From 3b219f54b302fcdfc4b4c2db9ba5825360381e54 Mon Sep 17 00:00:00 2001 From: Ben Kibbey Date: Mon, 17 Jun 2013 19:36:14 -0400 Subject: [PATCH] Allow the --no-passphrase option for non-PKI data files. This adds the --no-passphrase option to the PASSWD command. --- doc/magic | 10 +++++----- doc/pwmd.html | 5 ++++- src/cipher.h | 3 ++- src/commands.c | 26 ++++++++++++++++++++------ src/crypto.c | 47 ++++++++++++++++++++++++++++++++++++----------- src/crypto.h | 5 +++-- src/pwmd.c | 4 ++-- 7 files changed, 72 insertions(+), 28 deletions(-) diff --git a/doc/magic b/doc/magic index 3cb4119e..fdeaba3f 100644 --- a/doc/magic +++ b/doc/magic @@ -25,8 +25,8 @@ >>>0x11 bequad &0x1000 \btwofish256 >>>0x11 bequad &0x2000 \btwofish128 >>0x31 belong x \b, datalen=%li -# Keygrips. ->>0x11 bequad >0xFFFF +# Keygrips (PKI flag) +>>0x11 bequad &0x10000 >>>0x35 ubyte x \b, keygrip=%02X >>>>&0x00 ubyte x \b%02X >>>>&0x01 ubyte x \b%02X @@ -69,6 +69,6 @@ >>>>&0x12 ubyte x \b%02X # Flags -#>>0x11 uquad >0 -#>>>0x11 uquad &0x10000 , PKI -#>>>0x11 uquad &0x20000 flag 2 +>>0x11 bequad >0 +#>>>0x11 bequad &0x10000 \b, PKI +>>>0x11 bequad &0x20000 \b, not protected diff --git a/doc/pwmd.html b/doc/pwmd.html index 59424494..4e30de84 100644 --- a/doc/pwmd.html +++ b/doc/pwmd.html @@ -1286,7 +1286,7 @@ Next: , Previous:

Syntax:

-
PASSWD [--reset] [--s2k-count=N]
+
PASSWD [--reset] [--s2k-count=N] [--no-passphrase]

Changes the passphrase of the secret key required to open the current @@ -1301,6 +1301,9 @@ machine (the default), or a value greater than or equal to 65536. See SAVE. This option has no effect for symmetrically encrypted data files.

+

The --no-passphrase option will prevent requiring a passphrase for +the data file, although a passphrase may be required when changing it. +

diff --git a/src/cipher.h b/src/cipher.h index 55163cb4..fa223b12 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -41,7 +41,8 @@ #define PWMD_FLAG_OFFSET (PWMD_CIPHER_OFFSET << 15) #define PWMD_FLAG(n) (PWMD_FLAG_OFFSET << n) -#define PWMD_FLAG_PKI PWMD_FLAG (1) +#define PWMD_FLAG_PKI PWMD_FLAG (1) +#define PWMD_FLAG_NO_PASSPHRASE PWMD_FLAG (2) int cipher_string_to_gcrypt (const char *str); int cipher_to_gcrypt (int flags); diff --git a/src/commands.c b/src/commands.c index a3ae015d..d6ad7a91 100644 --- a/src/commands.c +++ b/src/commands.c @@ -288,7 +288,8 @@ open_finalize (assuan_context_t ctx, char *key, size_t keylen) goto done; } - if (!key && !IS_PKI (client->crypto)) + if (!key && !IS_PKI (client->crypto) + && !(client->crypto->hdr.flags & PWMD_FLAG_NO_PASSPHRASE)) { if (client->flags & FLAG_NO_PINENTRY) { @@ -311,6 +312,13 @@ open_finalize (assuan_context_t ctx, char *key, size_t keylen) if (!IS_PKI (client->crypto)) { + if (client->crypto->hdr.flags & PWMD_FLAG_NO_PASSPHRASE) + { + keylen = 1; + key = gcry_malloc (keylen); + memset (key, 0, keylen); + } + algo = cipher_to_gcrypt (client->crypto->hdr.flags); rc = hash_key (algo, client->crypto->hdr.salt, sizeof(client->crypto->hdr.salt), key, keylen, @@ -708,7 +716,7 @@ open_command (assuan_context_t ctx, char *line) } static gpg_error_t -parse_save_opt_no_passphrase (void *data, void *value) +parse_opt_no_passphrase (void *data, void *value) { struct client_s *client = data; @@ -834,7 +842,8 @@ save_finalize (assuan_context_t ctx) { rc = export_common (ctx, client->flags & FLAG_NO_PINENTRY, client->crypto, xmlbuf, xmlbuflen, client->filename, - NULL, &key, &keylen, 1, 1); + NULL, &key, &keylen, 1, 1, + (client->opts & OPT_NO_PASSPHRASE)); } #ifdef WITH_AGENT else @@ -935,7 +944,7 @@ save_command (assuan_context_t ctx, char *line) struct stat st; struct argv_s *args[] = { &(struct argv_s) {"no-passphrase", OPTION_TYPE_NOARG, - parse_save_opt_no_passphrase}, + parse_opt_no_passphrase}, &(struct argv_s) {"cipher", OPTION_TYPE_ARG, parse_save_opt_cipher}, &(struct argv_s) {"inquire-keyparam", OPTION_TYPE_NOARG, parse_opt_inquire}, @@ -4055,6 +4064,7 @@ passwd_command (assuan_context_t ctx, char *line) struct argv_s *args[] = { &(struct argv_s) {"reset", OPTION_TYPE_NOARG, parse_opt_reset}, &(struct argv_s) {"s2k-count", OPTION_TYPE_ARG, parse_opt_s2k_count}, + &(struct argv_s) {"no-passphrase", OPTION_TYPE_NOARG, parse_opt_no_passphrase}, NULL }; @@ -4083,7 +4093,8 @@ passwd_command (assuan_context_t ctx, char *line) xfree (client->crypto->filename); client->crypto->filename = str_dup (client->filename); rc = change_passwd (ctx, client->filename, - client->flags & FLAG_NO_PINENTRY, &crypto); + client->flags & FLAG_NO_PINENTRY, &crypto, + (client->opts & OPT_NO_PASSPHRASE)); if (!rc) { cleanup_crypto (&client->crypto); @@ -4368,7 +4379,7 @@ init_commands () )); new_command("PASSWD", 0, 0, passwd_command, _( -"PASSWD [--reset] [--s2k-count=N]\n" +"PASSWD [--reset] [--s2k-count=N] [--no-passphrase]\n" "Changes the passphrase of the secret key required to open the current " "file or the passphrase of a symmetrically encrypted data file. When the " "@option{--reset} option is passed then the cache entry for the current " @@ -4380,6 +4391,9 @@ init_commands () "machine (the default), or a value greater than or equal to @code{65536}. " "@xref{SAVE}. This option has no effect for symmetrically encrypted data " "files." +"\n" +"The @option{--no-passphrase} option will prevent requiring a passphrase for " +"the data file, although a passphrase may be required when changing it." )); new_command("KEYGRIP", 1, 1, keygrip_command, _( diff --git a/src/crypto.c b/src/crypto.c index 7fc012f9..91d833c2 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -829,7 +829,7 @@ gpg_error_t export_common (assuan_context_t ctx, int inquire, struct crypto_s * crypto, const void *data, size_t datalen, const char *outfile, const char *keyfile, void **rkey, size_t *rkeylen, - int use_cache, int force) + int use_cache, int force, int no_passphrase) { gpg_error_t rc = 0; void *enc_xml = NULL; @@ -942,7 +942,7 @@ export_common (assuan_context_t ctx, int inquire, struct crypto_s * crypto, return rc; } - if (!use_cache) // PASSWD or new file + if (!use_cache && !no_passphrase) // PASSWD or new file { gcry_free (key); if (inquire) @@ -961,9 +961,18 @@ export_common (assuan_context_t ctx, int inquire, struct crypto_s * crypto, } else { - salted_key = key; - keysize = keylen; - cached = 1; + if (no_passphrase) + { + keylen = 1; + key = gcry_malloc (keylen); + memset (key, 0, keylen); + } + else + { + salted_key = key; + keysize = keylen; + cached = 1; + } } } } @@ -983,6 +992,9 @@ export_common (assuan_context_t ctx, int inquire, struct crypto_s * crypto, if (!rc) { + if (no_passphrase && !(crypto->save.hdr.flags & PWMD_FLAG_PKI)) + crypto->save.hdr.flags |= PWMD_FLAG_NO_PASSPHRASE; + memcpy (crypto->save.hdr.iv, iv, iv_len); xfree (iv); crypto->save.hdr.datalen = enc_xml_len; @@ -1264,7 +1276,7 @@ hash_key (int algo, unsigned char *salt, size_t salt_len, const void *key, /* The PASSWD command when not using gpg-agent. */ gpg_error_t change_passwd (assuan_context_t ctx, const char *filename, int inquire, - struct crypto_s **rcrypto) + struct crypto_s **rcrypto, int no_passphrase) { unsigned char *key = NULL; size_t keylen = 0; @@ -1292,9 +1304,13 @@ change_passwd (assuan_context_t ctx, const char *filename, int inquire, if (!rc) { memcpy (&crypto->save.hdr, &crypto->hdr, sizeof (file_header_t)); + + if (!no_passphrase) + crypto->save.hdr.flags &= ~PWMD_FLAG_NO_PASSPHRASE; + rc = export_common (ctx, inquire, crypto, crypto->plaintext, crypto->plaintext_len, crypto->filename, NULL, - (void **)&key, &keylen, 0, 0); + (void **)&key, &keylen, 0, 0, no_passphrase); } if (!rc) @@ -1523,11 +1539,20 @@ decrypt_common (assuan_context_t ctx, int inquire, struct crypto_s *crypto, } else if (!key && !IS_PKI (crypto)) { - rc = getpin_common (ctx, filename, PINENTRY_OPEN, &key, &keylen); - if (rc) + if (crypto->hdr.flags & PWMD_FLAG_NO_PASSPHRASE) { - log_write ("ERR %i: %s", rc, pwmd_strerror (rc)); - return rc; + keylen = 1; + key = gcry_malloc (keylen); + memset (key, 0, keylen); + } + else + { + rc = getpin_common (ctx, filename, PINENTRY_OPEN, &key, &keylen); + if (rc) + { + log_write ("ERR %i: %s", rc, pwmd_strerror (rc)); + return rc; + } } } #ifdef WITH_AGENT diff --git a/src/crypto.h b/src/crypto.h index 79983a48..070561a9 100644 --- a/src/crypto.h +++ b/src/crypto.h @@ -107,7 +107,7 @@ gpg_error_t export_common (assuan_context_t ctx, int inquire, struct crypto_s * crypto, const void *data, size_t datalen, const char *outfile, const char *keyfile, void **rkey, size_t *rkeylen, - int use_cache, int force); + int use_cache, int force, int no_passphrase); gpg_error_t decrypt_common (assuan_context_t ctx, int inquire, struct crypto_s *crypto, const char *filename, char **rkey, size_t *rkeylen); @@ -118,7 +118,8 @@ gpg_error_t save_common (const char *md5file, struct crypto_s *crypto, const unsigned char *key, size_t keylen, int *cached, int no_agent); gpg_error_t change_passwd (assuan_context_t ctx, const char *filename, - int inquire, struct crypto_s **rcrypto); + int inquire, struct crypto_s **rcrypto, + int no_passphrase); gpg_error_t inquire_passphrase (assuan_context_t ctx, const char *keyword, unsigned char **result, size_t *rlen); gpg_error_t hash_key (int algo, unsigned char *salt, size_t salt_len, diff --git a/src/pwmd.c b/src/pwmd.c index 5fa919cc..e8079421 100644 --- a/src/pwmd.c +++ b/src/pwmd.c @@ -1238,7 +1238,7 @@ xml_import (const char *filename, const char *outfile, if (!use_agent) { rc = export_common (NULL, 0, crypto, xml, len, outfile, keyfile, &key, - &keylen, 0, 0); + &keylen, 0, 0, no_passphrase); if (!rc) log_write (_("Success!")); } @@ -2322,7 +2322,7 @@ convert_v2_datafile (const char *filename, const char *cipher, if (!use_agent) { rc = export_common (NULL, 0, crypto, data, datalen, outfile, keyfile, - &key, &keylen, 0, 0); + &key, &keylen, 0, 0, nopass); } #ifdef WITH_AGENT else -- 2.11.4.GIT