[svn] GnuPG - r5362 - in trunk: . agent common sm
svn author wk
cvs at cvs.gnupg.org
Mon Jun 21 12:01:26 CEST 2010
Author: wk
Date: 2010-06-21 12:01:24 +0200 (Mon, 21 Jun 2010)
New Revision: 5362
Modified:
trunk/agent/ChangeLog
trunk/agent/command.c
trunk/agent/protect-tool.c
trunk/common/ChangeLog
trunk/common/sexputil.c
trunk/common/util.h
trunk/configure.ac
trunk/sm/ChangeLog
trunk/sm/call-agent.c
trunk/sm/export.c
trunk/sm/gpgsm.c
trunk/sm/gpgsm.h
trunk/sm/import.c
trunk/sm/minip12.c
trunk/sm/minip12.h
Log:
Implement export of pkcs#12 objects using a direct agent connection.
Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/agent/ChangeLog 2010-06-21 10:01:24 UTC (rev 5362)
@@ -1,3 +1,9 @@
+2010-06-18 Werner Koch <wk at g10code.com>
+
+ * protect-tool.c (store_private_key, rsa_key_check):
+
+ * command.c (cmd_export_key): New.
+
2010-06-15 Werner Koch <wk at g10code.com>
* command.c (cmd_keywrap_key, cmd_import_key): New.
@@ -2652,7 +2658,7 @@
Copyright 2001, 2002, 2003, 2004, 2005,
- 2007, 2008, 2009 Free Software Foundation, Inc.
+ 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/common/ChangeLog 2010-06-21 10:01:24 UTC (rev 5362)
@@ -1,3 +1,13 @@
+2010-06-21 Werner Koch <wk at g10code.com>
+
+ * util.h (xfree_fnc): New.
+
+2010-06-18 Werner Koch <wk at g10code.com>
+
+ * util.h (GPG_ERR_MISSING_KEY) [!GPG_ERR_MISSING_KEY]: New.
+
+ * sexputil.c (make_canon_sexp_pad): Add arg SECURE.
+
2010-06-17 Werner Koch <wk at g10code.com>
* sexputil.c (make_canon_sexp_pad): New.
Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/ChangeLog 2010-06-21 10:01:24 UTC (rev 5362)
@@ -1,3 +1,21 @@
+2010-06-21 Werner Koch <wk at g10code.com>
+
+ * minip12.c (p12_build): Change arg CERT to const void ptr.
+ (build_cert_sequence): Change arg CERT to const ptr.
+
+ * gpgsm.c (main) <aExportSecretKeyP12>: Use to estream.
+ (open_fwrite): Removed.
+
+ * export.c: Include minip12.h.
+ (popen_protect_tool): Remove.
+ (export_p12): Use gpg-agent directly. Change calling convention.
+ (gpgsm_p12_export): Adjust for that change. Change arg FP to an
+ estream_t.
+ (do_putc): Remove. Change callers to es_putc.
+ (do_fputs): Likewise.
+ (print_short_info): Remove arg FP.
+ * call-agent.c (gpgsm_agent_export_key): new.
+
2010-06-17 Werner Koch <wk at g10code.com>
* import.c (parse_p12): Remove arg retfp. Use the agent's new
Modified: trunk/agent/command.c
===================================================================
--- trunk/agent/command.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/agent/command.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -1,6 +1,6 @@
/* command.c - gpg-agent command handler
* Copyright (C) 2001, 2002, 2003, 2004, 2005,
- * 2006, 2008, 2009 Free Software Foundation, Inc.
+ * 2006, 2008, 2009, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -38,6 +38,8 @@
#include <assuan.h>
#include "i18n.h"
+
+
/* Maximum allowed size of the inquired ciphertext. */
#define MAXLEN_CIPHERTEXT 4096
/* Maximum allowed size of the key parameters. */
@@ -564,7 +566,7 @@
static const char hlp_setkeydesc[] =
"SETKEYDESC plus_percent_escaped_string\n"
"\n"
- "Set a description to be used for the next PKSIGN or PKDECRYPT\n"
+ "Set a description to be used for the next PKSIGN, PKDECRYPT or EXPORT_KEY\n"
"operation if this operation requires the entry of a passphrase. If\n"
"this command is not used a default text will be used. Note, that\n"
"this description implictly selects the label used for the entry\n"
@@ -573,8 +575,8 @@
"\"passphrase\" is used. The description string should not contain\n"
"blanks unless they are percent or '+' escaped.\n"
"\n"
- "The description is only valid for the next PKSIGN or PKDECRYPT\n"
- "operation.";
+ "The description is only valid for the next PKSIGN, PKDECRYPT or\n"
+ "EXPORT_KEY operation.";
static gpg_error_t
cmd_setkeydesc (assuan_context_t ctx, char *line)
{
@@ -1481,7 +1483,7 @@
if (!ctrl->server_local->import_key)
{
- err = gpg_error (GPG_ERR_BAD_KEY);
+ err = gpg_error (GPG_ERR_MISSING_KEY);
goto leave;
}
@@ -1562,15 +1564,97 @@
�
static const char hlp_export_key[] =
- "EXPORT_KEY\n"
- "\n";
+ "EXPORT_KEY <hexstring_with_keygrip>\n"
+ "\n"
+ "Export a secret key from the key store. The key will be encrypted\n"
+ "using the current session's key wrapping key (cf. command KEYWRAP_KEY)\n"
+ "using the AESWRAP-128 algorithm. The caller needs to retrieve that key\n"
+ "prior to using this command. The function takes the keygrip as argument.\n";
static gpg_error_t
cmd_export_key (assuan_context_t ctx, char *line)
{
- gpg_error_t err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ gpg_error_t err;
+ unsigned char grip[20];
+ gcry_sexp_t s_skey = NULL;
+ unsigned char *key = NULL;
+ size_t keylen;
+ gcry_cipher_hd_t cipherhd = NULL;
+ unsigned char *wrappedkey = NULL;
+ size_t wrappedkeylen;
+ if (!ctrl->server_local->export_key)
+ {
+ err = gpg_error (GPG_ERR_MISSING_KEY);
+ goto leave;
+ }
- /* leave: */
+ err = parse_keygrip (ctx, line, grip);
+ if (err)
+ goto leave;
+
+ if (agent_key_available (grip))
+ {
+ err = gpg_error (GPG_ERR_NO_SECKEY);
+ goto leave;
+ }
+
+ err = agent_key_from_file (ctrl, ctrl->server_local->keydesc, grip,
+ NULL, CACHE_MODE_IGNORE, NULL, &s_skey);
+ if (err)
+ goto leave;
+ if (!s_skey)
+ {
+ /* Key is on a smartcard. Actually we should not see this here
+ because we do not pass a shadow_info variable to the above
+ function, thus it will return this error directly. */
+ err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
+ goto leave;
+ }
+
+ err = make_canon_sexp_pad (s_skey, 1, &key, &keylen);
+ if (err)
+ goto leave;
+ gcry_sexp_release (s_skey);
+ s_skey = NULL;
+
+ err = gcry_cipher_open (&cipherhd, GCRY_CIPHER_AES128,
+ GCRY_CIPHER_MODE_AESWRAP, 0);
+ if (err)
+ goto leave;
+ err = gcry_cipher_setkey (cipherhd,
+ ctrl->server_local->export_key, KEYWRAP_KEYSIZE);
+ if (err)
+ goto leave;
+
+ wrappedkeylen = keylen + 8;
+ wrappedkey = xtrymalloc (wrappedkeylen);
+ if (!wrappedkey)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+
+ err = gcry_cipher_encrypt (cipherhd, wrappedkey, wrappedkeylen, key, keylen);
+ if (err)
+ goto leave;
+ xfree (key);
+ key = NULL;
+ gcry_cipher_close (cipherhd);
+ cipherhd = NULL;
+
+ assuan_begin_confidential (ctx);
+ err = assuan_send_data (ctx, wrappedkey, wrappedkeylen);
+ assuan_end_confidential (ctx);
+
+
+ leave:
+ xfree (wrappedkey);
+ gcry_cipher_close (cipherhd);
+ xfree (key);
+ gcry_sexp_release (s_skey);
+ xfree (ctrl->server_local->keydesc);
+ ctrl->server_local->keydesc = NULL;
return leave_cmd (ctx, err);
}
Modified: trunk/agent/protect-tool.c
===================================================================
--- trunk/agent/protect-tool.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/agent/protect-tool.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -544,89 +544,7 @@
}
�
-static int
-rsa_key_check (struct rsa_secret_key_s *skey)
-{
- int err = 0;
- gcry_mpi_t t = gcry_mpi_snew (0);
- gcry_mpi_t t1 = gcry_mpi_snew (0);
- gcry_mpi_t t2 = gcry_mpi_snew (0);
- gcry_mpi_t phi = gcry_mpi_snew (0);
- /* check that n == p * q */
- gcry_mpi_mul (t, skey->p, skey->q);
- if (gcry_mpi_cmp( t, skey->n) )
- {
- log_error ("RSA oops: n != p * q\n");
- err++;
- }
-
- /* check that p is less than q */
- if (gcry_mpi_cmp (skey->p, skey->q) > 0)
- {
- gcry_mpi_t tmp;
-
- log_info ("swapping secret primes\n");
- tmp = gcry_mpi_copy (skey->p);
- gcry_mpi_set (skey->p, skey->q);
- gcry_mpi_set (skey->q, tmp);
- gcry_mpi_release (tmp);
- /* and must recompute u of course */
- gcry_mpi_invm (skey->u, skey->p, skey->q);
- }
-
- /* check that e divides neither p-1 nor q-1 */
- gcry_mpi_sub_ui (t, skey->p, 1 );
- gcry_mpi_div (NULL, t, t, skey->e, 0);
- if (!gcry_mpi_cmp_ui( t, 0) )
- {
- log_error ("RSA oops: e divides p-1\n");
- err++;
- }
- gcry_mpi_sub_ui (t, skey->q, 1);
- gcry_mpi_div (NULL, t, t, skey->e, 0);
- if (!gcry_mpi_cmp_ui( t, 0))
- {
- log_info ( "RSA oops: e divides q-1\n" );
- err++;
- }
-
- /* check that d is correct. */
- gcry_mpi_sub_ui (t1, skey->p, 1);
- gcry_mpi_sub_ui (t2, skey->q, 1);
- gcry_mpi_mul (phi, t1, t2);
- gcry_mpi_invm (t, skey->e, phi);
- if (gcry_mpi_cmp (t, skey->d))
- { /* no: try universal exponent. */
- gcry_mpi_gcd (t, t1, t2);
- gcry_mpi_div (t, NULL, phi, t, 0);
- gcry_mpi_invm (t, skey->e, t);
- if (gcry_mpi_cmp (t, skey->d))
- {
- log_error ("RSA oops: bad secret exponent\n");
- err++;
- }
- }
-
- /* check for correctness of u */
- gcry_mpi_invm (t, skey->p, skey->q);
- if (gcry_mpi_cmp (t, skey->u))
- {
- log_info ( "RSA oops: bad u parameter\n");
- err++;
- }
-
- if (err)
- log_info ("RSA secret key check failed\n");
-
- gcry_mpi_release (t);
- gcry_mpi_release (t1);
- gcry_mpi_release (t2);
- gcry_mpi_release (phi);
-
- return err? -1:0;
-}
-
#if 0
/* A callback used by p12_parse to return a certificate. */
static void
@@ -789,6 +707,7 @@
�
+#if 0
static gcry_mpi_t *
sexp_to_kparms (gcry_sexp_t sexp)
{
@@ -842,20 +761,20 @@
gcry_sexp_release (list);
return array;
}
+#endif
-
/* Check whether STRING is a KEYGRIP, i.e has the correct length and
does only consist of uppercase hex characters. */
-static int
-is_keygrip (const char *string)
-{
- int i;
+/* static int */
+/* is_keygrip (const char *string) */
+/* { */
+/* int i; */
- for(i=0; string[i] && i < 41; i++)
- if (!strchr("01234567890ABCDEF", string[i]))
- return 0;
- return i == 40;
-}
+/* for(i=0; string[i] && i < 41; i++) */
+/* if (!strchr("01234567890ABCDEF", string[i])) */
+/* return 0; */
+/* return i == 40; */
+/* } */
#if 0
@@ -1195,6 +1114,7 @@
}
}
+#if 0
static int
store_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force)
@@ -1257,3 +1177,4 @@
xfree (fname);
return 0;
}
+#endif
Modified: trunk/common/sexputil.c
===================================================================
--- trunk/common/sexputil.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/common/sexputil.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -72,9 +72,9 @@
/* Same as make_canon_sexp but pad the buffer to multiple of 64
- bits. */
+ bits. If SECURE is set, secure memory will be allocated. */
gpg_error_t
-make_canon_sexp_pad (gcry_sexp_t sexp,
+make_canon_sexp_pad (gcry_sexp_t sexp, int secure,
unsigned char **r_buffer, size_t *r_buflen)
{
size_t len;
@@ -88,7 +88,7 @@
if (!len)
return gpg_error (GPG_ERR_BUG);
len += (8 - len % 8) % 8;
- buf = xtrycalloc (1, len);
+ buf = secure? xtrycalloc_secure (1, len) : xtrycalloc (1, len);
if (!buf)
return gpg_error_from_syserror ();
if (!gcry_sexp_sprint (sexp, GCRYSEXP_FMT_CANON, buf, len))
Modified: trunk/common/util.h
===================================================================
--- trunk/common/util.h 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/common/util.h 2010-06-21 10:01:24 UTC (rev 5362)
@@ -23,6 +23,10 @@
#include <gcrypt.h> /* We need this for the memory function protos. */
#include <errno.h> /* We need errno. */
#include <gpg-error.h> /* We need gpg_error_t. */
+/* Add error codes available only in newer versions of libgpg-error. */
+#ifndef GPG_ERR_MISSING_KEY
+#define GPG_ERR_MISSING_KEY 181
+#endif
/* Hash function used with libksba. */
#define HASH_FNC ((void (*)(void *, const void*,size_t))gcry_md_write)
@@ -77,6 +81,7 @@
#define xtryrealloc(a,b) gcry_realloc ((a),(b))
#define xtrystrdup(a) gcry_strdup ((a))
#define xfree(a) gcry_free ((a))
+#define xfree_fnc gcry_free
#define xmalloc(a) gcry_xmalloc ((a))
#define xmalloc_secure(a) gcry_xmalloc_secure ((a))
@@ -146,7 +151,7 @@
/*-- sexputil.c */
gpg_error_t make_canon_sexp (gcry_sexp_t sexp,
unsigned char **r_buffer, size_t *r_buflen);
-gpg_error_t make_canon_sexp_pad (gcry_sexp_t sexp,
+gpg_error_t make_canon_sexp_pad (gcry_sexp_t sexp, int secure,
unsigned char **r_buffer, size_t *r_buflen);
gpg_error_t keygrip_from_canon_sexp (const unsigned char *key, size_t keylen,
unsigned char *grip);
Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/configure.ac 2010-06-21 10:01:24 UTC (rev 5362)
@@ -40,7 +40,7 @@
# sufficient.
development_version=no
-NEED_GPG_ERROR_VERSION=1.4
+NEED_GPG_ERROR_VERSION=1.8
NEED_LIBGCRYPT_API=1
NEED_LIBGCRYPT_VERSION=1.4.0
Modified: trunk/sm/call-agent.c
===================================================================
--- trunk/sm/call-agent.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/call-agent.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -1079,9 +1079,10 @@
/* Ask for the passphrase (this is used for pkcs#12 import/export. On
success the caller needs to free the string stored at R_PASSPHRASE.
On error NULL will be stored at R_PASSPHRASE and an appropriate
- error code returned. */
+ error code returned. If REPEAT is true the agent tries to get a
+ new passphrase (i.e. asks the user to confirm it). */
gpg_error_t
-gpgsm_agent_ask_passphrase (ctrl_t ctrl, const char *desc_msg,
+gpgsm_agent_ask_passphrase (ctrl_t ctrl, const char *desc_msg, int repeat,
char **r_passphrase)
{
gpg_error_t err;
@@ -1098,7 +1099,9 @@
if (desc_msg && *desc_msg && !(arg4 = percent_plus_escape (desc_msg)))
return gpg_error_from_syserror ();
- snprintf (line, DIM(line)-1, "GET_PASSPHRASE --data -- X X X %s", arg4);
+ snprintf (line, DIM(line)-1, "GET_PASSPHRASE --data%s -- X X X %s",
+ repeat? " --repeat=1 --check --qualitybar":"",
+ arg4);
xfree (arg4);
init_membuf_secure (&data, 64);
@@ -1201,3 +1204,55 @@
NULL, NULL, inq_import_key_parms, &parm, NULL, NULL);
return err;
}
+
+
+�
+/* Receive a secret key from the agent. KEYGRIP is the hexified
+ keygrip, DESC a prompt to be displayed with the agent's passphrase
+ question (needs to be plus+percent escaped). On success the key is
+ stored as a canonical S-expression at R_RESULT and R_RESULTLEN. */
+gpg_error_t
+gpgsm_agent_export_key (ctrl_t ctrl, const char *keygrip, const char *desc,
+ unsigned char **r_result, size_t *r_resultlen)
+{
+ gpg_error_t err;
+ membuf_t data;
+ size_t len;
+ unsigned char *buf;
+ char line[ASSUAN_LINELENGTH];
+
+ *r_result = NULL;
+
+ err = start_agent (ctrl);
+ if (err)
+ return err;
+
+ if (desc)
+ {
+ snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
+ err = assuan_transact (agent_ctx, line,
+ NULL, NULL, NULL, NULL, NULL, NULL);
+ if (err)
+ return err;
+ }
+
+ snprintf (line, DIM(line)-1, "EXPORT_KEY %s", keygrip);
+
+ init_membuf_secure (&data, 1024);
+ err = assuan_transact (agent_ctx, line,
+ membuf_data_cb, &data,
+ default_inq_cb, ctrl, NULL, NULL);
+ if (err)
+ {
+ xfree (get_membuf (&data, &len));
+ return err;
+ }
+ buf = get_membuf (&data, &len);
+ if (!buf)
+ return gpg_error_from_syserror ();
+ *r_result = buf;
+ *r_resultlen = len;
+ return 0;
+}
+
+
Modified: trunk/sm/export.c
===================================================================
--- trunk/sm/export.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/export.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -34,9 +34,8 @@
#include "exechelp.h"
#include "i18n.h"
#include "sysutils.h"
+#include "minip12.h"
-
-
/* A table to store a fingerprint as used in a duplicates table. We
don't need to hash here because a fingerprint is already a perfect
hash value. This we use the most significant bits to index the
@@ -57,11 +56,11 @@
#define DUPTABLE_SIZE (1 << DUPTABLE_BITS)
-static void print_short_info (ksba_cert_t cert, FILE *fp, estream_t stream);
+static void print_short_info (ksba_cert_t cert, estream_t stream);
static gpg_error_t export_p12 (ctrl_t ctrl,
const unsigned char *certimg, size_t certimglen,
const char *prompt, const char *keygrip,
- estream_t *retfp);
+ void **r_result, size_t *r_resultlen);
/* Create a table used to indetify duplicated certificates. */
@@ -255,7 +254,7 @@
{
if (count)
es_putc ('\n', stream);
- print_short_info (cert, NULL, stream);
+ print_short_info (cert, stream);
es_putc ('\n', stream);
}
count++;
@@ -317,23 +316,22 @@
}
-/* Export a certificates and its private key. */
+/* Export a certificate and its private key. */
void
-gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp)
+gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream)
{
+ gpg_error_t err = 0;
KEYDB_HANDLE hd;
KEYDB_SEARCH_DESC *desc = NULL;
Base64Context b64writer = NULL;
ksba_writer_t writer;
ksba_cert_t cert = NULL;
- int rc=0;
const unsigned char *image;
size_t imagelen;
char *keygrip = NULL;
char *prompt;
- char buffer[1024];
- int nread;
- estream_t datafp = NULL;
+ void *data;
+ size_t datalen;
hd = keydb_new (0);
@@ -351,28 +349,28 @@
goto leave;
}
- rc = classify_user_id (name, desc);
- if (rc)
+ err = classify_user_id (name, desc);
+ if (err)
{
log_error ("key `%s' not found: %s\n",
- name, gpg_strerror (rc));
+ name, gpg_strerror (err));
goto leave;
}
/* Lookup the certificate and make sure that it is unique. */
- rc = keydb_search (hd, desc, 1);
- if (!rc)
+ err = keydb_search (hd, desc, 1);
+ if (!err)
{
- rc = keydb_get_cert (hd, &cert);
- if (rc)
+ err = keydb_get_cert (hd, &cert);
+ if (err)
{
- log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc));
+ log_error ("keydb_get_cert failed: %s\n", gpg_strerror (err));
goto leave;
}
next_ambiguous:
- rc = keydb_search (hd, desc, 1);
- if (!rc)
+ err = keydb_search (hd, desc, 1);
+ if (!err)
{
ksba_cert_t cert2 = NULL;
@@ -385,14 +383,14 @@
}
ksba_cert_release (cert2);
}
- rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
+ err = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
}
- else if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
- rc = 0;
- if (rc)
+ else if (err == -1 || gpg_err_code (err) == GPG_ERR_EOF)
+ err = 0;
+ if (err)
{
log_error ("key `%s' not found: %s\n",
- name, gpg_strerror (rc));
+ name, gpg_strerror (err));
goto leave;
}
}
@@ -401,8 +399,8 @@
if (!keygrip || gpgsm_agent_havekey (ctrl, keygrip))
{
/* Note, that the !keygrip case indicates a bad certificate. */
- rc = gpg_error (GPG_ERR_NO_SECKEY);
- log_error ("can't export key `%s': %s\n", name, gpg_strerror (rc));
+ err = gpg_error (GPG_ERR_NO_SECKEY);
+ log_error ("can't export key `%s': %s\n", name, gpg_strerror (err));
goto leave;
}
@@ -415,51 +413,44 @@
if (ctrl->create_pem)
{
- print_short_info (cert, fp, NULL);
- putc ('\n', fp);
+ print_short_info (cert, stream);
+ es_putc ('\n', stream);
}
if (opt.p12_charset && ctrl->create_pem)
{
- fprintf (fp, "The passphrase is %s encoded.\n\n",
- opt.p12_charset);
+ es_fprintf (stream, "The passphrase is %s encoded.\n\n",
+ opt.p12_charset);
}
ctrl->pem_name = "PKCS12";
- rc = gpgsm_create_writer (&b64writer, ctrl, fp, NULL, &writer);
- if (rc)
+ err = gpgsm_create_writer (&b64writer, ctrl, NULL, stream, &writer);
+ if (err)
{
- log_error ("can't create writer: %s\n", gpg_strerror (rc));
+ log_error ("can't create writer: %s\n", gpg_strerror (err));
goto leave;
}
-
prompt = gpgsm_format_keydesc (cert);
- rc = export_p12 (ctrl, image, imagelen, prompt, keygrip, &datafp);
+ err = export_p12 (ctrl, image, imagelen, prompt, keygrip, &data, &datalen);
xfree (prompt);
- if (rc)
+ if (err)
goto leave;
- es_rewind (datafp);
- while ( (nread = es_fread (buffer, 1, sizeof buffer, datafp)) > 0 )
- if ((rc = ksba_writer_write (writer, buffer, nread)))
- {
- log_error ("write failed: %s\n", gpg_strerror (rc));
- goto leave;
- }
- if (es_ferror (datafp))
+ err = ksba_writer_write (writer, data, datalen);
+ xfree (data);
+ if (err)
{
- rc = gpg_error_from_syserror ();
- log_error ("error reading temporary file: %s\n", gpg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (err));
goto leave;
}
if (ctrl->create_pem)
{
/* We want one certificate per PEM block */
- rc = gpgsm_finish_writer (b64writer);
- if (rc)
+ err = gpgsm_finish_writer (b64writer);
+ if (err)
{
- log_error ("write failed: %s\n", gpg_strerror (rc));
+ log_error ("write failed: %s\n", gpg_strerror (err));
goto leave;
}
gpgsm_destroy_writer (b64writer);
@@ -470,7 +461,6 @@
cert = NULL;
leave:
- es_fclose (datafp);
gpgsm_destroy_writer (b64writer);
ksba_cert_release (cert);
xfree (desc);
@@ -478,30 +468,9 @@
}
-/* Call either es_putc or the plain putc. */
-static void
-do_putc (int value, FILE *fp, estream_t stream)
-{
- if (stream)
- es_putc (value, stream);
- else
- putc (value, fp);
-}
-
-/* Call either es_fputs or the plain fputs. */
-static void
-do_fputs (const char *string, FILE *fp, estream_t stream)
-{
- if (stream)
- es_fputs (string, stream);
- else
- fputs (string, fp);
-}
-
-
/* Print some info about the certifciate CERT to FP or STREAM */
static void
-print_short_info (ksba_cert_t cert, FILE *fp, estream_t stream)
+print_short_info (ksba_cert_t cert, estream_t stream)
{
char *p;
ksba_sexp_t sexp;
@@ -509,18 +478,15 @@
for (idx=0; (p = ksba_cert_get_issuer (cert, idx)); idx++)
{
- do_fputs ((!idx
+ es_fputs ((!idx
? "Issuer ...: "
- : "\n aka ...: "), fp, stream);
- if (stream)
- gpgsm_es_print_name (stream, p);
- else
- gpgsm_print_name (fp, p);
+ : "\n aka ...: "), stream);
+ gpgsm_es_print_name (stream, p);
xfree (p);
}
- do_putc ('\n', fp, stream);
+ es_putc ('\n', stream);
- do_fputs ("Serial ...: ", fp, stream);
+ es_fputs ("Serial ...: ", stream);
sexp = ksba_cert_get_serial (cert);
if (sexp)
{
@@ -533,199 +499,208 @@
for (len=0; *s && *s != ':' && digitp (s); s++)
len = len*10 + atoi_1 (s);
if (*s == ':')
- {
- if (stream)
- es_write_hexstring (stream, s+1, len, 0, NULL);
- else
- print_hexstring (fp, s+1, len, 0);
- }
+ es_write_hexstring (stream, s+1, len, 0, NULL);
}
xfree (sexp);
}
- do_putc ('\n', fp, stream);
+ es_putc ('\n', stream);
for (idx=0; (p = ksba_cert_get_subject (cert, idx)); idx++)
{
- do_fputs ((!idx
+ es_fputs ((!idx
? "Subject ..: "
- : "\n aka ..: "), fp, stream);
- if (stream)
- gpgsm_es_print_name (stream, p);
- else
- gpgsm_print_name (fp, p);
+ : "\n aka ..: "), stream);
+ gpgsm_es_print_name (stream, p);
xfree (p);
}
- do_putc ('\n', fp, stream);
+ es_putc ('\n', stream);
}
-static gpg_error_t
-popen_protect_tool (ctrl_t ctrl, const char *pgmname,
- estream_t infile, estream_t outfile,
- estream_t *statusfile,
- const char *prompt, const char *keygrip,
- pid_t *pid)
+�
+/* Parse a private key S-expression and retutn a malloced array with
+ the RSA paramaters in pkcs#12 order. The caller needs to
+ deep-release this array. */
+static gcry_mpi_t *
+sexp_to_kparms (gcry_sexp_t sexp)
{
- const char *argv[22];
- int i=0;
+ gcry_sexp_t list, l2;
+ const char *name;
+ const char *s;
+ size_t n;
+ int idx;
+ const char *elems;
+ gcry_mpi_t *array;
- /* Make sure that the agent is running so that the protect tool is
- able to ask for a passphrase. This has only an effect under W32
- where the agent is started on demand; sending a NOP does not harm
- on other platforms. This is not really necessary anymore because
- the protect tool does this now by itself; it does not harm either.*/
- gpgsm_agent_send_nop (ctrl);
+ list = gcry_sexp_find_token (sexp, "private-key", 0 );
+ if(!list)
+ return NULL;
+ l2 = gcry_sexp_cadr (list);
+ gcry_sexp_release (list);
+ list = l2;
+ name = gcry_sexp_nth_data (list, 0, &n);
+ if(!name || n != 3 || memcmp (name, "rsa", 3))
+ {
+ gcry_sexp_release (list);
+ return NULL;
+ }
- argv[i++] = "--homedir";
- argv[i++] = opt.homedir;
- argv[i++] = "--p12-export";
- argv[i++] = "--have-cert";
- argv[i++] = "--prompt";
- argv[i++] = prompt?prompt:"";
- argv[i++] = "--enable-status-msg";
- if (opt.p12_charset)
+ /* Parameter names used with RSA in the pkcs#12 order. */
+ elems = "nedqp--u";
+ array = xtrycalloc (strlen(elems) + 1, sizeof *array);
+ if (!array)
{
- argv[i++] = "--p12-charset";
- argv[i++] = opt.p12_charset;
+ gcry_sexp_release (list);
+ return NULL;
}
- if (opt.agent_program)
+ for (idx=0, s=elems; *s; s++, idx++ )
{
- argv[i++] = "--agent-program";
- argv[i++] = opt.agent_program;
+ if (*s == '-')
+ continue; /* Computed below */
+ l2 = gcry_sexp_find_token (list, s, 1);
+ if (l2)
+ {
+ array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
+ gcry_sexp_release (l2);
+ }
+ if (!array[idx]) /* Required parameter not found or invalid. */
+ {
+ for (idx=0; array[idx]; idx++)
+ gcry_mpi_release (array[idx]);
+ xfree (array);
+ gcry_sexp_release (list);
+ return NULL;
+ }
}
- argv[i++] = "--",
- argv[i++] = keygrip,
- argv[i] = NULL;
- assert (i < sizeof argv);
+ gcry_sexp_release (list);
- return gnupg_spawn_process (pgmname, argv, infile, outfile,
- setup_pinentry_env, (128|64),
- statusfile, pid);
+ array[5] = gcry_mpi_snew (0); /* compute d mod (q-1) */
+ gcry_mpi_sub_ui (array[5], array[3], 1);
+ gcry_mpi_mod (array[5], array[2], array[5]);
+
+ array[6] = gcry_mpi_snew (0); /* compute d mod (p-1) */
+ gcry_mpi_sub_ui (array[6], array[4], 1);
+ gcry_mpi_mod (array[6], array[3], array[6]);
+
+ return array;
}
static gpg_error_t
export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
- const char *prompt, const char *keygrip, estream_t *retfp)
+ const char *prompt, const char *keygrip,
+ void **r_result, size_t *r_resultlen)
{
- const char *pgmname;
- gpg_error_t err = 0, child_err = 0;
- int c, cont_line;
- unsigned int pos;
- estream_t infp = NULL;
- estream_t fp = NULL;
- estream_t outfp = NULL;
- char buffer[1024];
- pid_t pid = -1;
- int bad_pass = 0;
+ gpg_error_t err = 0;
+ void *kek = NULL;
+ size_t keklen;
+ unsigned char *wrappedkey = NULL;
+ size_t wrappedkeylen;
+ gcry_cipher_hd_t cipherhd = NULL;
+ gcry_sexp_t s_skey = NULL;
+ gcry_mpi_t *kparms = NULL;
+ unsigned char *key = NULL;
+ size_t keylen;
+ char *passphrase = NULL;
+ unsigned char *result = NULL;
+ size_t resultlen;
+ int i;
- if (!opt.protect_tool_program || !*opt.protect_tool_program)
- pgmname = gnupg_module_name (GNUPG_MODULE_NAME_PROTECT_TOOL);
- else
- pgmname = opt.protect_tool_program;
+ *r_result = NULL;
- infp = es_tmpfile ();
- if (!infp)
+ /* Get the current KEK. */
+ err = gpgsm_agent_keywrap_key (ctrl, 1, &kek, &keklen);
+ if (err)
{
- err = gpg_error_from_syserror ();
- log_error (_("error creating temporary file: %s\n"), strerror (errno));
- goto cleanup;
+ log_error ("error getting the KEK: %s\n", gpg_strerror (err));
+ goto leave;
}
- if (es_fwrite (certimg, certimglen, 1, infp) != 1)
+ /* Receive the wrapped key from the agent. */
+ err = gpgsm_agent_export_key (ctrl, keygrip, prompt,
+ &wrappedkey, &wrappedkeylen);
+ if (err)
+ goto leave;
+
+
+ /* Unwrap the key. */
+ err = gcry_cipher_open (&cipherhd, GCRY_CIPHER_AES128,
+ GCRY_CIPHER_MODE_AESWRAP, 0);
+ if (err)
+ goto leave;
+ err = gcry_cipher_setkey (cipherhd, kek, keklen);
+ if (err)
+ goto leave;
+ xfree (kek);
+ kek = NULL;
+
+ if (wrappedkeylen < 24)
{
- err = gpg_error_from_syserror ();
- log_error (_("error writing to temporary file: %s\n"),
- strerror (errno));
- goto cleanup;
+ err = gpg_error (GPG_ERR_INV_LENGTH);
+ goto leave;
}
-
- outfp = es_tmpfile ();
- if (!outfp)
+ keylen = wrappedkeylen - 8;
+ key = xtrymalloc_secure (keylen);
+ if (!key)
{
err = gpg_error_from_syserror ();
- log_error (_("error creating temporary file: %s\n"), strerror (errno));
- goto cleanup;
+ goto leave;
}
-
- err = popen_protect_tool (ctrl,
- pgmname, infp, outfp, &fp, prompt, keygrip, &pid);
+ err = gcry_cipher_decrypt (cipherhd, key, keylen, wrappedkey, wrappedkeylen);
if (err)
- {
- pid = -1;
- goto cleanup;
- }
- es_fclose (infp);
- infp = NULL;
+ goto leave;
+ xfree (wrappedkey);
+ wrappedkey = NULL;
+ gcry_cipher_close (cipherhd);
+ cipherhd = NULL;
- /* Read stderr of the protect tool. */
- pos = 0;
- cont_line = 0;
- while ((c=es_getc (fp)) != EOF)
- {
- /* fixme: We could here grep for status information of the
- protect tool to figure out better error codes for
- CHILD_ERR. */
- buffer[pos++] = c;
- if (pos >= sizeof buffer - 5 || c == '\n')
- {
- buffer[pos - (c == '\n')] = 0;
- if (cont_line)
- log_printf ("%s", buffer);
- else
- {
- if (!strncmp (buffer, "gpg-protect-tool: [PROTECT-TOOL:] ",34))
- {
- char *p, *pend;
- p = buffer + 34;
- pend = strchr (p, ' ');
- if (pend)
- *pend = 0;
- if ( !strcmp (p, "bad-passphrase"))
- bad_pass++;
- }
- else
- log_info ("%s", buffer);
- }
- pos = 0;
- cont_line = (c != '\n');
- }
- }
+ /* Convert to a gcrypt S-expression. */
+ err = gcry_sexp_create (&s_skey, key, keylen, 0, xfree_fnc);
+ if (err)
+ goto leave;
+ key = NULL; /* Key is now owned by S_KEY. */
- if (pos)
+ /* Get the parameters from the S-expression. */
+ kparms = sexp_to_kparms (s_skey);
+ gcry_sexp_release (s_skey);
+ s_skey = NULL;
+ if (!kparms)
{
- buffer[pos] = 0;
- if (cont_line)
- log_printf ("%s\n", buffer);
- else
- log_info ("%s\n", buffer);
- }
- else if (cont_line)
- log_printf ("\n");
+ log_error ("error converting key parameters\n");
+ err = GPG_ERR_BAD_SECKEY;
+ goto leave;
+ }
+
+ err = gpgsm_agent_ask_passphrase
+ (ctrl,
+ i18n_utf8 ("Please enter the passphrase to protect the "
+ "new PKCS#12 object."),
+ 1, &passphrase);
+ if (err)
+ goto leave;
- /* If we found no error in the output of the child, setup a suitable
- error code, which will later be reset if the exit status of the
- child is 0. */
- if (!child_err)
- child_err = gpg_error (GPG_ERR_DECRYPT_FAILED);
-
- cleanup:
- es_fclose (infp);
- es_fclose (fp);
- if (pid != -1)
+ result = p12_build (kparms, certimg, certimglen, passphrase,
+ opt.p12_charset, &resultlen);
+ xfree (passphrase);
+ passphrase = NULL;
+ if (!result)
+ err = gpg_error (GPG_ERR_GENERAL);
+
+ leave:
+ xfree (key);
+ gcry_sexp_release (s_skey);
+ if (kparms)
{
- if (!gnupg_wait_process (pgmname, pid, 0, NULL))
- child_err = 0;
- gnupg_release_process (pid);
+ for (i=0; kparms[i]; i++)
+ gcry_mpi_release (kparms[i]);
+ xfree (kparms);
}
- if (!err)
- err = child_err;
- if (err)
- es_fclose (outfp);
- else
- *retfp = outfp;
- if (bad_pass)
+ gcry_cipher_close (cipherhd);
+ xfree (wrappedkey);
+ xfree (kek);
+
+ if (gpg_err_code (err) == GPG_ERR_BAD_PASSPHRASE)
{
/* During export this is the passphrase used to unprotect the
key and not the pkcs#12 thing as in export. Therefore we can
@@ -733,6 +708,16 @@
zero keyid by a regular one. */
gpgsm_status (ctrl, STATUS_BAD_PASSPHRASE, "0000000000000000");
}
+
+ if (err)
+ {
+ xfree (result);
+ }
+ else
+ {
+ *r_result = result;
+ *r_resultlen = resultlen;
+ }
return err;
}
Modified: trunk/sm/gpgsm.c
===================================================================
--- trunk/sm/gpgsm.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/gpgsm.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -435,7 +435,6 @@
static int check_special_filename (const char *fname, int for_write);
static int open_read (const char *filename);
static estream_t open_es_fread (const char *filename, const char *mode);
-static FILE *open_fwrite (const char *filename);
static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv);
@@ -1877,14 +1876,14 @@
case aExportSecretKeyP12:
{
- FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
+ estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
if (argc == 1)
gpgsm_p12_export (&ctrl, *argv, fp);
else
wrong_args ("--export-secret-key-p12 KEY-ID");
- if (fp != stdout)
- fclose (fp);
+ if (fp != es_stdout)
+ es_fclose (fp);
}
break;
@@ -2091,45 +2090,6 @@
}
-/* Open FILENAME for fwrite and return the stream. Stop with an error
- message in case of problems. "-" denotes stdout and if special
- filenames are allowed the given fd is opened instead. Caller must
- close the returned stream unless it is stdout. */
-static FILE *
-open_fwrite (const char *filename)
-{
- int fd;
- FILE *fp;
-
- if (filename[0] == '-' && !filename[1])
- {
- set_binary (stdout);
- return stdout;
- }
-
- fd = check_special_filename (filename, 1);
- if (fd != -1)
- {
-#warning replace the line below
- fp = NULL; /*fdopen (dup (fd), "wb"); */
- if (!fp)
- {
- log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
- gpgsm_exit (2);
- }
- set_binary (fp);
- return fp;
- }
- fp = fopen (filename, "wb");
- if (!fp)
- {
- log_error (_("can't open `%s': %s\n"), filename, strerror (errno));
- gpgsm_exit (2);
- }
- return fp;
-}
-
-
/* Open FILENAME for fwrite and return an extended stream. Stop with
an error message in case of problems. "-" denotes stdout and if
special filenames are allowed the given fd is opened instead.
Modified: trunk/sm/gpgsm.h
===================================================================
--- trunk/sm/gpgsm.h 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/gpgsm.h 2010-06-21 10:01:24 UTC (rev 5362)
@@ -344,7 +344,7 @@
/*-- export.c --*/
void gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream);
-void gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp);
+void gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream);
/*-- delete.c --*/
int gpgsm_delete (ctrl_t ctrl, strlist_t names);
@@ -406,11 +406,15 @@
gpg_error_t gpgsm_agent_keyinfo (ctrl_t ctrl, const char *hexkeygrip,
char **r_serialno);
gpg_error_t gpgsm_agent_ask_passphrase (ctrl_t ctrl, const char *desc_msg,
- char **r_passphrase);
+ int repeat, char **r_passphrase);
gpg_error_t gpgsm_agent_keywrap_key (ctrl_t ctrl, int forexport,
void **r_kek, size_t *r_keklen);
gpg_error_t gpgsm_agent_import_key (ctrl_t ctrl,
const void *key, size_t keylen);
+gpg_error_t gpgsm_agent_export_key (ctrl_t ctrl, const char *keygrip,
+ const char *desc,
+ unsigned char **r_result,
+ size_t *r_resultlen);
/*-- call-dirmngr.c --*/
int gpgsm_dirmngr_isvalid (ctrl_t ctrl,
Modified: trunk/sm/import.c
===================================================================
--- trunk/sm/import.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/import.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -759,8 +759,9 @@
err = gpgsm_agent_ask_passphrase
- (ctrl, _("Please enter the passphrase to unprotect the PKCS#12 object."),
- &passphrase);
+ (ctrl,
+ i18n_utf8 ("Please enter the passphrase to unprotect the PKCS#12 object."),
+ 0, &passphrase);
if (err)
goto leave;
@@ -812,7 +813,7 @@
kparms = NULL;
if (err)
{
- log_error ("failed to created S-expression from key: %s\n",
+ log_error ("failed to create S-expression from key: %s\n",
gpg_strerror (err));
goto leave;
}
@@ -828,7 +829,7 @@
/* Convert to canonical encoding using a function which pads it to a
multiple of 64 bits. We need this padding for AESWRAP. */
- err = make_canon_sexp_pad (s_key, &key, &keylen);
+ err = make_canon_sexp_pad (s_key, 1, &key, &keylen);
if (err)
{
log_error ("error creating canonical S-expression\n");
Modified: trunk/sm/minip12.c
===================================================================
--- trunk/sm/minip12.c 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/minip12.c 2010-06-21 10:01:24 UTC (rev 5362)
@@ -2024,7 +2024,7 @@
static unsigned char *
-build_cert_sequence (unsigned char *buffer, size_t buflen,
+build_cert_sequence (const unsigned char *buffer, size_t buflen,
const unsigned char *sha1hash, const char *keyidstr,
size_t *r_length)
{
@@ -2144,7 +2144,7 @@
in R_LENGTH; return NULL in case of an error. If CHARSET is not
NULL, re-encode PW to that character set. */
unsigned char *
-p12_build (gcry_mpi_t *kparms, unsigned char *cert, size_t certlen,
+p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
const char *pw, const char *charset, size_t *r_length)
{
unsigned char *buffer = NULL;
@@ -2298,6 +2298,7 @@
unsigned char *buf;
size_t buflen;
gcry_mpi_t *result;
+ int badpass;
if (argc != 3)
{
@@ -2330,7 +2331,7 @@
}
fclose (fp);
- result = p12_parse (buf, buflen, argv[2], cert_cb, NULL);
+ result = p12_parse (buf, buflen, argv[2], cert_cb, NULL, &badpass);
if (result)
{
int i, rc;
Modified: trunk/sm/minip12.h
===================================================================
--- trunk/sm/minip12.h 2010-06-18 08:08:49 UTC (rev 5361)
+++ trunk/sm/minip12.h 2010-06-21 10:01:24 UTC (rev 5362)
@@ -28,7 +28,7 @@
void *certcbarg, int *r_badpass);
unsigned char *p12_build (gcry_mpi_t *kparms,
- unsigned char *cert, size_t certlen,
+ const void *cert, size_t certlen,
const char *pw, const char *charset,
size_t *r_length);
More information about the Gnupg-commits
mailing list