security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/. 

Prepare for more use cases of the cache nonce.
This commit is contained in:
Werner Koch 2010-09-01 11:07:16 +00:00
parent 9a9b3da58f
commit 31bc3c8edd
10 changed files with 55 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
agent/ChangeLog
View File

@ -2,14 +2,17 @@
* call-pinentry.c (start_pinentry): Disable pinentry logging.
* command.c (cmd_import_key, cmd_genkey): Add CACHE handling.
* command.c (cmd_import_key, cmd_genkey, cmd_pksign): Add CACHE
handling.
* cvt-openpgp.c (convert_openpgp): Add arg CACHE_NONCE and try the
cached nonce first.
* genkey.c (agent_genkey): Add arg CACHE_NONCE.
* cache.c (agent_get_cache): Require user and impgen cache modes
* cache.c (agent_get_cache): Require user and nonce cache modes
to match the requested mode.
(agent_put_cache): Ditto.
* agent.h (CACHE_MODE_IMPGEN): New.
* agent.h (CACHE_MODE_NONCE): New.
* pksign.c (agent_pksign_do, agent_pksign): Add arg CACHE_NONCE.
* findkey.c (agent_key_from_file): Ditto.
2010-08-31 Werner Koch <wk@g10code.com>

10
agent/agent.h
View File

@ -194,8 +194,7 @@ typedef enum
CACHE_MODE_NORMAL, /* Normal cache (gpg-agent). */
CACHE_MODE_USER, /* GET_PASSPHRASE related cache. */
CACHE_MODE_SSH, /* SSH related cache. */
CACHE_MODE_IMPGEN /* Used for import and genkey. This is a
non-predictable nonce. */
CACHE_MODE_NONCE /* This is a non-predictable nonce. */
}
cache_mode_t;
@ -228,6 +227,7 @@ void start_command_handler_ssh (ctrl_t, gnupg_fd_t);
int agent_write_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force);
gpg_error_t agent_key_from_file (ctrl_t ctrl,
const char *cache_nonce,
const char *desc_text,
const unsigned char *grip,
unsigned char **shadow_info,
@ -273,10 +273,12 @@ void agent_unlock_cache_entry (void **cache_id);
/*-- pksign.c --*/
int agent_pksign_do (ctrl_t ctrl, const char *desc_text,
int agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
const char *desc_text,
gcry_sexp_t *signature_sexp,
cache_mode_t cache_mode, lookup_ttl_t lookup_ttl);
int agent_pksign (ctrl_t ctrl, const char *desc_text,
int agent_pksign (ctrl_t ctrl, const char *cache_nonce,
const char *desc_text,
membuf_t *outbuf, cache_mode_t cache_mode);
/*-- pkdecrypt.c --*/

8
agent/cache.c
View File

@ -223,7 +223,7 @@ agent_put_cache (const char *key, cache_mode_t cache_mode,
{
if (!r->lockcount
&& ((cache_mode != CACHE_MODE_USER
&& cache_mode != CACHE_MODE_IMPGEN)
&& cache_mode != CACHE_MODE_NONCE)
|| r->cache_mode == cache_mode)
&& !strcmp (r->key, key))
break;
@ -274,7 +274,7 @@ agent_put_cache (const char *key, cache_mode_t cache_mode,
/* Try to find an item in the cache. Note that we currently don't
make use of CACHE_MODE except for CACHE_MODE_IMPGEN and
make use of CACHE_MODE except for CACHE_MODE_NONCE and
CACHE_MODE_USER. */
const char *
agent_get_cache (const char *key, cache_mode_t cache_mode, void **cache_id)
@ -295,7 +295,7 @@ agent_get_cache (const char *key, cache_mode_t cache_mode, void **cache_id)
{
if (!r->lockcount && r->pw
&& ((cache_mode != CACHE_MODE_USER
&& cache_mode != CACHE_MODE_IMPGEN)
&& cache_mode != CACHE_MODE_NONCE)
|| r->cache_mode == cache_mode)
&& !strcmp (r->key, key))
{
@ -314,7 +314,7 @@ agent_get_cache (const char *key, cache_mode_t cache_mode, void **cache_id)
{
if (r->pw
&& ((cache_mode != CACHE_MODE_USER
&& cache_mode != CACHE_MODE_IMPGEN)
&& cache_mode != CACHE_MODE_NONCE)
|| r->cache_mode == cache_mode)
&& !strcmp (r->key, key))
{

2
agent/command-ssh.c
View File

@ -2049,7 +2049,7 @@ data_sign (ctrl_t ctrl, ssh_signature_encoder_t sig_encoder,
*sig_n = 0;
ctrl->use_auth_call = 1;
err = agent_pksign_do (ctrl,
err = agent_pksign_do (ctrl, NULL,
_("Please enter the passphrase "
"for the ssh key%0A %c"), &signature_sexp,
CACHE_MODE_SSH, ttl_from_sshcontrol);

25
agent/command.c
View File

@ -695,7 +695,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
static const char hlp_pksign[] =
"PKSIGN [options]\n"
"PKSIGN [<options>] [<cache_nonce>]\n"
"\n"
"Perform the actual sign operation. Neither input nor output are\n"
"sensitive to eavesdropping.";
@ -706,9 +706,18 @@ cmd_pksign (assuan_context_t ctx, char *line)
cache_mode_t cache_mode = CACHE_MODE_NORMAL;
ctrl_t ctrl = assuan_get_pointer (ctx);
membuf_t outbuf;
char *cache_nonce = NULL;
char *p;
(void)line;
line = skip_options (line);
p = line;
for (p=line; *p && *p != ' ' && *p != '\t'; p++)
;
*p = '\0';
if (*line)
cache_nonce = xtrystrdup (line);
if (opt.ignore_cache_for_signing)
cache_mode = CACHE_MODE_IGNORE;
else if (!ctrl->server_local->use_cache_for_signing)
@ -716,12 +725,14 @@ cmd_pksign (assuan_context_t ctx, char *line)
init_membuf (&outbuf, 512);
rc = agent_pksign (ctrl, ctrl->server_local->keydesc,
rc = agent_pksign (ctrl, cache_nonce, ctrl->server_local->keydesc,
&outbuf, cache_mode);
if (rc)
clear_outbuf (&outbuf);
else
rc = write_and_clear_outbuf (ctx, &outbuf);
xfree (cache_nonce);
xfree (ctrl->server_local->keydesc);
ctrl->server_local->keydesc = NULL;
return leave_cmd (ctx, rc);
@ -729,7 +740,7 @@ cmd_pksign (assuan_context_t ctx, char *line)
static const char hlp_pkdecrypt[] =
"PKDECRYPT <options>\n"
"PKDECRYPT [<options>]\n"
"\n"
"Perform the actual decrypt operation. Input is not\n"
"sensitive to eavesdropping.";
@ -1305,7 +1316,7 @@ cmd_passwd (assuan_context_t ctx, char *line)
goto leave;
ctrl->in_passwd++;
rc = agent_key_from_file (ctrl, ctrl->server_local->keydesc,
rc = agent_key_from_file (ctrl, NULL, ctrl->server_local->keydesc,
grip, &shadow_info, CACHE_MODE_IGNORE, NULL,
&s_skey);
if (rc)
@ -1598,7 +1609,7 @@ cmd_import_key (assuan_context_t ctx, char *line)
cache_nonce = bin2hex (buf, 12, NULL);
}
if (cache_nonce
&& !agent_put_cache (cache_nonce, CACHE_MODE_IMPGEN,
&& !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
passphrase, 120 /*seconds*/))
assuan_write_status (ctx, "CACHE_NONCE", cache_nonce);
}
@ -1676,7 +1687,7 @@ cmd_export_key (assuan_context_t ctx, char *line)
goto leave;
}
err = agent_key_from_file (ctrl, ctrl->server_local->keydesc, grip,
err = agent_key_from_file (ctrl, NULL, ctrl->server_local->keydesc, grip,
NULL, CACHE_MODE_IGNORE, NULL, &s_skey);
if (err)
goto leave;

2
agent/cvt-openpgp.c
View File

@ -769,7 +769,7 @@ convert_openpgp (ctrl_t ctrl, gcry_sexp_t s_pgp,
void *cache_marker = NULL;
const char *cache_value;
cache_value = agent_get_cache (cache_nonce, CACHE_MODE_IMPGEN,
cache_value = agent_get_cache (cache_nonce, CACHE_MODE_NONCE,
&cache_marker);
if (cache_value)
{

10
agent/findkey.c
View File

@ -480,11 +480,13 @@ read_key_file (const unsigned char *grip, gcry_sexp_t *result)
CACHE_MODE defines now the cache shall be used. DESC_TEXT may be
set to present a custom description for the pinentry. LOOKUP_TTL
is an optional function to convey a TTL to the cache manager; we do
not simply pass the TTL value because the value is only needed if an
unprotect action was needed and looking up the TTL may have some
overhead (e.g. scanning the sshcontrol file). */
not simply pass the TTL value because the value is only needed if
an unprotect action was needed and looking up the TTL may have some
overhead (e.g. scanning the sshcontrol file). If a CACHE_NONCE is
given that cache item is first tried to get a passphrase. */
gpg_error_t
agent_key_from_file (ctrl_t ctrl, const char *desc_text,
agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
const char *desc_text,
const unsigned char *grip, unsigned char **shadow_info,
cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
gcry_sexp_t *result)

4
agent/genkey.c
View File

@ -377,7 +377,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce,
void *cache_marker = NULL;
const char *cache_value;
cache_value = agent_get_cache (cache_nonce, CACHE_MODE_IMPGEN,
cache_value = agent_get_cache (cache_nonce, CACHE_MODE_NONCE,
&cache_marker);
if (cache_value)
{
@ -439,7 +439,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce,
cache_nonce = bin2hex (tmpbuf, 12, NULL);
}
if (cache_nonce
&& !agent_put_cache (cache_nonce, CACHE_MODE_IMPGEN,
&& !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
passphrase, 900 /*seconds*/))
agent_write_status (ctrl, "CACHE_NONCE", cache_nonce, NULL);
}

2
agent/pkdecrypt.c
View File

@ -64,7 +64,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
log_printhex ("keygrip:", ctrl->keygrip, 20);
log_printhex ("cipher: ", ciphertext, ciphertextlen);
}
rc = agent_key_from_file (ctrl, desc_text,
rc = agent_key_from_file (ctrl, NULL, desc_text,
ctrl->keygrip, &shadow_info,
CACHE_MODE_NORMAL, NULL, &s_skey);
if (rc)

16
agent/pksign.c
View File

@ -237,9 +237,12 @@ do_encode_raw_pkcs1 (const byte *md, size_t mdlen, unsigned int nbits,
/* SIGN whatever information we have accumulated in CTRL and return
the signature S-expression. LOOKUP is an optional function to
provide a way for lower layers to ask for the caching TTL. */
provide a way for lower layers to ask for the caching TTL. If a
CACHE_NONCE is given that cache item is first tried to get a
passphrase. */
int
agent_pksign_do (ctrl_t ctrl, const char *desc_text,
agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
const char *desc_text,
gcry_sexp_t *signature_sexp,
cache_mode_t cache_mode, lookup_ttl_t lookup_ttl)
{
@ -250,7 +253,7 @@ agent_pksign_do (ctrl_t ctrl, const char *desc_text,
if (! ctrl->have_keygrip)
return gpg_error (GPG_ERR_NO_SECKEY);
rc = agent_key_from_file (ctrl, desc_text, ctrl->keygrip,
rc = agent_key_from_file (ctrl, cache_nonce, desc_text, ctrl->keygrip,
&shadow_info, cache_mode, lookup_ttl,
&s_skey);
if (rc)
@ -349,9 +352,10 @@ agent_pksign_do (ctrl_t ctrl, const char *desc_text,
}
/* SIGN whatever information we have accumulated in CTRL and write it
back to OUTFP. */
back to OUTFP. If a CACHE_NONCE is given that cache item is first
tried to get a passphrase. */
int
agent_pksign (ctrl_t ctrl, const char *desc_text,
agent_pksign (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
membuf_t *outbuf, cache_mode_t cache_mode)
{
gcry_sexp_t s_sig = NULL;
@ -359,7 +363,7 @@ agent_pksign (ctrl_t ctrl, const char *desc_text,
size_t len = 0;
int rc = 0;
rc = agent_pksign_do (ctrl, desc_text, &s_sig, cache_mode, NULL);
rc = agent_pksign_do (ctrl, cache_nonce, desc_text, &s_sig, cache_mode, NULL);
if (rc)
goto leave;