Add controlo statement %ask-passphrase

2025-01-03 12:11:33 +01:00 · 2008-06-16 15:48:33 +00:00 · 2008-06-16 15:48:33 +00:00 · aa68a60301
commit aa68a60301
parent 8e37ee4099
6 changed files with 93 additions and 28 deletions
--- a/3
+++ b/3
@ -22,6 +22,9 @@ Noteworthy changes in version 2.0.10 (unreleased)
 * The gpg2 option --fixed-list-mode is now implicitly used and obsolete.
 * New control statement %ask-passphrase for the unattended key
   generation of gpg2.
 Noteworthy changes in version 2.0.9 (2008-03-26)
 ------------------------------------------------
--- a/common/homedir.c
+++ b/common/homedir.c
@ -30,6 +30,9 @@
 #ifndef CSIDL_LOCAL_APPDATA
 #define CSIDL_LOCAL_APPDATA 0x001c
 #endif
 #ifndef CSIDL_COMMON_APPDATA
 #define CSIDL_COMMON_APPDATA 0x0023
 #endif
 #ifndef CSIDL_FLAG_CREATE
 #define CSIDL_FLAG_CREATE 0x8000
 #endif
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,3 +1,7 @@
 2008-06-16  Werner Koch  <wk@g10code.com>
 	* DETAILS (group): Document %ask-passphrase.
 2008-05-26  Werner Koch  <wk@g10code.com>
 	* gpgv.texi: Minor fixes.  Fixes bug#918.
--- a/doc/DETAILS
+++ b/doc/DETAILS
@ -789,6 +789,16 @@ The format of this file is as follows:
 	and all keys are written to that file.	If a new filename is given,
 	this file is created (and overwrites an existing one).
 	Both control statements must be given.
    %ask-passphrase
        Enable a mode where the command "passphrase" is ignored and
        instead the usual passphrase dialog is used.  This does not
        make sense for batch key generation; however the unattended
        key generation feature is also used by GUIs and this feature
        relinquishes the GUI from implementing its own passphrase
        entry code.  This is a global option.
    %no-ask-passphrase
        Disable the ask-passphrase mode.        
   o The order of the parameters does not matter except for "Key-Type"
     which must be the first parameter.  The parameters are only for the
     generated keyblock and parameters from previous key generations are not
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,9 @@
 2008-06-16  Werner Koch  <wk@g10code.com>
 	* keygen.c (output_control_s): Add ASK_PASSPHRASE.
 	(read_parameter_file): Add commands %ask-passphrase and
 	%no-ask-passphrase.
 2008-06-11  Werner Koch  <wk@g10code.com>
 	* gpg.c: Make --fixed-list-mode a dummy.
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -92,6 +92,7 @@ struct para_data_s {
 struct output_control_s {
    int lnr;
    int dryrun;
    int ask_passphrase;
    int use_files;
    struct {
 	char  *fname;
@ -2527,35 +2528,69 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
  if (parse_revocation_key (fname, para, pREVOKER))
    return -1;
-  /* make DEK and S2K from the Passphrase */
+  /* Make DEK and S2K from the Passphrase. */
-  r = get_parameter( para, pPASSPHRASE );
+  if (outctrl->ask_passphrase)
-  if( r && *r->u.value ) {
+    {
-    /* We have a plain text passphrase - create a DEK from it.
+      /* %ask-passphrase is active - ignore pPASSPRASE and ask.  This
-     * It is a little bit ridiculous to keep it ih secure memory
+         feature is required so that GUIs are able to do a key
-     * but because we do this always, why not here */
+         creation but have gpg-agent ask for the passphrase.  */
      int canceled = 0;
      STRING2KEY *s2k;
      DEK *dek;
-    s2k = xmalloc_secure( sizeof *s2k );
+      dek = do_ask_passphrase ( &s2k, &canceled );
-    s2k->mode = opt.s2k_mode;
+      if (dek)
-    s2k->hash_algo = S2K_DIGEST_ALGO;
+        {
    set_next_passphrase( r->u.value );
    dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2,
 			     NULL, NULL);
    set_next_passphrase( NULL );
    assert( dek );
    memset( r->u.value, 0, strlen(r->u.value) );
    r = xmalloc_clear( sizeof *r );
    r->key = pPASSPHRASE_S2K;
    r->u.s2k = s2k;
    r->next = para;
    para = r;
          r = xmalloc_clear( sizeof *r );
          r->key = pPASSPHRASE_DEK;
          r->u.dek = dek;
          r->next = para;
          para = r;
          r = xmalloc_clear( sizeof *r );
          r->key = pPASSPHRASE_S2K;
          r->u.s2k = s2k;
          r->next = para;
          para = r;
        }
      if (canceled) 
        {
 	  log_error ("%s:%d: key generation canceled\n", fname, r->lnr );
          return -1;
        }
    }
  else
    {
      r = get_parameter( para, pPASSPHRASE );
      if ( r && *r->u.value )
        {
          /* We have a plain text passphrase - create a DEK from it.
           * It is a little bit ridiculous to keep it in secure memory
           * but because we do this always, why not here.  */
          STRING2KEY *s2k;
          DEK *dek;
          s2k = xmalloc_secure ( sizeof *s2k );
          s2k->mode = opt.s2k_mode;
          s2k->hash_algo = S2K_DIGEST_ALGO;
          set_next_passphrase ( r->u.value );
          dek = passphrase_to_dek (NULL, 0, opt.s2k_cipher_algo, s2k, 2,
                                   NULL, NULL);
          set_next_passphrase (NULL );
          assert (dek);
          memset (r->u.value, 0, strlen(r->u.value));
          r = xmalloc_clear (sizeof *r);
          r->key = pPASSPHRASE_S2K;
          r->u.s2k = s2k;
          r->next = para;
          para = r;
          r = xmalloc_clear (sizeof *r);
          r->key = pPASSPHRASE_DEK;
          r->u.dek = dek;
          r->next = para;
          para = r;
        }
    }
  /* Make KEYCREATIONDATE from Creation-Date.  */
@ -2696,6 +2731,10 @@ read_parameter_file( const char *fname )
 		log_info("%s\n", value );
 	    else if( !ascii_strcasecmp( keyword, "%dry-run" ) )
 		outctrl.dryrun = 1;
 	    else if( !ascii_strcasecmp( keyword, "%ask-passphrase" ) )
 		outctrl.ask_passphrase = 1;
 	    else if( !ascii_strcasecmp( keyword, "%no-ask-passphrase" ) )
 		outctrl.ask_passphrase = 0;
 	    else if( !ascii_strcasecmp( keyword, "%commit" ) ) {
 		outctrl.lnr = lnr;
 		if (proc_parameter_file( para, fname, &outctrl, 0 ))