/* call-agent.c - divert operations to the agent * Copyright (C) 2001, 2002 Free Software Foundation, Inc. * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ #include #include #include #include #include #include #include #include #include #ifdef HAVE_LOCALE_H #include #endif #include "gpgsm.h" #include "../assuan/assuan.h" #include "i18n.h" #include "keydb.h" /* fixme: Move this to import.c */ static ASSUAN_CONTEXT agent_ctx = NULL; static int force_pipe_server = 0; struct cipher_parm_s { ASSUAN_CONTEXT ctx; const char *ciphertext; size_t ciphertextlen; }; struct genkey_parm_s { ASSUAN_CONTEXT ctx; const char *sexp; size_t sexplen; }; struct learn_parm_s { int error; ASSUAN_CONTEXT ctx; struct membuf *data; }; struct membuf { size_t len; size_t size; char *buf; int out_of_core; }; /* A simple implemnation of a dynamic buffer. Use init_membuf() to create a buffer, put_membuf to append bytes and get_membuf to release and return the buffer. Allocation errors are detected but only returned at the final get_membuf(), this helps not to clutter the code with out of core checks. */ static void init_membuf (struct membuf *mb, int initiallen) { mb->len = 0; mb->size = initiallen; mb->out_of_core = 0; mb->buf = xtrymalloc (initiallen); if (!mb->buf) mb->out_of_core = 1; } static void put_membuf (struct membuf *mb, const void *buf, size_t len) { if (mb->out_of_core) return; if (mb->len + len >= mb->size) { char *p; mb->size += len + 1024; p = xtryrealloc (mb->buf, mb->size); if (!p) { mb->out_of_core = 1; return; } mb->buf = p; } memcpy (mb->buf + mb->len, buf, len); mb->len += len; } static void * get_membuf (struct membuf *mb, size_t *len) { char *p; if (mb->out_of_core) { xfree (mb->buf); mb->buf = NULL; return NULL; } p = mb->buf; *len = mb->len; mb->buf = NULL; mb->out_of_core = 1; /* don't allow a reuse */ return p; } /* Try to connect to the agent via socket or fork it off and work by pipes. Handle the server's initial greeting */ static int start_agent (void) { int rc = 0; char *infostr, *p; ASSUAN_CONTEXT ctx; char *dft_display = NULL; char *dft_ttyname = NULL; char *dft_ttytype = NULL; char *old_lc = NULL; char *dft_lc = NULL; if (agent_ctx) return 0; /* fixme: We need a context for each thread or serialize the access to the agent (which is suitable given that the agent is not MT */ infostr = force_pipe_server? NULL : getenv ("GPG_AGENT_INFO"); if (!infostr) { const char *pgmname; const char *argv[3]; int no_close_list[3]; int i; if (opt.verbose) log_info (_("no running gpg-agent - starting one\n")); if (fflush (NULL)) { log_error ("error flushing pending output: %s\n", strerror (errno)); return seterr (Write_Error); } if (!opt.agent_program || !*opt.agent_program) opt.agent_program = "../agent/gpg-agent"; if ( !(pgmname = strrchr (opt.agent_program, '/'))) pgmname = opt.agent_program; else pgmname++; argv[0] = pgmname; argv[1] = "--server"; argv[2] = NULL; i=0; if (log_get_fd () != -1) no_close_list[i++] = log_get_fd (); no_close_list[i++] = fileno (stderr); no_close_list[i] = -1; /* connect to the agent and perform initial handshaking */ rc = assuan_pipe_connect (&ctx, opt.agent_program, (char**)argv, no_close_list); } else { int prot; int pid; infostr = xstrdup (infostr); if ( !(p = strchr (infostr, ':')) || p == infostr) { log_error (_("malformed GPG_AGENT_INFO environment variable\n")); xfree (infostr); force_pipe_server = 1; return start_agent (); } *p++ = 0; pid = atoi (p); while (*p && *p != ':') p++; prot = *p? atoi (p+1) : 0; if (prot != 1) { log_error (_("gpg-agent protocol version %d is not supported\n"), prot); xfree (infostr); force_pipe_server = 1; return start_agent (); } rc = assuan_socket_connect (&ctx, infostr, pid); xfree (infostr); if (rc == ASSUAN_Connect_Failed) { log_error (_("can't connect to the agent - trying fall back\n")); force_pipe_server = 1; return start_agent (); } } if (rc) { log_error ("can't connect to the agent: %s\n", assuan_strerror (rc)); return seterr (No_Agent); } agent_ctx = ctx; if (DBG_ASSUAN) log_debug ("connection to agent established\n"); rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); dft_display = getenv ("DISPLAY"); if (opt.display || dft_display) { char *optstr; if (asprintf (&optstr, "OPTION display=%s", opt.display ? opt.display : dft_display) < 0) return GNUPG_Out_Of_Core; rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (rc) return map_assuan_err (rc); } if (!opt.ttyname && ttyname (1)) dft_ttyname = ttyname (1); if (opt.ttyname || dft_ttyname) { char *optstr; if (asprintf (&optstr, "OPTION ttyname=%s", opt.ttyname ? opt.ttyname : dft_ttyname) < 0) return GNUPG_Out_Of_Core; rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (rc) return map_assuan_err (rc); } dft_ttytype = getenv ("TERM"); if (opt.ttytype || (dft_ttyname && dft_ttytype)) { char *optstr; if (asprintf (&optstr, "OPTION ttytype=%s", opt.ttyname ? opt.ttytype : dft_ttytype) < 0) return GNUPG_Out_Of_Core; rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (rc) return map_assuan_err (rc); } #if defined(HAVE_SETLOCALE) && defined(LC_CTYPE) old_lc = setlocale (LC_CTYPE, NULL); if (old_lc) { old_lc = strdup (old_lc); if (!old_lc) return GNUPG_Out_Of_Core; } dft_lc = setlocale (LC_CTYPE, ""); #endif if (opt.lc_ctype || (dft_ttyname && dft_lc)) { char *optstr; if (asprintf (&optstr, "OPTION lc-ctype=%s", opt.lc_ctype ? opt.lc_ctype : dft_lc) < 0) rc = GNUPG_Out_Of_Core; else { rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (rc) rc = map_assuan_err (rc); } } #if defined(HAVE_SETLOCALE) && defined(LC_CTYPE) if (old_lc) { setlocale (LC_CTYPE, old_lc); free (old_lc); } #endif if (rc) return rc; #if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES) old_lc = setlocale (LC_MESSAGES, NULL); if (old_lc) { old_lc = strdup (old_lc); if (!old_lc) return GNUPG_Out_Of_Core; } dft_lc = setlocale (LC_MESSAGES, ""); #endif if (opt.lc_messages || (dft_ttyname && dft_lc)) { char *optstr; if (asprintf (&optstr, "OPTION lc-messages=%s", opt.lc_messages ? opt.lc_messages : dft_lc) < 0) rc = GNUPG_Out_Of_Core; else { rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (rc) rc = map_assuan_err (rc); } } #if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES) if (old_lc) { setlocale (LC_MESSAGES, old_lc); free (old_lc); } #endif return rc; } static AssuanError membuf_data_cb (void *opaque, const void *buffer, size_t length) { struct membuf *data = opaque; if (buffer) put_membuf (data, buffer, length); return 0; } /* Call the agent to do a sign operation using the key identified by the hex string KEYGRIP. */ int gpgsm_agent_pksign (const char *keygrip, unsigned char *digest, size_t digestlen, int digestalgo, char **r_buf, size_t *r_buflen ) { int rc, i; char *p, line[ASSUAN_LINELENGTH]; struct membuf data; size_t len; *r_buf = NULL; rc = start_agent (); if (rc) return rc; if (digestlen*2 + 50 > DIM(line)) return seterr (General_Error); rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); snprintf (line, DIM(line)-1, "SIGKEY %s", keygrip); line[DIM(line)-1] = 0; rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); sprintf (line, "SETHASH %d ", digestalgo); p = line + strlen (line); for (i=0; i < digestlen ; i++, p += 2 ) sprintf (p, "%02X", digest[i]); rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); init_membuf (&data, 1024); rc = assuan_transact (agent_ctx, "PKSIGN", membuf_data_cb, &data, NULL, NULL, NULL, NULL); if (rc) { xfree (get_membuf (&data, &len)); return map_assuan_err (rc); } *r_buf = get_membuf (&data, r_buflen); if (!gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL)) { xfree (*r_buf); *r_buf = NULL; return GNUPG_Invalid_Value; } return *r_buf? 0 : GNUPG_Out_Of_Core; } /* Handle a CIPHERTEXT inquiry. Note, we only send the data, assuan_transact talkes care of flushing and writing the end */ static AssuanError inq_ciphertext_cb (void *opaque, const char *keyword) { struct cipher_parm_s *parm = opaque; AssuanError rc; assuan_begin_confidential (parm->ctx); rc = assuan_send_data (parm->ctx, parm->ciphertext, parm->ciphertextlen); assuan_end_confidential (parm->ctx); return rc; } /* Call the agent to do a decrypt operation using the key identified by the hex string KEYGRIP. */ int gpgsm_agent_pkdecrypt (const char *keygrip, KsbaConstSexp ciphertext, char **r_buf, size_t *r_buflen ) { int rc; char line[ASSUAN_LINELENGTH]; struct membuf data; struct cipher_parm_s cipher_parm; size_t n, len; char *buf, *endp; size_t ciphertextlen; if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen) return GNUPG_Invalid_Value; *r_buf = NULL; ciphertextlen = gcry_sexp_canon_len (ciphertext, 0, NULL, NULL); if (!ciphertextlen) return GNUPG_Invalid_Value; rc = start_agent (); if (rc) return rc; rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); assert ( DIM(line) >= 50 ); snprintf (line, DIM(line)-1, "SETKEY %s", keygrip); line[DIM(line)-1] = 0; rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); init_membuf (&data, 1024); cipher_parm.ctx = agent_ctx; cipher_parm.ciphertext = ciphertext; cipher_parm.ciphertextlen = ciphertextlen; rc = assuan_transact (agent_ctx, "PKDECRYPT", membuf_data_cb, &data, inq_ciphertext_cb, &cipher_parm, NULL, NULL); if (rc) { xfree (get_membuf (&data, &len)); return map_assuan_err (rc); } put_membuf (&data, "", 1); /* make sure it is 0 terminated */ buf = get_membuf (&data, &len); if (!buf) return seterr (Out_Of_Core); /* FIXME: We would better a return a full S-exp and not just a part */ assert (len); len--; /* remove the terminating 0 */ n = strtoul (buf, &endp, 10); if (!n || *endp != ':') return seterr (Invalid_Sexp); endp++; if (endp-buf+n > len) return seterr (Invalid_Sexp); /* oops len does not match internal len*/ memmove (buf, endp, n); *r_buflen = n; *r_buf = buf; return 0; } /* Handle a KEYPARMS inquiry. Note, we only send the data, assuan_transact takes care of flushing and writing the end */ static AssuanError inq_genkey_parms (void *opaque, const char *keyword) { struct genkey_parm_s *parm = opaque; AssuanError rc; rc = assuan_send_data (parm->ctx, parm->sexp, parm->sexplen); return rc; } /* Call the agent to generate a newkey */ int gpgsm_agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey) { int rc; struct genkey_parm_s gk_parm; struct membuf data; size_t len; char *buf; *r_pubkey = NULL; rc = start_agent (); if (rc) return rc; rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return map_assuan_err (rc); init_membuf (&data, 1024); gk_parm.ctx = agent_ctx; gk_parm.sexp = keyparms; gk_parm.sexplen = gcry_sexp_canon_len (keyparms, 0, NULL, NULL); if (!gk_parm.sexplen) return GNUPG_Invalid_Value; rc = assuan_transact (agent_ctx, "GENKEY", membuf_data_cb, &data, inq_genkey_parms, &gk_parm, NULL, NULL); if (rc) { xfree (get_membuf (&data, &len)); return map_assuan_err (rc); } buf = get_membuf (&data, &len); if (!buf) return GNUPG_Out_Of_Core; if (!gcry_sexp_canon_len (buf, len, NULL, NULL)) { xfree (buf); return GNUPG_Invalid_Sexp; } *r_pubkey = buf; return 0; } /* Ask the agent whether the certificate is in the list of trusted keys */ int gpgsm_agent_istrusted (KsbaCert cert) { int rc; char *fpr; char line[ASSUAN_LINELENGTH]; rc = start_agent (); if (rc) return rc; fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); if (!fpr) { log_error ("error getting the fingerprint\n"); return seterr (General_Error); } snprintf (line, DIM(line)-1, "ISTRUSTED %s", fpr); line[DIM(line)-1] = 0; xfree (fpr); rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); return map_assuan_err (rc); } /* Ask the agent to mark CERT as a trusted Root-CA one */ int gpgsm_agent_marktrusted (KsbaCert cert) { int rc; char *fpr, *dn; char line[ASSUAN_LINELENGTH]; rc = start_agent (); if (rc) return rc; fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); if (!fpr) { log_error ("error getting the fingerprint\n"); return seterr (General_Error); } dn = ksba_cert_get_issuer (cert, 0); if (!dn) { xfree (fpr); return seterr (General_Error); } snprintf (line, DIM(line)-1, "MARKTRUSTED %s S %s", fpr, dn); line[DIM(line)-1] = 0; ksba_free (dn); xfree (fpr); rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); return map_assuan_err (rc); } /* Ask the agent whether the a corresponding secret key is available for the given keygrip */ int gpgsm_agent_havekey (const char *hexkeygrip) { int rc; char line[ASSUAN_LINELENGTH]; rc = start_agent (); if (rc) return rc; if (!hexkeygrip || strlen (hexkeygrip) != 40) return GNUPG_Invalid_Value; snprintf (line, DIM(line)-1, "HAVEKEY %s", hexkeygrip); line[DIM(line)-1] = 0; rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); return map_assuan_err (rc); } static AssuanError learn_cb (void *opaque, const void *buffer, size_t length) { struct learn_parm_s *parm = opaque; size_t len; char *buf; KsbaCert cert; int rc; if (parm->error) return 0; if (buffer) { put_membuf (parm->data, buffer, length); return 0; } /* END encountered - process what we have */ buf = get_membuf (parm->data, &len); if (!buf) { parm->error = GNUPG_Out_Of_Core; return 0; } /* FIXME: this should go into import.c */ cert = ksba_cert_new (); if (!cert) { parm->error = GNUPG_Out_Of_Core; return 0; } rc = ksba_cert_init_from_mem (cert, buf, len); if (rc) { log_error ("failed to parse a certificate: %s\n", ksba_strerror (rc)); ksba_cert_release (cert); parm->error = map_ksba_err (rc); return 0; } rc = gpgsm_basic_cert_check (cert); if (rc) log_error ("invalid certificate: %s\n", gnupg_strerror (rc)); else { if (!keydb_store_cert (cert, 0)) log_info ("certificate imported\n"); } ksba_cert_release (cert); init_membuf (parm->data, 4096); return 0; } /* Call the agent to learn about a smartcard */ int gpgsm_agent_learn () { int rc; struct learn_parm_s learn_parm; struct membuf data; size_t len; rc = start_agent (); if (rc) return rc; init_membuf (&data, 4096); learn_parm.error = 0; learn_parm.ctx = agent_ctx; learn_parm.data = &data; rc = assuan_transact (agent_ctx, "LEARN --send", learn_cb, &learn_parm, NULL, NULL, NULL, NULL); xfree (get_membuf (&data, &len)); if (rc) return map_assuan_err (rc); return learn_parm.error; }