2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
5 This file is part of pwmd.
7 Pwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
12 Pwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
24 #include <gpg-error.h>
25 #include <sys/types.h>
31 #elif defined (HAVE_INTTYPES_H)
41 #define DEFAULT_KDFS2K_ITERATIONS 1000
51 uint32_t datalen
; /* of the encrypted xml */
52 } __attribute__ ((packed
)) file_header_t
;
56 gcry_sexp_t pkey
; /* SAVE --keygrip */
57 gcry_sexp_t sigpkey
; /* SAVE --sign-keygrip */
58 unsigned long s2k_count
; /* SAVE|PASSWD --s2k-count */
60 uint64_t iterations
; /* SAVE --cipher-iterations */
65 assuan_context_t client_ctx
;
67 struct agent_s
*agent
;
70 gcry_sexp_t pkey_sexp
;
71 unsigned char grip
[20];
72 gcry_sexp_t sigpkey_sexp
;
73 unsigned char sign_grip
[20];
74 gcry_sexp_t ciphertext_sexp
;
76 size_t ciphertext_len
;
80 char *filename
; /* the currently opened data file */
84 #define IS_PKI(crypto) (use_agent && (crypto->hdr.flags & PWMD_FLAG_PKI))
86 void cleanup_save (struct save_s
*save
);
87 gpg_error_t
encrypt_xml (assuan_context_t ctx
, void *key
, size_t keylen
, int
88 algo
, const void *xml
, size_t len
, void **result
,
89 size_t * result_len
, unsigned char **iv
,
90 size_t * iv_len
, uint64_t iterations
);
91 gpg_error_t
decrypt_cache (struct crypto_s
*crypto
, const void *data
,
93 void set_header_defaults (file_header_t
*);
94 gpg_error_t
read_data_file (const char *filename
, struct crypto_s
*crypto
);
95 gpg_error_t
read_data_header (const char *filename
, file_header_t
* fh
,
96 struct stat
*st
, int *fd
);
97 gpg_error_t
decrypt_data (assuan_context_t ctx
, struct crypto_s
*crypto
,
98 unsigned char *salted_key
, size_t keylen
);
99 void cleanup_crypto_stage1 (struct crypto_s
*cr
);
100 void cleanup_crypto_stage2 (struct crypto_s
*cr
);
101 void cleanup_crypto (struct crypto_s
**c
);
102 gpg_error_t
init_client_crypto (struct crypto_s
**crypto
);
103 gpg_error_t
write_file (struct crypto_s
*crypto
, const char *filename
,
104 void *data
, size_t data_len
, void *sexp
,
105 size_t sexp_len
, void *pubkey
, void *sigpkey
);
106 gpg_error_t
export_common (assuan_context_t ctx
, int inquire
,
107 struct crypto_s
* crypto
, const void *data
,
108 size_t datalen
, const char *outfile
,
109 const char *keyfile
, void **rkey
, size_t *rkeylen
,
110 int use_cache
, int force
, int no_passphrase
);
111 gpg_error_t
decrypt_common (assuan_context_t ctx
, int inquire
,
112 struct crypto_s
*crypto
, const char *filename
,
113 char **rkey
, size_t *rkeylen
);
114 gpg_error_t
getpin_common (assuan_context_t ctx
, const char *filename
,
115 int which
, char **rkey
, size_t *rkeylen
);
116 gpg_error_t
save_common (const char *md5file
, struct crypto_s
*crypto
,
117 const unsigned char *data
, size_t datalen
,
118 const unsigned char *key
, size_t keylen
, int *cached
,
120 gpg_error_t
change_passwd (assuan_context_t ctx
, const char *filename
,
121 int inquire
, struct crypto_s
**rcrypto
,
123 gpg_error_t
inquire_passphrase (assuan_context_t ctx
, const char *keyword
,
124 unsigned char **result
, size_t *rlen
);
125 gpg_error_t
hash_key (int algo
, unsigned char *salt
, size_t salt_len
,
126 const void *key
, size_t keylen
, void **result
,