mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
agent: New option --check-sym-passphrase-pattern.
* agent/gpg-agent.c (oCheckSymPassphrasePattern): New. (opts): Add --check-sym-passphrase-pattern. (parse_rereadable_options): Set option. (main): Return option info. * tools/gpgconf-comp.c: Add new option. * agent/agent.h (opt): Add var check_sym_passphrase_pattern. (struct pin_entry_info_s): Add var constraints_flags. (CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1. (CHECK_CONSTRAINTS_NEW_SYMKEY): New. * agent/genkey.c (check_passphrase_pattern): Rename to ... (do_check_passphrase_pattern): this to make code reading easier. Handle the --check-sym-passphrase-pattern option. (check_passphrase_constraints): Replace arg no_empty by a generic flags arg. Also handle --check-sym-passphrase-pattern here. * agent/command.c (cmd_get_passphrase): In --newsymkey mode pass CHECK_CONSTRAINTS_NEW_SYMKEY flag. * agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags. (struct inq_cb_parm_s): New. (inq_cb): Use new struct for parameter passing. Pass flags to teh constraints checking. (do_getpin): Pass constraints flag down. (agent_askpin): Take constrainst flag from the supplied pinentry struct. -- Requirements for a passphrase to protect a private key and for a passphrase used for symmetric encryption are different. Thus a the use of a different pattern file will be useful. Note that a pattern file can be used to replace the other passphrase constraints options and thus we don't need to duplicate them for symmetric encryption. GnuPG-bug-id: 5517 Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
22c5461b4a
commit
7c45a69eb9
7 changed files with 89 additions and 29 deletions
|
|
@ -126,8 +126,11 @@ struct
|
|||
/* The minimum number of non-alpha characters in a passphrase. */
|
||||
unsigned int min_passphrase_nonalpha;
|
||||
|
||||
/* File name with a patternfile or NULL if not enabled. */
|
||||
/* File name with a patternfile or NULL if not enabled. If the
|
||||
* second one is set, it is used for symmetric only encryption
|
||||
* instead of the former. */
|
||||
const char *check_passphrase_pattern;
|
||||
const char *check_sym_passphrase_pattern;
|
||||
|
||||
/* If not 0 the user is asked to change his passphrase after these
|
||||
number of days. */
|
||||
|
|
@ -302,6 +305,7 @@ struct pin_entry_info_s
|
|||
int min_digits; /* min. number of digits required or 0 for freeform entry */
|
||||
int max_digits; /* max. number of allowed digits allowed*/
|
||||
int max_tries; /* max. number of allowed tries. */
|
||||
unsigned int constraints_flags; /* CHECK_CONSTRAINTS_... */
|
||||
int failed_tries; /* Number of tries so far failed. */
|
||||
int with_qualitybar; /* Set if the quality bar should be displayed. */
|
||||
int with_repeat; /* Request repetition of the passphrase. */
|
||||
|
|
@ -524,7 +528,11 @@ gpg_error_t agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
|
|||
membuf_t *outbuf, int *r_padding);
|
||||
|
||||
/*-- genkey.c --*/
|
||||
int check_passphrase_constraints (ctrl_t ctrl, const char *pw, int no_empty,
|
||||
#define CHECK_CONSTRAINTS_NOT_EMPTY 1
|
||||
#define CHECK_CONSTRAINTS_NEW_SYMKEY 2
|
||||
|
||||
int check_passphrase_constraints (ctrl_t ctrl, const char *pw,
|
||||
unsigned int flags,
|
||||
char **failed_constraint);
|
||||
gpg_error_t agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
|
||||
char **r_passphrase);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue