2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
5 This file is part of pwmd.
7 Pwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
12 Pwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
24 #include <gpg-error.h>
25 #include <sys/types.h>
31 #elif defined (HAVE_INTTYPES_H)
41 #define DEFAULT_KDFS2K_ITERATIONS 5000000
42 #define COMPAT_KDFS2K_ITERATIONS 1000
52 uint32_t datalen
; /* of the encrypted xml */
53 } __attribute__ ((packed
)) file_header_t
;
57 gcry_sexp_t pkey
; /* SAVE --keygrip */
58 gcry_sexp_t sigpkey
; /* SAVE --sign-keygrip */
64 assuan_context_t client_ctx
;
66 struct agent_s
*agent
;
69 gcry_sexp_t pkey_sexp
;
70 unsigned char grip
[20];
71 gcry_sexp_t sigpkey_sexp
;
72 unsigned char sign_grip
[20];
73 gcry_sexp_t ciphertext_sexp
;
75 size_t ciphertext_len
;
79 char *filename
; /* the currently opened data file */
83 #define IS_PKI(crypto) (use_agent && (crypto->hdr.flags & PWMD_FLAG_PKI))
85 void cleanup_save (struct save_s
*save
);
86 gpg_error_t
encrypt_xml (assuan_context_t ctx
, void *key
, size_t keylen
, int
87 algo
, const void *xml
, size_t len
, void **result
,
88 size_t * result_len
, unsigned char **iv
,
90 gpg_error_t
decrypt_cache (struct crypto_s
*crypto
, const void *data
,
92 gpg_error_t
read_data_file (const char *filename
, struct crypto_s
*crypto
);
93 gpg_error_t
read_data_header (const char *filename
, file_header_t
* fh
,
94 struct stat
*st
, int *fd
);
95 gpg_error_t
decrypt_data (assuan_context_t ctx
, struct crypto_s
*crypto
,
96 unsigned char *salted_key
, size_t keylen
);
97 void cleanup_crypto_stage1 (struct crypto_s
*cr
);
98 void cleanup_crypto_stage2 (struct crypto_s
*cr
);
99 void cleanup_crypto (struct crypto_s
**c
);
100 gpg_error_t
init_client_crypto (struct crypto_s
**crypto
);
101 gpg_error_t
write_file (struct crypto_s
*crypto
, const char *filename
,
102 void *data
, size_t data_len
, void *sexp
,
103 size_t sexp_len
, void *pubkey
, void *sigpkey
);
104 gpg_error_t
export_common (assuan_context_t ctx
, int inquire
,
105 struct crypto_s
* crypto
, const void *data
,
106 size_t datalen
, const char *outfile
,
107 const char *keyfile
, void **rkey
, size_t *rkeylen
,
108 int use_cache
, int force
, int no_passphrase
);
109 gpg_error_t
decrypt_common (assuan_context_t ctx
, int inquire
,
110 struct crypto_s
*crypto
, const char *filename
,
111 void **salted_key
, size_t *salted_keysize
,
112 unsigned char **rkey
, size_t *rkeylen
);
113 gpg_error_t
getpin_common (assuan_context_t ctx
, const char *filename
,
114 int which
, char **rkey
, size_t *rkeylen
);
115 gpg_error_t
save_common (const char *md5file
, struct crypto_s
*crypto
,
116 const unsigned char *data
, size_t datalen
,
117 const unsigned char *key
, size_t keylen
, int *cached
,
119 gpg_error_t
change_passwd (assuan_context_t ctx
, const char *filename
,
120 int inquire
, struct crypto_s
**rcrypto
,
122 gpg_error_t
inquire_passphrase (assuan_context_t ctx
, const char *keyword
,
123 unsigned char **result
, size_t *rlen
);
124 gpg_error_t
hash_key (int algo
, unsigned char *salt
, size_t salt_len
,
125 const void *key
, size_t keylen
, void **result
,
126 size_t *rlen
, uint64_t iterations
);
127 gpg_error_t
crypto_try_decrypt (assuan_context_t ctx
, int inquire
, const char *filename
,
128 struct crypto_s
**rcrypto
, unsigned char **key
,