security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-11 22:01:08 +02:00
Code Activity

(get_passphrase): Make sure that the default

Browse Source 
prompts passed to gpg-agent are utf-8 encoded. Add new prompt values.
(import_p12_file, import_p12_file, export_p12_file): Changed calls
to get_passphrase so that better prompts are displayed.
(get_new_passphrase): New.
This commit is contained in:
Werner Koch 2004-08-18 16:21:13 +00:00
parent fc07b029ea
commit 6c3677c296
2 changed files with 71 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
agent/ChangeLog
View File

@ -1,7 +1,10 @@
2004-08-18 Werner Koch <wk@g10code.de> 2004-08-18 Werner Koch <wk@g10code.de>
* protect-tool.c (get_passphrase): Make sure that the default * protect-tool.c (get_passphrase): Make sure that the default
prompts passed to gpg-agent are utf-8 encoded. prompts passed to gpg-agent are utf-8 encoded. Add new prompt values.
(import_p12_file, import_p12_file, export_p12_file): Changed calls
to get_passphrase so that better prompts are displayed.
(get_new_passphrase): New.
2004-07-22 Werner Koch <wk@g10code.de> 2004-07-22 Werner Koch <wk@g10code.de>

71
agent/protect-tool.c
View File

@ -90,6 +90,7 @@ static char *opt_prompt;
static int opt_status_msg; static int opt_status_msg;
static char *get_passphrase (int promptno); static char *get_passphrase (int promptno);
static char *get_new_passphrase (int promptno);
static void release_passphrase (char *pw); static void release_passphrase (char *pw);
static int store_private_key (const unsigned char *grip, static int store_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force); const void *buffer, size_t length, int force);
@ -663,7 +664,7 @@ import_p12_file (const char *fname)
if (!buf) if (!buf)
return; return;
kparms = p12_parse (buf, buflen, (pw=get_passphrase (0)), kparms = p12_parse (buf, buflen, (pw=get_passphrase (2)),
import_p12_cert_cb, NULL); import_p12_cert_cb, NULL);
release_passphrase (pw); release_passphrase (pw);
xfree (buf); xfree (buf);
@ -739,7 +740,7 @@ import_p12_file (const char *fname)
gcry_sexp_release (s_key); gcry_sexp_release (s_key);
rc = agent_protect (key, (pw=get_passphrase (0)), &result, &resultlen); rc = agent_protect (key, (pw=get_new_passphrase (4)), &result, &resultlen);
release_passphrase (pw); release_passphrase (pw);
xfree (key); xfree (key);
if (rc) if (rc)
@ -963,7 +964,8 @@ export_p12_file (const char *fname)
kparms[7] = sk.u; kparms[7] = sk.u;
kparms[8] = NULL; kparms[8] = NULL;
key = p12_build (kparms, cert, certlen, (pw=get_passphrase (0)), &keylen); key = p12_build (kparms, cert, certlen,
(pw=get_new_passphrase (3)), &keylen);
release_passphrase (pw); release_passphrase (pw);
xfree (cert); xfree (cert);
for (i=0; i < 8; i++) for (i=0; i < 8; i++)
@ -1137,6 +1139,11 @@ agent_exit (int rc)
set from the command line PROMPTNO select the prompt to display: set from the command line PROMPTNO select the prompt to display:
0 = default 0 = default
1 = taken from the option --prompt 1 = taken from the option --prompt
2 = for unprotecting a pkcs#12 object
3 = for protecting a new pkcs#12 object
4 = for protecting an imported pkcs#12 in our system
5 = reenter the passphrase
When adding 100 to the values, a "does not match - try again" errro message is shown.
*/ */
static char * static char *
get_passphrase (int promptno) get_passphrase (int promptno)
@ -1145,10 +1152,15 @@ get_passphrase (int promptno)
int err; int err;
const char *desc; const char *desc;
char *orig_codeset = NULL; char *orig_codeset = NULL;
int error_msgno;
if (opt_passphrase) if (opt_passphrase)
return xstrdup (opt_passphrase); return xstrdup (opt_passphrase);
error_msgno = promptno / 100;
promptno %= 100;
#ifdef ENABLE_NLS #ifdef ENABLE_NLS
/* The Assuan agent protocol requires us to transmit utf-8 strings */ /* The Assuan agent protocol requires us to transmit utf-8 strings */
orig_codeset = bind_textdomain_codeset (PACKAGE_GT, NULL); orig_codeset = bind_textdomain_codeset (PACKAGE_GT, NULL);
@ -1169,11 +1181,24 @@ get_passphrase (int promptno)
if (promptno == 1 && opt_prompt) if (promptno == 1 && opt_prompt)
desc = opt_prompt; desc = opt_prompt;
else if (promptno == 2)
desc = _("Please enter the passphrase to unprotect the "
"PKCS#12 object.");
else if (promptno == 3)
desc = _("Please enter the passphrase to protect the "
"new PKCS#12 object.");
else if (promptno == 4)
desc = _("Please enter the passphrase to protect the "
"imported object within the GnuPG system.");
else if (promptno == 5)
desc = _("Please re-enter this passphrase");
else else
desc = _("Please enter the passphrase or the PIN\n" desc = _("Please enter the passphrase or the PIN\n"
"needed to complete this operation."); "needed to complete this operation.");
pw = simple_pwquery (NULL,NULL, _("Passphrase:"), desc, &err); pw = simple_pwquery (NULL,
error_msgno == 1? _("does not match - try again"):NULL,
_("Passphrase:"), desc, &err);
#ifdef ENABLE_NLS #ifdef ENABLE_NLS
if (orig_codeset) if (orig_codeset)
@ -1195,6 +1220,44 @@ get_passphrase (int promptno)
return pw; return pw;
} }
/* Same as get_passphrase but requests it a second time and compares
it to the one entered the first time. */
static char *
get_new_passphrase (int promptno)
{
char *pw;
int i, secondpromptno;
pw = get_passphrase (promptno);
if (!pw)
return NULL; /* Canceled. */
if (!*pw)
return pw; /* Empty passphrase - no need to as for repeating it. */
secondpromptno = 5;
for (i=0; i < 3; i++)
{
char *pw2 = get_passphrase (secondpromptno);
if (!pw2)
{
xfree (pw);
return NULL; /* Canceled. */
}
if (!strcmp (pw, pw2))
{
xfree (pw2);
return pw; /* Okay. */
}
secondpromptno = 105;
xfree (pw2);
}
xfree (pw);
return NULL; /* 3 times repeated wrong - cancel. */
}
static void static void
release_passphrase (char *pw) release_passphrase (char *pw)
{ {