security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-02 12:01:32 +01:00
Code Activity

* minip12.c (parse_bag_encrypted_data): Print error if a bad

Browse Source 
passphrase has been given.

* gpg-agent.texi (Invoking GPG-AGENT): Add a few words about the
expected pinentry filename.

* import.c (parse_p12): Write an error status line for bad
passphrases. Add new arg CTRL and changed caller.
* export.c (export_p12): Likewise.
This commit is contained in:
Werner Koch 2004-09-29 13:50:31 +00:00
parent 4604ae8e99
commit 530a0a91c4
9 changed files with 102 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
TODO
View File

@ -86,7 +86,8 @@ might want to have an agent context for each service request
* doc/ * doc/
** Explain how to setup a root CA key as trusted ** Explain how to setup a root CA key as trusted
** Explain how trustlist.txt might be managed. ** Explain how trustlist.txt might be managed.
** Document watchgnupg
** Write a script to generate man pages from texi.
* Requirements by the BSI * Requirements by the BSI
** Support authorityKeyIdentifier.keyIdentifier ** Support authorityKeyIdentifier.keyIdentifier

5
agent/ChangeLog
View File

@ -1,3 +1,8 @@
2004-09-29 Werner Koch <wk@g10code.com>
* minip12.c (parse_bag_encrypted_data): Print error if a bad
passphrase has been given.
2004-09-28 Werner Koch <wk@g10code.com> 2004-09-28 Werner Koch <wk@g10code.com>
* protect.c (agent_unprotect): Fixed wiping of CLEARTEXT. Thanks * protect.c (agent_unprotect): Fixed wiping of CLEARTEXT. Thanks

27
agent/minip12.c
View File

@ -379,7 +379,6 @@ crypt_block (unsigned char *buffer, size_t length, char *salt, int iter,
static int static int
parse_bag_encrypted_data (const unsigned char *buffer, size_t length, parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
int startoffset, const char *pw, int startoffset, const char *pw,
@ -393,8 +392,8 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
char salt[8]; char salt[8];
unsigned int iter; unsigned int iter;
unsigned char *plain = NULL; unsigned char *plain = NULL;
int bad_pass = 0;
where = "start"; where = "start";
if (parse_tag (&p, &n, &ti)) if (parse_tag (&p, &n, &ti))
goto bailout; goto bailout;
@ -495,12 +494,21 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
where = "outer.outer.seq"; where = "outer.outer.seq";
if (parse_tag (&p, &n, &ti)) if (parse_tag (&p, &n, &ti))
goto bailout; {
bad_pass = 1;
goto bailout;
}
if (ti.class || ti.tag != TAG_SEQUENCE) if (ti.class || ti.tag != TAG_SEQUENCE)
goto bailout; {
bad_pass = 1;
goto bailout;
}
if (parse_tag (&p, &n, &ti)) if (parse_tag (&p, &n, &ti))
goto bailout; {
bad_pass = 1;
goto bailout;
}
/* Loop over all certificates inside the bab. */ /* Loop over all certificates inside the bab. */
while (n) while (n)
@ -611,6 +619,13 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
gcry_free (plain); gcry_free (plain);
log_error ("encryptedData error at \"%s\", offset %u\n", log_error ("encryptedData error at \"%s\", offset %u\n",
where, (p - buffer)+startoffset); where, (p - buffer)+startoffset);
if (bad_pass)
{
/* Note, that the following string might be used by other programs
to check for a bad passphrase; it should therefore not be
translated or changed. */
log_error ("possibly bad passphrase given\n");
}
return -1; return -1;
} }

2
agent/protect-tool.c
View File

@ -882,6 +882,8 @@ export_p12_file (const char *fname)
release_passphrase (pw); release_passphrase (pw);
if (rc) if (rc)
{ {
if (opt_status_msg && gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE )
log_info ("[PROTECT-TOOL:] bad-passphrase\n");
log_error ("unprotecting key `%s' failed: %s\n", log_error ("unprotecting key `%s' failed: %s\n",
fname, gpg_strerror (rc)); fname, gpg_strerror (rc));
xfree (key); xfree (key);

3
doc/ChangeLog
View File

@ -1,5 +1,8 @@
2004-09-29 Werner Koch <wk@g10code.com> 2004-09-29 Werner Koch <wk@g10code.com>
* gpg-agent.texi (Invoking GPG-AGENT): Add a few words about the
expected pinentry filename.
Changed license of the manual stuff to GPL. Changed license of the manual stuff to GPL.
* gnupg.texi (Top): New menu item Helper Tools. * gnupg.texi (Top): New menu item Helper Tools.

8
doc/gpg-agent.texi
View File

@ -52,9 +52,17 @@ GPG_TTY=`tty`
export GPG_TTY export GPG_TTY
@end smallexample @end smallexample
@noindent
It is important that this environment variable always reflects the It is important that this environment variable always reflects the
output of the @code{tty} command. output of the @code{tty} command.
Please make sure that a proper pinentry program has been installed
under the default filename (which is system dependant) or use the
option @code{pinentry-pgm} to specify the full name of that program.
It is often useful to install a symbolic link from the actual used
pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the expected
one (e.g. @file{/usr/bin/pinentry}).
@c man end @c man end
@noindent @noindent

6
sm/ChangeLog
View File

@ -1,3 +1,9 @@
2004-09-29 Werner Koch <wk@g10code.com>
* import.c (parse_p12): Write an error status line for bad
passphrases. Add new arg CTRL and changed caller.
* export.c (export_p12): Likewise.
2004-09-14 Werner Koch <wk@g10code.com> 2004-09-14 Werner Koch <wk@g10code.com>
* certchain.c (gpgsm_validate_chain): Give expired certificates a * certchain.c (gpgsm_validate_chain): Give expired certificates a

33
sm/export.c
View File

@ -65,7 +65,8 @@ typedef struct duptable_s *duptable_t;
static void print_short_info (ksba_cert_t cert, FILE *fp); static void print_short_info (ksba_cert_t cert, FILE *fp);
static gpg_error_t export_p12 (const unsigned char *certimg, size_t certimglen, static gpg_error_t export_p12 (ctrl_t ctrl,
const unsigned char *certimg, size_t certimglen,
const char *prompt, const char *keygrip, const char *prompt, const char *keygrip,
FILE **retfp); FILE **retfp);
@ -423,7 +424,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp)
prompt = gpgsm_format_keydesc (cert); prompt = gpgsm_format_keydesc (cert);
rc = export_p12 (image, imagelen, prompt, keygrip, &datafp); rc = export_p12 (ctrl, image, imagelen, prompt, keygrip, &datafp);
xfree (prompt); xfree (prompt);
if (rc) if (rc)
goto leave; goto leave;
@ -587,6 +588,7 @@ popen_protect_tool (const char *pgmname,
"--homedir", opt.homedir, "--homedir", opt.homedir,
"--p12-export", "--p12-export",
"--prompt", prompt?prompt:"", "--prompt", prompt?prompt:"",
"--enable-status-msg",
"--", "--",
keygrip, keygrip,
NULL); NULL);
@ -610,7 +612,7 @@ popen_protect_tool (const char *pgmname,
static gpg_error_t static gpg_error_t
export_p12 (const unsigned char *certimg, size_t certimglen, export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
const char *prompt, const char *keygrip, const char *prompt, const char *keygrip,
FILE **retfp) FILE **retfp)
{ {
@ -621,6 +623,7 @@ export_p12 (const unsigned char *certimg, size_t certimglen,
FILE *infp = NULL, *outfp = NULL, *fp = NULL; FILE *infp = NULL, *outfp = NULL, *fp = NULL;
char buffer[1024]; char buffer[1024];
pid_t pid = -1; pid_t pid = -1;
int bad_pass = 0;
if (!opt.protect_tool_program || !*opt.protect_tool_program) if (!opt.protect_tool_program || !*opt.protect_tool_program)
pgmname = GNUPG_DEFAULT_PROTECT_TOOL; pgmname = GNUPG_DEFAULT_PROTECT_TOOL;
@ -675,7 +678,21 @@ export_p12 (const unsigned char *certimg, size_t certimglen,
if (cont_line) if (cont_line)
log_printf ("%s", buffer); log_printf ("%s", buffer);
else else
log_info ("%s", buffer); {
if (!strncmp (buffer, "gpg-protect-tool: [PROTECT-TOOL:] ",34))
{
char *p, *pend;
p = buffer + 34;
pend = strchr (p, ' ');
if (pend)
*pend = 0;
if ( !strcmp (p, "bad-passphrase"))
bad_pass++;
}
else
log_info ("%s", buffer);
}
pos = 0; pos = 0;
cont_line = (c != '\n'); cont_line = (c != '\n');
} }
@ -731,6 +748,14 @@ export_p12 (const unsigned char *certimg, size_t certimglen,
} }
else else
*retfp = outfp; *retfp = outfp;
if (bad_pass)
{
/* During export this is the passphrase used to unprotect the
key and not the pkcs#12 thing as in export. Therefore we can
issue the regular passphrase status. FIXME: replace the all
zero keyid by a regular one. */
gpgsm_status (ctrl, STATUS_BAD_PASSPHRASE, "0000000000000000");
}
return err; return err;
} }

32
sm/import.c
View File

@ -55,7 +55,7 @@ struct stats_s {
}; };
static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp, static gpg_error_t parse_p12 (ctrl_t ctrl, ksba_reader_t reader, FILE **retfp,
struct stats_s *stats); struct stats_s *stats);
@ -341,7 +341,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
Base64Context b64p12rdr; Base64Context b64p12rdr;
ksba_reader_t p12rdr; ksba_reader_t p12rdr;
rc = parse_p12 (reader, &certfp, stats); rc = parse_p12 (ctrl, reader, &certfp, stats);
if (!rc) if (!rc)
{ {
any = 1; any = 1;
@ -572,13 +572,14 @@ popen_protect_tool (const char *pgmname,
/* Assume that the reader is at a pkcs#12 message and try to import /* Assume that the reader is at a pkcs#12 message and try to import
certificates from that stupid format. We will alos store secret certificates from that stupid format. We will also store secret
keys. All of the pkcs#12 parsing and key storing is handled by the keys. All of the pkcs#12 parsing and key storing is handled by the
gpg-protect-tool, we merely have to take care of receiving the gpg-protect-tool, we merely have to take care of receiving the
certificates. On success RETFP returns a temporary file with certificates. On success RETFP returns a temporary file with
certificates. */ certificates. */
static gpg_error_t static gpg_error_t
parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats) parse_p12 (ctrl_t ctrl, ksba_reader_t reader,
FILE **retfp, struct stats_s *stats)
{ {
const char *pgmname; const char *pgmname;
gpg_error_t err = 0, child_err = 0; gpg_error_t err = 0, child_err = 0;
@ -588,6 +589,7 @@ parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats)
char buffer[1024]; char buffer[1024];
size_t nread; size_t nread;
pid_t pid = -1; pid_t pid = -1;
int bad_pass = 0;
if (!opt.protect_tool_program || !*opt.protect_tool_program) if (!opt.protect_tool_program || !*opt.protect_tool_program)
pgmname = GNUPG_DEFAULT_PROTECT_TOOL; pgmname = GNUPG_DEFAULT_PROTECT_TOOL;
@ -681,8 +683,13 @@ parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats)
else if ( !strcmp (p, "bad-passphrase")) else if ( !strcmp (p, "bad-passphrase"))
; ;
} }
else else
log_info ("%s", buffer); {
log_info ("%s", buffer);
if (!strncmp (buffer, "gpg-protect-tool: "
"possibly bad passphrase given",46))
bad_pass++;
}
} }
pos = 0; pos = 0;
cont_line = (c != '\n'); cont_line = (c != '\n');
@ -698,6 +705,7 @@ parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats)
log_info ("%s\n", buffer); log_info ("%s\n", buffer);
} }
/* If we found no error in the output of the cild, setup a suitable /* If we found no error in the output of the cild, setup a suitable
error code, which will later be reset if the exit status of the error code, which will later be reset if the exit status of the
child is 0. */ child is 0. */
@ -738,5 +746,17 @@ parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats)
} }
else else
*retfp = certfp; *retfp = certfp;
if (bad_pass)
{
/* We only write a plain error code and not direct
BAD_PASSPHRASE because the pkcs12 parser might issue this
message multiple times, BAd_PASSPHRASE in general requires a
keyID and parts of the import might actually succeed so that
IMPORT_PROBLEM is also not appropriate. */
gpgsm_status_with_err_code (ctrl, STATUS_ERROR,
"import.parsep12", GPG_ERR_BAD_PASSPHRASE);
}
return err; return err;
} }