mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* cache.c: Add a few debug outputs.
* protect.c (agent_private_key_type): New. * agent.h: Add PRIVATE_KEY_ enums. * findkey.c (agent_key_from_file): Use it to decide whether we have to unprotect a key. (unprotect): Cache the passphrase. * findkey.c (agent_key_from_file,agent_key_available): The key files do now require a ".key" suffix to make a script's life easier. * genkey.c (store_key): Ditto.
This commit is contained in:
parent
400938f239
commit
30f1b027c0
@ -1,3 +1,18 @@
|
|||||||
|
2002-02-01 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* cache.c: Add a few debug outputs.
|
||||||
|
|
||||||
|
* protect.c (agent_private_key_type): New.
|
||||||
|
* agent.h: Add PRIVATE_KEY_ enums.
|
||||||
|
* findkey.c (agent_key_from_file): Use it to decide whether we
|
||||||
|
have to unprotect a key.
|
||||||
|
(unprotect): Cache the passphrase.
|
||||||
|
|
||||||
|
* findkey.c (agent_key_from_file,agent_key_available): The key
|
||||||
|
files do now require a ".key" suffix to make a script's life
|
||||||
|
easier.
|
||||||
|
* genkey.c (store_key): Ditto.
|
||||||
|
|
||||||
2002-01-31 Werner Koch <wk@gnupg.org>
|
2002-01-31 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* genkey.c (store_key): Protect the key.
|
* genkey.c (store_key): Protect the key.
|
||||||
|
@ -83,6 +83,13 @@ struct pin_entry_info_s {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
enum {
|
||||||
|
PRIVATE_KEY_UNKNOWN = 0,
|
||||||
|
PRIVATE_KEY_CLEAR = 1,
|
||||||
|
PRIVATE_KEY_PROTECTED = 2,
|
||||||
|
PRIVATE_KEY_SHADOWED = 3
|
||||||
|
};
|
||||||
|
|
||||||
/*-- gpg-agent.c --*/
|
/*-- gpg-agent.c --*/
|
||||||
void agent_exit (int rc); /* also implemented in other tools */
|
void agent_exit (int rc); /* also implemented in other tools */
|
||||||
|
|
||||||
@ -125,6 +132,7 @@ int agent_protect (const unsigned char *plainkey, const char *passphrase,
|
|||||||
unsigned char **result, size_t *resultlen);
|
unsigned char **result, size_t *resultlen);
|
||||||
int agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
int agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
||||||
unsigned char **result, size_t *resultlen);
|
unsigned char **result, size_t *resultlen);
|
||||||
|
int agent_private_key_type (const unsigned char *privatekey);
|
||||||
|
|
||||||
|
|
||||||
/*-- trustlist.c --*/
|
/*-- trustlist.c --*/
|
||||||
|
@ -89,6 +89,9 @@ housekeeping (void)
|
|||||||
{
|
{
|
||||||
if (r->pw && r->accessed + r->ttl < current)
|
if (r->pw && r->accessed + r->ttl < current)
|
||||||
{
|
{
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug (" expired `%s' (%ds after last access)\n",
|
||||||
|
r->key, r->ttl);
|
||||||
release_data (r->pw);
|
release_data (r->pw);
|
||||||
r->pw = NULL;
|
r->pw = NULL;
|
||||||
r->accessed = current;
|
r->accessed = current;
|
||||||
@ -101,6 +104,8 @@ housekeeping (void)
|
|||||||
{
|
{
|
||||||
if (r->pw && r->created + 60*60 < current)
|
if (r->pw && r->created + 60*60 < current)
|
||||||
{
|
{
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug (" expired `%s' (1h after creation)\n", r->key);
|
||||||
release_data (r->pw);
|
release_data (r->pw);
|
||||||
r->pw = NULL;
|
r->pw = NULL;
|
||||||
r->accessed = current;
|
r->accessed = current;
|
||||||
@ -114,6 +119,8 @@ housekeeping (void)
|
|||||||
if (!r->pw && r->accessed + 60*30 < current)
|
if (!r->pw && r->accessed + 60*30 < current)
|
||||||
{
|
{
|
||||||
ITEM r2 = r->next;
|
ITEM r2 = r->next;
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug (" removed `%s' (slot not used for 30m)\n", r->key);
|
||||||
xfree (r);
|
xfree (r);
|
||||||
if (!rprev)
|
if (!rprev)
|
||||||
thecache = r2;
|
thecache = r2;
|
||||||
@ -140,6 +147,8 @@ agent_put_cache (const char *key, const char *data, int ttl)
|
|||||||
{
|
{
|
||||||
ITEM r;
|
ITEM r;
|
||||||
|
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug ("agent_put_cache `%s'\n", key);
|
||||||
housekeeping ();
|
housekeeping ();
|
||||||
|
|
||||||
if (ttl < 1)
|
if (ttl < 1)
|
||||||
@ -198,6 +207,8 @@ agent_get_cache (const char *key)
|
|||||||
ITEM r;
|
ITEM r;
|
||||||
int count = 0;
|
int count = 0;
|
||||||
|
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug ("agent_get_cache `%s'...\n", key);
|
||||||
housekeeping ();
|
housekeeping ();
|
||||||
|
|
||||||
/* FIXME: Returning pointers is not thread safe - add a referencense
|
/* FIXME: Returning pointers is not thread safe - add a referencense
|
||||||
@ -209,9 +220,13 @@ agent_get_cache (const char *key)
|
|||||||
/* put_cache does only put strings into the cache, so we
|
/* put_cache does only put strings into the cache, so we
|
||||||
don't need the lengths */
|
don't need the lengths */
|
||||||
r->accessed = time (NULL);
|
r->accessed = time (NULL);
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug ("... hit\n");
|
||||||
return r->pw->data;
|
return r->pw->data;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (DBG_CACHE)
|
||||||
|
log_debug ("... miss\n");
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -31,15 +31,35 @@
|
|||||||
#include "agent.h"
|
#include "agent.h"
|
||||||
|
|
||||||
static int
|
static int
|
||||||
unprotect (unsigned char **keybuf)
|
unprotect (unsigned char **keybuf, const unsigned char *grip)
|
||||||
{
|
{
|
||||||
struct pin_entry_info_s *pi;
|
struct pin_entry_info_s *pi;
|
||||||
int rc;
|
int rc, i;
|
||||||
unsigned char *result;
|
unsigned char *result;
|
||||||
size_t resultlen;
|
size_t resultlen;
|
||||||
int tries = 0;
|
int tries = 0;
|
||||||
|
char hexgrip[40+1];
|
||||||
|
|
||||||
/* fixme: check whether the key needs unprotection */
|
for (i=0; i < 20; i++)
|
||||||
|
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||||
|
hexgrip[40] = 0;
|
||||||
|
|
||||||
|
/* first try to get it from the cache - if there is none or we can't
|
||||||
|
unprotect it, we fall back to ask the user */
|
||||||
|
{
|
||||||
|
const char *pw = agent_get_cache (hexgrip);
|
||||||
|
if (pw)
|
||||||
|
{
|
||||||
|
rc = agent_unprotect (*keybuf, pw, &result, &resultlen);
|
||||||
|
if (!rc)
|
||||||
|
{
|
||||||
|
xfree (*keybuf);
|
||||||
|
*keybuf = result;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
rc = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pi = gcry_calloc_secure (1, sizeof (*pi) + 100);
|
pi = gcry_calloc_secure (1, sizeof (*pi) + 100);
|
||||||
pi->max_length = 100;
|
pi->max_length = 100;
|
||||||
@ -55,6 +75,7 @@ unprotect (unsigned char **keybuf)
|
|||||||
rc = agent_unprotect (*keybuf, pi->pin, &result, &resultlen);
|
rc = agent_unprotect (*keybuf, pi->pin, &result, &resultlen);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
{
|
{
|
||||||
|
agent_put_cache (hexgrip, pi->pin, 0);
|
||||||
xfree (*keybuf);
|
xfree (*keybuf);
|
||||||
*keybuf = result;
|
*keybuf = result;
|
||||||
xfree (pi);
|
xfree (pi);
|
||||||
@ -82,13 +103,13 @@ agent_key_from_file (const unsigned char *grip)
|
|||||||
unsigned char *buf;
|
unsigned char *buf;
|
||||||
size_t len, buflen, erroff;
|
size_t len, buflen, erroff;
|
||||||
GCRY_SEXP s_skey;
|
GCRY_SEXP s_skey;
|
||||||
char hexgrip[41];
|
char hexgrip[40+4+1];
|
||||||
|
|
||||||
for (i=0; i < 20; i++)
|
for (i=0; i < 20; i++)
|
||||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||||
hexgrip[40] = 0;
|
strcpy (hexgrip+40, ".key");
|
||||||
|
|
||||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL );
|
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
||||||
fp = fopen (fname, "rb");
|
fp = fopen (fname, "rb");
|
||||||
if (!fp)
|
if (!fp)
|
||||||
{
|
{
|
||||||
@ -138,16 +159,32 @@ agent_key_from_file (const unsigned char *grip)
|
|||||||
assert (len);
|
assert (len);
|
||||||
gcry_sexp_release (s_skey);
|
gcry_sexp_release (s_skey);
|
||||||
|
|
||||||
rc = unprotect (&buf);
|
switch (agent_private_key_type (buf))
|
||||||
|
{
|
||||||
|
case PRIVATE_KEY_CLEAR:
|
||||||
|
break; /* no unprotection needed */
|
||||||
|
case PRIVATE_KEY_PROTECTED:
|
||||||
|
rc = unprotect (&buf, grip);
|
||||||
|
if (rc)
|
||||||
|
log_error ("failed to unprotect the secret key: %s\n",
|
||||||
|
gnupg_strerror (rc));
|
||||||
|
break;
|
||||||
|
case PRIVATE_KEY_SHADOWED:
|
||||||
|
log_error ("shadowed private keys are not yet supported\n");
|
||||||
|
rc = GNUPG_Not_Implemented;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
log_error ("invalid private key format\n");
|
||||||
|
rc = GNUPG_Bad_Secret_Key;
|
||||||
|
break;
|
||||||
|
}
|
||||||
if (rc)
|
if (rc)
|
||||||
{
|
{
|
||||||
log_error ("failed to unprotect the secret key: %s\n",
|
|
||||||
gcry_strerror (rc));
|
|
||||||
xfree (buf);
|
xfree (buf);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* arggg FIXME: does scna support secure memory? */
|
/* arggg FIXME: does scan support secure memory? */
|
||||||
rc = gcry_sexp_sscan (&s_skey, &erroff,
|
rc = gcry_sexp_sscan (&s_skey, &erroff,
|
||||||
buf, gcry_sexp_canon_len (buf, 0, NULL, NULL));
|
buf, gcry_sexp_canon_len (buf, 0, NULL, NULL));
|
||||||
xfree (buf);
|
xfree (buf);
|
||||||
@ -168,13 +205,13 @@ agent_key_available (const unsigned char *grip)
|
|||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
char *fname;
|
char *fname;
|
||||||
char hexgrip[41];
|
char hexgrip[40+4+1];
|
||||||
|
|
||||||
for (i=0; i < 20; i++)
|
for (i=0; i < 20; i++)
|
||||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||||
hexgrip[40] = 0;
|
strcpy (hexgrip+40, ".key");
|
||||||
|
|
||||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL );
|
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
||||||
i = !access (fname, R_OK)? 0 : -1;
|
i = !access (fname, R_OK)? 0 : -1;
|
||||||
xfree (fname);
|
xfree (fname);
|
||||||
return i;
|
return i;
|
||||||
|
@ -40,7 +40,7 @@ store_key (GCRY_SEXP private, const char *passphrase)
|
|||||||
char *buf;
|
char *buf;
|
||||||
size_t len;
|
size_t len;
|
||||||
unsigned char grip[20];
|
unsigned char grip[20];
|
||||||
char hexgrip[41];
|
char hexgrip[40+4+1];
|
||||||
|
|
||||||
if ( !gcry_pk_get_keygrip (private, grip) )
|
if ( !gcry_pk_get_keygrip (private, grip) )
|
||||||
{
|
{
|
||||||
@ -49,7 +49,7 @@ store_key (GCRY_SEXP private, const char *passphrase)
|
|||||||
}
|
}
|
||||||
for (i=0; i < 20; i++)
|
for (i=0; i < 20; i++)
|
||||||
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
sprintf (hexgrip+2*i, "%02X", grip[i]);
|
||||||
hexgrip[40] = 0;
|
strcpy (hexgrip+40, ".key");
|
||||||
|
|
||||||
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
fname = make_filename (opt.homedir, "private-keys-v1.d", hexgrip, NULL);
|
||||||
if (!access (fname, F_OK))
|
if (!access (fname, F_OK))
|
||||||
|
@ -776,6 +776,33 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Check the type of the private key, this is one of the constants:
|
||||||
|
PRIVATE_KEY_UNKNOWN if we can't figure out the type (this is the
|
||||||
|
value 0), PRIVATE_KEY_CLEAR for an unprotected private key.
|
||||||
|
PRIVATE_KEY_PROTECTED for an protected private key or
|
||||||
|
PRIVATE_KEY_SHADOWED for a sub key where the secret parts are store
|
||||||
|
elsewhere. */
|
||||||
|
int
|
||||||
|
agent_private_key_type (const unsigned char *privatekey)
|
||||||
|
{
|
||||||
|
const unsigned char *s;
|
||||||
|
size_t n;
|
||||||
|
|
||||||
|
s = privatekey;
|
||||||
|
if (*s != '(')
|
||||||
|
return PRIVATE_KEY_UNKNOWN;
|
||||||
|
s++;
|
||||||
|
n = snext (&s);
|
||||||
|
if (!n)
|
||||||
|
return PRIVATE_KEY_UNKNOWN;
|
||||||
|
if (smatch (&s, n, "protected-private-key"))
|
||||||
|
return PRIVATE_KEY_PROTECTED;
|
||||||
|
if (smatch (&s, n, "shadowed-private-key"))
|
||||||
|
return PRIVATE_KEY_SHADOWED;
|
||||||
|
if (smatch (&s, n, "private-key"))
|
||||||
|
return PRIVATE_KEY_CLEAR;
|
||||||
|
return PRIVATE_KEY_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user