2006-07-29 Marcus Brinkmann <marcus@g10code.de>

* preset-passphrase.c (preset_passphrase): Do not strip off last
	character of passphrase.
	(make_hexstring): New function.
	* command.c (cmd_preset_passphrase): Use parse_hexstring to syntax
	check passphrase argument.  Truncate passphrase at delimiter.

agent/ChangeLog

@@ -1,3 +1,11 @@
+2006-07-29  Marcus Brinkmann  <marcus@g10code.de>
+
+	* preset-passphrase.c (preset_passphrase): Do not strip off last
+	character of passphrase.
+	(make_hexstring): New function.
+	* command.c (cmd_preset_passphrase): Use parse_hexstring to syntax
+	check passphrase argument.  Truncate passphrase at delimiter.
+
 2006-07-24  Werner Koch  <wk@g10code.com>
 
 	* minip12.c (build_key_bag): New args SHA1HASH and

agent/command.c

@@ -794,7 +794,7 @@ cmd_passwd (ASSUAN_CONTEXT ctx, char *line)
   return map_to_assuan_status (rc);
 }
 
-/* PRESET_PASSPHRASE <hexstring_with_keygrip> <timeout> <passwd>
+/* PRESET_PASSPHRASE <hexstring_with_keygrip> <timeout> <hexstring>
   
    Set the cached passphrase/PIN for the key identified by the keygrip
    to passwd for the given time, where -1 means infinite and 0 means
@@ -809,6 +809,7 @@ cmd_preset_passphrase (ASSUAN_CONTEXT ctx, char *line)
   char *grip_clear = NULL;
   char *passphrase = NULL;
   int ttl;
+  size_t len;
 
   if (!opt.allow_preset_passphrase)
     return gpg_error (GPG_ERR_NOT_SUPPORTED);
@@ -837,6 +838,12 @@ cmd_preset_passphrase (ASSUAN_CONTEXT ctx, char *line)
   while (!(*line != ' ' && *line != '\t'))
     line++;
 
+  /* Syntax check the hexstring.  */
+  rc = parse_hexstring (ctx, line, &len);
+  if (rc)
+    return rc;
+  line[len] = '\0';
+
   /* If there is a passphrase, use it.  Currently, a passphrase is
      required.  */
   if (*line)

agent/preset-passphrase.c

@@ -152,6 +152,38 @@ map_spwq_error (int err)
 }
 
       
+/* Percent-Escape special characters.  The string is valid until the
+   next invocation of the function.  */
+static char *
+make_hexstring (const char *src)
+{
+  int len = 2 * strlen (src) + 1;
+  char *dst;
+  char *res;
+
+  res = dst = malloc (len);
+  if (!dst)
+    {
+      log_error ("can not escape string: %s\n",
+		 gpg_strerror (gpg_error_from_errno (errno)));
+      return NULL;
+    }
+
+#define _tohex(nr)	((nr) < 10 ? ((nr) + '0') : (((nr) - 10) + 'A'))
+#define tohex1(p)  _tohex (*((unsigned char *) p) & 15)
+#define tohex2(p)  _tohex ((*((unsigned char *) p) >> 4) & 15)
+
+  while (*src)
+    {
+      *(dst++) = tohex2 (src);
+      *(dst++) = tohex1 (src);
+      src++;
+    }
+  *dst = '\0';
+  return res;
+}
+
+
 static void
 preset_passphrase (const char *keygrip)
 {
@@ -159,6 +191,7 @@ preset_passphrase (const char *keygrip)
   char *line;
   /* FIXME: Use secure memory.  */
   char passphrase[500];
+  char *passphrase_esc;
 
   if (!opt_passphrase)
     {
@@ -173,7 +206,6 @@ preset_passphrase (const char *keygrip)
       line = strchr (passphrase, '\n');
       if (line)
         {
-          line--;
           if (line > passphrase && line[-1] == '\r')
             line--;
           *line = '\0';
@@ -182,8 +214,19 @@ preset_passphrase (const char *keygrip)
       /* FIXME: How to handle empty passwords?  */
     }
 
+  passphrase_esc = make_hexstring (opt_passphrase
+				   ? opt_passphrase : passphrase);
+  if (!passphrase_esc)
+    {
+      /* Error message printed by callee.  */
+      return;
+    }
+
   rc = asprintf (&line, "PRESET_PASSPHRASE %s -1 %s\n", keygrip,
-                 opt_passphrase? opt_passphrase : passphrase);
+		 passphrase_esc);
+  wipememory (passphrase_esc, strlen (passphrase_esc));
+  free (passphrase_esc);
+
   if (rc < 0)
     {
       log_error ("caching passphrase failed: %s\n",