mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* cache.c: Add a few debug outputs.
* protect.c (agent_private_key_type): New. * agent.h: Add PRIVATE_KEY_ enums. * findkey.c (agent_key_from_file): Use it to decide whether we have to unprotect a key. (unprotect): Cache the passphrase. * findkey.c (agent_key_from_file,agent_key_available): The key files do now require a ".key" suffix to make a script's life easier. * genkey.c (store_key): Ditto.
This commit is contained in:
parent
400938f239
commit
30f1b027c0
@ -1,3 +1,18 @@
|
||||
2002-02-01 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* cache.c: Add a few debug outputs.
|
||||
|
||||
* protect.c (agent_private_key_type): New.
|
||||
* agent.h: Add PRIVATE_KEY_ enums.
|
||||
* findkey.c (agent_key_from_file): Use it to decide whether we
|
||||
have to unprotect a key.
|
||||
(unprotect): Cache the passphrase.
|
||||
|
||||
* findkey.c (agent_key_from_file,agent_key_available): The key
|
||||
files do now require a ".key" suffix to make a script's life
|
||||
easier.
|
||||
* genkey.c (store_key): Ditto.
|
||||
|
||||
2002-01-31 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* genkey.c (store_key): Protect the key.
|
||||
|
@ -83,6 +83,13 @@ struct pin_entry_info_s {
|
||||
};
|
||||
|
||||
|
||||
enum {
|
||||
PRIVATE_KEY_UNKNOWN = 0,
|
||||
PRIVATE_KEY_CLEAR = 1,
|
||||
PRIVATE_KEY_PROTECTED = 2,
|
||||
PRIVATE_KEY_SHADOWED = 3
|
||||
};
|
||||
|
||||
/*-- gpg-agent.c --*/
|
||||
void agent_exit (int rc); /* also implemented in other tools */
|
||||
|
||||
@ -125,6 +132,7 @@ int agent_protect (const unsigned char *plainkey, const char *passphrase,
|
||||
unsigned char **result, size_t *resultlen);
|
||||
int agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||
unsigned char **result, size_t *resultlen);
|
||||
int agent_private_key_type (const unsigned char *privatekey);
|
||||
|
||||
|
||||
/*-- trustlist.c --*/
|
||||
|
@ -89,6 +89,9 @@ housekeeping (void)
|
||||
{
|
||||
if (r->pw && r->accessed + r->ttl < current)
|
||||
{
|
||||
if (DBG_CACHE)
|
||||
log_debug (" expired `%s' (%ds after last access)\n",
|
||||
r->key, r->ttl);
|
||||
release_data (r->pw);
|
||||
r->pw = NULL;
|
||||
r->accessed = current;
|
||||
@ -101,6 +104,8 @@ housekeeping (void)
|
||||
{
|
||||
if (r->pw && r->created + 60*60 < current)
|
||||
{
|
||||
if (DBG_CACHE)
|
||||
log_debug (" expired `%s' (1h after creation)\n", r->key);
|
||||
release_data (r->pw);
|
||||
r->pw = NULL;
|
||||
r->accessed = current;
|
||||
@ -114,6 +119,8 @@ housekeeping (void)
|
||||
if (!r->pw && r->accessed + 60*30 < current)
|
||||
{
|
||||
ITEM r2 = r->next;
|
||||
if (DBG_CACHE)
|
||||
log_debug (" removed `%s' (slot not used for 30m)\n", r->key);
|
||||
xfree (r);
|
||||
if (!rprev)
|
||||
thecache = r2;
|
||||
@ -140,6 +147,8 @@ agent_put_cache (const char *key, const char *data, int ttl)
|
||||
{
|
||||
ITEM r;
|
||||
|
||||
if (DBG_CACHE)
|
||||
log_debug ("agent_put_cache `%s'\n", key);
|
||||
housekeeping ();
|
||||
|
||||
if (ttl < 1)
|
||||
@ -198,6 +207,8 @@ agent_get_cache (const char *key)
|
||||
ITEM r;
|
||||
int count = 0;
|
||||
|
||||
if (DBG_CACHE)
|
||||
log_debug ("agent_get_cache `%s'...\n", key);
|
||||
housekeeping ();
|
||||
|
||||
/* FIXME: Returning pointers is not thread safe - add a referencense
|
||||
@ -209,9 +220,13 @@ agent_get_cache (const char *key)
|
||||
/* put_cache does only put strings into the cache, so we
|
||||
don't need the lengths */
|
||||
r->accessed = time (NULL);
|
||||
if (DBG_CACHE)
|
||||
log_debug ("... hit\n");
|
||||
return r->pw->data;
|
||||
}
|
||||
}
|
||||
if (DBG_CACHE)
|
||||
log_debug ("... miss\n");
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
@ -31,16 +31,36 @@
|
||||
#include "agent.h"
|
||||
|
||||
static int
|
||||
unprotect (unsigned char **keybuf)
|
||||
unprotect (unsigned char **keybuf, const unsigned char *grip)
|
||||
{
|
||||
struct pin_entry_info_s *pi;
|
||||
int rc;
|
||||
int rc, i;
|
||||
unsigned char *result;
|
||||
size_t resultlen;
|
||||
int tries = 0;
|
||||
char hexgrip[40+1];
|
||||
|
||||
for (i=0; i < 20; i++)
|
||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||
hexgrip[40] = 0;
|
||||
|
||||
/* fixme: check whether the key needs unprotection */
|
||||
|
||||
/* first try to get it from the cache - if there is none or we can't
|
||||
unprotect it, we fall back to ask the user */
|
||||
{
|
||||
const char *pw = agent_get_cache (hexgrip);
|
||||
if (pw)
|
||||
{
|
||||
rc = agent_unprotect (*keybuf, pw, &result, &resultlen);
|
||||
if (!rc)
|
||||
{
|
||||
xfree (*keybuf);
|
||||
*keybuf = result;
|
||||
return 0;
|
||||
}
|
||||
rc = 0;
|
||||
}
|
||||
}
|
||||
|
||||
pi = gcry_calloc_secure (1, sizeof (*pi) + 100);
|
||||
pi->max_length = 100;
|
||||
pi->min_digits = 0; /* we want a real passphrase */
|
||||
@ -55,6 +75,7 @@ unprotect (unsigned char **keybuf)
|
||||
rc = agent_unprotect (*keybuf, pi->pin, &result, &resultlen);
|
||||
if (!rc)
|
||||
{
|
||||
agent_put_cache (hexgrip, pi->pin, 0);
|
||||
xfree (*keybuf);
|
||||
*keybuf = result;
|
||||
xfree (pi);
|
||||
@ -82,13 +103,13 @@ agent_key_from_file (const unsigned char *grip)
|
||||
unsigned char *buf;
|
||||
size_t len, buflen, erroff;
|
||||
GCRY_SEXP s_skey;
|
||||
char hexgrip[41];
|
||||
char hexgrip[40+4+1];
|
||||
|
||||
for (i=0; i < 20; i++)
|
||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||
hexgrip[40] = 0;
|
||||
strcpy (hexgrip+40, ".key");
|
||||
|
||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL );
|
||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
||||
fp = fopen (fname, "rb");
|
||||
if (!fp)
|
||||
{
|
||||
@ -138,16 +159,32 @@ agent_key_from_file (const unsigned char *grip)
|
||||
assert (len);
|
||||
gcry_sexp_release (s_skey);
|
||||
|
||||
rc = unprotect (&buf);
|
||||
switch (agent_private_key_type (buf))
|
||||
{
|
||||
case PRIVATE_KEY_CLEAR:
|
||||
break; /* no unprotection needed */
|
||||
case PRIVATE_KEY_PROTECTED:
|
||||
rc = unprotect (&buf, grip);
|
||||
if (rc)
|
||||
log_error ("failed to unprotect the secret key: %s\n",
|
||||
gnupg_strerror (rc));
|
||||
break;
|
||||
case PRIVATE_KEY_SHADOWED:
|
||||
log_error ("shadowed private keys are not yet supported\n");
|
||||
rc = GNUPG_Not_Implemented;
|
||||
break;
|
||||
default:
|
||||
log_error ("invalid private key format\n");
|
||||
rc = GNUPG_Bad_Secret_Key;
|
||||
break;
|
||||
}
|
||||
if (rc)
|
||||
{
|
||||
log_error ("failed to unprotect the secret key: %s\n",
|
||||
gcry_strerror (rc));
|
||||
xfree (buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* arggg FIXME: does scna support secure memory? */
|
||||
/* arggg FIXME: does scan support secure memory? */
|
||||
rc = gcry_sexp_sscan (&s_skey, &erroff,
|
||||
buf, gcry_sexp_canon_len (buf, 0, NULL, NULL));
|
||||
xfree (buf);
|
||||
@ -168,13 +205,13 @@ agent_key_available (const unsigned char *grip)
|
||||
{
|
||||
int i;
|
||||
char *fname;
|
||||
char hexgrip[41];
|
||||
char hexgrip[40+4+1];
|
||||
|
||||
for (i=0; i < 20; i++)
|
||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||
hexgrip[40] = 0;
|
||||
strcpy (hexgrip+40, ".key");
|
||||
|
||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL );
|
||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
||||
i = !access (fname, R_OK)? 0 : -1;
|
||||
xfree (fname);
|
||||
return i;
|
||||
|
@ -40,7 +40,7 @@ store_key (GCRY_SEXP private, const char *passphrase)
|
||||
char *buf;
|
||||
size_t len;
|
||||
unsigned char grip[20];
|
||||
char hexgrip[41];
|
||||
char hexgrip[40+4+1];
|
||||
|
||||
if ( !gcry_pk_get_keygrip (private, grip) )
|
||||
{
|
||||
@ -49,7 +49,7 @@ store_key (GCRY_SEXP private, const char *passphrase)
|
||||
}
|
||||
for (i=0; i < 20; i++)
|
||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||
hexgrip[40] = 0;
|
||||
strcpy (hexgrip+40, ".key");
|
||||
|
||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
||||
if (!access (fname, F_OK))
|
||||
|
@ -776,6 +776,33 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Check the type of the private key, this is one of the constants:
|
||||
PRIVATE_KEY_UNKNOWN if we can't figure out the type (this is the
|
||||
value 0), PRIVATE_KEY_CLEAR for an unprotected private key.
|
||||
PRIVATE_KEY_PROTECTED for an protected private key or
|
||||
PRIVATE_KEY_SHADOWED for a sub key where the secret parts are store
|
||||
elsewhere. */
|
||||
int
|
||||
agent_private_key_type (const unsigned char *privatekey)
|
||||
{
|
||||
const unsigned char *s;
|
||||
size_t n;
|
||||
|
||||
s = privatekey;
|
||||
if (*s != '(')
|
||||
return PRIVATE_KEY_UNKNOWN;
|
||||
s++;
|
||||
n = snext (&s);
|
||||
if (!n)
|
||||
return PRIVATE_KEY_UNKNOWN;
|
||||
if (smatch (&s, n, "protected-private-key"))
|
||||
return PRIVATE_KEY_PROTECTED;
|
||||
if (smatch (&s, n, "shadowed-private-key"))
|
||||
return PRIVATE_KEY_SHADOWED;
|
||||
if (smatch (&s, n, "private-key"))
|
||||
return PRIVATE_KEY_CLEAR;
|
||||
return PRIVATE_KEY_UNKNOWN;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user