LCOV - code coverage report
Current view: top level - g10 - passphrase.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 99 210 47.1 %
Date: 2016-09-12 12:29:17 Functions: 5 12 41.7 %

          Line data    Source code
       1             : /* passphrase.c -  Get a passphrase
       2             :  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
       3             :  *               2005, 2006, 2007, 2009, 2011 Free Software Foundation, Inc.
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stddef.h>
      23             : #include <stdio.h>
      24             : #include <stdlib.h>
      25             : #include <string.h>
      26             : #include <unistd.h>
      27             : #include <errno.h>
      28             : #ifdef HAVE_LOCALE_H
      29             : #include <locale.h>
      30             : #endif
      31             : #ifdef HAVE_LANGINFO_CODESET
      32             : #include <langinfo.h>
      33             : #endif
      34             : 
      35             : #include "gpg.h"
      36             : #include "util.h"
      37             : #include "options.h"
      38             : #include "ttyio.h"
      39             : #include "keydb.h"
      40             : #include "main.h"
      41             : #include "i18n.h"
      42             : #include "status.h"
      43             : #include "call-agent.h"
      44             : #include "../common/shareddefs.h"
      45             : 
      46             : static char *fd_passwd = NULL;
      47             : static char *next_pw = NULL;
      48             : static char *last_pw = NULL;
      49             : 
      50             : 
      51             : 
      52             : /* Pack an s2k iteration count into the form specified in 2440.  If
      53             :    we're in between valid values, round up.  With value 0 return the
      54             :    old default.  */
      55             : unsigned char
      56         442 : encode_s2k_iterations (int iterations)
      57             : {
      58             :   gpg_error_t err;
      59         442 :   unsigned char c=0;
      60             :   unsigned char result;
      61             :   unsigned int count;
      62             : 
      63         442 :   if (!iterations)
      64             :     {
      65             :       unsigned long mycnt;
      66             : 
      67             :       /* Ask the gpg-agent for a useful iteration count.  */
      68           3 :       err = agent_get_s2k_count (&mycnt);
      69           3 :       if (err || mycnt < 65536)
      70             :         {
      71             :           /* Don't print an error if an older agent is used.  */
      72           0 :           if (err && gpg_err_code (err) != GPG_ERR_ASS_PARAMETER)
      73           0 :             log_error (_("problem with the agent: %s\n"), gpg_strerror (err));
      74             :           /* Default to 65536 which we used up to 2.0.13.  */
      75           0 :           return 96;
      76             :         }
      77           3 :       else if (mycnt >= 65011712)
      78           0 :         return 255; /* Largest possible value.  */
      79             :       else
      80           3 :         return encode_s2k_iterations ((int)mycnt);
      81             :     }
      82             : 
      83         439 :   if (iterations <= 1024)
      84           0 :     return 0;  /* Command line arg compatibility.  */
      85             : 
      86         439 :   if (iterations >= 65011712)
      87           0 :     return 255;
      88             : 
      89             :   /* Need count to be in the range 16-31 */
      90        3097 :   for (count=iterations>>6; count>=32; count>>=1)
      91        2658 :     c++;
      92             : 
      93         439 :   result = (c<<4)|(count-16);
      94             : 
      95         439 :   if (S2K_DECODE_COUNT(result) < iterations)
      96           3 :     result++;
      97             : 
      98         439 :   return result;
      99             : }
     100             : 
     101             : 
     102             : int
     103         443 : have_static_passphrase()
     104             : {
     105         886 :   return (!!fd_passwd
     106         443 :           && (opt.batch || opt.pinentry_mode == PINENTRY_MODE_LOOPBACK));
     107             : }
     108             : 
     109             : /* Return a static passphrase.  The returned value is only valid as
     110             :    long as no other passphrase related function is called.  NULL may
     111             :    be returned if no passphrase has been set; better use
     112             :    have_static_passphrase first.  */
     113             : const char *
     114           0 : get_static_passphrase (void)
     115             : {
     116           0 :   return fd_passwd;
     117             : }
     118             : 
     119             : 
     120             : /****************
     121             :  * Set the passphrase to be used for the next query and only for the next
     122             :  * one.
     123             :  */
     124             : void
     125           0 : set_next_passphrase( const char *s )
     126             : {
     127           0 :   xfree(next_pw);
     128           0 :   next_pw = NULL;
     129           0 :   if ( s )
     130             :     {
     131           0 :       next_pw = xmalloc_secure( strlen(s)+1 );
     132           0 :       strcpy (next_pw, s );
     133             :     }
     134           0 : }
     135             : 
     136             : /****************
     137             :  * Get the last passphrase used in passphrase_to_dek.
     138             :  * Note: This removes the passphrase from this modules and
     139             :  * the caller must free the result.  May return NULL:
     140             :  */
     141             : char *
     142           0 : get_last_passphrase()
     143             : {
     144           0 :   char *p = last_pw;
     145           0 :   last_pw = NULL;
     146           0 :   return p;
     147             : }
     148             : 
     149             : /* Here's an interesting question: since this passphrase was passed in
     150             :    on the command line, is there really any point in using secure
     151             :    memory for it?  I'm going with 'yes', since it doesn't hurt, and
     152             :    might help in some small way (swapping). */
     153             : 
     154             : void
     155           0 : set_passphrase_from_string(const char *pass)
     156             : {
     157           0 :   xfree (fd_passwd);
     158           0 :   fd_passwd = xmalloc_secure(strlen(pass)+1);
     159           0 :   strcpy (fd_passwd, pass);
     160           0 : }
     161             : 
     162             : 
     163             : void
     164         518 : read_passphrase_from_fd( int fd )
     165             : {
     166             :   int i, len;
     167             :   char *pw;
     168             : 
     169         518 :   if ( !opt.batch && opt.pinentry_mode != PINENTRY_MODE_LOOPBACK)
     170             :     { /* Not used but we have to do a dummy read, so that it won't end
     171             :          up at the begin of the message if the quite usual trick to
     172             :          prepend the passphtrase to the message is used. */
     173             :       char buf[1];
     174             : 
     175           0 :       while (!(read (fd, buf, 1) != 1 || *buf == '\n' ))
     176             :         ;
     177           0 :       *buf = 0;
     178         518 :       return;
     179             :     }
     180             : 
     181        7947 :   for (pw = NULL, i = len = 100; ; i++ )
     182             :     {
     183        7947 :       if (i >= len-1 )
     184             :         {
     185         518 :           char *pw2 = pw;
     186         518 :           len += 100;
     187         518 :           pw = xmalloc_secure( len );
     188         518 :           if( pw2 )
     189             :             {
     190           0 :               memcpy(pw, pw2, i );
     191           0 :               xfree (pw2);
     192             :             }
     193             :           else
     194         518 :             i=0;
     195             :         }
     196        7947 :       if (read( fd, pw+i, 1) != 1 || pw[i] == '\n' )
     197             :         break;
     198        7429 :     }
     199         518 :   pw[i] = 0;
     200         518 :   if (!opt.batch && opt.pinentry_mode != PINENTRY_MODE_LOOPBACK)
     201           0 :     tty_printf("\b\b\b   \n" );
     202             : 
     203         518 :   xfree ( fd_passwd );
     204         518 :   fd_passwd = pw;
     205             : }
     206             : 
     207             : 
     208             : /*
     209             :  * Ask the GPG Agent for the passphrase.
     210             :  * If NOCACHE is set the symmetric passpharse caching will not be used.
     211             :  *
     212             :  * Note that TRYAGAIN_TEXT must not be translated.  If CANCELED is not
     213             :  * NULL, the function does set it to 1 if the user canceled the
     214             :  * operation.  If CACHEID is not NULL, it will be used as the cacheID
     215             :  * for the gpg-agent; if is NULL and a key fingerprint can be
     216             :  * computed, this will be used as the cacheid.
     217             :  */
     218             : static char *
     219           0 : passphrase_get (int nocache, const char *cacheid, int repeat,
     220             :                 const char *tryagain_text, int *canceled)
     221             : {
     222             :   int rc;
     223           0 :   char *pw = NULL;
     224             :   char *orig_codeset;
     225             :   const char *my_cacheid;
     226             : 
     227           0 :   if (canceled)
     228           0 :     *canceled = 0;
     229             : 
     230           0 :   orig_codeset = i18n_switchto_utf8 ();
     231             : 
     232           0 :   if (!nocache && cacheid)
     233           0 :     my_cacheid = cacheid;
     234             :   else
     235           0 :     my_cacheid = NULL;
     236             : 
     237           0 :   if (tryagain_text)
     238           0 :     tryagain_text = _(tryagain_text);
     239             : 
     240           0 :   rc = agent_get_passphrase (my_cacheid, tryagain_text, NULL,
     241           0 :                              _("Enter passphrase\n"),
     242             :                              repeat, nocache, &pw);
     243             : 
     244           0 :   i18n_switchback (orig_codeset);
     245             : 
     246             : 
     247           0 :   if (!rc)
     248             :     ;
     249           0 :   else if (gpg_err_code (rc) == GPG_ERR_CANCELED
     250           0 :             || gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
     251             :     {
     252           0 :       log_info (_("cancelled by user\n") );
     253           0 :       if (canceled)
     254           0 :         *canceled = 1;
     255             :     }
     256             :   else
     257             :     {
     258           0 :       log_error (_("problem with the agent: %s\n"), gpg_strerror (rc));
     259             :       /* Due to limitations in the API of the upper layers they
     260             :          consider an error as no passphrase entered.  This works in
     261             :          most cases but not during key creation where this should
     262             :          definitely not happen and let it continue without requiring a
     263             :          passphrase.  Given that now all the upper layers handle a
     264             :          cancel correctly, we simply set the cancel flag now for all
     265             :          errors from the agent.  */
     266           0 :       if (canceled)
     267           0 :         *canceled = 1;
     268             : 
     269           0 :       write_status_errcode ("get_passphrase", rc);
     270             :     }
     271             : 
     272           0 :   if (rc)
     273             :     {
     274           0 :       xfree (pw);
     275           0 :       pw = NULL;
     276             :     }
     277           0 :   return pw;
     278             : }
     279             : 
     280             : 
     281             : /*
     282             :  * Clear the cached passphrase with CACHEID.
     283             :  */
     284             : void
     285           0 : passphrase_clear_cache (const char *cacheid)
     286             : {
     287             :   int rc;
     288             : 
     289           0 :   rc = agent_clear_passphrase (cacheid);
     290           0 :   if (rc)
     291           0 :     log_error (_("problem with the agent: %s\n"), gpg_strerror (rc));
     292           0 : }
     293             : 
     294             : 
     295             : /* Return a new DEK object using the string-to-key specifier S2K.
     296             :  * Returns NULL if the user canceled the passphrase entry and if
     297             :  * CANCELED is not NULL, sets it to true.
     298             :  *
     299             :  * If CREATE is true a new passphrase sll be created.  If NOCACHE is
     300             :  * true the symmetric key caching will not be used.  */
     301             : DEK *
     302         443 : passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
     303             :                    int create, int nocache,
     304             :                    const char *tryagain_text, int *canceled)
     305             : {
     306         443 :   char *pw = NULL;
     307             :   DEK *dek;
     308             :   STRING2KEY help_s2k;
     309             :   int dummy_canceled;
     310             :   char s2k_cacheidbuf[1+16+1];
     311         443 :   char *s2k_cacheid = NULL;
     312             : 
     313         443 :   if (!canceled)
     314         222 :     canceled = &dummy_canceled;
     315         443 :   *canceled = 0;
     316             : 
     317         443 :   if ( !s2k )
     318             :     {
     319           0 :       log_assert (create && !nocache);
     320             :       /* This is used for the old rfc1991 mode
     321             :        * Note: This must match the code in encode.c with opt.rfc1991 set */
     322           0 :       s2k = &help_s2k;
     323           0 :       s2k->mode = 0;
     324           0 :       s2k->hash_algo = S2K_DIGEST_ALGO;
     325             :     }
     326             : 
     327             :   /* Create a new salt or what else to be filled into the s2k for a
     328             :      new key.  */
     329         443 :   if (create && (s2k->mode == 1 || s2k->mode == 3))
     330             :     {
     331         221 :       gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
     332         221 :       if ( s2k->mode == 3 )
     333             :         {
     334             :           /* We delay the encoding until it is really needed.  This is
     335             :              if we are going to dynamically calibrate it, we need to
     336             :              call out to gpg-agent and that should not be done during
     337             :              option processing in main().  */
     338         221 :           if (!opt.s2k_count)
     339           3 :             opt.s2k_count = encode_s2k_iterations (0);
     340         221 :           s2k->count = opt.s2k_count;
     341             :         }
     342             :     }
     343             : 
     344             :   /* If we do not have a passphrase available in NEXT_PW and status
     345             :      information are request, we print them now. */
     346         443 :   if ( !next_pw && is_status_enabled() )
     347             :     {
     348             :       char buf[50];
     349             : 
     350           0 :       snprintf (buf, sizeof buf -1, "%d %d %d",
     351           0 :                 cipher_algo, s2k->mode, s2k->hash_algo );
     352           0 :       write_status_text ( STATUS_NEED_PASSPHRASE_SYM, buf );
     353             :     }
     354             : 
     355         443 :   if ( next_pw )
     356             :     {
     357             :       /* Simply return the passphrase we already have in NEXT_PW. */
     358           0 :       pw = next_pw;
     359           0 :       next_pw = NULL;
     360             :     }
     361         443 :   else if ( have_static_passphrase () )
     362             :     {
     363             :       /* Return the passphrase we have stored in FD_PASSWD. */
     364         443 :       pw = xmalloc_secure ( strlen(fd_passwd)+1 );
     365         443 :       strcpy ( pw, fd_passwd );
     366             :     }
     367             :   else
     368             :     {
     369           0 :       if (!nocache && (s2k->mode == 1 || s2k->mode == 3))
     370             :         {
     371           0 :           memset (s2k_cacheidbuf, 0, sizeof s2k_cacheidbuf);
     372           0 :           *s2k_cacheidbuf = 'S';
     373           0 :           bin2hex (s2k->salt, 8, s2k_cacheidbuf + 1);
     374           0 :           s2k_cacheid = s2k_cacheidbuf;
     375             :         }
     376             : 
     377           0 :       if (opt.pinentry_mode == PINENTRY_MODE_LOOPBACK)
     378             :         {
     379             :           char buf[32];
     380             : 
     381           0 :           snprintf (buf, sizeof (buf), "%u", 100);
     382           0 :           write_status_text (STATUS_INQUIRE_MAXLEN, buf);
     383             :         }
     384             : 
     385             :       /* Divert to the gpg-agent. */
     386           0 :       pw = passphrase_get (create && nocache, s2k_cacheid,
     387             :                            create? opt.passphrase_repeat : 0,
     388             :                            tryagain_text, canceled);
     389           0 :       if (*canceled)
     390             :         {
     391           0 :           xfree (pw);
     392           0 :           write_status( STATUS_MISSING_PASSPHRASE );
     393           0 :           return NULL;
     394             :         }
     395             :     }
     396             : 
     397         443 :   if ( !pw || !*pw )
     398           0 :     write_status( STATUS_MISSING_PASSPHRASE );
     399             : 
     400             :   /* Hash the passphrase and store it in a newly allocated DEK object.
     401             :      Keep a copy of the passphrase in LAST_PW for use by
     402             :      get_last_passphrase(). */
     403         443 :   dek = xmalloc_secure_clear ( sizeof *dek );
     404         443 :   dek->algo = cipher_algo;
     405         443 :   if ( (!pw || !*pw) && create)
     406           0 :     dek->keylen = 0;
     407             :   else
     408             :     {
     409             :       gpg_error_t err;
     410             : 
     411         443 :       dek->keylen = openpgp_cipher_get_algo_keylen (dek->algo);
     412         443 :       if (!(dek->keylen > 0 && dek->keylen <= DIM(dek->key)))
     413           0 :         BUG ();
     414        1772 :       err = gcry_kdf_derive (pw, strlen (pw),
     415         443 :                              s2k->mode == 3? GCRY_KDF_ITERSALTED_S2K :
     416           0 :                              s2k->mode == 1? GCRY_KDF_SALTED_S2K :
     417             :                              /* */           GCRY_KDF_SIMPLE_S2K,
     418         443 :                              s2k->hash_algo, s2k->salt, 8,
     419         443 :                              S2K_DECODE_COUNT(s2k->count),
     420         443 :                              dek->keylen, dek->key);
     421         443 :       if (err)
     422             :         {
     423           0 :           log_error ("gcry_kdf_derive failed: %s", gpg_strerror (err));
     424           0 :           xfree (pw);
     425           0 :           xfree (dek);
     426           0 :           write_status( STATUS_MISSING_PASSPHRASE );
     427           0 :           return NULL;
     428             :         }
     429             :     }
     430         443 :   if (s2k_cacheid)
     431           0 :     memcpy (dek->s2k_cacheid, s2k_cacheid, sizeof dek->s2k_cacheid);
     432         443 :   xfree(last_pw);
     433         443 :   last_pw = pw;
     434         443 :   return dek;
     435             : }
     436             : 
     437             : 
     438             : /* Emit the USERID_HINT and the NEED_PASSPHRASE status messages.
     439             :    MAINKEYID may be NULL. */
     440             : void
     441           0 : emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo)
     442             : {
     443             :   char buf[50];
     444             :   char *us;
     445             : 
     446           0 :   us = get_long_user_id_string (keyid);
     447           0 :   write_status_text (STATUS_USERID_HINT, us);
     448           0 :   xfree (us);
     449             : 
     450           0 :   snprintf (buf, sizeof buf -1, "%08lX%08lX %08lX%08lX %d 0",
     451           0 :             (ulong)keyid[0],
     452           0 :             (ulong)keyid[1],
     453           0 :             (ulong)(mainkeyid? mainkeyid[0]:keyid[0]),
     454           0 :             (ulong)(mainkeyid? mainkeyid[1]:keyid[1]),
     455             :             pubkey_algo);
     456             : 
     457           0 :   write_status_text (STATUS_NEED_PASSPHRASE, buf);
     458           0 : }
     459             : 
     460             : 
     461             : /* Return an allocated utf-8 string describing the key PK.  If ESCAPED
     462             :    is true spaces and control characters are percent or plus escaped.
     463             :    MODE describes the use of the key description; use one of the
     464             :    FORMAT_KEYDESC_ macros. */
     465             : char *
     466         431 : gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped)
     467             : {
     468             :   char *uid;
     469             :   size_t uidlen;
     470             :   const char *algo_name;
     471             :   const char *timestr;
     472             :   char *orig_codeset;
     473             :   char *maink;
     474             :   char *desc;
     475             :   const char *prompt;
     476         431 :   const char *trailer = "";
     477             :   int is_subkey;
     478             : 
     479        1293 :   is_subkey = (pk->main_keyid[0] && pk->main_keyid[1]
     480         431 :                && pk->keyid[0] != pk->main_keyid[0]
     481         718 :                && pk->keyid[1] != pk->main_keyid[1]);
     482         431 :   algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
     483         431 :   timestr = strtimestamp (pk->timestamp);
     484         431 :   uid = get_user_id (is_subkey? pk->main_keyid:pk->keyid, &uidlen);
     485             : 
     486         431 :   orig_codeset = i18n_switchto_utf8 ();
     487             : 
     488         431 :   if (is_subkey)
     489         287 :     maink = xtryasprintf (_(" (main key ID %s)"), keystr (pk->main_keyid));
     490             :   else
     491         144 :     maink = NULL;
     492             : 
     493         431 :   switch (mode)
     494             :     {
     495             :     case FORMAT_KEYDESC_NORMAL:
     496         395 :       prompt = _("Please enter the passphrase to unlock the"
     497             :                  " OpenPGP secret key:");
     498         395 :       break;
     499             :     case FORMAT_KEYDESC_IMPORT:
     500          31 :       prompt = _("Please enter the passphrase to import the"
     501             :                  " OpenPGP secret key:");
     502          31 :       break;
     503             :     case FORMAT_KEYDESC_EXPORT:
     504           5 :       if (is_subkey)
     505           2 :         prompt = _("Please enter the passphrase to export the"
     506             :                    " OpenPGP secret subkey:");
     507             :       else
     508           3 :         prompt = _("Please enter the passphrase to export the"
     509             :                    " OpenPGP secret key:");
     510           5 :       break;
     511             :     case FORMAT_KEYDESC_DELKEY:
     512           0 :       if (is_subkey)
     513           0 :         prompt = _("Do you really want to permanently delete the"
     514             :                    " OpenPGP secret subkey key:");
     515             :       else
     516           0 :         prompt = _("Do you really want to permanently delete the"
     517             :                    " OpenPGP secret key:");
     518           0 :       trailer = "?";
     519           0 :       break;
     520             :     default:
     521           0 :       prompt = "?";
     522           0 :       break;
     523             :     }
     524             : 
     525         862 :   desc = xtryasprintf (_("%s\n"
     526             :                          "\"%.*s\"\n"
     527             :                          "%u-bit %s key, ID %s,\n"
     528             :                          "created %s%s.\n%s"),
     529             :                        prompt,
     530             :                        (int)uidlen, uid,
     531             :                        nbits_from_pk (pk), algo_name,
     532         431 :                        keystr (pk->keyid), timestr,
     533             :                        maink?maink:"", trailer);
     534         431 :   xfree (maink);
     535         431 :   xfree (uid);
     536             : 
     537         431 :   i18n_switchback (orig_codeset);
     538             : 
     539         431 :   if (escaped)
     540             :     {
     541         431 :       char *tmp = percent_plus_escape (desc);
     542         431 :       xfree (desc);
     543         431 :       desc = tmp;
     544             :     }
     545             : 
     546         431 :   return desc;
     547             : }

Generated by: LCOV version 1.11