2003-08-05 19:11:04 +02:00
|
|
|
|
/* protect-tool.c - A tool to test the secret key protection
|
2007-01-25 09:30:47 +01:00
|
|
|
|
* Copyright (C) 2002, 2003, 2004, 2006 Free Software Foundation, Inc.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 21:49:40 +02:00
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-08-05 19:11:04 +02:00
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <stddef.h>
|
|
|
|
|
#include <stdarg.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <assert.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include <unistd.h>
|
2004-08-18 14:47:33 +02:00
|
|
|
|
#ifdef HAVE_LOCALE_H
|
|
|
|
|
#include <locale.h>
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_LANGINFO_CODESET
|
|
|
|
|
#include <langinfo.h>
|
|
|
|
|
#endif
|
2004-12-15 15:15:54 +01:00
|
|
|
|
#ifdef HAVE_DOSISH_SYSTEM
|
|
|
|
|
#include <fcntl.h> /* for setmode() */
|
|
|
|
|
#endif
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
#include "agent.h"
|
agent: Resolve conflict of util.h.
* agent/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* agent/call-pinentry.c, agent/call-scd.c: Follow the change.
* agent/command-ssh.c, agent/command.c, agent/cvt-openpgp.c: Ditto.
* agent/divert-scd.c, agent/findkey.c, agent/genkey.c: Ditto.
* agent/gpg-agent.c, agent/pksign.c, agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c, agent/protect.c, agent/trustlist.c: Ditto.
* agent/w32main.c: Ditto.
--
For openpty function, we need to include util.h on some OS.
We also have util.h in common/, so this change is needed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 11:22:48 +01:00
|
|
|
|
#include "../common/i18n.h"
|
|
|
|
|
#include "../common/get-passphrase.h"
|
|
|
|
|
#include "../common/sysutils.h"
|
2012-02-06 20:50:47 +01:00
|
|
|
|
#include "../common/init.h"
|
2004-12-20 17:17:25 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2011-02-04 12:57:53 +01:00
|
|
|
|
enum cmd_and_opt_values
|
|
|
|
|
{
|
2009-04-01 12:51:53 +02:00
|
|
|
|
aNull = 0,
|
2003-08-05 19:11:04 +02:00
|
|
|
|
oVerbose = 'v',
|
|
|
|
|
oArmor = 'a',
|
|
|
|
|
oPassphrase = 'P',
|
|
|
|
|
|
|
|
|
|
oProtect = 'p',
|
|
|
|
|
oUnprotect = 'u',
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
oNoVerbose = 500,
|
|
|
|
|
oShadow,
|
|
|
|
|
oShowShadowInfo,
|
|
|
|
|
oShowKeygrip,
|
2009-12-14 21:12:56 +01:00
|
|
|
|
oS2Kcalibration,
|
2005-05-20 22:39:36 +02:00
|
|
|
|
oCanonical,
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
oStore,
|
|
|
|
|
oForce,
|
2004-02-19 17:26:32 +01:00
|
|
|
|
oHaveCert,
|
2004-02-13 13:37:54 +01:00
|
|
|
|
oNoFailOnExist,
|
|
|
|
|
oHomedir,
|
2004-02-19 17:26:32 +01:00
|
|
|
|
oPrompt,
|
2011-02-04 12:57:53 +01:00
|
|
|
|
oStatusMsg,
|
2016-04-12 14:37:26 +02:00
|
|
|
|
oDebugUseOCB,
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
oAgentProgram
|
|
|
|
|
};
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2011-02-04 12:57:53 +01:00
|
|
|
|
struct rsa_secret_key_s
|
2009-04-01 12:51:53 +02:00
|
|
|
|
{
|
|
|
|
|
gcry_mpi_t n; /* public modulus */
|
|
|
|
|
gcry_mpi_t e; /* public exponent */
|
|
|
|
|
gcry_mpi_t d; /* exponent */
|
|
|
|
|
gcry_mpi_t p; /* prime p. */
|
|
|
|
|
gcry_mpi_t q; /* prime q. */
|
|
|
|
|
gcry_mpi_t u; /* inverse of p mod q. */
|
|
|
|
|
};
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int opt_armor;
|
2005-05-20 22:39:36 +02:00
|
|
|
|
static int opt_canonical;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
static int opt_store;
|
|
|
|
|
static int opt_force;
|
2004-02-13 13:37:54 +01:00
|
|
|
|
static int opt_no_fail_on_exist;
|
2004-02-19 17:26:32 +01:00
|
|
|
|
static int opt_have_cert;
|
|
|
|
|
static const char *opt_passphrase;
|
|
|
|
|
static char *opt_prompt;
|
2004-04-30 17:24:33 +02:00
|
|
|
|
static int opt_status_msg;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
static const char *opt_agent_program;
|
2016-04-12 14:37:26 +02:00
|
|
|
|
static int opt_debug_use_ocb;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
static char *get_passphrase (int promptno);
|
2004-02-19 17:26:32 +01:00
|
|
|
|
static void release_passphrase (char *pw);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static ARGPARSE_OPTS opts[] = {
|
2009-04-01 12:51:53 +02:00
|
|
|
|
ARGPARSE_group (300, N_("@Commands:\n ")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_c (oProtect, "protect", "protect a private key"),
|
|
|
|
|
ARGPARSE_c (oUnprotect, "unprotect", "unprotect a private key"),
|
|
|
|
|
ARGPARSE_c (oShadow, "shadow", "create a shadow entry for a public key"),
|
|
|
|
|
ARGPARSE_c (oShowShadowInfo, "show-shadow-info", "return the shadow info"),
|
|
|
|
|
ARGPARSE_c (oShowKeygrip, "show-keygrip", "show the \"keygrip\""),
|
2009-12-14 21:12:56 +01:00
|
|
|
|
ARGPARSE_c (oS2Kcalibration, "s2k-calibration", "@"),
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
ARGPARSE_group (301, N_("@\nOptions:\n ")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_n (oVerbose, "verbose", "verbose"),
|
|
|
|
|
ARGPARSE_s_n (oArmor, "armor", "write output in advanced format"),
|
|
|
|
|
ARGPARSE_s_n (oCanonical, "canonical", "write output in canonical format"),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_s (oPassphrase, "passphrase", "|STRING|use passphrase STRING"),
|
|
|
|
|
ARGPARSE_s_n (oHaveCert, "have-cert",
|
|
|
|
|
"certificate to export provided on STDIN"),
|
2011-02-04 12:57:53 +01:00
|
|
|
|
ARGPARSE_s_n (oStore, "store",
|
2009-04-01 12:51:53 +02:00
|
|
|
|
"store the created key in the appropriate place"),
|
2011-02-04 12:57:53 +01:00
|
|
|
|
ARGPARSE_s_n (oForce, "force",
|
2009-04-01 12:51:53 +02:00
|
|
|
|
"force overwriting"),
|
|
|
|
|
ARGPARSE_s_n (oNoFailOnExist, "no-fail-on-exist", "@"),
|
2011-02-04 12:57:53 +01:00
|
|
|
|
ARGPARSE_s_s (oHomedir, "homedir", "@"),
|
|
|
|
|
ARGPARSE_s_s (oPrompt, "prompt",
|
|
|
|
|
"|ESCSTRING|use ESCSTRING as prompt in pinentry"),
|
2009-04-01 12:51:53 +02:00
|
|
|
|
ARGPARSE_s_n (oStatusMsg, "enable-status-msg", "@"),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
|
|
|
|
|
|
2016-04-12 14:37:26 +02:00
|
|
|
|
ARGPARSE_s_n (oDebugUseOCB, "debug-use-ocb", "@"), /* For hacking only. */
|
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
ARGPARSE_end ()
|
2003-08-05 19:11:04 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const char *
|
|
|
|
|
my_strusage (int level)
|
|
|
|
|
{
|
|
|
|
|
const char *p;
|
|
|
|
|
switch (level)
|
|
|
|
|
{
|
2013-11-18 14:09:47 +01:00
|
|
|
|
case 11: p = "gpg-protect-tool (" GNUPG_NAME ")";
|
2003-08-05 19:11:04 +02:00
|
|
|
|
break;
|
|
|
|
|
case 13: p = VERSION; break;
|
|
|
|
|
case 17: p = PRINTABLE_OS_NAME; break;
|
2009-07-21 16:21:05 +02:00
|
|
|
|
case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
case 1:
|
|
|
|
|
case 40: p = _("Usage: gpg-protect-tool [options] (-h for help)\n");
|
|
|
|
|
break;
|
2006-11-09 17:09:46 +01:00
|
|
|
|
case 41: p = _("Syntax: gpg-protect-tool [options] [args]\n"
|
2003-08-05 19:11:04 +02:00
|
|
|
|
"Secret key maintenance tool\n");
|
|
|
|
|
break;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
default: p = NULL;
|
|
|
|
|
}
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* static void */
|
|
|
|
|
/* print_mpi (const char *text, gcry_mpi_t a) */
|
|
|
|
|
/* { */
|
|
|
|
|
/* char *buf; */
|
|
|
|
|
/* void *bufaddr = &buf; */
|
|
|
|
|
/* int rc; */
|
|
|
|
|
|
|
|
|
|
/* rc = gcry_mpi_aprint (GCRYMPI_FMT_HEX, bufaddr, NULL, a); */
|
|
|
|
|
/* if (rc) */
|
|
|
|
|
/* log_info ("%s: [error printing number: %s]\n", text, gpg_strerror (rc)); */
|
|
|
|
|
/* else */
|
|
|
|
|
/* { */
|
|
|
|
|
/* log_info ("%s: %s\n", text, buf); */
|
|
|
|
|
/* gcry_free (buf); */
|
|
|
|
|
/* } */
|
|
|
|
|
/* } */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static unsigned char *
|
|
|
|
|
make_canonical (const char *fname, const char *buf, size_t buflen)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
size_t erroff, len;
|
|
|
|
|
gcry_sexp_t sexp;
|
|
|
|
|
unsigned char *result;
|
|
|
|
|
|
|
|
|
|
rc = gcry_sexp_sscan (&sexp, &erroff, buf, buflen);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("invalid S-Expression in '%s' (off=%u): %s\n",
|
2003-08-05 19:11:04 +02:00
|
|
|
|
fname, (unsigned int)erroff, gpg_strerror (rc));
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_CANON, NULL, 0);
|
|
|
|
|
assert (len);
|
|
|
|
|
result = xmalloc (len);
|
|
|
|
|
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_CANON, result, len);
|
|
|
|
|
assert (len);
|
|
|
|
|
gcry_sexp_release (sexp);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static char *
|
|
|
|
|
make_advanced (const unsigned char *buf, size_t buflen)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
size_t erroff, len;
|
|
|
|
|
gcry_sexp_t sexp;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
char *result;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2005-06-16 10:12:03 +02:00
|
|
|
|
rc = gcry_sexp_sscan (&sexp, &erroff, (const char*)buf, buflen);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (rc)
|
|
|
|
|
{
|
|
|
|
|
log_error ("invalid canonical S-Expression (off=%u): %s\n",
|
|
|
|
|
(unsigned int)erroff, gpg_strerror (rc));
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0);
|
|
|
|
|
assert (len);
|
|
|
|
|
result = xmalloc (len);
|
|
|
|
|
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, result, len);
|
|
|
|
|
assert (len);
|
|
|
|
|
gcry_sexp_release (sexp);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static char *
|
|
|
|
|
read_file (const char *fname, size_t *r_length)
|
|
|
|
|
{
|
|
|
|
|
FILE *fp;
|
|
|
|
|
char *buf;
|
|
|
|
|
size_t buflen;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-02-13 13:37:54 +01:00
|
|
|
|
if (!strcmp (fname, "-"))
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2004-02-13 13:37:54 +01:00
|
|
|
|
size_t nread, bufsize = 0;
|
|
|
|
|
|
|
|
|
|
fp = stdin;
|
2004-12-15 15:15:54 +01:00
|
|
|
|
#ifdef HAVE_DOSISH_SYSTEM
|
|
|
|
|
setmode ( fileno(fp) , O_BINARY );
|
|
|
|
|
#endif
|
2004-02-13 13:37:54 +01:00
|
|
|
|
buf = NULL;
|
|
|
|
|
buflen = 0;
|
|
|
|
|
#define NCHUNK 8192
|
2011-02-04 12:57:53 +01:00
|
|
|
|
do
|
2004-02-13 13:37:54 +01:00
|
|
|
|
{
|
|
|
|
|
bufsize += NCHUNK;
|
|
|
|
|
if (!buf)
|
|
|
|
|
buf = xmalloc (bufsize);
|
|
|
|
|
else
|
|
|
|
|
buf = xrealloc (buf, bufsize);
|
|
|
|
|
|
|
|
|
|
nread = fread (buf+buflen, 1, NCHUNK, fp);
|
|
|
|
|
if (nread < NCHUNK && ferror (fp))
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("error reading '[stdin]': %s\n", strerror (errno));
|
2004-02-13 13:37:54 +01:00
|
|
|
|
xfree (buf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
buflen += nread;
|
|
|
|
|
}
|
|
|
|
|
while (nread == NCHUNK);
|
|
|
|
|
#undef NCHUNK
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
2004-02-13 13:37:54 +01:00
|
|
|
|
else
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2004-02-13 13:37:54 +01:00
|
|
|
|
struct stat st;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2004-02-13 13:37:54 +01:00
|
|
|
|
fp = fopen (fname, "rb");
|
|
|
|
|
if (!fp)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("can't open '%s': %s\n", fname, strerror (errno));
|
2004-02-13 13:37:54 +01:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-02-13 13:37:54 +01:00
|
|
|
|
if (fstat (fileno(fp), &st))
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("can't stat '%s': %s\n", fname, strerror (errno));
|
2004-02-13 13:37:54 +01:00
|
|
|
|
fclose (fp);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-02-13 13:37:54 +01:00
|
|
|
|
buflen = st.st_size;
|
|
|
|
|
buf = xmalloc (buflen+1);
|
|
|
|
|
if (fread (buf, buflen, 1, fp) != 1)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("error reading '%s': %s\n", fname, strerror (errno));
|
2004-02-13 13:37:54 +01:00
|
|
|
|
fclose (fp);
|
|
|
|
|
xfree (buf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
fclose (fp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*r_length = buflen;
|
|
|
|
|
return buf;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static unsigned char *
|
|
|
|
|
read_key (const char *fname)
|
|
|
|
|
{
|
|
|
|
|
char *buf;
|
|
|
|
|
size_t buflen;
|
|
|
|
|
unsigned char *key;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
buf = read_file (fname, &buflen);
|
|
|
|
|
if (!buf)
|
|
|
|
|
return NULL;
|
|
|
|
|
key = make_canonical (fname, buf, buflen);
|
|
|
|
|
xfree (buf);
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
read_and_protect (const char *fname)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned char *key;
|
|
|
|
|
unsigned char *result;
|
|
|
|
|
size_t resultlen;
|
2004-02-19 17:26:32 +01:00
|
|
|
|
char *pw;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
key = read_key (fname);
|
|
|
|
|
if (!key)
|
|
|
|
|
return;
|
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
pw = get_passphrase (1);
|
2016-04-12 14:37:26 +02:00
|
|
|
|
rc = agent_protect (key, pw, &result, &resultlen, 0,
|
|
|
|
|
opt_debug_use_ocb? 1 : -1);
|
2004-02-19 17:26:32 +01:00
|
|
|
|
release_passphrase (pw);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
xfree (key);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
|
|
|
|
log_error ("protecting the key failed: %s\n", gpg_strerror (rc));
|
|
|
|
|
return;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt_armor)
|
|
|
|
|
{
|
|
|
|
|
char *p = make_advanced (result, resultlen);
|
|
|
|
|
xfree (result);
|
|
|
|
|
if (!p)
|
|
|
|
|
return;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
result = (unsigned char*)p;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
resultlen = strlen (p);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fwrite (result, resultlen, 1, stdout);
|
|
|
|
|
xfree (result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
2016-04-14 12:28:48 +02:00
|
|
|
|
read_and_unprotect (ctrl_t ctrl, const char *fname)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned char *key;
|
|
|
|
|
unsigned char *result;
|
|
|
|
|
size_t resultlen;
|
2004-02-19 17:26:32 +01:00
|
|
|
|
char *pw;
|
2007-08-28 19:48:13 +02:00
|
|
|
|
gnupg_isotime_t protected_at;
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
key = read_key (fname);
|
|
|
|
|
if (!key)
|
|
|
|
|
return;
|
|
|
|
|
|
2016-04-14 12:28:48 +02:00
|
|
|
|
rc = agent_unprotect (ctrl, key, (pw=get_passphrase (1)),
|
2007-08-28 19:48:13 +02:00
|
|
|
|
protected_at, &result, &resultlen);
|
2004-02-19 17:26:32 +01:00
|
|
|
|
release_passphrase (pw);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
xfree (key);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
2004-04-30 17:24:33 +02:00
|
|
|
|
if (opt_status_msg)
|
|
|
|
|
log_info ("[PROTECT-TOOL:] bad-passphrase\n");
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_error ("unprotecting the key failed: %s\n", gpg_strerror (rc));
|
|
|
|
|
return;
|
|
|
|
|
}
|
2007-08-28 19:48:13 +02:00
|
|
|
|
if (opt.verbose)
|
2016-04-14 12:28:48 +02:00
|
|
|
|
{
|
|
|
|
|
if (*protected_at)
|
|
|
|
|
log_info ("key protection done at %.4s-%.2s-%.2s %.2s:%.2s:%s\n",
|
|
|
|
|
protected_at, protected_at+4, protected_at+6,
|
|
|
|
|
protected_at+9, protected_at+11, protected_at+13);
|
|
|
|
|
else
|
|
|
|
|
log_info ("key protection done at [unknown]\n");
|
|
|
|
|
}
|
2007-08-28 19:48:13 +02:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt_armor)
|
|
|
|
|
{
|
|
|
|
|
char *p = make_advanced (result, resultlen);
|
|
|
|
|
xfree (result);
|
|
|
|
|
if (!p)
|
|
|
|
|
return;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
result = (unsigned char*)p;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
resultlen = strlen (p);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fwrite (result, resultlen, 1, stdout);
|
|
|
|
|
xfree (result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
read_and_shadow (const char *fname)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned char *key;
|
|
|
|
|
unsigned char *result;
|
|
|
|
|
size_t resultlen;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
unsigned char dummy_info[] = "(8:313233342:43)";
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
key = read_key (fname);
|
|
|
|
|
if (!key)
|
|
|
|
|
return;
|
|
|
|
|
|
2005-06-16 10:12:03 +02:00
|
|
|
|
rc = agent_shadow_key (key, dummy_info, &result);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
xfree (key);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
|
|
|
|
log_error ("shadowing the key failed: %s\n", gpg_strerror (rc));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
resultlen = gcry_sexp_canon_len (result, 0, NULL,NULL);
|
|
|
|
|
assert (resultlen);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt_armor)
|
|
|
|
|
{
|
|
|
|
|
char *p = make_advanced (result, resultlen);
|
|
|
|
|
xfree (result);
|
|
|
|
|
if (!p)
|
|
|
|
|
return;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
result = (unsigned char*)p;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
resultlen = strlen (p);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fwrite (result, resultlen, 1, stdout);
|
|
|
|
|
xfree (result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
show_shadow_info (const char *fname)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned char *key;
|
|
|
|
|
const unsigned char *info;
|
|
|
|
|
size_t infolen;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
key = read_key (fname);
|
|
|
|
|
if (!key)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
rc = agent_get_shadow_info (key, &info);
|
|
|
|
|
xfree (key);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
|
|
|
|
log_error ("get_shadow_info failed: %s\n", gpg_strerror (rc));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
infolen = gcry_sexp_canon_len (info, 0, NULL,NULL);
|
|
|
|
|
assert (infolen);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt_armor)
|
|
|
|
|
{
|
|
|
|
|
char *p = make_advanced (info, infolen);
|
|
|
|
|
if (!p)
|
|
|
|
|
return;
|
|
|
|
|
fwrite (p, strlen (p), 1, stdout);
|
|
|
|
|
xfree (p);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
fwrite (info, infolen, 1, stdout);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
show_file (const char *fname)
|
|
|
|
|
{
|
|
|
|
|
unsigned char *key;
|
|
|
|
|
size_t keylen;
|
|
|
|
|
char *p;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
key = read_key (fname);
|
|
|
|
|
if (!key)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
keylen = gcry_sexp_canon_len (key, 0, NULL,NULL);
|
|
|
|
|
assert (keylen);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2005-05-20 22:39:36 +02:00
|
|
|
|
if (opt_canonical)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2005-05-20 22:39:36 +02:00
|
|
|
|
fwrite (key, keylen, 1, stdout);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
2005-05-20 22:39:36 +02:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
p = make_advanced (key, keylen);
|
|
|
|
|
if (p)
|
|
|
|
|
{
|
|
|
|
|
fwrite (p, strlen (p), 1, stdout);
|
|
|
|
|
xfree (p);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
xfree (key);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
show_keygrip (const char *fname)
|
|
|
|
|
{
|
|
|
|
|
unsigned char *key;
|
|
|
|
|
gcry_sexp_t private;
|
|
|
|
|
unsigned char grip[20];
|
|
|
|
|
int i;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
key = read_key (fname);
|
|
|
|
|
if (!key)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (gcry_sexp_new (&private, key, 0, 0))
|
|
|
|
|
{
|
|
|
|
|
log_error ("gcry_sexp_new failed\n");
|
|
|
|
|
return;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
xfree (key);
|
|
|
|
|
|
|
|
|
|
if (!gcry_pk_get_keygrip (private, grip))
|
|
|
|
|
{
|
|
|
|
|
log_error ("can't calculate keygrip\n");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
gcry_sexp_release (private);
|
|
|
|
|
|
|
|
|
|
for (i=0; i < 20; i++)
|
|
|
|
|
printf ("%02X", grip[i]);
|
|
|
|
|
putchar ('\n');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2004-02-13 13:37:54 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
main (int argc, char **argv )
|
|
|
|
|
{
|
|
|
|
|
ARGPARSE_ARGS pargs;
|
|
|
|
|
int cmd = 0;
|
2004-02-13 13:37:54 +01:00
|
|
|
|
const char *fname;
|
2016-04-14 12:28:48 +02:00
|
|
|
|
ctrl_t ctrl;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2015-01-28 19:57:22 +01:00
|
|
|
|
early_system_init ();
|
2003-08-05 19:11:04 +02:00
|
|
|
|
set_strusage (my_strusage);
|
|
|
|
|
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
|
Call log_set_prefix() with human-readable labels.
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-12 07:37:57 +02:00
|
|
|
|
log_set_prefix ("gpg-protect-tool", GPGRT_LOG_WITH_PREFIX);
|
2004-02-18 17:57:38 +01:00
|
|
|
|
|
2007-06-14 19:05:07 +02:00
|
|
|
|
/* Make sure that our subsystems are ready. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
i18n_init ();
|
2010-03-22 13:46:05 +01:00
|
|
|
|
init_common_subsystems (&argc, &argv);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2007-04-20 18:59:37 +02:00
|
|
|
|
setup_libgcrypt_logging ();
|
2003-08-05 19:11:04 +02:00
|
|
|
|
gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
|
|
|
|
|
|
|
|
|
|
pargs.argc = &argc;
|
|
|
|
|
pargs.argv = &argv;
|
2004-02-13 13:37:54 +01:00
|
|
|
|
pargs.flags= 1; /* (do not remove the args) */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
while (arg_parse (&pargs, opts) )
|
|
|
|
|
{
|
|
|
|
|
switch (pargs.r_opt)
|
|
|
|
|
{
|
|
|
|
|
case oVerbose: opt.verbose++; break;
|
|
|
|
|
case oArmor: opt_armor=1; break;
|
2005-05-20 22:39:36 +02:00
|
|
|
|
case oCanonical: opt_canonical=1; break;
|
2016-06-07 10:59:46 +02:00
|
|
|
|
case oHomedir: gnupg_set_homedir (pargs.r.ret_str); break;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
case oAgentProgram: opt_agent_program = pargs.r.ret_str; break;
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
case oProtect: cmd = oProtect; break;
|
|
|
|
|
case oUnprotect: cmd = oUnprotect; break;
|
|
|
|
|
case oShadow: cmd = oShadow; break;
|
|
|
|
|
case oShowShadowInfo: cmd = oShowShadowInfo; break;
|
|
|
|
|
case oShowKeygrip: cmd = oShowKeygrip; break;
|
2009-12-14 21:12:56 +01:00
|
|
|
|
case oS2Kcalibration: cmd = oS2Kcalibration; break;
|
|
|
|
|
|
2004-02-19 17:26:32 +01:00
|
|
|
|
case oPassphrase: opt_passphrase = pargs.r.ret_str; break;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
case oStore: opt_store = 1; break;
|
|
|
|
|
case oForce: opt_force = 1; break;
|
2004-02-13 13:37:54 +01:00
|
|
|
|
case oNoFailOnExist: opt_no_fail_on_exist = 1; break;
|
2004-02-19 17:26:32 +01:00
|
|
|
|
case oHaveCert: opt_have_cert = 1; break;
|
|
|
|
|
case oPrompt: opt_prompt = pargs.r.ret_str; break;
|
2004-04-30 17:24:33 +02:00
|
|
|
|
case oStatusMsg: opt_status_msg = 1; break;
|
2016-04-12 14:37:26 +02:00
|
|
|
|
case oDebugUseOCB: opt_debug_use_ocb = 1; break;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
default: pargs.err = ARGPARSE_PRINT_ERROR; break;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-04-01 12:51:53 +02:00
|
|
|
|
if (log_get_errorcount (0))
|
|
|
|
|
exit (2);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2004-02-13 13:37:54 +01:00
|
|
|
|
fname = "-";
|
|
|
|
|
if (argc == 1)
|
|
|
|
|
fname = *argv;
|
|
|
|
|
else if (argc > 1)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
usage (1);
|
|
|
|
|
|
2016-09-17 09:16:41 +02:00
|
|
|
|
/* Allocate an CTRL object. An empty object should be sufficient. */
|
2016-04-14 12:28:48 +02:00
|
|
|
|
ctrl = xtrycalloc (1, sizeof *ctrl);
|
|
|
|
|
if (!ctrl)
|
|
|
|
|
{
|
|
|
|
|
log_error ("error allocating connection control data: %s\n",
|
|
|
|
|
strerror (errno));
|
|
|
|
|
agent_exit (1);
|
|
|
|
|
}
|
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
/* Set the information which can't be taken from envvars. */
|
|
|
|
|
gnupg_prepare_get_passphrase (GPG_ERR_SOURCE_DEFAULT,
|
|
|
|
|
opt.verbose,
|
|
|
|
|
opt_agent_program,
|
2009-07-07 12:02:41 +02:00
|
|
|
|
NULL, NULL, NULL);
|
2007-06-14 19:05:07 +02:00
|
|
|
|
|
2004-02-19 17:26:32 +01:00
|
|
|
|
if (opt_prompt)
|
2009-04-01 12:51:53 +02:00
|
|
|
|
opt_prompt = percent_plus_unescape (opt_prompt, 0);
|
2004-02-19 17:26:32 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (cmd == oProtect)
|
2004-02-13 13:37:54 +01:00
|
|
|
|
read_and_protect (fname);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else if (cmd == oUnprotect)
|
2016-04-14 12:28:48 +02:00
|
|
|
|
read_and_unprotect (ctrl, fname);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else if (cmd == oShadow)
|
2004-02-13 13:37:54 +01:00
|
|
|
|
read_and_shadow (fname);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else if (cmd == oShowShadowInfo)
|
2004-02-13 13:37:54 +01:00
|
|
|
|
show_shadow_info (fname);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else if (cmd == oShowKeygrip)
|
2004-02-13 13:37:54 +01:00
|
|
|
|
show_keygrip (fname);
|
2009-12-14 21:12:56 +01:00
|
|
|
|
else if (cmd == oS2Kcalibration)
|
|
|
|
|
{
|
|
|
|
|
if (!opt.verbose)
|
|
|
|
|
opt.verbose++; /* We need to see something. */
|
|
|
|
|
get_standard_s2k_count ();
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else
|
2004-02-13 13:37:54 +01:00
|
|
|
|
show_file (fname);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2016-04-14 12:28:48 +02:00
|
|
|
|
xfree (ctrl);
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
agent_exit (0);
|
|
|
|
|
return 8; /*NOTREACHED*/
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
agent_exit (int rc)
|
|
|
|
|
{
|
|
|
|
|
rc = rc? rc : log_get_errorcount(0)? 2 : 0;
|
|
|
|
|
exit (rc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Return the passphrase string and ask the agent if it has not been
|
2004-02-19 17:26:32 +01:00
|
|
|
|
set from the command line PROMPTNO select the prompt to display:
|
|
|
|
|
0 = default
|
|
|
|
|
1 = taken from the option --prompt
|
2004-08-18 18:21:13 +02:00
|
|
|
|
2 = for unprotecting a pkcs#12 object
|
|
|
|
|
3 = for protecting a new pkcs#12 object
|
|
|
|
|
4 = for protecting an imported pkcs#12 in our system
|
2004-02-19 17:26:32 +01:00
|
|
|
|
*/
|
|
|
|
|
static char *
|
2009-04-01 12:51:53 +02:00
|
|
|
|
get_passphrase (int promptno)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
char *pw;
|
|
|
|
|
int err;
|
2004-02-19 17:26:32 +01:00
|
|
|
|
const char *desc;
|
2007-10-19 17:58:38 +02:00
|
|
|
|
char *orig_codeset;
|
2009-04-01 12:51:53 +02:00
|
|
|
|
int repeat = 0;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-02-19 17:26:32 +01:00
|
|
|
|
if (opt_passphrase)
|
|
|
|
|
return xstrdup (opt_passphrase);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2007-10-19 17:58:38 +02:00
|
|
|
|
orig_codeset = i18n_switchto_utf8 ();
|
2004-08-18 14:47:33 +02:00
|
|
|
|
|
2004-02-19 17:26:32 +01:00
|
|
|
|
if (promptno == 1 && opt_prompt)
|
2009-04-01 12:51:53 +02:00
|
|
|
|
{
|
|
|
|
|
desc = opt_prompt;
|
|
|
|
|
}
|
2004-08-18 18:21:13 +02:00
|
|
|
|
else if (promptno == 2)
|
2009-04-01 12:51:53 +02:00
|
|
|
|
{
|
|
|
|
|
desc = _("Please enter the passphrase to unprotect the "
|
|
|
|
|
"PKCS#12 object.");
|
|
|
|
|
}
|
2004-08-18 18:21:13 +02:00
|
|
|
|
else if (promptno == 3)
|
2009-04-01 12:51:53 +02:00
|
|
|
|
{
|
|
|
|
|
desc = _("Please enter the passphrase to protect the "
|
|
|
|
|
"new PKCS#12 object.");
|
|
|
|
|
repeat = 1;
|
|
|
|
|
}
|
2004-08-18 18:21:13 +02:00
|
|
|
|
else if (promptno == 4)
|
2009-04-01 12:51:53 +02:00
|
|
|
|
{
|
|
|
|
|
desc = _("Please enter the passphrase to protect the "
|
|
|
|
|
"imported object within the GnuPG system.");
|
|
|
|
|
repeat = 1;
|
|
|
|
|
}
|
2004-02-19 17:26:32 +01:00
|
|
|
|
else
|
|
|
|
|
desc = _("Please enter the passphrase or the PIN\n"
|
|
|
|
|
"needed to complete this operation.");
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2007-10-19 17:58:38 +02:00
|
|
|
|
i18n_switchback (orig_codeset);
|
2004-08-18 14:47:33 +02:00
|
|
|
|
|
2009-04-01 12:51:53 +02:00
|
|
|
|
err = gnupg_get_passphrase (NULL, NULL, _("Passphrase:"), desc,
|
|
|
|
|
repeat, repeat, 1, &pw);
|
|
|
|
|
if (err)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2010-10-13 17:57:08 +02:00
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_CANCELED
|
|
|
|
|
|| gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
|
2009-04-01 12:51:53 +02:00
|
|
|
|
log_info (_("cancelled\n"));
|
|
|
|
|
else
|
2004-12-15 15:15:54 +01:00
|
|
|
|
log_error (_("error while asking for the passphrase: %s\n"),
|
|
|
|
|
gpg_strerror (err));
|
2003-08-05 19:11:04 +02:00
|
|
|
|
agent_exit (0);
|
|
|
|
|
}
|
2009-04-01 12:51:53 +02:00
|
|
|
|
assert (pw);
|
2004-02-19 17:26:32 +01:00
|
|
|
|
|
|
|
|
|
return pw;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
2004-08-18 18:21:13 +02:00
|
|
|
|
|
2004-02-19 17:26:32 +01:00
|
|
|
|
static void
|
|
|
|
|
release_passphrase (char *pw)
|
|
|
|
|
{
|
|
|
|
|
if (pw)
|
|
|
|
|
{
|
|
|
|
|
wipememory (pw, strlen (pw));
|
|
|
|
|
xfree (pw);
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-05-22 10:50:12 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Stub function. */
|
2016-04-14 12:28:48 +02:00
|
|
|
|
int
|
|
|
|
|
agent_key_available (const unsigned char *grip)
|
|
|
|
|
{
|
|
|
|
|
(void)grip;
|
|
|
|
|
return -1; /* Not available. */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
agent_get_cache (const char *key, cache_mode_t cache_mode)
|
|
|
|
|
{
|
|
|
|
|
(void)key;
|
|
|
|
|
(void)cache_mode;
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-22 10:50:12 +02:00
|
|
|
|
gpg_error_t
|
2016-04-14 12:28:48 +02:00
|
|
|
|
agent_askpin (ctrl_t ctrl,
|
|
|
|
|
const char *desc_text, const char *prompt_text,
|
|
|
|
|
const char *initial_errtext,
|
|
|
|
|
struct pin_entry_info_s *pininfo,
|
|
|
|
|
const char *keyinfo, cache_mode_t cache_mode)
|
2013-05-22 10:50:12 +02:00
|
|
|
|
{
|
2016-04-14 12:28:48 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
unsigned char *passphrase;
|
|
|
|
|
size_t size;
|
|
|
|
|
|
|
|
|
|
(void)ctrl;
|
|
|
|
|
(void)desc_text;
|
|
|
|
|
(void)prompt_text;
|
|
|
|
|
(void)initial_errtext;
|
|
|
|
|
(void)keyinfo;
|
|
|
|
|
(void)cache_mode;
|
|
|
|
|
|
|
|
|
|
*pininfo->pin = 0; /* Reset the PIN. */
|
|
|
|
|
passphrase = get_passphrase (0);
|
|
|
|
|
size = strlen (passphrase);
|
|
|
|
|
if (size >= pininfo->max_length)
|
|
|
|
|
return gpg_error (GPG_ERR_TOO_LARGE);
|
|
|
|
|
|
|
|
|
|
memcpy (&pininfo->pin, passphrase, size);
|
|
|
|
|
xfree (passphrase);
|
|
|
|
|
pininfo->pin[size] = 0;
|
|
|
|
|
if (pininfo->check_cb)
|
|
|
|
|
{
|
|
|
|
|
/* More checks by utilizing the optional callback. */
|
|
|
|
|
pininfo->cb_errtext = NULL;
|
|
|
|
|
err = pininfo->check_cb (pininfo);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
err = 0;
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Replacement for the function in findkey.c. Here we write the key
|
|
|
|
|
* to stdout. */
|
|
|
|
|
int
|
|
|
|
|
agent_write_private_key (const unsigned char *grip,
|
|
|
|
|
const void *buffer, size_t length, int force)
|
|
|
|
|
{
|
|
|
|
|
char hexgrip[40+4+1];
|
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
|
|
(void)force;
|
|
|
|
|
|
|
|
|
|
bin2hex (grip, 20, hexgrip);
|
|
|
|
|
strcpy (hexgrip+40, ".key");
|
|
|
|
|
p = make_advanced (buffer, length);
|
|
|
|
|
if (p)
|
|
|
|
|
{
|
|
|
|
|
printf ("# Begin dump of %s\n%s%s# End dump of %s\n",
|
|
|
|
|
hexgrip, p, (*p && p[strlen(p)-1] == '\n')? "":"\n", hexgrip);
|
|
|
|
|
xfree (p);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
2013-05-22 10:50:12 +02:00
|
|
|
|
}
|