From 8e5010a958ded63ab6df89e1ba4d45ed9f2e572a Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 23 Apr 2010 11:36:59 +0000 Subject: [PATCH] Decryption and signi via agent is now implemented. --- common/sexputil.c | 2 +- g10/ChangeLog | 30 +++++++++++ g10/call-agent.c | 128 +++++++++++++++++++++++++++++++++++++++++++- g10/call-agent.h | 4 ++ g10/gpg.c | 23 +++----- g10/gpgv.c | 4 +- g10/keydb.c | 38 ++++--------- g10/keydb.h | 4 +- g10/keyedit.c | 17 +++--- g10/keylist.c | 58 +++++++------------- g10/keyring.c | 111 ++++++++++++-------------------------- g10/keyring.h | 5 +- g10/main.h | 2 +- g10/mainproc.c | 132 ++++++++++++++++++++++++---------------------- g10/photoid.c | 22 ++++---- g10/photoid.h | 4 +- g10/pkclist.c | 24 ++++----- g10/pubkey-enc.c | 125 +++++++++++++++++++++---------------------- g10/revoke.c | 2 +- g10/sign.c | 14 +++-- g10/skclist.c | 16 +----- sm/call-agent.c | 2 +- 22 files changed, 409 insertions(+), 358 deletions(-) diff --git a/common/sexputil.c b/common/sexputil.c index 2679000a5..25ddbdd7f 100644 --- a/common/sexputil.c +++ b/common/sexputil.c @@ -136,7 +136,7 @@ cmp_simple_canon_sexp (const unsigned char *a_orig, } -/* Create a simple S-expression from the hex string at LIBNE. Returns +/* Create a simple S-expression from the hex string at LINE. Returns a newly allocated buffer with that canonical encoded S-expression or NULL in case of an error. On return the number of characters scanned in LINE will be stored at NSCANNED. This fucntions stops diff --git a/g10/ChangeLog b/g10/ChangeLog index 5c5a2f588..7fb50191a 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,33 @@ +2010-04-23 Werner Koch + + * pubkey-enc.c (get_it): Use the agent for decryption. + * call-agent.c (agent_pkdecrypt, inq_ciphertext_cb): New. + +2010-04-22 Werner Koch + + * photoid.c (show_photos): Remove arg SK. + + * pubkey-enc.c (get_session_key, get_it): Change to use the public + key object. + (get_it): Remove card related stuff. Now automagically handled + by the agent. + + * skclist.c (build_sk_list): Remove UNLOCK arg. + + * keylist.c (print_fingerprint): Remove arg SK. + * mainproc.c (list_node): Disable listing of secret key packets. + + * keyring.c (struct keyring_name, struct keyring_handle): Remove + field SECRET. + (keyring_register_filename, keyring_new, orename_tmp_file) + (do_copy): Remove arg SECRET. + * keydb.c (struct resource_item): Remove field SECRET. + (keydb_add_resource): Remove arg SECRET. + (keydb_new): Remove code fro secret keyrings. + + * gpg.c (main): Ignore --secret-keyring. Remove all secret + keyring related code. + 2010-04-21 Werner Koch * pkclist.c (default_recipient): Change to use public keys. diff --git a/g10/call-agent.c b/g10/call-agent.c index 7ae8fbba5..ea81c6b9e 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -50,8 +50,9 @@ static int did_early_card_test; struct cipher_parm_s { + ctrl_t ctrl; assuan_context_t ctx; - const char *ciphertext; + unsigned char *ciphertext; size_t ciphertextlen; }; @@ -104,7 +105,6 @@ status_sc_op_failure (int rc) - /* Try to connect to the agent via socket or fork it off and work by pipes. Handle the server's initial greeting */ static int @@ -1582,3 +1582,127 @@ agent_pksign (ctrl_t ctrl, const char *keygrip, const char *desc, } + +/* Handle a CIPHERTEXT inquiry. Note, we only send the data, + assuan_transact takes care of flushing and writing the END. */ +static gpg_error_t +inq_ciphertext_cb (void *opaque, const char *line) +{ + struct cipher_parm_s *parm = opaque; + int rc; + + if (!strncmp (line, "CIPHERTEXT", 10) && (line[10]==' '||!line[10])) + { + assuan_begin_confidential (parm->ctx); + rc = assuan_send_data (parm->ctx, parm->ciphertext, parm->ciphertextlen); + assuan_end_confidential (parm->ctx); + } + else + rc = default_inq_cb (parm->ctrl, line); + + return rc; +} + + +/* Call the agent to do a decrypt operation using the key identified + by the hex string KEYGRIP and the input data S_CIPHERTEXT. On the + success the decoded value is stored verbatim at R_BUF and its + length at R_BUF; the callers needs to release it. */ +gpg_error_t +agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, + gcry_sexp_t s_ciphertext, + unsigned char **r_buf, size_t *r_buflen) +{ + gpg_error_t err; + char line[ASSUAN_LINELENGTH]; + membuf_t data; + size_t n, len; + char *p, *buf, *endp; + + if (!keygrip || strlen(keygrip) != 40 || !s_ciphertext || !r_buf || !r_buflen) + return gpg_error (GPG_ERR_INV_VALUE); + *r_buf = NULL; + + err = start_agent (ctrl, 0); + if (err) + return err; + + err = assuan_transact (agent_ctx, "RESET", + NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + return err; + + snprintf (line, sizeof line, "SETKEY %s", keygrip); + err = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + return err; + + if (desc) + { + snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc); + line[DIM(line)-1] = 0; + err = assuan_transact (agent_ctx, line, + NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + return err; + } + + init_membuf_secure (&data, 1024); + { + struct cipher_parm_s parm; + + parm.ctrl = ctrl; + parm.ctx = agent_ctx; + err = make_canon_sexp (s_ciphertext, &parm.ciphertext, &parm.ciphertextlen); + if (err) + return err; + err = assuan_transact (agent_ctx, "PKDECRYPT", + membuf_data_cb, &data, + inq_ciphertext_cb, &parm, NULL, NULL); + xfree (parm.ciphertext); + } + if (err) + { + xfree (get_membuf (&data, &len)); + return err; + } + + put_membuf (&data, "", 1); /* Make sure it is 0 terminated. */ + buf = get_membuf (&data, &len); + if (!buf) + return gpg_error_from_syserror (); + assert (len); /* (we forced Nul termination.) */ + + if (*buf != '(') + { + xfree (buf); + return gpg_error (GPG_ERR_INV_SEXP); + } + + if (len < 13 || memcmp (buf, "(5:value", 8) ) /* "(5:valueN:D)\0" */ + { + xfree (buf); + return gpg_error (GPG_ERR_INV_SEXP); + } + len -= 11; /* Count only the data of the second part. */ + p = buf + 8; /* Skip leading parenthesis and the value tag. */ + + n = strtoul (p, &endp, 10); + if (!n || *endp != ':') + { + xfree (buf); + return gpg_error (GPG_ERR_INV_SEXP); + } + endp++; + if (endp-p+n > len) + { + xfree (buf); + return gpg_error (GPG_ERR_INV_SEXP); /* Oops: Inconsistent S-Exp. */ + } + + memmove (buf, endp, n); + + *r_buflen = n; + *r_buf = buf; + return 0; +} diff --git a/g10/call-agent.h b/g10/call-agent.h index bf32d3f28..c8e920855 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -158,6 +158,10 @@ gpg_error_t agent_pksign (ctrl_t ctrl, const char *hexkeygrip, const char *desc, int digestalgo, gcry_sexp_t *r_sigval); +/* Decrypt a ciphertext. */ +gpg_error_t agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, + gcry_sexp_t s_ciphertext, + unsigned char **r_buf, size_t *r_buflen); #endif /*GNUPG_G10_CALL_AGENT_H*/ diff --git a/g10/gpg.c b/g10/gpg.c index 0d94969df..2b7b4be6d 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1890,7 +1890,7 @@ main (int argc, char **argv) char *username; int may_coredump; strlist_t sl, remusr= NULL, locusr=NULL; - strlist_t nrings=NULL, sec_nrings=NULL; + strlist_t nrings = NULL; armor_filter_context_t *afx = NULL; int detached_sig = 0; FILE *configfp = NULL; @@ -2283,8 +2283,9 @@ main (int argc, char **argv) break; case oSecretKeyring: - append_to_strlist( &sec_nrings, pargs.r.ret_str); + /* Ignore this old option. */ break; + case oOptions: /* config files may not be nested (silently ignore them) */ if( !configfp ) { @@ -3385,22 +3386,12 @@ main (int argc, char **argv) if( ALWAYS_ADD_KEYRINGS || (cmd != aDeArmor && cmd != aEnArmor && cmd != aGPGConfTest) ) { - if (ALWAYS_ADD_KEYRINGS - || (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys - && cmd != aVerify && cmd != aSym && cmd != aLocateKeys)) - { - if (!sec_nrings || default_keyring) /* add default secret rings */ - keydb_add_resource ("secring" EXTSEP_S "gpg", 4, 1); - for (sl = sec_nrings; sl; sl = sl->next) - keydb_add_resource ( sl->d, 0, 1 ); - } - if( !nrings || default_keyring ) /* add default ring */ - keydb_add_resource ("pubring" EXTSEP_S "gpg", 4, 0); - for(sl = nrings; sl; sl = sl->next ) - keydb_add_resource ( sl->d, sl->flags, 0 ); + if (!nrings || default_keyring) /* Add default ring. */ + keydb_add_resource ("pubring" EXTSEP_S "gpg", 4); + for (sl = nrings; sl; sl = sl->next ) + keydb_add_resource (sl->d, sl->flags); } FREE_STRLIST(nrings); - FREE_STRLIST(sec_nrings); if (cmd == aGPGConfTest) g10_exit(0); diff --git a/g10/gpgv.c b/g10/gpgv.c index cb5929570..b56b1c046 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -196,9 +196,9 @@ main( int argc, char **argv ) /* Note: We open all keyrings in read-only mode (flag value: 8). */ if (!nrings) /* No keyring given: use default one. */ - keydb_add_resource ("trustedkeys" EXTSEP_S "gpg", 8, 0); + keydb_add_resource ("trustedkeys" EXTSEP_S "gpg", 8); for (sl = nrings; sl; sl = sl->next) - keydb_add_resource (sl->d, 8, 0 ); + keydb_add_resource (sl->d, 8); FREE_STRLIST (nrings); diff --git a/g10/keydb.c b/g10/keydb.c index 20cf63491..2e90604a0 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -45,13 +45,13 @@ typedef enum { } KeydbResourceType; #define MAX_KEYDB_RESOURCES 40 -struct resource_item { +struct resource_item +{ KeydbResourceType type; union { KEYRING_HANDLE kr; } u; void *token; - int secret; }; static struct resource_item all_resources[MAX_KEYDB_RESOURCES]; @@ -213,9 +213,9 @@ maybe_create_keyring (char *filename, int force) * Flag 8 - Open as read-only. */ int -keydb_add_resource (const char *url, int flags, int secret) +keydb_add_resource (const char *url, int flags) { - static int any_secret, any_public; + static int any_public; const char *resname = url; char *filename = NULL; int force = (flags&1); @@ -255,7 +255,7 @@ keydb_add_resource (const char *url, int flags, int secret) filename = xstrdup (resname); if (!force && !read_only) - force = secret? !any_secret : !any_public; + force = !any_public; /* See whether we can determine the filetype. */ if (rt == KEYDB_RESOURCE_TYPE_NONE) { @@ -289,7 +289,7 @@ keydb_add_resource (const char *url, int flags, int secret) if (rc) goto leave; - if(keyring_register_filename (filename, secret, read_only, &token)) + if(keyring_register_filename (filename, read_only, &token)) { if (used_resources >= MAX_KEYDB_RESOURCES) rc = G10ERR_RESOURCE_LIMIT; @@ -300,7 +300,6 @@ keydb_add_resource (const char *url, int flags, int secret) all_resources[used_resources].type = rt; all_resources[used_resources].u.kr = NULL; /* Not used here */ all_resources[used_resources].token = token; - all_resources[used_resources].secret = secret; used_resources++; } } @@ -324,22 +323,9 @@ keydb_add_resource (const char *url, int flags, int secret) leave: if (rc) - { - /* Secret keyrings are not required in all cases. To avoid - having gpg return failure we use log_info here if the - rewsource is a secret one and marked as default - resource. */ - if ((flags&4) && secret) - log_info (_("keyblock resource `%s': %s\n"), - filename, g10_errstr(rc)); - else - log_error (_("keyblock resource `%s': %s\n"), - filename, g10_errstr(rc)); - } - else if (secret) - any_secret = 1; + log_error (_("keyblock resource `%s': %s\n"), filename, g10_errstr(rc)); else - any_public = 1; + any_public = 1; xfree (filename); return rc; } @@ -352,7 +338,6 @@ keydb_new (void) { KEYDB_HANDLE hd; int i, j; - int secret = 0; /* FIXME: Remove the secret stuff all together. */ hd = xmalloc_clear (sizeof *hd); hd->found = -1; @@ -360,8 +345,6 @@ keydb_new (void) assert (used_resources <= MAX_KEYDB_RESOURCES); for (i=j=0; i < used_resources; i++) { - if (!all_resources[i].secret != !secret) - continue; switch (all_resources[i].type) { case KEYDB_RESOURCE_TYPE_NONE: /* ignore */ @@ -369,8 +352,7 @@ keydb_new (void) case KEYDB_RESOURCE_TYPE_KEYRING: hd->active[j].type = all_resources[i].type; hd->active[j].token = all_resources[i].token; - hd->active[j].secret = all_resources[i].secret; - hd->active[j].u.kr = keyring_new (all_resources[i].token, secret); + hd->active[j].u.kr = keyring_new (all_resources[i].token); if (!hd->active[j].u.kr) { xfree (hd); return NULL; /* fixme: release all previously allocated handles*/ @@ -706,8 +688,6 @@ keydb_rebuild_caches (int noisy) for (i=0; i < used_resources; i++) { - if (all_resources[i].secret) - continue; if (!keyring_is_writable (all_resources[i].token)) continue; switch (all_resources[i].type) diff --git a/g10/keydb.h b/g10/keydb.h index 404102cc4..114045321 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -132,7 +132,7 @@ union pref_hint Flag 1 == force Flag 2 == default */ -int keydb_add_resource (const char *url, int flags, int secret); +int keydb_add_resource (const char *url, int flags); KEYDB_HANDLE keydb_new (void); void keydb_release (KEYDB_HANDLE hd); const char *keydb_get_resource_name (KEYDB_HANDLE hd); @@ -173,7 +173,7 @@ void warn_missing_aes_from_pklist (PK_LIST pk_list); int random_is_faked (void); void release_sk_list( SK_LIST sk_list ); gpg_error_t build_sk_list (strlist_t locusr, SK_LIST *ret_sk_list, - int unlock, unsigned use); + unsigned use); /*-- passphrase.h --*/ unsigned char encode_s2k_iterations (int iterations); diff --git a/g10/keyedit.c b/g10/keyedit.c index f9dfe7a4e..ed6a3a8b2 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -557,7 +557,7 @@ sign_uids (KBNODE keyblock, strlist_t locusr, int *ret_modified, * why to sign keys using a subkey. Implementation of USAGE_CERT * is just a hack in getkey.c and does not mean that a subkey * marked as certification capable will be used. */ - rc = build_sk_list (locusr, &sk_list, 0, PUBKEY_USAGE_CERT); + rc = build_sk_list (locusr, &sk_list, PUBKEY_USAGE_CERT); if (rc) goto leave; @@ -2686,7 +2686,7 @@ show_key_with_all_names_colon (KBNODE keyblock) putchar ('a'); putchar ('\n'); - print_fingerprint (pk, NULL, 0); + print_fingerprint (pk, 0); print_revokers (pk); } } @@ -2970,7 +2970,7 @@ show_key_with_all_names (KBNODE keyblock, int only_marked, int with_revoker, if (node->pkt->pkttype == PKT_PUBLIC_KEY && with_fpr) { - print_fingerprint (pk, NULL, 2); + print_fingerprint (pk, 2); tty_printf ("\n"); } } @@ -3047,7 +3047,7 @@ show_basic_key_info (KBNODE keyblock) tty_printf (" "); tty_printf (_("expires: %s"), expirestr_from_pk (pk)); tty_printf ("\n"); - print_fingerprint (pk, NULL, 3); + print_fingerprint (pk, 3); tty_printf ("\n"); } else if (node->pkt->pkttype == PKT_SECRET_KEY) @@ -3061,7 +3061,8 @@ show_basic_key_info (KBNODE keyblock) tty_printf (" "); tty_printf (_("expires: %s"), expirestr_from_sk (sk)); tty_printf ("\n"); - print_fingerprint (NULL, sk, 3); + log_debug ("FIXME\n"); + /* print_fingerprint (NULL, sk, 3); */ tty_printf ("\n"); } } @@ -3110,7 +3111,7 @@ show_key_and_fingerprint (KBNODE keyblock) } tty_printf ("\n"); if (pk) - print_fingerprint (pk, NULL, 2); + print_fingerprint (pk, 2); } @@ -3588,7 +3589,7 @@ menu_addrevoker (KBNODE pub_keyblock, int sensitive) } print_pubkey_info (NULL, revoker_pk); - print_fingerprint (revoker_pk, NULL, 2); + print_fingerprint (revoker_pk, 2); tty_printf ("\n"); tty_printf (_("WARNING: appointing a key as a designated revoker " @@ -5201,7 +5202,7 @@ menu_showphoto (KBNODE keyblock) "key %s (uid %d)\n"), image_type_to_string (type, 1), (ulong) size, keystr_from_pk (pk), count); - show_photos (&uid->attribs[i], 1, pk, NULL, uid); + show_photos (&uid->attribs[i], 1, pk, uid); } } } diff --git a/g10/keylist.c b/g10/keylist.c index 969bf50bd..b99047b70 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -817,7 +817,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) es_fprintf (es_stdout, "\n"); if (fpr) - print_fingerprint (pk, NULL, 0); + print_fingerprint (pk, 0); /* FIXME: Change this function to take a PK and ask the agent: */ /* if (secret) print_card_serialno (sk); */ @@ -866,7 +866,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) es_putc ('\n', es_stdout); if ((opt.list_options & LIST_SHOW_PHOTOS) && uid->attribs != NULL) - show_photos (uid->attribs, uid->numattribs, pk, NULL, uid); + show_photos (uid->attribs, uid->numattribs, pk, uid); } else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) { @@ -911,7 +911,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) es_putc ('\n', es_stdout); if (fpr > 1) { - print_fingerprint (pk2, NULL, 0); + print_fingerprint (pk2, 0); /* FIXME: (see above) */ /* if (secret) */ /* print_card_serialno (sk2); */ @@ -1127,7 +1127,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr) print_revokers (pk); if (fpr) - print_fingerprint (pk, NULL, 0); + print_fingerprint (pk, 0); if (opt.with_key_data) { if (!hexkeygrip_from_pk (pk, &p)) @@ -1232,7 +1232,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr) } es_putc ('\n', es_stdout); if (fpr > 1) - print_fingerprint (pk2, NULL, 0); + print_fingerprint (pk2, 0); if (opt.with_key_data) { if (!hexkeygrip_from_pk (pk2, &p)) @@ -1428,15 +1428,17 @@ list_keyblock (KBNODE keyblock, int secret, int fpr, void *opaque) } /* - * standard function to print the finperprint. + * Function to print the finperprint. * mode 0: as used in key listings, opt.with_colons is honored * 1: print using log_info () * 2: direct use of tty * 3: direct use of tty but only primary key. - * modes 1 and 2 will try and print both subkey and primary key fingerprints + * + * Modes 1 and 2 will try and print both subkey and primary key + * fingerprints. A MODE with bit 7 set is used internally. */ void -print_fingerprint (PKT_public_key * pk, PKT_secret_key * sk, int mode) +print_fingerprint (PKT_public_key *pk, int mode) { byte array[MAX_FINGERPRINT_LEN], *p; size_t i, n; @@ -1444,21 +1446,12 @@ print_fingerprint (PKT_public_key * pk, PKT_secret_key * sk, int mode) const char *text; int primary = 0; - if (sk) - { - if (sk->main_keyid[0] == sk->keyid[0] - && sk->main_keyid[1] == sk->keyid[1]) - primary = 1; - } - else - { - if (pk->main_keyid[0] == pk->keyid[0] - && pk->main_keyid[1] == pk->keyid[1]) - primary = 1; - } + if (pk->main_keyid[0] == pk->keyid[0] + && pk->main_keyid[1] == pk->keyid[1]) + primary = 1; /* Just to be safe */ - if (mode & 0x80 && !primary) + if ((mode & 0x80) && !primary) { log_error ("primary key is not really primary!\n"); return; @@ -1468,20 +1461,10 @@ print_fingerprint (PKT_public_key * pk, PKT_secret_key * sk, int mode) if (!primary && (mode == 1 || mode == 2)) { - if (sk) - { - PKT_secret_key *primary_sk = xmalloc_clear (sizeof (*primary_sk)); - get_seckey (primary_sk, sk->main_keyid); - print_fingerprint (NULL, primary_sk, mode | 0x80); - free_secret_key (primary_sk); - } - else - { - PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk)); - get_pubkey (primary_pk, pk->main_keyid); - print_fingerprint (primary_pk, NULL, mode | 0x80); - free_public_key (primary_pk); - } + PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk)); + get_pubkey (primary_pk, pk->main_keyid); + print_fingerprint (primary_pk, mode | 0x80); + free_public_key (primary_pk); } if (mode == 1) @@ -1513,10 +1496,7 @@ print_fingerprint (PKT_public_key * pk, PKT_secret_key * sk, int mode) text = _(" Key fingerprint ="); } - if (sk) - fingerprint_from_sk (sk, array, &n); - else - fingerprint_from_pk (pk, array, &n); + fingerprint_from_pk (pk, array, &n); p = array; if (opt.with_colons && !mode) { diff --git a/g10/keyring.c b/g10/keyring.c index ab0316065..5277db989 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1,5 +1,5 @@ /* keyring.c - keyring file handling - * Copyright (C) 2001, 2004, 2009 Free Software Foundation, Inc. + * Copyright (C) 2001, 2004, 2009, 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -53,7 +53,6 @@ typedef struct keyring_name *KR_NAME; struct keyring_name { struct keyring_name *next; - int secret; int read_only; dotlock_t lockhd; int is_locked; @@ -69,9 +68,9 @@ static OffsetHashTable kr_offtbl; static int kr_offtbl_ready; -struct keyring_handle { +struct keyring_handle +{ CONST_KR_NAME resource; - int secret; /* this is for a secret keyring */ struct { CONST_KR_NAME kr; IOBUF iobuf; @@ -93,7 +92,7 @@ struct keyring_handle { -static int do_copy (int mode, const char *fname, KBNODE root, int secret, +static int do_copy (int mode, const char *fname, KBNODE root, off_t start_offset, unsigned int n_packets ); @@ -201,8 +200,7 @@ update_offset_hash_table_from_kb (OffsetHashTable tbl, KBNODE node, off_t off) * if a new keyring was registered. */ int -keyring_register_filename (const char *fname, int secret, int read_only, - void **ptr) +keyring_register_filename (const char *fname, int read_only, void **ptr) { KR_NAME kr; @@ -221,12 +219,8 @@ keyring_register_filename (const char *fname, int secret, int read_only, } } - if (secret) - register_secured_file (fname); - kr = xmalloc (sizeof *kr + strlen (fname)); strcpy (kr->fname, fname); - kr->secret = !!secret; kr->read_only = read_only; kr->lockhd = NULL; kr->is_locked = 0; @@ -254,21 +248,19 @@ keyring_is_writable (void *token) -/* Create a new handle for the resource associated with TOKEN. SECRET - is just just as a cross-check. +/* Create a new handle for the resource associated with TOKEN. The returned handle must be released using keyring_release (). */ KEYRING_HANDLE -keyring_new (void *token, int secret) +keyring_new (void *token) { KEYRING_HANDLE hd; KR_NAME resource = token; - assert (resource && !resource->secret == !secret); + assert (resource); hd = xmalloc_clear (sizeof *hd); hd->resource = resource; - hd->secret = !!secret; active_handles++; return hd; } @@ -537,10 +529,10 @@ keyring_update_keyblock (KEYRING_HANDLE hd, KBNODE kb) hd->current.iobuf = NULL; /* do the update */ - rc = do_copy (3, hd->found.kr->fname, kb, hd->secret, + rc = do_copy (3, hd->found.kr->fname, kb, hd->found.offset, hd->found.n_packets ); if (!rc) { - if (!hd->secret && kr_offtbl) + if (kr_offtbl) { update_offset_hash_table_from_kb (kr_offtbl, kb, 0); } @@ -585,8 +577,8 @@ keyring_insert_keyblock (KEYRING_HANDLE hd, KBNODE kb) hd->current.iobuf = NULL; /* do the insert */ - rc = do_copy (1, fname, kb, hd->secret, 0, 0 ); - if (!rc && !hd->secret && kr_offtbl) + rc = do_copy (1, fname, kb, 0, 0 ); + if (!rc && kr_offtbl) { update_offset_hash_table_from_kb (kr_offtbl, kb, 0); } @@ -625,7 +617,7 @@ keyring_delete_keyblock (KEYRING_HANDLE hd) hd->current.iobuf = NULL; /* do the delete */ - rc = do_copy (2, hd->found.kr->fname, NULL, hd->secret, + rc = do_copy (2, hd->found.kr->fname, NULL, hd->found.offset, hd->found.n_packets ); if (!rc) { /* better reset the found info */ @@ -953,7 +945,7 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, if (rc) return rc; - use_offtbl = !hd->secret && kr_offtbl; + use_offtbl = !!kr_offtbl; if (!use_offtbl) ; else if (!kr_offtbl_ready) @@ -1148,11 +1140,10 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, { KR_NAME kr; - /* First set the did_full_scan flag for this keyring (ignore - secret keyrings) */ + /* First set the did_full_scan flag for this keyring. */ for (kr=kr_names; kr; kr = kr->next) { - if (!kr->secret && hd->resource == kr) + if (hd->resource == kr) { kr->did_full_scan = 1; break; @@ -1162,7 +1153,7 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, offtbl ready */ for (kr=kr_names; kr; kr = kr->next) { - if (!kr->secret && !kr->did_full_scan) + if (!kr->did_full_scan) break; } if (!kr) @@ -1247,20 +1238,10 @@ create_tmp_file (const char *template, static int -rename_tmp_file (const char *bakfname, const char *tmpfname, - const char *fname, int secret ) +rename_tmp_file (const char *bakfname, const char *tmpfname, const char *fname) { int rc = 0; - /* It's a secret keyring, so let's force a fsync just to be safe on - filesystems that may not sync data and metadata together - (e.g. ext4). */ - if (secret && iobuf_ioctl (NULL, IOBUF_IOCTL_FSYNC, 0, (char*)tmpfname)) - { - rc = gpg_error_from_syserror (); - goto fail; - } - /* Invalidate close caches. */ if (iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)tmpfname )) { @@ -1270,27 +1251,22 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)bakfname ); iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname ); - /* first make a backup file except for secret keyrings */ - if (!secret) - { + /* First make a backup file. */ #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__) - gnupg_remove (bakfname); + gnupg_remove (bakfname); #endif - if (rename (fname, bakfname) ) - { - rc = gpg_error_from_syserror (); - log_error ("renaming `%s' to `%s' failed: %s\n", - fname, bakfname, strerror(errno) ); - return rc; - } + if (rename (fname, bakfname) ) + { + rc = gpg_error_from_syserror (); + log_error ("renaming `%s' to `%s' failed: %s\n", + fname, bakfname, strerror(errno) ); + return rc; } /* then rename the file */ #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__) gnupg_remove( fname ); #endif - if (secret) - unregister_secured_file (fname); if (rename (tmpfname, fname) ) { rc = gpg_error_from_syserror (); @@ -1308,9 +1284,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, statbuf.st_mode=S_IRUSR | S_IWUSR; - if (((secret && !opt.preserve_permissions) - || !stat (bakfname,&statbuf)) - && !chmod (fname,statbuf.st_mode)) + if (!stat (bakfname, &statbuf) && !chmod (fname, statbuf.st_mode)) ; else log_error ("WARNING: unable to restore permissions to `%s': %s", @@ -1321,13 +1295,6 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, return 0; fail: - if (secret) - { - log_info(_("WARNING: 2 files with confidential information exists.\n")); - log_info(_("%s is the unchanged one\n"), fname ); - log_info(_("%s is the new one\n"), tmpfname ); - log_info(_("Please fix this possible security flaw\n")); - } return rc; } @@ -1392,7 +1359,7 @@ keyring_rebuild_cache (void *token,int noisy) int rc; ulong count = 0, sigcount = 0; - hd = keyring_new (token, 0); + hd = keyring_new (token); memset (&desc, 0, sizeof desc); desc.mode = KEYDB_SEARCH_MODE_FIRST; @@ -1420,7 +1387,7 @@ keyring_rebuild_cache (void *token,int noisy) tmpfp = NULL; } rc = lastresname? rename_tmp_file (bakfilename, tmpfilename, - lastresname, 0) : 0; + lastresname) : 0; xfree (tmpfilename); tmpfilename = NULL; xfree (bakfilename); bakfilename = NULL; if (rc) @@ -1513,7 +1480,7 @@ keyring_rebuild_cache (void *token,int noisy) tmpfp = NULL; } rc = lastresname? rename_tmp_file (bakfilename, tmpfilename, - lastresname, 0) : 0; + lastresname) : 0; xfree (tmpfilename); tmpfilename = NULL; xfree (bakfilename); bakfilename = NULL; @@ -1536,7 +1503,7 @@ keyring_rebuild_cache (void *token,int noisy) * 3 = update */ static int -do_copy (int mode, const char *fname, KBNODE root, int secret, +do_copy (int mode, const char *fname, KBNODE root, off_t start_offset, unsigned int n_packets ) { IOBUF fp, newfp; @@ -1556,7 +1523,7 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, mode_t oldmask; oldmask=umask(077); - if (!secret && is_secured_filename (fname)) { + if (is_secured_filename (fname)) { newfp = NULL; gpg_err_set_errno (EPERM); } @@ -1602,8 +1569,6 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, iobuf_close(fp); goto leave; } - if (secret) - register_secured_file (tmpfname); if( mode == 1 ) { /* insert */ /* copy everything to the new file */ @@ -1612,8 +1577,6 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, log_error("%s: copy to `%s' failed: %s\n", fname, tmpfname, g10_errstr(rc) ); iobuf_close(fp); - if (secret) - unregister_secured_file (tmpfname); iobuf_cancel(newfp); goto leave; } @@ -1627,8 +1590,6 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, log_error ("%s: copy to `%s' failed: %s\n", fname, tmpfname, g10_errstr(rc) ); iobuf_close(fp); - if (secret) - unregister_secured_file (tmpfname); iobuf_cancel(newfp); goto leave; } @@ -1639,8 +1600,6 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, log_error("%s: skipping %u packets failed: %s\n", fname, n_packets, g10_errstr(rc)); iobuf_close(fp); - if (secret) - unregister_secured_file (tmpfname); iobuf_cancel(newfp); goto leave; } @@ -1650,8 +1609,6 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, rc = write_keyblock (newfp, root); if (rc) { iobuf_close(fp); - if (secret) - unregister_secured_file (tmpfname); iobuf_cancel(newfp); goto leave; } @@ -1664,8 +1621,6 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, log_error("%s: copy to `%s' failed: %s\n", fname, tmpfname, g10_errstr(rc) ); iobuf_close(fp); - if (secret) - unregister_secured_file (tmpfname); iobuf_cancel(newfp); goto leave; } @@ -1684,7 +1639,7 @@ do_copy (int mode, const char *fname, KBNODE root, int secret, goto leave; } - rc = rename_tmp_file (bakfname, tmpfname, fname, secret); + rc = rename_tmp_file (bakfname, tmpfname, fname); leave: xfree(bakfname); diff --git a/g10/keyring.h b/g10/keyring.h index 122d2ddae..f83c2cb18 100644 --- a/g10/keyring.h +++ b/g10/keyring.h @@ -24,11 +24,10 @@ typedef struct keyring_handle *KEYRING_HANDLE; -int keyring_register_filename (const char *fname, int secret, int read_only, - void **ptr); +int keyring_register_filename (const char *fname, int read_only, void **ptr); int keyring_is_writable (void *token); -KEYRING_HANDLE keyring_new (void *token, int secret); +KEYRING_HANDLE keyring_new (void *token); void keyring_release (KEYRING_HANDLE hd); const char *keyring_get_resource_name (KEYRING_HANDLE hd); int keyring_lock (KEYRING_HANDLE hd, int yes); diff --git a/g10/main.h b/g10/main.h index c687ee2c6..83723edc1 100644 --- a/g10/main.h +++ b/g10/main.h @@ -305,7 +305,7 @@ void secret_key_list( strlist_t list ); void print_subpackets_colon(PKT_signature *sig); void reorder_keyblock (KBNODE keyblock); void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque ); -void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode); +void print_fingerprint (PKT_public_key *pk, int mode); void print_revokers(PKT_public_key *pk); void show_policy_url(PKT_signature *sig,int indent,int mode); void show_keyserver_url(PKT_signature *sig,int indent,int mode); diff --git a/g10/mainproc.c b/g10/mainproc.c index 2b2d29dc2..d397a4fd8 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -939,7 +939,7 @@ list_node( CTX c, KBNODE node ) if( node->next && node->next->pkt->pkttype == PKT_RING_TRUST) { putchar('\n'); any=1; if( opt.fingerprint ) - print_fingerprint( pk, NULL, 0 ); + print_fingerprint (pk, 0); printf("rtv:1:%u:\n", node->next->pkt->pkt.ring_trust->trustval ); } @@ -976,7 +976,7 @@ list_node( CTX c, KBNODE node ) putchar(':'); putchar('\n'); if( opt.fingerprint && !any ) - print_fingerprint( pk, NULL, 0 ); + print_fingerprint ( pk, 0 ); if( opt.with_colons && node->next && node->next->pkt->pkttype == PKT_RING_TRUST ) { @@ -1015,71 +1015,75 @@ list_node( CTX c, KBNODE node ) if( !any ) putchar('\n'); if( !mainkey && opt.fingerprint > 1 ) - print_fingerprint( pk, NULL, 0 ); + print_fingerprint( pk, 0 ); } else if( (mainkey = (node->pkt->pkttype == PKT_SECRET_KEY) ) || node->pkt->pkttype == PKT_SECRET_SUBKEY ) { - PKT_secret_key *sk = node->pkt->pkt.secret_key; - if( opt.with_colons ) - { - u32 keyid[2]; - keyid_from_sk( sk, keyid ); - printf("%s::%u:%d:%08lX%08lX:%s:%s:::", - mainkey? "sec":"ssb", - nbits_from_sk( sk ), - sk->pubkey_algo, - (ulong)keyid[0],(ulong)keyid[1], - colon_datestr_from_sk( sk ), - colon_strtime (sk->expiredate) - /* fixme: add LID */ ); - } - else - printf("%s %4u%c/%s %s ", mainkey? "sec":"ssb", - nbits_from_sk( sk ), pubkey_letter( sk->pubkey_algo ), - keystr_from_sk( sk ), datestr_from_sk( sk )); - if( mainkey ) { - /* and now list all userids with their signatures */ - for( node = node->next; node; node = node->next ) { - if( node->pkt->pkttype == PKT_SIGNATURE ) { - if( !any ) { - if( node->pkt->pkt.signature->sig_class == 0x20 ) - puts("[revoked]"); - else - putchar('\n'); - any = 1; - } - list_node(c, node ); - } - else if( node->pkt->pkttype == PKT_USER_ID ) { - if( any ) { - if( opt.with_colons ) - printf("%s:::::::::", - node->pkt->pkt.user_id->attrib_data?"uat":"uid"); - else - printf( "uid%*s", 28, "" ); - } - print_userid( node->pkt ); - if( opt.with_colons ) - putchar(':'); - putchar('\n'); - if( opt.fingerprint && !any ) - print_fingerprint( NULL, sk, 0 ); - any=1; - } - else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) { - if( !any ) { - putchar('\n'); - any = 1; - } - list_node(c, node ); - } - } - } - if( !any ) - putchar('\n'); - if( !mainkey && opt.fingerprint > 1 ) - print_fingerprint( NULL, sk, 0 ); + log_debug ("FIXME: No way to print secret key packets here\n"); + /* fixme: We may use a fucntion to trun a secret key packet into + a public key one and use that here. */ + /* PKT_secret_key *sk = node->pkt->pkt.secret_key; */ + + /* if( opt.with_colons ) */ + /* { */ + /* u32 keyid[2]; */ + /* keyid_from_sk( sk, keyid ); */ + /* printf("%s::%u:%d:%08lX%08lX:%s:%s:::", */ + /* mainkey? "sec":"ssb", */ + /* nbits_from_sk( sk ), */ + /* sk->pubkey_algo, */ + /* (ulong)keyid[0],(ulong)keyid[1], */ + /* colon_datestr_from_sk( sk ), */ + /* colon_strtime (sk->expiredate) */ + /* /\* fixme: add LID *\/ ); */ + /* } */ + /* else */ + /* printf("%s %4u%c/%s %s ", mainkey? "sec":"ssb", */ + /* nbits_from_sk( sk ), pubkey_letter( sk->pubkey_algo ), */ + /* keystr_from_sk( sk ), datestr_from_sk( sk )); */ + /* if( mainkey ) { */ + /* /\* and now list all userids with their signatures *\/ */ + /* for( node = node->next; node; node = node->next ) { */ + /* if( node->pkt->pkttype == PKT_SIGNATURE ) { */ + /* if( !any ) { */ + /* if( node->pkt->pkt.signature->sig_class == 0x20 ) */ + /* puts("[revoked]"); */ + /* else */ + /* putchar('\n'); */ + /* any = 1; */ + /* } */ + /* list_node(c, node ); */ + /* } */ + /* else if( node->pkt->pkttype == PKT_USER_ID ) { */ + /* if( any ) { */ + /* if( opt.with_colons ) */ + /* printf("%s:::::::::", */ + /* node->pkt->pkt.user_id->attrib_data?"uat":"uid"); */ + /* else */ + /* printf( "uid%*s", 28, "" ); */ + /* } */ + /* print_userid( node->pkt ); */ + /* if( opt.with_colons ) */ + /* putchar(':'); */ + /* putchar('\n'); */ + /* if( opt.fingerprint && !any ) */ + /* print_fingerprint( NULL, sk, 0 ); */ + /* any=1; */ + /* } */ + /* else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) { */ + /* if( !any ) { */ + /* putchar('\n'); */ + /* any = 1; */ + /* } */ + /* list_node(c, node ); */ + /* } */ + /* } */ + /* } */ + /* if( !any ) */ + /* putchar('\n'); */ + /* if( !mainkey && opt.fingerprint > 1 ) */ + /* print_fingerprint( NULL, sk, 0 ); */ } else if( node->pkt->pkttype == PKT_SIGNATURE ) { PKT_signature *sig = node->pkt->pkt.signature; @@ -1848,7 +1852,7 @@ check_sig_and_print( CTX c, KBNODE node ) if(opt.verify_options&VERIFY_SHOW_PHOTOS) show_photos(un->pkt->pkt.user_id->attribs, un->pkt->pkt.user_id->numattribs, - pk,NULL,un->pkt->pkt.user_id); + pk ,un->pkt->pkt.user_id); } p=utf8_to_native(un->pkt->pkt.user_id->name, diff --git a/g10/photoid.c b/g10/photoid.c index 66e4645f9..3be42d2fc 100644 --- a/g10/photoid.c +++ b/g10/photoid.c @@ -161,7 +161,7 @@ generate_photo_id(PKT_public_key *pk,const char *photo_name) "user" may not be able to dismiss a viewer window! */ if(opt.command_fd==-1) { - show_photos(uid->attribs,uid->numattribs,pk,NULL,uid); + show_photos (uid->attribs, uid->numattribs, pk, uid); switch(cpr_get_answer_yes_no_quit("photoid.jpeg.okay", _("Is this photo correct (y/N/q)? "))) { @@ -285,9 +285,8 @@ static const char *get_default_photo_command(void) #endif void -show_photos(const struct user_attribute *attrs, - int count,PKT_public_key *pk,PKT_secret_key *sk, - PKT_user_id *uid) +show_photos(const struct user_attribute *attrs, int count, + PKT_public_key *pk, PKT_user_id *uid) { #ifndef DISABLE_PHOTO_VIEWER int i; @@ -295,16 +294,13 @@ show_photos(const struct user_attribute *attrs, u32 len; u32 kid[2]={0,0}; - memset(&args,0,sizeof(args)); - args.pk=pk; - args.pksk=sk; - args.validity_info=get_validity_info(pk,uid); - args.validity_string=get_validity_string(pk,uid); + memset (&args, 0, sizeof(args)); + args.pk = pk; + args.validity_info = get_validity_info (pk, uid); + args.validity_string = get_validity_string (pk, uid); - if(pk) - keyid_from_pk(pk,kid); - else if(sk) - keyid_from_sk(sk,kid); + if (pk) + keyid_from_pk (pk, kid); for(i=0;ipkt->pkt.user_id->attrib_data) - show_photos(un->pkt->pkt.user_id->attribs, - un->pkt->pkt.user_id->numattribs,pk,NULL, - un->pkt->pkt.user_id); + show_photos (un->pkt->pkt.user_id->attribs, + un->pkt->pkt.user_id->numattribs, pk, + un->pkt->pkt.user_id); p=utf8_to_native(un->pkt->pkt.user_id->name, un->pkt->pkt.user_id->len,0); @@ -256,7 +256,7 @@ do_edit_ownertrust (PKT_public_key *pk, int mode, tty_printf(_(" aka \"%s\"\n"),p); } - print_fingerprint (pk, NULL, 2); + print_fingerprint (pk, 2); tty_printf("\n"); release_kbnode (keyblock); } @@ -464,7 +464,7 @@ do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) if( !opt.batch && !rc ) { print_pubkey_info(NULL,pk); - print_fingerprint (pk, NULL, 2); + print_fingerprint (pk, 2); tty_printf("\n"); tty_printf( @@ -523,7 +523,7 @@ check_signatures_trust( PKT_signature *sig ) if( !opt.quiet ) log_info(_("WARNING: Using untrusted key!\n")); if (opt.with_fingerprint) - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); goto leave; } @@ -611,7 +611,7 @@ check_signatures_trust( PKT_signature *sig ) { case TRUST_EXPIRED: log_info(_("Note: This key has expired!\n")); - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); break; default: @@ -625,7 +625,7 @@ check_signatures_trust( PKT_signature *sig ) " a trusted signature!\n")); log_info(_(" There is no indication that the " "signature belongs to the owner.\n" )); - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); break; case TRUST_NEVER: @@ -634,7 +634,7 @@ check_signatures_trust( PKT_signature *sig ) log_info(_("WARNING: We do NOT trust this key!\n")); log_info(_(" The signature is probably a FORGERY.\n")); if (opt.with_fingerprint) - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); rc = gpg_error (GPG_ERR_BAD_SIGNATURE); break; @@ -644,19 +644,19 @@ check_signatures_trust( PKT_signature *sig ) " sufficiently trusted signatures!\n")); log_info(_(" It is not certain that the" " signature belongs to the owner.\n" )); - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); break; case TRUST_FULLY: write_status( STATUS_TRUST_FULLY ); if (opt.with_fingerprint) - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); break; case TRUST_ULTIMATE: write_status( STATUS_TRUST_ULTIMATE ); if (opt.with_fingerprint) - print_fingerprint (pk, NULL, 1); + print_fingerprint (pk, 1); break; } diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index 7959ee845..1a4ec0f96 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -39,7 +39,7 @@ static gpg_error_t get_it (PKT_pubkey_enc *k, - DEK *dek, PKT_secret_key *sk, u32 *keyid); + DEK *dek, PKT_public_key *sk, u32 *keyid); /* Check that the given algo is mentioned in one of the valid user-ids. */ @@ -74,7 +74,7 @@ is_algo_in_prefs (kbnode_t keyblock, preftype_t type, int algo) gpg_error_t get_session_key (PKT_pubkey_enc * k, DEK * dek) { - PKT_secret_key *sk = NULL; + PKT_public_key *sk = NULL; int rc; rc = openpgp_pk_test_algo2 (k->pubkey_algo, PUBKEY_USAGE_ENC); @@ -84,7 +84,7 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) if ((k->keyid[0] || k->keyid[1]) && !opt.try_all_secrets) { sk = xmalloc_clear (sizeof *sk); - sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo */ + sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo. */ if (!(rc = get_seckey (sk, k->keyid))) rc = get_it (k, dek, sk, k->keyid); } @@ -99,9 +99,9 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) for (;;) { if (sk) - free_secret_key (sk); + free_public_key (sk); sk = xmalloc_clear (sizeof *sk); - rc = enum_secret_keys (&enum_context, sk, 1, 0); + rc = -1; /* FIXME:enum_secret_keys (&enum_context, sk, 1, 0);*/ if (rc) { rc = G10ERR_NO_SECKEY; @@ -109,7 +109,7 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) } if (sk->pubkey_algo != k->pubkey_algo) continue; - keyid_from_sk (sk, keyid); + keyid_from_pk (sk, keyid); log_info (_("anonymous recipient; trying secret key %s ...\n"), keystr (keyid)); @@ -149,63 +149,59 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) leave: if (sk) - free_secret_key (sk); + free_public_key (sk); return rc; } static gpg_error_t -get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) +get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) { - int rc; - gcry_mpi_t plain_dek = NULL; + gpg_error_t err; byte *frame = NULL; unsigned int n; size_t nframe; u16 csum, csum2; - int card = 0; + gcry_sexp_t s_data; + char *desc; + char *keygrip; - if (sk->is_protected && sk->protect.s2k.mode == 1002) - { /* Note, that we only support RSA for now. */ -#ifdef ENABLE_CARD_SUPPORT - unsigned char *rbuf; - size_t rbuflen; - char *snbuf; - unsigned char *indata = NULL; - size_t indatalen; + /* Get the keygrip. */ + err = hexkeygrip_from_pk (sk, &keygrip); + if (err) + goto leave; - snbuf = - serialno_and_fpr_from_sk (sk->protect.iv, sk->protect.ivlen, sk); - - if (gcry_mpi_aprint - (GCRYMPI_FMT_USG, &indata, &indatalen, enc->data[0])) - BUG (); - - rc = agent_scd_pkdecrypt (snbuf, indata, indatalen, &rbuf, &rbuflen); - xfree (snbuf); - xfree (indata); - if (rc) - goto leave; - - frame = rbuf; - nframe = rbuflen; - card = 1; -#else - rc = gpg_error (GPG_ERR_NOT_SUPPORTED); - goto leave; -#endif /*!ENABLE_CARD_SUPPORT */ + /* Convert the data to an S-expression. */ + if (sk->pubkey_algo == GCRY_PK_ELG || sk->pubkey_algo == GCRY_PK_ELG_E) + { + if (!enc->data[0] || !enc->data[1]) + err = gpg_error (GPG_ERR_BAD_MPI); + else + err = gcry_sexp_build (&s_data, NULL, "(enc-val(elg(a%m)(b%m)))", + enc->data[0], enc->data[1]); + } + else if (sk->pubkey_algo == GCRY_PK_RSA || sk->pubkey_algo == GCRY_PK_RSA_E) + { + if (!enc->data[0]) + err = gpg_error (GPG_ERR_BAD_MPI); + else + err = gcry_sexp_build (&s_data, NULL, "(enc-val(rsa(a%m)))", + enc->data[0]); } else - { - rc = pk_decrypt (sk->pubkey_algo, &plain_dek, enc->data, sk->skey); - if (rc) - goto leave; - if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &frame, &nframe, plain_dek)) - BUG (); - gcry_mpi_release (plain_dek); - plain_dek = NULL; - } + err = gpg_error (GPG_ERR_BUG); + + if (err) + goto leave; + + /* Decrypt. */ + desc = xtrystrdup ("FIXME: Format a description"); + err = agent_pkdecrypt (NULL, keygrip, desc, s_data, &frame, &nframe); + xfree (desc); + gcry_sexp_release (s_data); + if (err) + goto leave; /* Now get the DEK (data encryption key) from the frame * @@ -231,18 +227,18 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) { if (n + 7 > nframe) { - rc = G10ERR_WRONG_SECKEY; + err = gpg_error (G10ERR_WRONG_SECKEY); goto leave; } if (frame[n] == 1 && frame[nframe - 1] == 2) { log_info (_("old encoding of the DEK is not supported\n")); - rc = G10ERR_CIPHER_ALGO; + err = gpg_error (G10ERR_CIPHER_ALGO); goto leave; } - if (frame[n] != 2) /* Somethink is wrong. */ + if (frame[n] != 2) /* Something went wrong. */ { - rc = G10ERR_WRONG_SECKEY; + err = gpg_error (G10ERR_WRONG_SECKEY); goto leave; } for (n++; n < nframe && frame[n]; n++) /* Skip the random bytes. */ @@ -252,7 +248,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) if (n + 4 > nframe) { - rc = G10ERR_WRONG_SECKEY; + err = gpg_error (G10ERR_WRONG_SECKEY); goto leave; } @@ -260,10 +256,10 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) dek->algo = frame[n++]; if (dek->algo == CIPHER_ALGO_IDEA) write_status (STATUS_RSA_OR_IDEA); - rc = openpgp_cipher_test_algo (dek->algo); - if (rc) + err = openpgp_cipher_test_algo (dek->algo); + if (err) { - if (!opt.quiet && gpg_err_code (rc) == GPG_ERR_CIPHER_ALGO) + if (!opt.quiet && gpg_err_code (err) == GPG_ERR_CIPHER_ALGO) { log_info (_("cipher algorithm %d%s is unknown or disabled\n"), dek->algo, @@ -276,7 +272,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) } if (dek->keylen != openpgp_cipher_get_algo_keylen (dek->algo)) { - rc = GPG_ERR_WRONG_SECKEY; + err = gpg_error (GPG_ERR_WRONG_SECKEY); goto leave; } @@ -288,7 +284,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) csum2 += dek->key[n]; if (csum != csum2) { - rc = G10ERR_WRONG_SECKEY; + err = gpg_error (GPG_ERR_WRONG_SECKEY); goto leave; } if (DBG_CIPHER) @@ -301,7 +297,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) if (!pkb) { - rc = -1; + err = -1; log_error ("oops: public key not found for preference check\n"); } else if (pkb->pkt->pkt.public_key->selfsigversion > 3 @@ -310,7 +306,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) && !is_algo_in_prefs (pkb, PREFTYPE_SYM, dek->algo)) log_info (_("WARNING: cipher algorithm %s not found in recipient" " preferences\n"), openpgp_cipher_algo_name (dek->algo)); - if (!rc) + if (!err) { KBNODE k; @@ -346,14 +342,13 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid) } release_kbnode (pkb); - rc = 0; + err = 0; } - -leave: - gcry_mpi_release (plain_dek); + leave: xfree (frame); - return rc; + xfree (keygrip); + return err; } diff --git a/g10/revoke.c b/g10/revoke.c index c348a89d5..173c4ade7 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -248,7 +248,7 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) if(locusr) { - rc=build_sk_list(locusr,&sk_list,0,PUBKEY_USAGE_CERT); + rc=build_sk_list(locusr, &sk_list, PUBKEY_USAGE_CERT); if(rc) goto leave; } diff --git a/g10/sign.c b/g10/sign.c index 8418c5d35..d84f43379 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -314,7 +314,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, gcry_sexp_t s_sigval; /* FIXME: desc = gpgsm_format_keydesc (cert); */ - desc = xtrystrdup ("FIXME: Format a decription"); + desc = xtrystrdup ("FIXME: Format a description"); err = agent_pksign (NULL/*ctrl*/, hexgrip, desc, dp, gcry_md_get_algo_dlen (mdalgo), mdalgo, @@ -811,7 +811,9 @@ sign_file( strlist_t filenames, int detached, strlist_t locusr, duration=parse_expire_string(opt.def_sig_expire); } - if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) ) + /* Note: In the old non-agent version the following call used to + unprotect the secret key. This is now done on demand by the agent. */ + if( (rc = build_sk_list (locusr, &sk_list, PUBKEY_USAGE_SIG )) ) goto leave; if(PGP2 && !only_old_style(sk_list)) @@ -1126,7 +1128,9 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile ) duration=parse_expire_string(opt.def_sig_expire); } - if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) ) + /* Note: In the old non-agent version the following call used to + unprotect the secret key. This is now done on demand by the agent. */ + if( (rc=build_sk_list( locusr, &sk_list, PUBKEY_USAGE_SIG )) ) goto leave; if( !old_style && !duration ) @@ -1290,7 +1294,9 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) duration=parse_expire_string(opt.def_sig_expire); } - rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG); + /* Note: In the old non-agent version the following call used to + unprotect the secret key. This is now done on demand by the agent. */ + rc = build_sk_list (locusr, &sk_list, PUBKEY_USAGE_SIG); if (rc) goto leave; diff --git a/g10/skclist.c b/g10/skclist.c index fd677eba3..4ec5df055 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -115,10 +115,8 @@ is_duplicated_entry (strlist_t list, strlist_t item) } -/* FIXME: We ignore the UNLOCK flag - should not be needed anymore. */ gpg_error_t -build_sk_list (strlist_t locusr, SK_LIST *ret_sk_list, - int unlock, unsigned int use) +build_sk_list (strlist_t locusr, SK_LIST *ret_sk_list, unsigned int use) { gpg_error_t err; SK_LIST sk_list = NULL; @@ -202,18 +200,6 @@ build_sk_list (strlist_t locusr, SK_LIST *ret_sk_list, pk = NULL; log_info (_("skipped: secret key already present\n")); } - /* Fixme: We could change the next test by a call to gpg-agent which - would then cache the passphrase. */ - /* else if (unlock && (rc = check_secret_key (sk, 0))) */ - /* { */ - /* free_secret_key (sk); */ - /* sk = NULL; */ - /* log_error (_("skipped \"%s\": %s\n"), */ - /* locusr->d, g10_errstr (rc)); */ - /* write_status_text_and_buffer */ - /* (STATUS_INV_SGNR, get_inv_recpsgnr_code (rc), */ - /* locusr->d, strlen (locusr->d), -1); */ - /* } */ else if ((err = openpgp_pk_test_algo2 (pk->pubkey_algo, use))) { free_public_key (pk); diff --git a/sm/call-agent.c b/sm/call-agent.c index c5ab0934a..402cb7dd0 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -300,7 +300,7 @@ gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc, /* Handle a CIPHERTEXT inquiry. Note, we only send the data, - assuan_transact talkes care of flushing and writing the end */ + assuan_transact takes care of flushing and writing the end */ static gpg_error_t inq_ciphertext_cb (void *opaque, const char *line) {