2006-07-29 Marcus Brinkmann <marcus@g10code.de>

* preset-passphrase.c (preset_passphrase): Do not strip off last
	character of passphrase.
	(make_hexstring): New function.
	* command.c (cmd_preset_passphrase): Use parse_hexstring to syntax
	check passphrase argument.  Truncate passphrase at delimiter.
This commit is contained in:
Marcus Brinkmann 2006-07-29 16:40:54 +00:00
parent d816b37fdb
commit 6d77c76ef2
3 changed files with 61 additions and 3 deletions

View File

@ -1,3 +1,11 @@
2006-07-29 Marcus Brinkmann <marcus@g10code.de>
* preset-passphrase.c (preset_passphrase): Do not strip off last
character of passphrase.
(make_hexstring): New function.
* command.c (cmd_preset_passphrase): Use parse_hexstring to syntax
check passphrase argument. Truncate passphrase at delimiter.
2006-07-24 Werner Koch <wk@g10code.com>
* minip12.c (build_key_bag): New args SHA1HASH and

View File

@ -794,7 +794,7 @@ cmd_passwd (ASSUAN_CONTEXT ctx, char *line)
return map_to_assuan_status (rc);
}
/* PRESET_PASSPHRASE <hexstring_with_keygrip> <timeout> <passwd>
/* PRESET_PASSPHRASE <hexstring_with_keygrip> <timeout> <hexstring>
Set the cached passphrase/PIN for the key identified by the keygrip
to passwd for the given time, where -1 means infinite and 0 means
@ -809,6 +809,7 @@ cmd_preset_passphrase (ASSUAN_CONTEXT ctx, char *line)
char *grip_clear = NULL;
char *passphrase = NULL;
int ttl;
size_t len;
if (!opt.allow_preset_passphrase)
return gpg_error (GPG_ERR_NOT_SUPPORTED);
@ -837,6 +838,12 @@ cmd_preset_passphrase (ASSUAN_CONTEXT ctx, char *line)
while (!(*line != ' ' && *line != '\t'))
line++;
/* Syntax check the hexstring. */
rc = parse_hexstring (ctx, line, &len);
if (rc)
return rc;
line[len] = '\0';
/* If there is a passphrase, use it. Currently, a passphrase is
required. */
if (*line)

View File

@ -152,6 +152,38 @@ map_spwq_error (int err)
}
/* Percent-Escape special characters. The string is valid until the
next invocation of the function. */
static char *
make_hexstring (const char *src)
{
int len = 2 * strlen (src) + 1;
char *dst;
char *res;
res = dst = malloc (len);
if (!dst)
{
log_error ("can not escape string: %s\n",
gpg_strerror (gpg_error_from_errno (errno)));
return NULL;
}
#define _tohex(nr) ((nr) < 10 ? ((nr) + '0') : (((nr) - 10) + 'A'))
#define tohex1(p) _tohex (*((unsigned char *) p) & 15)
#define tohex2(p) _tohex ((*((unsigned char *) p) >> 4) & 15)
while (*src)
{
*(dst++) = tohex2 (src);
*(dst++) = tohex1 (src);
src++;
}
*dst = '\0';
return res;
}
static void
preset_passphrase (const char *keygrip)
{
@ -159,6 +191,7 @@ preset_passphrase (const char *keygrip)
char *line;
/* FIXME: Use secure memory. */
char passphrase[500];
char *passphrase_esc;
if (!opt_passphrase)
{
@ -173,7 +206,6 @@ preset_passphrase (const char *keygrip)
line = strchr (passphrase, '\n');
if (line)
{
line--;
if (line > passphrase && line[-1] == '\r')
line--;
*line = '\0';
@ -182,8 +214,19 @@ preset_passphrase (const char *keygrip)
/* FIXME: How to handle empty passwords? */
}
passphrase_esc = make_hexstring (opt_passphrase
? opt_passphrase : passphrase);
if (!passphrase_esc)
{
/* Error message printed by callee. */
return;
}
rc = asprintf (&line, "PRESET_PASSPHRASE %s -1 %s\n", keygrip,
opt_passphrase? opt_passphrase : passphrase);
passphrase_esc);
wipememory (passphrase_esc, strlen (passphrase_esc));
free (passphrase_esc);
if (rc < 0)
{
log_error ("caching passphrase failed: %s\n",