1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-08 21:18:51 +01:00
Commit Graph

222 Commits

Author SHA1 Message Date
Werner Koch
b89b1f35c2
agent: Ignore passphrase constraints for a generated passphrase.
* agent/agent.h (PINENTRY_STATUS_PASSWORD_GENERATED): New.
(MAX_GENPIN_TRIES): Remove.
* agent/call-pinentry.c (struct entry_parm_s):
(struct inq_cb_parm_s): Add genpinhash and genpinhas_valid.
(is_generated_pin): New.
(inq_cb): Suppress constraints checking for a generated passphrase.
No more need for several tries to generate the passphrase.
(do_getpin): Store a generated passphrase/pin in the status field.
(agent_askpin): Suppress constraints checking for a generated
passphrase.
(agent_get_passphrase): Ditto.
* agent/command.c (cmd_get_passphrase): Ditto.
--

A generated passphrase has enough entropy so that all kind of extra
checks would only reduce the actual available entropy.  We thus detect
if a passphrase has been generated (and not changed) and skip all
passphrase constraints checking.
2021-08-18 18:46:39 +02:00
Werner Koch
7c45a69eb9
agent: New option --check-sym-passphrase-pattern.
* agent/gpg-agent.c (oCheckSymPassphrasePattern): New.
(opts): Add --check-sym-passphrase-pattern.
(parse_rereadable_options): Set option.
(main): Return option info.
* tools/gpgconf-comp.c: Add new option.
* agent/agent.h (opt): Add var check_sym_passphrase_pattern.
(struct pin_entry_info_s): Add var constraints_flags.
(CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1.
(CHECK_CONSTRAINTS_NEW_SYMKEY): New.
* agent/genkey.c (check_passphrase_pattern): Rename to ...
(do_check_passphrase_pattern): this to make code reading
easier. Handle the --check-sym-passphrase-pattern option.
(check_passphrase_constraints): Replace arg no_empty by a generic
flags arg.  Also handle --check-sym-passphrase-pattern here.
* agent/command.c (cmd_get_passphrase): In --newsymkey mode pass
CHECK_CONSTRAINTS_NEW_SYMKEY flag.
* agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags.
(struct inq_cb_parm_s): New.
(inq_cb): Use new struct for parameter passing.  Pass flags to teh
constraints checking.
(do_getpin): Pass constraints flag down.
(agent_askpin): Take constrainst flag from the supplied pinentry
struct.
--

Requirements for a passphrase to protect a private key and for a
passphrase used for symmetric encryption are different.  Thus a
the use of a different pattern file will be useful.  Note that a
pattern file can be used to replace the other passphrase constraints
options and thus we don't need to duplicate them for symmetric
encryption.

GnuPG-bug-id: 5517
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-08-13 13:42:31 +02:00
Ingo Klöcker
99601778f4 agent: Make --pinentry-formatted-passphrase a simple flag
* agent/agent.h (opt): Change type of pinentry_formatted_passphrase
to int (as for other flags).
* agent/call-pinentry.c (setup_formatted_passphrase): Remove no longer
needed translated strings. Write option without value to Assuan
connection.
* agent/gpg-agent.c (opts): Use ARGPARSE_s_n for
oPinentryFormattedPassphrase.
(parse_rereadable_options): Set option to 1.
--

GnuPG-bug-id: 5553, 5517
2021-08-12 10:50:33 +02:00
Ingo Klöcker
bf20a80f68
agent: New option --pinentry-formatted-passphrase
* agent/agent.h (opt): Add field pinentry_formatted_passphrase.
* agent/call-pinentry.c (setup_formatted_passphrase): New.
(agent_get_passphrase): Pass option to pinentry.
* agent/gpg-agent.c (oPinentryFormattedPassphrase): New.
(opts): Add option.
(parse_rereadable_options): Set option.
--

GnuPG-bug-id: 5517
2021-08-10 12:05:53 +02:00
Werner Koch
43bb5250a6
agent: Fix build without TPM
--
2021-03-10 15:52:20 +01:00
James Bottomley
1f995b9ba4
agent: Add new shadow key type and functions to call tpm2daemon
* agent/call-tpm2d.c: New.
* divert-tpm2.c: New.
* agent/Makefile.am: Add new files.
* agent/agent.h (DAEMON_TPM2D): New.  Add stub fucntions.
* agent/call-daemon.c (GNUPG_MODULE_NAME_TPM2DAEMON): New.
* agent/command.c (do_one_keyinfo): Handle tpmv2.
* agent/gpg-agent.c (oTpm2daemonProgram): New.
(opts): New option --tpm2daemon-program.
(parse_rereadable_options): Handle option.
* agent/pkdecrypt.c (agent_pkdecrypt): Divert to tpm2d.
(agent_pksign_do): Ditto.
---

A new shadow key type: "tpm2-v1" is introduced signalling that the
shadowed key is handled by the tpm2daemon.  A function to identify
this type is introduced and diversions to the tpm2daemon functions are
conditioned on this function for pkign and pkdecrypt where the same
diversions to scd are currently done.  The (info) field of the
shadowed key stores the actual TPM key.  The TPM key is encrypted so
only the physical TPM it was created on can read it (so no special
protection is required for the info filed), but if the (info) field
becomes corrupt or damaged, the key will be lost (unlike the token
case, where the key is actually moved inside the token).

Note, this commit adds handling for existing TPM format shadow keys,
but there is still no way to create them.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Additional changes:
* Add ChangeLog entries.
* Some minor indentation fixes.
* agent/Makefile.am (gpg_agent_SOURCES): Change to make distcheck
  work.
* agent/agent.h [!HAVE_LIBTSS]: Do not return -EINVAL but an
  gpg_error_t.  Mark args as unused.
* agent/protect.c (agent_is_tpm2_key): Free BUF.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-10 13:23:05 +01:00
NIIBE Yutaka
9beab36dfa agent: Clean up the API of agent_pkdecrypt.
* agent/agent.h (agent_pkdecrypt): Use gpg_error_t type.
* agent/pkdecrypt.c (agent_pkdecrypt): Use gpg_error_t type.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-08 15:06:33 +09:00
Werner Koch
0da923a124
agent: Allow to pass a timestamp to genkey and import.
* agent/command.c (cmd_genkey): Add option --timestamp.
(cmd_import_key): Ditto.
* agent/genkey.c (store_key): Add arg timestamp and change callers.
(agent_genkey): Ditto.
* agent/findkey.c (write_extended_private_key): Add args timestamp and
new key to write a Created line.
(agent_write_private_key): Add arg timestamp.
(agent_write_shadow_key): Ditto.
 agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-17 15:05:49 +02:00
Werner Koch
bb096905b9
agent: Add option --pss to pksign to be used by smartcards.
* agent/command.c (cmd_sethash): Add option --pss and allow for
--hash=null.
* agent/agent.h (struct server_control_s): Add digest.is_pss and
zero where needed.
* agent/pksign.c (agent_pksign_do): Allow for PSS with cards.
* scd/command.c (cmd_pksign): Add for --hash=none.
--

This is not a full implementaion of PSS but allows scdaemon card
drivers to detect already PSS formatted data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-10 10:22:42 +02:00
Werner Koch
eace4bbe1d
agent: New option --newsymkey for GET_PASSPHRASE
* agent/call-pinentry.c (agent_get_passphrase): Add arg pininfo.
* agent/genkey.c (check_passphrase_constraints): New arg no_empty.
* agent/command.c (reenter_passphrase_cmp_cb): New.
(cmd_get_passphrase): Add option --newsymkey.
--

This new option allows to present a passphrase with the usual repeat
box as it is used by gpg-agent's internal key generation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-08 14:20:01 +02:00
James Bottomley
f541e1d95a
agent: separate out daemon handling infrastructure for reuse
* agent/call-scd.c: Factor re-usable code out to ...
* agent/call-daemon.c: new.  Store infos in an array to allow for
other backend daemons.
* agent/Makefile.am (gpg_agent_SOURCES): Add new file.
* agent/agent.h: Include assuan.h.
(enum daemon_type): New.
(opt): Replace scdaemon_program by daemon_program array.  Replace
scd_local by a array d_local.  Change users accordingly.
--

The model I'm using for a TPM daemon is the current scdaemon.  That
includes start and stop handlers plus liveness checks and an assuan
socket generator.  To avoid massive code duplication (and save me a
lot of effort), I've elected to strip this code out of call-scd.c into
a generic framework which can then be reused as is by the TPM handling
daemon.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Co-authored-by: Werner Koch <wk@gnupg.org>

Modified original patch for 2.2 heavily to fit the new framework used
in master (gnupg 2.3)

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-24 12:44:02 +02:00
James Bottomley via Gnupg-devel
0e3b2955ae
agent: expose shadow key type
--
For TPM support it is necessary to indroduce another type of shadow
key, so allow other agent functions to extract the type so they can
make the right decisions based on it.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Minor editorial changes by wk
2020-06-24 10:11:47 +02:00
NIIBE Yutaka
d2e4aa5ee4 agent: Clean up for getting info from SEXP.
* agent/agent.h (agent_is_dsa_key, agent_is_eddsa_key): Remove.
(agent_pk_get_algo): New.
* agent/findkey.c (agent_pk_get_algo): New.
* agent/pksign.c (do_encode_dsa): Use generic GCRY_PK_ECC.
(agent_pksign_do): Use agent_pk_get_algo.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-19 13:58:13 +09:00
NIIBE Yutaka
47c1c329ed agent,ecc: Use of opaque MPI for ECC, fixup 'd'.
* agent/Makefile.am: Add sexp-secret.c.
* agent/agent.h: New function declarations.
* agent/sexp-secret.c: New.
* agent/findkey.c (agent_key_from_file): Use sexp_sscan_private_key.
* agent/protect-tool.c (read_and_unprotect): Fix up private part,
calling fixup_when_ecc_private_key.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-05 10:35:33 +09:00
Werner Koch
b18fb0264a
agent: Allow to use SETHASH for arbitrary data.
* agent/agent.h (struct server_control_s): Add field digest.data.
* agent/gpg-agent.c (agent_deinit_default_ctrl): Free that field.
* agent/command.c (reset_notify): Ditto.
(start_command_handler): ditto.
(cmd_sethash): Add new option --inquire.
* agent/call-scd.c (agent_card_pksign): For now return an error if
inquire mode was used.
* agent/command-ssh.c (ssh_handler_sign_request): Make sure
digest.data is cleared.
* agent/divert-scd.c (divert_pksign): Implement inquire mode.
* agent/pksign.c (agent_pksign_do): Ditto.
--

This is required to support EdDSA according to RFC8410.

GnuPG-bug-id: 4888
2020-05-18 19:24:41 +02:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
638526d37f
agent: Allow signing with card key even without a stub key.
* agent/call-scd.c (agent_card_serialno): Allow NULL for R_SERIAL.
(struct readkey_status_parm_s): New.
(readkey_status_cb): New.
(agent_card_readkey): Add optional arg R_KEYREF and change all
callers.
* agent/findkey.c (key_parms_from_sexp): Allow also a "public-key".
* agent/divert-scd.c (ask_for_card): Allow for SHADOW_INFO being NULL.
* agent/pksign.c (agent_pksign_do): Fallback to sign with an on-card
if there is no stub key yet.  Create the stub key.  Also fixed a
misnaming between s_pkey and s_skey.
--

This change allows to create OpenPGP keys directly from a card without
first making sure that a stub key exists.  It is also the less
surprising behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 11:45:41 +01:00
Werner Koch
6aff8a1328
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C.  Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.

* g10/main.h: Put util.h before the local header files.
--

This change is required for use with gcc/ld's LTO feature which does
not allow common blocks.  Further gcc 10 will make -fno-common the
default and thus this chnage is always needed.  What a pitty.

Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 21d9bd8b87)

- Applied respective chnages also to gpg-card and keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 16:50:47 +01:00
NIIBE Yutaka
c31266716d agent: Extend agent_card_getattr with KEYGRIP.
* agent/agent.h (struct card_key_info_s): KEYGRIP null terminated.
(agent_card_getattr): Add KEYGRIP argument.
* agent/call-scd.c (agent_card_getattr): Handle KEYGRIP argument.
(card_keyinfo_cb): Make KEYGRIP null terminated.
* agent/command.c (cmd_readkey): Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-13 16:43:53 +09:00
NIIBE Yutaka
57b8ed61ab agent: SSH: SCD KEYINFO to list available keys.
* agent/agent.h (agent_card_cardlist): Remove.
(agent_card_keyinfo): Add CAP argument.
* agent/call-scd.c (card_cardlist_cb): Remove.
(agent_card_cardlist): Remove.
(agent_card_keyinfo): Support CAP constraint.
* agent/command-ssh.c (card_key_list): Remove.
(ssh_handler_request_identities): Use SCD KEYINFO command.
* agent/command.c (cmd_keyinfo): Follow the API change.
* agent/divert-scd.c (ask_for_card): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-09 11:55:42 +09:00
Werner Koch
d5c00354bb
agent: First changes to support a PIN cache for scdaemon.
* agent/agent.h (CACHE_MODE_PIN): New.
* agent/cache.c (housekeeping): Special handling of new new mode.
(agent_flush_cache): Ditto.  Add arg 'pincache_only' and change
caller.
(agent_put_cache): Support new mode.
(agent_get_cache): Ditto.
* agent/call-scd.c (wait_child_thread): Flush the entire PIN cache.
(start_scd): Ditto.
(agent_card_killscd): Ditto.
(handle_pincache_put): New.  Uses a dummy encryption key for now.
(pincache_put_cb): New.
(inq_needpin): Prepare for PINCACHE_GET inquiry.
(learn_status_cb): Handle the PINENTRY_PUT status line.
(get_serialno_cb): Ditto
(agent_card_pksign): Ditto.
(padding_info_cb): Ditto.
(agent_card_readcert): Ditto.
(agent_card_readkey): Ditto.
(agent_card_writekey): Ditto.
(card_getattr_cb): Ditto.
(card_cardlist_cb): Ditto.
(card_keyinfo_cb): Ditto.
(pass_status_thru): Ditto.
--

Take care: This is not finished.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-07 18:36:18 +01:00
NIIBE Yutaka
3a1bb00810 agent: Add pinentry_loopback_confirm declaration.
* agent/agent.h (pinentry_loopback_confirm): New.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 09:59:08 +09:00
NIIBE Yutaka
7158a5696d agent: Stop scdaemon after reload when disable_scdaemon.
* agent/call-scd.c (agent_card_killscd): New.
* agent/gpg-agent.c (agent_sighup_action): Call agent_card_killscd.

--

GnuPG-bug-id: 4326
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-23 10:15:18 +09:00
NIIBE Yutaka
1091f22511 agent: Support scdaemon operation using KEYGRIP.
* agent/agent.h (struct card_key_info_s): New.
(divert_pksign, divert_pkdecrypt): New API.
* agent/call-scd.c (card_keyinfo_cb): New.
(agent_card_free_keyinfo, agent_card_keyinfo): New.
* agent/divert-scd.c (ask_for_card): Having GRIP argument,
ask scdaemon with agent_card_keyinfo.
(divert_pksign, divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Supply GRIP.
* agent/pksign.c (agent_pksign_do): Ditto.

--

We are going to relax the requirment for SERIALNO of card.  It's OK,
when a card doesn't have recorded SERIALNO.  If a card has a key
with GRIP, it can be used.

GnuPG-bug-id: 2291, 4301
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-15 17:13:32 +09:00
Werner Koch
bdf252e76a
agent: Put Token lines into the key files.
* agent/findkey.c (write_extended_private_key): Add args serialno and
keyref.  Write a Token line if that does not yet exist.
(agent_write_private_key): Add args serialno and keyref and change all
callers.
(agent_write_shadow_key): Skip leading spaces.
* agent/keyformat.txt: Improve extended key format docs.
--

Noet that the extended key forma is the defaqult in 2.3.  This patch
is a first step to better handle tokens which carray the same key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-03 15:54:54 +02:00
Werner Koch
91ae3e7fb6
agent: Re-introduce --enable-extended-key-format.
* agent/gpg-agent.c (oEnableExtendedKeyFormat): Re-introduce.
(parse_rereadable_options): Handle it in a special way.
* agent/protect.c (agent_protect): Be safe and set use_ocb only to 1
or 0.
* tools/gpgconf-comp.c: Add --enable-extended-key-format again.
--

This is required for backward compatible with profiles.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 17:58:39 +01:00
Werner Koch
bcc89a6df2
agent: Minor change to the KEYTOCARD command.
* agent/command.c (cmd_keytocard): Make timestamp optional.  Use
modern parser function.
* agent/call-scd.c (agent_card_writekey): Rename an arg and for
clarity return gpg_error_t instead of int.
* agent/divert-scd.c (divert_writekey): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 12:08:27 +01:00
NIIBE Yutaka
02a2633a7f agent: Clear bogus pinentry cache, when it causes an error.
* agent/agent.h (PINENTRY_STATUS_*): Expose to public.
(struct pin_entry_info_s): Add status.
* agent/call-pinentry.c (agent_askpin): Clearing the ->status
before the loop, let the assuan_transact set ->status.  When
failure with PINENTRY_STATUS_PASSWORD_FROM_CACHE, it returns
soon.
* agent/findkey.c (unprotect): Clear the pinentry cache,
when it causes an error.

--

GnuPG-bug-id: 4348
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-01-28 12:58:13 +09:00
Werner Koch
cbcc8c1954
agent: Make the S2K calibration time runtime configurabe.
* agent/protect.c (s2k_calibration_time): New file global var.
(calibrate_s2k_count): Use it here.
(get_calibrated_s2k_count): Replace function static var by ...
(s2k_calibrated_count): new file global var.
(set_s2k_calibration_time): New function.
* agent/gpg-agent.c (oS2KCalibration): New const.
(opts): New option --s2k-calibration.
(parse_rereadable_options): Parse that option.
--

Note that using an unrelistic high value (like 60000) takes quite some
time for calibration.

GnuPG-bug-id: 3399
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-11 18:12:51 +01:00
NIIBE Yutaka
40c7923ea8 agent: Have a thread to wait for the child process of scdaemon.
* agent/call-scd.c (wait_child_thread): New.
(start_scd): Create a thread for wait_child_thread.
(agent_scd_check_aliveness): Remove.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-26 12:07:36 +09:00
Werner Koch
8a915cd9fa
agent: New commands PUT_SECRET and GET_SECRET.
* agent/agent.h (CACHE_MODE_DATA): New const.
* agent/cache.c (DEF_CACHE_TTL_DATA): new.
(housekeeping): Tweak for CACHE_MODE_DATA.
(cache_mode_equal): Ditto.
(agent_get_cache): Ditto.
(agent_put_cache): Implement CACHE_MODE_DATA.
* agent/command.c (MAXLEN_PUT_SECRET): New.
(parse_ttl): New.
(cmd_get_secret): New.
(cmd_put_secret): New.
(register_commands): Register new commands.
--

These commands allow to store secrets in memory for the lifetime of
the gpg-agent process.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-02 21:36:19 +02:00
Werner Koch
d4dc4245bf
Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
Werner Koch
02dce8c0cc
agent: Make the request origin a part of the cache items.
* agent/cache.c (agent_put_cache): Add arg 'ctrl' and change all
callers to pass it.
(agent_get_cache): Ditto.

* agent/cache.c (struct cache_items_s): Add field 'restricted'.
(housekeeping): Adjust debug output.
(agent_flush_cache): Ditto.
(agent_put_cache): Ditto.  Take RESTRICTED into account.
(agent_get_cache): Ditto.
--

If requests are coming from different sources they should not share the
same cache.  This way we make sure that a Pinentry pops up for a
remote request to a key we have already used locally.

GnuPG-bug-id: 3858
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-27 08:40:58 +02:00
Werner Koch
f574aabeeb
Merge branch 'STABLE-BRANCH-2-2' into wk-master 2018-03-06 16:26:26 +01:00
Werner Koch
f060cb5c63
agent: Also evict cached items via a timer.
* agent/cache.c (agent_cache_housekeeping): New func.
* agent/gpg-agent.c (handle_tick): Call it.
--

This change mitigates the risk of having cached items in a post mortem
dump.

GnuPG-bug-id: 3829
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-06 16:22:42 +01:00
Werner Koch
3607ab2cf3
agent: New GETINFO sub-commands "s2k_count_cal" and "s2k_time".
* agent/command.c (cmd_getinfo): New sub-commands.
* agent/protect.c (get_standard_s2k_count): Factor some code out to ...
(get_calibrated_s2k_count): new.
(get_standard_s2k_time): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 52d41c8b0f)
2017-11-06 15:11:24 +01:00
Werner Koch
78a6d0ce88
agent: New option --s2k-count.
* agent/agent.h (opt): New field 's2k_count'.
* agent/gpg-agent.c (oS2KCount): New enum value.
(opts): New option --s2k-count.
(parse_rereadable_options): Set opt.s2k_count.
--

This option is useful to speed up the starting of gpg-agent and in
cases where the auto-calibration runs into problems due to a broken
time measurement facility.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f7212f1d11)
2017-11-06 15:11:13 +01:00
Werner Koch
52d41c8b0f
agent: New GETINFO sub-commands "s2k_count_cal" and "s2k_time".
* agent/command.c (cmd_getinfo): New sub-commands.
* agent/protect.c (get_standard_s2k_count): Factor some code out to ...
(get_calibrated_s2k_count): new.
(get_standard_s2k_time): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-06 15:03:06 +01:00
Werner Koch
f7212f1d11
agent: New option --s2k-count.
* agent/agent.h (opt): New field 's2k_count'.
* agent/gpg-agent.c (oS2KCount): New enum value.
(opts): New option --s2k-count.
(parse_rereadable_options): Set opt.s2k_count.
--

This option is useful to speed up the starting of gpg-agent and in
cases where the auto-calibration runs into problems due to a broken
time measurement facility.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-06 13:57:30 +01:00
NIIBE Yutaka
3924e1442c
agent: Clean up pinentry access locking.
* agent/agent.h (struct server_control_s): Rename PINENTRY_ACTIVE.
* agent/call-pinentry.c (entry_owner): Remove.
(agent_reset_query): Use thread private object of PINENTRY_ACTIVE.
(unlock_pinentry): Add CTRL to arguments to access thread private.
Check and decrement PINENTRY_ACTIVE for recursive use.
(start_pinentry): Check and increment PINENTRY_ACTIVE for recursion.
(agent_askpin): Follow the change of unlock_pinentry API.
(agent_get_passphrase, agent_get_confirmation): Likewise.
(agent_show_message, agent_popup_message_start): Likewise.
(agent_popup_message_stop, agent_clear_passphrase): Likewise.

--

We use the member PINENTRY_ACTIVE as a thread private object.
It's only valid for a single thread at a time.

It would be possible to have a thread shared object of
PINENTRY_ACTIVE, keeping ENTRY_OWNER for distinguishing its
owner (which is also a thread shared object).  But, in this case,
access to ENTRY_OWNER is tricky (only comparison to accessing thread
would be OK with no lock), or we need to introduce another lock for
accessing ENTRY_OWNER, which complicates the code too much.

So, simply have a thread private object for recursive pinentry access.

GnuPG-bug-id: 3190
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit fb7828676c)
2017-10-27 14:15:58 +02:00
NIIBE Yutaka
4738256f2e
agent: Allow recursive use of pinentry.
* agent/agent.h (struct server_control_s): Add pinentry_level.
* agent/call-pinentry.c (agent_popup_message_stop): Not clear
ENTRY_CTX here.
(unlock_pinentry): Handle recursion.  Clear ENTRY_CTX here.
(start_pinentry): Allow recursive use.

--

GnuPG-bug-id: 3190
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 3b66a256e3)
2017-10-27 14:15:50 +02:00
NIIBE Yutaka
fb7828676c agent: Clean up pinentry access locking.
* agent/agent.h (struct server_control_s): Rename PINENTRY_ACTIVE.
* agent/call-pinentry.c (entry_owner): Remove.
(agent_reset_query): Use thread private object of PINENTRY_ACTIVE.
(unlock_pinentry): Add CTRL to arguments to access thread private.
Check and decrement PINENTRY_ACTIVE for recursive use.
(start_pinentry): Check and increment PINENTRY_ACTIVE for recursion.
(agent_askpin): Follow the change of unlock_pinentry API.
(agent_get_passphrase, agent_get_confirmation): Likewise.
(agent_show_message, agent_popup_message_start): Likewise.
(agent_popup_message_stop, agent_clear_passphrase): Likewise.

--

We use the member PINENTRY_ACTIVE as a thread private object.
It's only valid for a single thread at a time.

It would be possible to have a thread shared object of
PINENTRY_ACTIVE, keeping ENTRY_OWNER for distinguishing its
owner (which is also a thread shared object).  But, in this case,
access to ENTRY_OWNER is tricky (only comparison to accessing thread
would be OK with no lock), or we need to introduce another lock for
accessing ENTRY_OWNER, which complicates the code too much.

So, simply have a thread private object for recursive pinentry access.

GnuPG-bug-id: 3190
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-10-27 09:54:48 +09:00
NIIBE Yutaka
3b66a256e3 agent: Allow recursive use of pinentry.
* agent/agent.h (struct server_control_s): Add pinentry_level.
* agent/call-pinentry.c (agent_popup_message_stop): Not clear
ENTRY_CTX here.
(unlock_pinentry): Handle recursion.  Clear ENTRY_CTX here.
(start_pinentry): Allow recursive use.

--

GnuPG-bug-id: 3190
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-10-26 14:40:38 +09:00
Daniel Kahn Gillmor
28aa689058 agent: Send pinentry the uid of connecting process where possible.
* agent/agent.h (server_control_s): Add field 'client_uid'.
* agent/call-pinentry.c (start_pinentry): Add uid field to assuan
option "owner" sent to pinentry.
* agent/command-ssh.c (peer_info_s): New static struct.
(get_client_pid): Rename to...
(get_client_info): Here, and extract uid in addition to pid.
(start_command_handler_ssh): Use get_client_info() instead of
get_client_pid().
* agent/command.c (start_command_handler): Try assuan_get_peercred,
and only fall back to assuan_get_pid when assuan_get_peercred fails.

--

This also requires an update to pinentry to handle the new uid field.
Distributing the uid as well as the pid makes it harder for a
different user on the same machine to take advantage of any race
conditions between when a requesting process might ask for something
that needs pinentry, and when pinentry gets around to inspecting the
state of that process.

We put the uid before the nodename because the uid is guaranteed to be
a integer (represented in decimal), which makes it much simpler to
parse past than the potentially arbitrarily structured nodename.

Use a / instead of whitespace to delimit pid/uid at Werner's request.

If we were willing to depend on the nodename being
whitespace-delimited (as the current, unreleased pinentry code does),
then we could add the uid after the nodename.  But since no released
pinentry depends on this option anyway, i think we should make the
more conservative, easily-parseable choice and put the user ID first.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-10-19 03:09:44 -04:00
Andre Heinecke
6158811304
agent: Fix string translation for Windows
* agent/agent.h (L_): Define agent_Lunderscore when simple
gettext is used.

--
This fixes a regression introduced by b3286af3 ENABLE_NLS
is not defined if we use simple gettext and not gettext.

GnuPG-Bug-Id: T3364
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2017-08-23 11:04:47 +02:00
Werner Koch
5516ef47a2
agent: Minor cleanup (mostly for documentation).
* agent/command.c (cmd_pksign): Change var name 'rc' to 'err'.
* agent/findkey.c (read_key_file): Ditto.  Change return type to
gpg_error_t.  On es_fessk failure return a correct error code.
(agent_key_from_file): Change var name 'rc' to 'err'.
* agent/pksign.c (agent_pksign_do): Ditto.  Change return type to
gpg_error_t.  Return a valid erro code on malloc failure.
(agent_pksign): Ditto.  Change return type to gpg_error_t.  replace
xmalloc by xtrymalloc.
* agent/protect.c (calculate_mic): Change return type to gpg_error_t.
(do_decryption): Ditto.  Do not init RC.
(merge_lists): Change return type to gpg_error_t.
(agent_unprotect): Ditto.
(agent_get_shadow_info): Ditto.
--

While code starring for bug 3266 I found two glitches and also changed
var name for easier reading.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-28 10:38:57 +02:00
Justus Winter
525f2c482a
agent: Make digest algorithms for ssh fingerprints configurable.
* agent/agent.h (opt): New field 'ssh_fingerprint_digest'.
* agent/command-ssh.c (data_sign, ssh_identity_register): Honor the
option for strings used to communicate with the user.
* agent/findkey.c (agent_modify_description): Likewise.
* agent/gpg-agent.c (cmd_and_opt_values): New value.
(opts): New option '--ssh-fingerprint-digest'.
(parse_rereadable_options): Set the default to MD5 for now.
(main): Handle the new option.
* doc/gpg-agent.texi: Document the new option.
--

OpenSSH has transitioned from using MD5 to compute key fingerprints to
SHA256.  This patch makes the digest used when communicating key
fingerprints to the user (e.g. in pinentry dialogs) configurable.
For now this patch conservatively defaults to MD5.

GnuPG-bug-id: 2106
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-24 18:09:07 +02:00
Werner Koch
2c237c1362
agent: New option --enable-extended-key-format.
* agent/gpg-agent.c (oEnableExtendedKeyFormat): New const.
(opts): New option --enable-extended-key-format.
(parse_rereadable_options): Set option
* agent/findkey.c (write_extended_private_key): Add arg 'update'.
(agent_write_private_key): Implement new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 10:35:36 +01:00
Werner Koch
6fab7bba87
agent: New option --stub-only for DELETE_KEY
* agent/findkey.c (agent_delete_key): Add arg 'only_stubs'.
* agent/command.c (cmd_delete_key): Add option --stub-only.
--

This option can be used to savely remove stub keys.
2017-03-24 09:02:30 +01:00
Werner Koch
6488ffb767
agent: Prepend the description to a PIN prompt.
* agent/divert-scd.c (has_percent0A_suffix): New.
(getpin_cb): Prepend DESC_TEXT to the prompt.
* agent/findkey.c (modify_description): Rename to ...
(agent_modify_description): this.  MAke global.  Add kludge to remove
empty parentheses from the end.
(agent_key_from_file, agent_delete_key): Adjust for above change.
* agent/pksign.c (agent_pksign_do): Modify DESC_TEXT also when
diverting to a card.
--

Now that we have support for multiple tokens, it is important to show
information on which key has been requested.  Without that it may
happen that the PIN for a wrong card is accidentally entered.

The texts are a bit ugly, because they talk about "passphrase" but
later about entering a PIN.

A quick hack would be to s/passphrase/PIN/ in the description but that
is complicated due to i18n.  Another solution might be never to talk
about PINs in the description but always about "passphrase: and only
use "PIN" or "passphrase" on the left of the entry field.
2017-02-22 11:04:55 +01:00