security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-06-10 17:51:04 +02:00
Code Activity

agent: Allow gpg-protect-tool to handle openpgp-native protection.

Browse Source 
* agent/protect-tool.c (read_and_unprotect): Add arg ctrl and pass to
agent_unprotect.
(main): Allocate a simple CTRL object and pass it to
read_and_unprotect.
(convert_from_openpgp_native): Remove stub.
(agent_key_available, agent_get_cache): New stubs.
(agent_askpin): New emulation for the one in call-pinentry.c.
(agent_write_private_key): New to dump key.
* agent/Makefile.am (gpg_protect_tool_SOURCES): Add cvt-openpgp.c
--

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-04-14 12:28:48 +02:00
parent 94504b3d5a
commit 6df75ec70a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 98 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
agent/Makefile.am
View File

@ -74,7 +74,7 @@ gpg_agent_DEPENDENCIES = $(resource_objs)
gpg_protect_tool_SOURCES = \ gpg_protect_tool_SOURCES = \
protect-tool.c \ protect-tool.c \
protect.c protect.c cvt-openpgp.c
gpg_protect_tool_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS) gpg_protect_tool_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS)
gpg_protect_tool_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) \ gpg_protect_tool_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) \

111
agent/protect-tool.c
View File

@ -363,7 +363,7 @@ read_and_protect (const char *fname)
static void static void
read_and_unprotect (const char *fname) read_and_unprotect (ctrl_t ctrl, const char *fname)
{ {
int rc; int rc;
unsigned char *key; unsigned char *key;
@ -376,7 +376,7 @@ read_and_unprotect (const char *fname)
if (!key) if (!key)
return; return;
rc = agent_unprotect (NULL, key, (pw=get_passphrase (1)), rc = agent_unprotect (ctrl, key, (pw=get_passphrase (1)),
protected_at, &result, &resultlen); protected_at, &result, &resultlen);
release_passphrase (pw); release_passphrase (pw);
xfree (key); xfree (key);
@ -388,10 +388,14 @@ read_and_unprotect (const char *fname)
return; return;
} }
if (opt.verbose) if (opt.verbose)
log_info ("key protection done at %.4s-%.2s-%.2s %.2s:%.2s:%s\n", {
protected_at, protected_at+4, protected_at+6, if (*protected_at)
protected_at+9, protected_at+11, protected_at+13); log_info ("key protection done at %.4s-%.2s-%.2s %.2s:%.2s:%s\n",
protected_at, protected_at+4, protected_at+6,
protected_at+9, protected_at+11, protected_at+13);
else
log_info ("key protection done at [unknown]\n");
}
if (opt_armor) if (opt_armor)
{ {
@ -552,6 +556,7 @@ main (int argc, char **argv )
ARGPARSE_ARGS pargs; ARGPARSE_ARGS pargs;
int cmd = 0; int cmd = 0;
const char *fname; const char *fname;
ctrl_t ctrl;
early_system_init (); early_system_init ();
set_strusage (my_strusage); set_strusage (my_strusage);
@ -617,6 +622,15 @@ main (int argc, char **argv )
else if (argc > 1) else if (argc > 1)
usage (1); usage (1);
/* Allocate an CTRL object. An empty object should sufficent. */
ctrl = xtrycalloc (1, sizeof *ctrl);
if (!ctrl)
{
log_error ("error allocating connection control data: %s\n",
strerror (errno));
agent_exit (1);
}
/* Set the information which can't be taken from envvars. */ /* Set the information which can't be taken from envvars. */
gnupg_prepare_get_passphrase (GPG_ERR_SOURCE_DEFAULT, gnupg_prepare_get_passphrase (GPG_ERR_SOURCE_DEFAULT,
opt.verbose, opt.verbose,
@ -630,7 +644,7 @@ main (int argc, char **argv )
if (cmd == oProtect) if (cmd == oProtect)
read_and_protect (fname); read_and_protect (fname);
else if (cmd == oUnprotect) else if (cmd == oUnprotect)
read_and_unprotect (fname); read_and_unprotect (ctrl, fname);
else if (cmd == oShadow) else if (cmd == oShadow)
read_and_shadow (fname); read_and_shadow (fname);
else if (cmd == oShowShadowInfo) else if (cmd == oShowShadowInfo)
@ -646,6 +660,8 @@ main (int argc, char **argv )
else else
show_file (fname); show_file (fname);
xfree (ctrl);
agent_exit (0); agent_exit (0);
return 8; /*NOTREACHED*/ return 8; /*NOTREACHED*/
} }
@ -737,12 +753,79 @@ release_passphrase (char *pw)
/* Stub function. */ /* Stub function. */
gpg_error_t int
convert_from_openpgp_native (gcry_sexp_t s_pgp, const char *passphrase, agent_key_available (const unsigned char *grip)
unsigned char **r_key)
{ {
(void)s_pgp; (void)grip;
(void)passphrase; return -1; /* Not available. */
(void)r_key; }
return gpg_error (GPG_ERR_BUG);
char *
agent_get_cache (const char *key, cache_mode_t cache_mode)
{
(void)key;
(void)cache_mode;
return NULL;
}
gpg_error_t
agent_askpin (ctrl_t ctrl,
const char *desc_text, const char *prompt_text,
const char *initial_errtext,
struct pin_entry_info_s *pininfo,
const char *keyinfo, cache_mode_t cache_mode)
{
gpg_error_t err;
unsigned char *passphrase;
size_t size;
(void)ctrl;
(void)desc_text;
(void)prompt_text;
(void)initial_errtext;
(void)keyinfo;
(void)cache_mode;
*pininfo->pin = 0; /* Reset the PIN. */
passphrase = get_passphrase (0);
size = strlen (passphrase);
if (size >= pininfo->max_length)
return gpg_error (GPG_ERR_TOO_LARGE);
memcpy (&pininfo->pin, passphrase, size);
xfree (passphrase);
pininfo->pin[size] = 0;
if (pininfo->check_cb)
{
/* More checks by utilizing the optional callback. */
pininfo->cb_errtext = NULL;
err = pininfo->check_cb (pininfo);
}
else
err = 0;
return err;
}
/* Replacement for the function in findkey.c. Here we write the key
* to stdout. */
int
agent_write_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force)
{
char hexgrip[40+4+1];
char *p;
(void)force;
bin2hex (grip, 20, hexgrip);
strcpy (hexgrip+40, ".key");
p = make_advanced (buffer, length);
if (p)
{
printf ("# Begin dump of %s\n%s%s# End dump of %s\n",
hexgrip, p, (*p && p[strlen(p)-1] == '\n')? "":"\n", hexgrip);
xfree (p);
}
return 0;
} }