ((void *)strv_free, prune);
866 log_write1 (_ ("%s: invalid recipient: %s, rc=%u"),
867 crypto->filename, inv->fpr, inv->reason);
868 pthread_cleanup_pop (0);
869 p = strv_cat (prune, str_dup(inv->fpr));
870 if (!p)
871 {
872 rc = GPG_ERR_ENOMEM;
873 strv_free (prune);
874 break;
875 }
876
877 prune = p;
878 inv = inv->next;
879 }
880
881 if (prune)
882 {
883 p = prune_keys (crypto->save.pubkey, prune);
884 crypto->save.pubkey = p;
885 strv_free (prune);
886 }
887
888 crypto_keyid_to_16b (crypto->save.pubkey);
889 sresult = gpgme_op_sign_result (crypto->ctx);
890 inv = sresult ? sresult->invalid_signers : NULL;
891 while (!rc && inv)
892 {
893 log_write1 (_ ("%s: invalid signer: %s, rc=%u"),
894 crypto->filename, inv->fpr, inv->reason);
895 inv = inv->next;
896 }
897
898 sigs = sresult ? sresult->signatures : NULL;
899 if (!rc && sigs)
900 {
901 p = NULL;
902
903 while (sigs)
904 {
905 char **pp;
906
907 pthread_cleanup_push ((void *)strv_free, p);
908 log_write1 (_ ("%s: signer: %s"), crypto->filename,
909 sigs->fpr);
910 pthread_cleanup_pop (0);
911
912 pp = strv_cat (p, str_dup (sigs->fpr));
913 if (!pp)
914 {
915 rc = GPG_ERR_ENOMEM;
916 strv_free (p);
917 break;
918 }
919
920 p = pp;
921 sigs = sigs->next;
922 }
923
924 if (!rc)
925 {
926 xfree (crypto->save.sigkey);
927 crypto->save.sigkey = str_dup (*p);
928 strv_free (p);
929 crypto_keyid_to_16b_once (crypto->save.sigkey);
930 crypto->cipher = cipher;
931 }
932 }
933 else if (!rc && crypto->flags & CRYPTO_FLAG_SYMMETRIC)
934 {
935 crypto->cipher = cipher;
936 }
937 else if (!rc)
938 {
939 if (!(crypto->flags & CRYPTO_FLAG_SYMMETRIC)
940 || (crypto->flags & CRYPTO_FLAG_SYMMETRIC && sigkeys))
941 rc = GPG_ERR_NO_SIGNATURE_SCHEME;
942 }
943 }
944 }
945
946 pthread_cleanup_pop (1); // free_gpgme_data_cb (plain)
947 pthread_cleanup_pop (1); // crypto_free_key_list (sigkeys)
948 }
949
950 pthread_cleanup_pop (0); // free_gpgme_data_cb (cipher)
951 pthread_cleanup_pop (1); // crypto_free_key_list (keys)
952
953 if (rc)
954 free_gpgme_data_cb (cipher);
955
956 return rc;
957 }
958
959 gpgme_error_t
960 crypto_passwd (struct client_s *client, struct crypto_s *crypto)
961 {
962 gpgme_error_t rc;
963 gpgme_key_t *keys = NULL;
964
965 /* Use SAVE instead for symmetric files. */
966 rc = crypto_is_symmetric (client->filename);
967 if (!rc || rc != GPG_ERR_BAD_DATA)
968 return !rc ? GPG_ERR_NOT_SUPPORTED : rc;
969
970 rc = crypto_list_keys (crypto, crypto->pubkey, 1, &keys);
971 if (rc)
972 return rc;
973
974 crypto->flags |= CRYPTO_FLAG_PASSWD;
975 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
976 rc = send_status (client->ctx, STATUS_KEEPALIVE, NULL);
977 if (!rc)
978 MUTEX_TRYLOCK (client->ctx, &crypto_mutex, rc, client->lock_timeout);
979
980 if (!rc)
981 {
982 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
983 rc = gpgme_op_passwd_start (crypto->ctx, keys[0], 0);
984 if (!rc)
985 {
986 STATUS_TIMEOUT_INIT (crypto);
987 do
988 {
989 if (!rc && crypto->progress_rc)
990 rc = crypto->progress_rc;
991 if (!rc)
992 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_KEEPALIVE, NULL);
993 TEST_CANCEL();
994 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
995 }
996 pthread_cleanup_pop (1);
997 }
998
999 pthread_cleanup_pop (1);
1000 return rc;
1001 }
1002
1003 /* Generate a new key pair. The resulting keyid's are stored in crypto->save.
1004 */
1005 gpgme_error_t
1006 crypto_genkey (struct client_s *client, struct crypto_s *crypto)
1007 {
1008 gpgme_error_t rc;
1009
1010 rc = send_status (client ? client->ctx : NULL, STATUS_GENKEY, NULL);
1011 if (!rc)
1012 MUTEX_TRYLOCK ((client ? client->ctx : NULL), &crypto_mutex, rc,
1013 (client ? client->lock_timeout : 0));
1014
1015 if (!rc)
1016 {
1017 pthread_cleanup_push (release_mutex_cb, &crypto_mutex);
1018 if (crypto->save.mainkey)
1019 {
1020 rc = gpgme_op_createsubkey_start (crypto->ctx,
1021 crypto->save.mainkey[0],
1022 crypto->save.algo,
1023 0,
1024 crypto->save.expire,
1025 crypto->save.flags);
1026 }
1027 else
1028 {
1029 rc = gpgme_op_createkey_start (crypto->ctx,
1030 crypto->save.userid,
1031 crypto->save.algo,
1032 0,
1033 crypto->save.expire,
1034 NULL,
1035 crypto->save.flags);
1036 }
1037
1038 if (!rc)
1039 {
1040 STATUS_TIMEOUT_INIT (crypto);
1041 do
1042 {
1043 if (!rc && crypto->progress_rc)
1044 rc = crypto->progress_rc;
1045 if (!rc)
1046 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_GENKEY, NULL);
1047 TEST_CANCEL();
1048 } while (!rc && !gpgme_wait (crypto->ctx, &rc, 0) && !rc);
1049 }
1050 pthread_cleanup_pop (1);
1051 }
1052
1053 if (!rc)
1054 {
1055 gpgme_key_t *keys = NULL;
1056 gpgme_genkey_result_t result;
1057
1058 result = gpgme_op_genkey_result (crypto->ctx);
1059 xfree (crypto->save.sigkey);
1060 crypto->save.sigkey = str_dup (result->fpr);
1061 crypto_keyid_to_16b_once (crypto->save.sigkey);
1062
1063 if (!rc)
1064 {
1065 char **tmp = NULL;
1066
1067 strv_printf (&tmp, "%s", crypto->save.sigkey);
1068 pthread_cleanup_push ((void *)strv_free, tmp);
1069 rc = crypto_list_keys (crypto, tmp, 1, &keys);
1070 pthread_cleanup_pop (1);
1071 }
1072
1073 if (!rc)
1074 {
1075 gpgme_subkey_t key = keys[0]->subkeys;
1076
1077 for (; key; key = key->next)
1078 {
1079 if (key->can_encrypt)
1080 break;
1081 }
1082
1083 pthread_cleanup_push ((void *)crypto_free_key_list, keys);
1084 rc = send_status (client ? client->ctx : NULL, STATUS_GENKEY, "%s %s",
1085 crypto->save.sigkey, key ? key->fpr : "");
1086 if (!rc && key)
1087 {
1088 crypto->save.pubkey = strv_cat (crypto->save.pubkey,
1089 str_dup (key->fpr));
1090 crypto_keyid_to_16b (crypto->save.pubkey);
1091 }
1092
1093 pthread_cleanup_pop (1);
1094 }
1095 }
1096
1097 return rc;
1098 }
1099
1100 #ifdef WITH_LIBACL
1101 static void
1102 acl_free_cb (void *arg)
1103 {
1104 acl_t acl = arg ? (acl_t) arg : NULL;
1105
1106 if (acl)
1107 acl_free (acl);
1108 }
1109 #endif
1110
1111 /* The advisory lock should be obtained before calling this function. */
1112 gpg_error_t
1113 crypto_write_file (struct crypto_s *crypto, unsigned char **r_crc,
1114 size_t *r_crclen)
1115 {
1116 unsigned char *buf;
1117 size_t size, len;
1118 int fd;
1119 gpg_error_t rc;
1120 char tmp[PATH_MAX];
1121 struct stat st;
1122 mode_t mode = 0600;
1123 #ifdef WITH_LIBACL
1124 acl_t acl = NULL;
1125 #endif
1126
1127 if (crypto->filename)
1128 {
1129 if (lstat (crypto->filename, &st) == 0)
1130 {
1131 mode = st.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
1132
1133 if (!(mode & S_IWUSR))
1134 return GPG_ERR_EACCES;
1135 }
1136 else if (errno != ENOENT)
1137 return gpg_error_from_errno (errno);
1138
1139 snprintf (tmp, sizeof (tmp), "%s.XXXXXX", crypto->filename);
1140 mode_t tmode = umask (0600);
1141 fd = mkstemp (tmp);
1142 if (fd == -1)
1143 {
1144 rc = gpg_error_from_errno (errno);
1145 umask (tmode);
1146 log_write ("%s: %s", tmp, pwmd_strerror (rc));
1147 return rc;
1148 }
1149
1150 umask (tmode);
1151 }
1152 else
1153 fd = STDOUT_FILENO;
1154
1155 rc = crypto_data_to_buf (crypto->cipher, &buf, &size);
1156 if (rc)
1157 {
1158 if (crypto->filename)
1159 close (fd);
1160 return rc;
1161 }
1162
1163 pthread_cleanup_push ((void *)close_fd_cb, &fd);
1164 if (r_crc)
1165 rc = get_checksum_memory (buf, size, r_crc, r_crclen);
1166
1167 if (!rc)
1168 {
1169 pthread_cleanup_push ((void *)xfree, buf);
1170 len = write (fd, buf, size);
1171 pthread_cleanup_pop (1);
1172 if (len != size)
1173 rc = gpg_error_from_errno (errno);
1174 }
1175
1176 if (!rc)
1177 {
1178 if (fsync (fd) != -1)
1179 {
1180 if (crypto->filename && close (fd) != -1)
1181 {
1182 #ifdef WITH_LIBACL
1183 acl = acl_get_file (crypto->filename, ACL_TYPE_ACCESS);
1184 if (!acl && errno == ENOENT)
1185 acl = acl_get_file (".", ACL_TYPE_DEFAULT);
1186 if (!acl)
1187 log_write ("ACL: %s: %s", crypto->filename,
1188 pwmd_strerror (gpg_error_from_errno (errno)));
1189 pthread_cleanup_push ((void *)acl_free_cb, acl);
1190 #endif
1191
1192 fd = -1;
1193 if (config_get_boolean (crypto->filename, "backup"))
1194 {
1195 char tmp2[PATH_MAX];
1196
1197 snprintf (tmp2, sizeof (tmp2), "%s.backup", crypto->filename);
1198 if (rename (crypto->filename, tmp2) == -1)
1199 if (errno != ENOENT)
1200 rc = gpg_error_from_errno (errno);
1201 }
1202
1203 if (!rc && rename (tmp, crypto->filename) == -1)
1204 rc = gpg_error_from_errno (errno);
1205
1206 if (!rc)
1207 {
1208 if (chmod (crypto->filename, mode) == -1)
1209 log_write ("%s(%u): %s", __FILE__, __LINE__,
1210 pwmd_strerror (gpg_error_from_syserror ()));
1211 }
1212 #ifdef WITH_LIBACL
1213 if (!rc && acl && acl_set_file (crypto->filename,
1214 ACL_TYPE_ACCESS, acl))
1215 log_write ("ACL: %s: %s", crypto->filename,
1216 pwmd_strerror (gpg_error_from_errno (errno)));
1217 pthread_cleanup_pop (1);
1218 #endif
1219 }
1220 else if (crypto->filename)
1221 rc = gpg_error_from_errno (errno);
1222
1223 if (!rc && fd != -1)
1224 {
1225 char *datadir = str_asprintf ("%s/data", homedir);
1226
1227 if (datadir)
1228 {
1229 int dfd = open (datadir, O_RDONLY);
1230
1231 if (dfd != -1)
1232 {
1233 if (fsync (dfd) == -1)
1234 log_write ("%s %d: %s", __FILE__, __LINE__,
1235 pwmd_strerror (errno));
1236
1237 close (dfd);
1238 }
1239 else
1240 log_write ("%s %d: %s", __FILE__, __LINE__,
1241 pwmd_strerror (errno));
1242
1243 xfree (datadir);
1244 }
1245 }
1246 }
1247 else
1248 rc = gpg_error_from_errno (errno);
1249 }
1250
1251 pthread_cleanup_pop (0); // close (fd)
1252 if (fd != -1)
1253 close (fd);
1254
1255 return rc;
1256 }
1257
1258 char *
1259 crypto_key_info (const gpgme_key_t key)
1260 {
1261 struct string_s *string = string_new (NULL), *s;
1262 char *line = NULL;
1263 unsigned n, u;
1264 gpgme_subkey_t subkey;
1265 gpgme_user_id_t uid;
1266
1267 if (!string)
1268 return NULL;
1269
1270 for (u = 0, uid = key->uids; uid; uid = uid->next)
1271 u++;
1272
1273 for (n = 0, subkey = key->subkeys; subkey; subkey = subkey->next)
1274 n++;
1275
1276 s = string_append_printf (string, "%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%i:%s:%s:%s:%i:%u:%u",
1277 key->revoked, key->expired, key->disabled,
1278 key->invalid, key->can_encrypt, key->can_sign,
1279 key->can_certify, key->secret,
1280 key->can_authenticate, key->is_qualified,
1281 key->protocol,
1282 key->issuer_serial ? key->issuer_serial : "",
1283 key->issuer_name ? key->issuer_name : "",
1284 key->chain_id ? key->chain_id : "",
1285 key->owner_trust, u, n);
1286 if (!s)
1287 {
1288 string_free (string, 1);
1289 return NULL;
1290 }
1291
1292 string = s;
1293 for (subkey = key->subkeys; subkey; subkey = subkey->next)
1294 {
1295 char *tmp;
1296
1297 s = string_append_printf (string, ":%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%u:%i:%u",
1298 subkey->revoked, subkey->expired,
1299 subkey->disabled, subkey->invalid,
1300 subkey->can_encrypt, subkey->can_sign,
1301 subkey->can_certify, subkey->secret,
1302 subkey->can_authenticate, subkey->is_qualified,
1303 subkey->is_cardkey, subkey->pubkey_algo,
1304 subkey->length);
1305 if (!s)
1306 {
1307 string_free (string, 1);
1308 return NULL;
1309 }
1310
1311 string = s;
1312 s = string_append_printf (string, ":%s:%s:%s:%li:%li:%s",
1313 subkey->keyid, subkey->fpr,
1314 subkey->keygrip ? subkey->keygrip : "",
1315 subkey->timestamp, subkey->expires,
1316 subkey->card_number ? subkey->card_number : "0");
1317 if (!s)
1318 {
1319 string_free (string, 1);
1320 return NULL;
1321 }
1322
1323 string = s;
1324 tmp = gnupg_escape (subkey->curve);
1325 s = string_append_printf (string, ":%s", tmp ? tmp : "");
1326 xfree (tmp);
1327 if (!s)
1328 {
1329 string_free (string, 1);
1330 return NULL;
1331 }
1332
1333 string = s;
1334 }
1335
1336 for (uid = key->uids; uid; uid = uid->next)
1337 {
1338 char *userid, *name, *email, *comment;
1339
1340 userid = gnupg_escape (uid->uid);
1341 name = gnupg_escape (uid->name);
1342 email = gnupg_escape (uid->email);
1343 comment = gnupg_escape (uid->comment);
1344 s = string_append_printf (string, ":%u:%u:%u:%s:%s:%s:%s",
1345 uid->revoked, uid->invalid, uid->validity,
1346 userid ? userid : "",
1347 name ? name : "",
1348 email ? email : "",
1349 comment ? comment : "");
1350 xfree (userid);
1351 xfree (name);
1352 xfree (email);
1353 xfree (comment);
1354 if (!s)
1355 {
1356 string_free (string, 1);
1357 return NULL;
1358 }
1359
1360 string = s;
1361 }
1362
1363 line = string->str;
1364 string_free (string, 0);
1365 return line;
1366 }
1367
1368 gpg_error_t
1369 crypto_try_decrypt (struct client_s *client, int no_pinentry)
1370 {
1371 struct crypto_s *crypto;
1372 gpg_error_t rc;
1373 char *keyfile = config_get_string (client->filename, "passphrase_file");
1374
1375 rc = crypto_init (&crypto, client->ctx, client->filename, no_pinentry,
1376 keyfile);
1377 if (!rc)
1378 {
1379 pthread_cleanup_push ((void *)crypto_free, crypto);
1380 rc = crypto_decrypt (client, crypto);
1381 pthread_cleanup_pop (1);
1382 }
1383 else
1384 xfree (keyfile);
1385
1386 return rc;
1387 }
1388
1389 /* The advisory lock should be obtained before calling this function. */
1390 gpg_error_t
1391 crypto_is_symmetric (const char *filename)
1392 {
1393 int fd;
1394 uint8_t magic[2];
1395 ssize_t len;
1396 gpg_error_t rc;
1397
1398 rc = open_check_file (filename, &fd, NULL, 1);
1399 if (rc)
1400 return rc;
1401
1402 len = read (fd, &magic, sizeof(magic));
1403 close (fd);
1404 if (len != sizeof (magic))
1405 return GPG_ERR_INV_VALUE;
1406
1407 // Always read as big endian.
1408 if (magic[0] != 0x8c || magic[1] != 0x0d)
1409 return GPG_ERR_BAD_DATA;
1410
1411 return 0;
1412 }
1413
1414 gpg_error_t
1415 crypto_delete_key (struct client_s *client, struct crypto_s *crypto,
1416 const gpgme_key_t key, int secret)
1417 {
1418 gpg_error_t rc;
1419
1420 STATUS_TIMEOUT_INIT (crypto);
1421 rc = send_status (client->ctx, STATUS_DECRYPT, NULL);
1422 if (!rc)
1423 rc = gpgme_op_delete_start (crypto->ctx, key, secret);
1424
1425 if (rc)
1426 return rc;
1427
1428 do
1429 {
1430 if (!rc && crypto->progress_rc)
1431 rc = crypto->progress_rc;
1432
1433 if (!rc)
1434 STATUS_TIMEOUT_TEST (crypto, rc, STATUS_DECRYPT, NULL);
1435
1436 if (rc)
1437 break;
1438 } while (!gpgme_wait (crypto->ctx, &rc, 0) && !rc);
1439
1440 return rc;
1441 }
A server for managing passphrases and anything else.