1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

266 Commits

Author SHA1 Message Date
Werner Koch
af3b190154
agent: Fix segv in GET_PASSPHRASE (regression)
* agent/command.c (cmd_get_passphrase): Do not deref PI.  PI is always
NULL.
--

Fixes-commit: b89b1f35c29ceaebe39b31444936aa66c9297f2c
GnuPG-bug-id: 5577
2021-09-07 08:57:44 +02:00
Werner Koch
b89b1f35c2
agent: Ignore passphrase constraints for a generated passphrase.
* agent/agent.h (PINENTRY_STATUS_PASSWORD_GENERATED): New.
(MAX_GENPIN_TRIES): Remove.
* agent/call-pinentry.c (struct entry_parm_s):
(struct inq_cb_parm_s): Add genpinhash and genpinhas_valid.
(is_generated_pin): New.
(inq_cb): Suppress constraints checking for a generated passphrase.
No more need for several tries to generate the passphrase.
(do_getpin): Store a generated passphrase/pin in the status field.
(agent_askpin): Suppress constraints checking for a generated
passphrase.
(agent_get_passphrase): Ditto.
* agent/command.c (cmd_get_passphrase): Ditto.
--

A generated passphrase has enough entropy so that all kind of extra
checks would only reduce the actual available entropy.  We thus detect
if a passphrase has been generated (and not changed) and skip all
passphrase constraints checking.
2021-08-18 18:46:39 +02:00
Werner Koch
7c45a69eb9
agent: New option --check-sym-passphrase-pattern.
* agent/gpg-agent.c (oCheckSymPassphrasePattern): New.
(opts): Add --check-sym-passphrase-pattern.
(parse_rereadable_options): Set option.
(main): Return option info.
* tools/gpgconf-comp.c: Add new option.
* agent/agent.h (opt): Add var check_sym_passphrase_pattern.
(struct pin_entry_info_s): Add var constraints_flags.
(CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1.
(CHECK_CONSTRAINTS_NEW_SYMKEY): New.
* agent/genkey.c (check_passphrase_pattern): Rename to ...
(do_check_passphrase_pattern): this to make code reading
easier. Handle the --check-sym-passphrase-pattern option.
(check_passphrase_constraints): Replace arg no_empty by a generic
flags arg.  Also handle --check-sym-passphrase-pattern here.
* agent/command.c (cmd_get_passphrase): In --newsymkey mode pass
CHECK_CONSTRAINTS_NEW_SYMKEY flag.
* agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags.
(struct inq_cb_parm_s): New.
(inq_cb): Use new struct for parameter passing.  Pass flags to teh
constraints checking.
(do_getpin): Pass constraints flag down.
(agent_askpin): Take constrainst flag from the supplied pinentry
struct.
--

Requirements for a passphrase to protect a private key and for a
passphrase used for symmetric encryption are different.  Thus a
the use of a different pattern file will be useful.  Note that a
pattern file can be used to replace the other passphrase constraints
options and thus we don't need to duplicate them for symmetric
encryption.

GnuPG-bug-id: 5517
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-08-13 13:42:31 +02:00
Jakub Jelen
a95ddffdcd
agent: Avoid memory leaks in error code paths.
* agent/command.c (cmd_genkey): Use goto instead of return.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Ditto.
* agent/genkey.c (agent_ask_new_passphrase): Fix typo to free correct
pointer
(agent_genkey): Release memory
* agent/gpg-agent.c (check_own_socket): Free sockname
* agent/protect-tool.c (read_key): Free buf.
(agent_askpin): Free passphrase

--

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Changed original patch to not add a free before a GPG_ERR_BUG.

Signed-off-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 5393
2021-05-20 13:38:07 +02:00
Werner Koch
40da61b89b
gpg: Improve speed of secret key listing.
* agent/command.c (cmd_keyinfo): Factor some code out to ...
(get_keyinfo_on_cards): ... new.
(cmd_havekey): Add --list mode.
* g10/gpg.h (struct server_control_s): Add new caching vars.
* g10/gpg.c (gpg_deinit_default_ctrl): Release cache.
* g10/call-agent.c (agent_probe_any_secret_key): Init and try to use
the keygrip cache.
(agent_genkey): Clear the cache.
(agent_import_key): Ditto.

* g10/keylist.c (list_all, list_one): Pass ctrl to
agent_probe_any_secret_key.
* g10/getkey.c (lookup): Ditto.
--

With this change we first ask the agent for a list of all secret
keygrips and use that list instead of asking the agent for each public
key.  Speeds up my "gpg -K" with a lot of secret and public keys by
more than 25%.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-05-19 02:42:35 +02:00
Werner Koch
0b875aa11a
agent,w32: Silence the get_peercred failed diagnostic
--
2021-04-23 09:52:57 +02:00
Werner Koch
50293ec2eb
gpg: Allow decryption w/o public key but with correct card inserted.
* agent/command.c (cmd_readkey): Add option --no-data and special
handling for $SIGNKEYID and $AUTHKEYID.
* g10/call-agent.c (agent_scd_getattr): Create shadow keys for KEY-FPR
output.
* g10/skclist.c (enum_secret_keys): Automagically get a missing public
key for the current card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-23 08:50:39 +02:00
Werner Koch
8f2c9cb735
agent: Silence error messages for READKEY --card
* agent/command.c (cmd_readkey): Test for shadow key before creating
it.
2021-04-21 21:00:28 +02:00
James Bottomley
92b601fcee
gpg: Add new command keytotpm to convert a private key to TPM format
* agent/command.c (cmd_keytotpm): New.
(agent/command.c): Register new command KEYTOTPM.
* g10/call-agent.c (agent_keytotpm): New.
* g10/keyedit.c (cmdKEYTOTPM): New command "keytotpm".
(keyedit_menu): Implement.

--

The plumbing is done in two parts: the agent is modified to understand
a KEYTOTPM assuan command taking the key grip as an argument.  This
simply obtains the key s expression and calls the existing writeky
diversion to the tpm2daemon.  The daemon reponds with the TPM
conversion of the key and that key is then stored in the keyfile as a
shadowed-private-key with "tpm2-v1" type.

To effect the conversion, all the user does from gpg --edit-key is
select which private key they wish to move (or move the primary if no
key is selected) and type keytotpm.  The conversion to TPM form is
instantaneous and once converted, the actual key cannot be recovered,
meaning that if you want your gpg key to move to a new laptop you must
keep an unconverted backup copy in a safe location.

When you do a list command, all TPM keys show up as

     card-no: TPM-Protected

The key is stored encrypted to the TPM2 storage seed and since each
TPM has a unique seed, only the single TPM contained in your laptop
can now read the key.  This means you cannot simply copy the shadowed
key file over to a new laptop, you must copy over the backup copy and
then convert it to TPM form on the new laptop.

To decomission your laptop, execute a tssclear command which
regenerates the storage seed and effectively shreds all keys.  Note
when you have done this *every* TPM2 shadowed private key becomes
unreadable by any TPM and all are effectively destroyed.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Very minor cosmetic changes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-10 13:34:18 +01:00
James Bottomley
1f995b9ba4
agent: Add new shadow key type and functions to call tpm2daemon
* agent/call-tpm2d.c: New.
* divert-tpm2.c: New.
* agent/Makefile.am: Add new files.
* agent/agent.h (DAEMON_TPM2D): New.  Add stub fucntions.
* agent/call-daemon.c (GNUPG_MODULE_NAME_TPM2DAEMON): New.
* agent/command.c (do_one_keyinfo): Handle tpmv2.
* agent/gpg-agent.c (oTpm2daemonProgram): New.
(opts): New option --tpm2daemon-program.
(parse_rereadable_options): Handle option.
* agent/pkdecrypt.c (agent_pkdecrypt): Divert to tpm2d.
(agent_pksign_do): Ditto.
---

A new shadow key type: "tpm2-v1" is introduced signalling that the
shadowed key is handled by the tpm2daemon.  A function to identify
this type is introduced and diversions to the tpm2daemon functions are
conditioned on this function for pkign and pkdecrypt where the same
diversions to scd are currently done.  The (info) field of the
shadowed key stores the actual TPM key.  The TPM key is encrypted so
only the physical TPM it was created on can read it (so no special
protection is required for the info filed), but if the (info) field
becomes corrupt or damaged, the key will be lost (unlike the token
case, where the key is actually moved inside the token).

Note, this commit adds handling for existing TPM format shadow keys,
but there is still no way to create them.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Additional changes:
* Add ChangeLog entries.
* Some minor indentation fixes.
* agent/Makefile.am (gpg_agent_SOURCES): Change to make distcheck
  work.
* agent/agent.h [!HAVE_LIBTSS]: Do not return -EINVAL but an
  gpg_error_t.  Mark args as unused.
* agent/protect.c (agent_is_tpm2_key): Free BUF.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-10 13:23:05 +01:00
Werner Koch
9500432b7a
Require Libgcrypt 1.9
* configure.ac: Require at least Libgcrypt 1.9.0.  Remove all
GCRYPT_VERSION_NUMBER dependent code.
--

Only Libgcrypt 1.9 implements EAX which is a mandatory algorithm in
RFC4880bis.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-01-19 10:33:03 +01:00
NIIBE Yutaka
8ddadbbdbb agent: Fix creating shadow key on card key generation.
* agent/command.c (cmd_readkey): Fix handling --card option.

--

Fixes-commit: 9c719c9c1ff34cc06a0fef2bfe29cfd7182753eb
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-19 15:44:59 +09:00
Werner Koch
7e22e08e2a
common: New functions gnupg_opendir et al.
* common/sysutils.h (struct gnupg_dirent_s): New.
* common/sysutils.c: Include dirent.h.
(struct gnupg_dir_s): New.
(gnupg_opendir, gnupg_readdir, gnupg_closedir): New.  Change all
callers of opendir, readdir, and closedir to use these functions.
--

GnuPG-bug-id: 5098
2020-10-21 17:00:32 +02:00
NIIBE Yutaka
8a84a71f3a agent: Fix regression for access through the extra secket.
* agent/command.c (cmd_keyinfo): Allow KEYINFO command for one key.
(cmd_scd): Allow SCD command to invoke GETINFO, GETATTR, and
KEYINFO --list=encr sub commands.

--

GnuPG-bug-id: 5063
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-18 10:29:54 +09:00
NIIBE Yutaka
dfdcf14738 common,agent,dirmngr,g10,tools: Fix split_fields API.
* common/stringhelp.h (split_fields): Use const * for the strings in
the ARRAY.
(split_fields_colon): Likewise.
* common/stringhelp.c (split_fields, split_fields_colon): Fix
the implementation.
* agent/call-scd.c, agent/command.c: Follow the change.
* common/t-stringhelp.c, dirmngr/loadswdb.c: Likewise.
* g10/call-agent.c, tools/card-call-scd.c: Likewise.
* tools/card-yubikey.c, tools/gpg-card.c: Likewise.
* tools/gpg-card.h, tools/gpg-wks-client.c: Likewise.
* tools/gpgconf-comp.c, tools/gpgconf.c: Likewise.
* tools/wks-util.c: Likewise.

--

The strings in the ARRAY don't need to be released by caller, as those
are references.  It's easier to follow the code when it's explicitly
const *.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-18 10:20:23 +09:00
Werner Koch
b8c4dd902d
gpg: Fix regression for non-default --passphrase-repeat option.
* agent/command.c (cmd_get_passphrase): Take care of --repeat with
--newsymkey.
--

GnuPG-bug-id: 4997
2020-08-20 09:34:41 +02:00
Werner Koch
0da923a124
agent: Allow to pass a timestamp to genkey and import.
* agent/command.c (cmd_genkey): Add option --timestamp.
(cmd_import_key): Ditto.
* agent/genkey.c (store_key): Add arg timestamp and change callers.
(agent_genkey): Ditto.
* agent/findkey.c (write_extended_private_key): Add args timestamp and
new key to write a Created line.
(agent_write_private_key): Add arg timestamp.
(agent_write_shadow_key): Ditto.
 agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-17 15:05:49 +02:00
Werner Koch
bb096905b9
agent: Add option --pss to pksign to be used by smartcards.
* agent/command.c (cmd_sethash): Add option --pss and allow for
--hash=null.
* agent/agent.h (struct server_control_s): Add digest.is_pss and
zero where needed.
* agent/pksign.c (agent_pksign_do): Allow for PSS with cards.
* scd/command.c (cmd_pksign): Add for --hash=none.
--

This is not a full implementaion of PSS but allows scdaemon card
drivers to detect already PSS formatted data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-10 10:22:42 +02:00
Werner Koch
0a6af6dc12
agent: Fix regression with --newsymkey in loopback mode.
* agent/command.c (cmd_get_passphrase): Never repeat in loopback mode;
same as with !OPT_NEWSYMKEY.
--

In loopback mode there shall not be any repeat because the caller is
expected to do any confirmation before passing a new passphrase to
gpg.

Fixes-commit: eace4bbe1ded8b01f9ad52ebc1871f2fd13c3a08
GnuPG-bug-id: 4991
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-14 11:04:23 +02:00
Werner Koch
eace4bbe1d
agent: New option --newsymkey for GET_PASSPHRASE
* agent/call-pinentry.c (agent_get_passphrase): Add arg pininfo.
* agent/genkey.c (check_passphrase_constraints): New arg no_empty.
* agent/command.c (reenter_passphrase_cmp_cb): New.
(cmd_get_passphrase): Add option --newsymkey.
--

This new option allows to present a passphrase with the usual repeat
box as it is used by gpg-agent's internal key generation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-08 14:20:01 +02:00
James Bottomley
f541e1d95a
agent: separate out daemon handling infrastructure for reuse
* agent/call-scd.c: Factor re-usable code out to ...
* agent/call-daemon.c: new.  Store infos in an array to allow for
other backend daemons.
* agent/Makefile.am (gpg_agent_SOURCES): Add new file.
* agent/agent.h: Include assuan.h.
(enum daemon_type): New.
(opt): Replace scdaemon_program by daemon_program array.  Replace
scd_local by a array d_local.  Change users accordingly.
--

The model I'm using for a TPM daemon is the current scdaemon.  That
includes start and stop handlers plus liveness checks and an assuan
socket generator.  To avoid massive code duplication (and save me a
lot of effort), I've elected to strip this code out of call-scd.c into
a generic framework which can then be reused as is by the TPM handling
daemon.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Co-authored-by: Werner Koch <wk@gnupg.org>

Modified original patch for 2.2 heavily to fit the new framework used
in master (gnupg 2.3)

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-24 12:44:02 +02:00
James Bottomley via Gnupg-devel
0e3b2955ae
agent: expose shadow key type
--
For TPM support it is necessary to indroduce another type of shadow
key, so allow other agent functions to extract the type so they can
make the right decisions based on it.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Minor editorial changes by wk
2020-06-24 10:11:47 +02:00
Werner Koch
b18fb0264a
agent: Allow to use SETHASH for arbitrary data.
* agent/agent.h (struct server_control_s): Add field digest.data.
* agent/gpg-agent.c (agent_deinit_default_ctrl): Free that field.
* agent/command.c (reset_notify): Ditto.
(start_command_handler): ditto.
(cmd_sethash): Add new option --inquire.
* agent/call-scd.c (agent_card_pksign): For now return an error if
inquire mode was used.
* agent/command-ssh.c (ssh_handler_sign_request): Make sure
digest.data is cleared.
* agent/divert-scd.c (divert_pksign): Implement inquire mode.
* agent/pksign.c (agent_pksign_do): Ditto.
--

This is required to support EdDSA according to RFC8410.

GnuPG-bug-id: 4888
2020-05-18 19:24:41 +02:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
638526d37f
agent: Allow signing with card key even without a stub key.
* agent/call-scd.c (agent_card_serialno): Allow NULL for R_SERIAL.
(struct readkey_status_parm_s): New.
(readkey_status_cb): New.
(agent_card_readkey): Add optional arg R_KEYREF and change all
callers.
* agent/findkey.c (key_parms_from_sexp): Allow also a "public-key".
* agent/divert-scd.c (ask_for_card): Allow for SHADOW_INFO being NULL.
* agent/pksign.c (agent_pksign_do): Fallback to sign with an on-card
if there is no stub key yet.  Create the stub key.  Also fixed a
misnaming between s_pkey and s_skey.
--

This change allows to create OpenPGP keys directly from a card without
first making sure that a stub key exists.  It is also the less
surprising behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 11:45:41 +01:00
Werner Koch
2e86cca7f4
agent: Avoid multiple calls to scd for KEYINFO.
* agent/command.c (struct server_local_s): Add last_card_keyinfo.
(eventcounter): Add maybe_key_change.
(cmd_genkey, cmd_scd, cmd_import_key, cmd_delete_key): Bump new
counter.
(cmd_keyinfo): Cache the keyinfo from the card.
(start_command_handler): Release the cache.
--

This cache speeds up processing of commands like "gpg -K" because
scdaemon does not need to be asked for each key as long as nothing
changed with the card.

We should have a better notification service from scdaemon to make
sure that we get only the relevant events.  What we do right now is a
bit course but sufficient.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 16:27:12 +01:00
NIIBE Yutaka
c31266716d agent: Extend agent_card_getattr with KEYGRIP.
* agent/agent.h (struct card_key_info_s): KEYGRIP null terminated.
(agent_card_getattr): Add KEYGRIP argument.
* agent/call-scd.c (agent_card_getattr): Handle KEYGRIP argument.
(card_keyinfo_cb): Make KEYGRIP null terminated.
* agent/command.c (cmd_readkey): Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-13 16:43:53 +09:00
NIIBE Yutaka
57b8ed61ab agent: SSH: SCD KEYINFO to list available keys.
* agent/agent.h (agent_card_cardlist): Remove.
(agent_card_keyinfo): Add CAP argument.
* agent/call-scd.c (card_cardlist_cb): Remove.
(agent_card_cardlist): Remove.
(agent_card_keyinfo): Support CAP constraint.
* agent/command-ssh.c (card_key_list): Remove.
(ssh_handler_request_identities): Use SCD KEYINFO command.
* agent/command.c (cmd_keyinfo): Follow the API change.
* agent/divert-scd.c (ask_for_card): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-09 11:55:42 +09:00
NIIBE Yutaka
20acc7c022 g10,agent: Support CONFIRM for --delete-key.
* agent/call-pinentry.c (agent_get_confirmation): Add call of
pinentry_loopback_confirm.
(agent_popup_message_start): Likewise.
(agent_popup_message_stop): Return if it's loopback mode.
* agent/command.c (pinentry_loopback_confirm): New.

* g10/call-agent.c (default_inq_cb): Support "CONFIRM" inquery
when PINENTRY_MODE_LOOPBACK mode.
(confirm_status_cb): New.
(agent_delete_key): Supply confirm_status_cb to set the description
string for confirmation.

--

In the Assuan communication, we introduce new interaction:

    [gpg]                            [gpg-agent]
            --- CMD: PKDECRYPT -->
            <-- STATUS: SETDESC "..."
            <-- STATUS: SETOK "..."
            <-- STATUS: SETNOTOK "..."
            <-- INQUERY: CONFIRM 0/1 (0 for display, 1 for user query)
	    --- INQUERY-result: -->
	    <-- RESULT: ...

GnuPG-bug-id: 3465
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 09:17:21 +09:00
Werner Koch
f2ac6742d4
Return better error code for some getinfo IPC commands.
* agent/command.c (cmd_getinfo): Return GPG_ERR_FALSE as boolean False.
* g13/server.c (cmd_getinfo): Ditto.
* sm/server.c (cmd_getinfo): Ditto.
--

GPG_ERR_FALSE was introduced with libgpg-error 1.21 and we now require
a later version for gnupg 2.  Thus we can switch to this more
descriptive code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-03 16:33:10 +02:00
NIIBE Yutaka
6790eaf952 agent: Add A-flag for KEYINFO output for card.
* agent/command.c (do_one_keyinfo): Add ON_CARD argument to put
A-flag.
(cmd_keyinfo): Call agent_card_keyinfo to offer additional information
if it's on card.

--

This is a modification in gpg-agent, intended for better
enum_secret_keys in gpg frontend.

GnuPG-bug-id: 4244
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-29 16:19:46 +09:00
Werner Koch
54e96c6fd2
agent: Replace most assert by log_assert.
--
2019-05-14 10:31:46 +02:00
Werner Koch
7098e4ce19
dirmngr: Add a CSRF expection for pm.me
--

Also comment typo fix.
2019-05-09 14:50:41 +02:00
Werner Koch
bdf252e76a
agent: Put Token lines into the key files.
* agent/findkey.c (write_extended_private_key): Add args serialno and
keyref.  Write a Token line if that does not yet exist.
(agent_write_private_key): Add args serialno and keyref and change all
callers.
(agent_write_shadow_key): Skip leading spaces.
* agent/keyformat.txt: Improve extended key format docs.
--

Noet that the extended key forma is the defaqult in 2.3.  This patch
is a first step to better handle tokens which carray the same key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-03 15:54:54 +02:00
Werner Koch
3c7a1f3aea
agent: Allow other ssh fingerprint algos in KEYINFO.
* agent/command.c (cmd_keyinfo): Allow for --ssh-fpr=ALGO.  Default to
the standard algo.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-26 09:02:19 +01:00
Werner Koch
e897e1e255
scd:piv: Implement import of private keys for Yubikeys.
* scd/app-piv.c (concat_tlv_list): Add arg 'secure' and adjust
 callers.
(writekey_rsa, writekey_ecc): New.
(do_writekey): New.
(do_writecert): Provide a better error message for an empty cert.
(app_select_piv): Register do_writekey.
* scd/iso7816.c (iso7816_send_apdu): New.
* scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New.
* agent/command.c (cmd_keytocard): Make the timestamp optional.
* tools/card-call-scd.c (inq_writekey_parms): Remove.
(scd_writekey): Rewrite.
* tools/gpg-card.c (cmd_writekey): New.
(enum cmdids): Add cmdWRITEKEY.
(dispatch_command, interactive_loop): Call cmd_writekey.
--

This has been tested with gpgsm and RSA keys.  For ECC keys only
partly tested using the sample OpenPGP nistp256 and nistp384 keys
because gpgsm does not yet support ECC certificates and thus we can't
write the certificates to the cert object after a writekey.  Note that
they nevertheless show up in "gpgcard list" because gpg-card searches
for them in gpg and gpgsm.  However, this does not work completely.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 15:49:20 +01:00
Werner Koch
bcc89a6df2
agent: Minor change to the KEYTOCARD command.
* agent/command.c (cmd_keytocard): Make timestamp optional.  Use
modern parser function.
* agent/call-scd.c (agent_card_writekey): Rename an arg and for
clarity return gpg_error_t instead of int.
* agent/divert-scd.c (divert_writekey): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 12:08:27 +01:00
NIIBE Yutaka
ae966bbe9b agent: Support --mode=ssh option for CLEAR_PASSPHRASE.
* agent/command.c (cmd_clear_passphrase): Add support for SSH.

--

GnuPG-bug-id: 4340
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-01-25 12:08:09 +09:00
Werner Koch
055f8854d3
common: Extend function percent_data_escape.
* common/percent.c (percent_data_escape): Add new args prefix and
plus_escape.
* agent/command.c (cmd_put_secret): Adjust for changed function

* common/t-percent.c (test_percent_data_escape): Extend test for the
prefix.
(test_percent_data_escape_plus): new test for the plus escaping.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-24 10:02:52 +01:00
Werner Koch
2bdc4b6ed9
agent: Fix possible release of unitialize var in a genkey error case.
* agent/command.c (cmd_genkey): Initialize 'value'.
--

GnuPG-bug-id: 4222
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-24 20:16:26 +02:00
Werner Koch
68b8096b66
agent: Fix build regression for Windows.
* agent/command-ssh.c (get_client_info): Turn client_uid into an int.
Fix setting of it in case of a failed getsocketopt.
* agent/command.c (start_command_handler): Fix setting of the pid and
uid for Windows.
--

Fixes-commit: 28aa6890588cc108639951bb4bef03ac17743046
which obviously was only added to master.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-22 17:24:58 +02:00
Werner Koch
8a915cd9fa
agent: New commands PUT_SECRET and GET_SECRET.
* agent/agent.h (CACHE_MODE_DATA): New const.
* agent/cache.c (DEF_CACHE_TTL_DATA): new.
(housekeeping): Tweak for CACHE_MODE_DATA.
(cache_mode_equal): Ditto.
(agent_get_cache): Ditto.
(agent_put_cache): Implement CACHE_MODE_DATA.
* agent/command.c (MAXLEN_PUT_SECRET): New.
(parse_ttl): New.
(cmd_get_secret): New.
(cmd_put_secret): New.
(register_commands): Register new commands.
--

These commands allow to store secrets in memory for the lifetime of
the gpg-agent process.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-02 21:36:19 +02:00
Werner Koch
3978df943d
agent: Fix segv running in --server mode
* agent/command.c (start_command_handler): Do not write to
CLIENT_CREDS after an error.
--

assuan_get_peercred is special insofar that it returns a pointer into
CTX.  Writing data via this pointer should never be done.

Fixes-commit: 28aa6890588cc108639951bb4bef03ac17743046
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-02 20:25:30 +02:00
Werner Koch
7b7576637d
Merge branch 'STABLE-BRANCH-2-2' into master
--

Resolved Conflicts:
	NEWS  - removed
	configure.ac - removed

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-13 13:29:40 +02:00
Werner Koch
bbb5bfacc0
agent,dirmngr: Add "getenv" to the getinfo command.
* agent/command.c (cmd_getinfo): Add sub-command getenv.
* dirmngr/server.c (cmd_getinfo): Ditto.
--

It is sometimes helpful to be able to inspect certain envvars in a
running agent.  For example "http_proxy".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 11:25:58 +02:00
Werner Koch
d4dc4245bf
Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
Werner Koch
02dce8c0cc
agent: Make the request origin a part of the cache items.
* agent/cache.c (agent_put_cache): Add arg 'ctrl' and change all
callers to pass it.
(agent_get_cache): Ditto.

* agent/cache.c (struct cache_items_s): Add field 'restricted'.
(housekeeping): Adjust debug output.
(agent_flush_cache): Ditto.
(agent_put_cache): Ditto.  Take RESTRICTED into account.
(agent_get_cache): Ditto.
--

If requests are coming from different sources they should not share the
same cache.  This way we make sure that a Pinentry pops up for a
remote request to a key we have already used locally.

GnuPG-bug-id: 3858
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-27 08:40:58 +02:00
Werner Koch
05c55ee260
agent: New OPTION pretend-request-origin
* common/shareddefs.h (request_origin_t): New.
* common/agent-opt.c (parse_request_origin): New.
(str_request_origin): New.
* agent/command.c (option_handler): Implement new option.
--

This allows to pretend that a request originated from the extra or
browser socket.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 08:37:14 +01:00
Werner Koch
20539ea5ca
Merge branch 'STABLE-BRANCH-2-2' 2018-02-22 16:19:56 +01:00
Katsuhiro Ueno
df97fe2480
agent: Avoid appending a '\0' byte to the response of READKEY
* agent/command.c (cmd_readkey): Set pkbuflen to the length of the output
without an extra '\0' byte.
2018-02-14 17:11:17 +01:00