diff options
| author | Werner Koch <[email protected]> | 2007-11-19 16:03:50 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2007-11-19 16:03:50 +0000 |
| commit | 55ba204bfa848c2e591a29fedc9f103103493a57 (patch) | |
| tree | e37263e4d3a25e2aa300faf4c5240191b54ea1a7 /sm | |
| parent | Updated (diff) | |
| download | gnupg-55ba204bfa848c2e591a29fedc9f103103493a57.tar.gz gnupg-55ba204bfa848c2e591a29fedc9f103103493a57.zip | |
Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
Diffstat (limited to 'sm')
| -rw-r--r-- | sm/ChangeLog | 29 | ||||
| -rw-r--r-- | sm/call-agent.c | 1 | ||||
| -rw-r--r-- | sm/certchain.c | 17 | ||||
| -rw-r--r-- | sm/certdump.c | 33 | ||||
| -rw-r--r-- | sm/gpgsm.c | 34 | ||||
| -rw-r--r-- | sm/gpgsm.h | 9 | ||||
| -rw-r--r-- | sm/misc.c | 7 | ||||
| -rw-r--r-- | sm/server.c | 128 | ||||
| -rw-r--r-- | sm/verify.c | 70 |
9 files changed, 227 insertions, 101 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog index d67d23fbc..549779892 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,32 @@ +2007-11-19 Werner Koch <[email protected]> + + * gpgsm.c (main): Print a warning if --audit-log is used. + +2007-11-15 Werner Koch <[email protected]> + + * gpgsm.h (struct): Add XAUTHORITY and PINENTRY_USER_DATA. + * misc.c (setup_pinentry_env): Add XAUTHORITY and PINENTRY_USER_DATA. + * gpgsm.c (main): New option --xauthority. + * call-agent.c (start_agent): Adjust for changed start_new_gpg_agent. + * server.c (option_handler): Ad the new options. + +2007-11-07 Werner Koch <[email protected]> + + * gpgsm.c (main): New option --audit-log. + * server.c (option_handler): New option enable-audit-log. + (start_audit_session): New. + (cmd_verify): Create audit context. + (gpgsm_server): Release the context. + + * gpgsm.h (struct server_control_s): Add member AUDIT, include + audit.h. + * certdump.c (gpgsm_format_sn_issuer): New. + * verify.c (hash_data): Return an error code. + (gpgsm_verify): Add calls to audit_log. + + * gpgsm.c (get_status_string): Remove. + * gpgsm.h: Include status.h instead of errors.h. + 2007-10-19 Werner Koch <[email protected]> * qualified.c (gpgsm_qualified_consent): Use i18N-swicth functions. diff --git a/sm/call-agent.c b/sm/call-agent.c index 88447bd63..3f4e11ec2 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -81,6 +81,7 @@ start_agent (ctrl_t ctrl) opt.agent_program, opt.display, opt.ttyname, opt.ttytype, opt.lc_ctype, opt.lc_messages, + opt.xauthority, opt.pinentry_user_data, opt.verbose, DBG_ASSUAN, gpgsm_status2, ctrl); diff --git a/sm/certchain.c b/sm/certchain.c index c2f61aa28..f30c0c0ae 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -1561,6 +1561,21 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, } } + /* If auditing has been enabled, record what is in the chain. */ + if (ctrl->audit) + { + chain_item_t ci; + + audit_log (ctrl->audit, AUDIT_CHAIN_BEGIN); + for (ci = chain; ci; ci = ci->next) + { + audit_log_cert (ctrl->audit, + ci->is_root? AUDIT_CHAIN_ROOTCERT : AUDIT_CHAIN_CERT, + ci->cert, 0); + } + audit_log (ctrl->audit, AUDIT_CHAIN_END); + } + if (r_exptime) gnupg_copy_time (r_exptime, exptime); xfree (issuer); @@ -1579,7 +1594,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, } -/* Validate a certifcate chain. For a description see the +/* Validate a certificate chain. For a description see do_validate_chain. This function is a wrapper to handle a root certificate with the chain_model flag set. If RETFLAGS is not NULL, flags indicating now the verification was done are stored diff --git a/sm/certdump.c b/sm/certdump.c index 9798cce4c..66c395f32 100644 --- a/sm/certdump.c +++ b/sm/certdump.c @@ -242,6 +242,37 @@ gpgsm_dump_cert (const char *text, ksba_cert_t cert) } +/* Return a new string holding the format serial number and issuer + ("#SN/issuer"). No filtering on invalid characters is done. + Caller must release the string. On memory failure NULL is + returned. */ +char * +gpgsm_format_sn_issuer (ksba_sexp_t sn, const char *issuer) +{ + char *p, *p1; + + if (sn && issuer) + { + p1 = gpgsm_format_serial (sn); + if (!p1) + p = xtrystrdup ("[invalid SN]"); + else + { + p = xtrymalloc (strlen (p1) + strlen (issuer) + 2 + 1); + if (p) + { + *p = '#'; + strcpy (stpcpy (stpcpy (p+1, p1),"/"), issuer); + } + xfree (p1); + } + } + else + p = xtrystrdup ("[invalid SN/issuer]"); + return p; +} + + /* Log the certificate's name in "#SN/ISSUERDN" format along with TEXT. */ void @@ -272,6 +303,8 @@ gpgsm_cert_log_name (const char *text, ksba_cert_t cert) + + /* helper for the rfc2253 string parser */ static const unsigned char * diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 0d6da9548..7ed4372a2 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -108,6 +108,7 @@ enum cmd_and_opt_values { oFixedPassphrase, oLogFile, oNoLogFile, + oAuditLog, oEnableSpecialFilenames, @@ -117,6 +118,7 @@ enum cmd_and_opt_values { oTTYtype, oLCctype, oLCmessages, + oXauthority, oPreferSystemDirmngr, oDirmngrProgram, @@ -336,12 +338,13 @@ static ARGPARSE_OPTS opts[] = { { oTextmode, "textmode", 0, N_("use canonical text mode")}, #endif - { oOutput, "output", 2, N_("use as output file")}, + { oOutput, "output", 2, N_("|FILE|write output to FILE")}, { oVerbose, "verbose", 0, N_("verbose") }, { oQuiet, "quiet", 0, N_("be somewhat more quiet") }, { oNoTTY, "no-tty", 0, N_("don't use the terminal at all") }, - { oLogFile, "log-file" ,2, N_("use a log file for the server")}, + { oLogFile, "log-file" ,2, N_("|FILE|write a server mode log to FILE")}, { oNoLogFile, "no-log-file" ,0, "@"}, + { oAuditLog, "audit-log", 2, N_("|FILE|write an audit log to FILE")}, #if 0 { oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") }, { oForceMDC, "force-mdc", 0, N_("always use a MDC for encryption") }, @@ -424,6 +427,7 @@ static ARGPARSE_OPTS opts[] = { { oTTYtype, "ttytype", 2, "@" }, { oLCctype, "lc-ctype", 2, "@" }, { oLCmessages, "lc-messages", 2, "@" }, + { oXauthority, "xauthority", 2, "@" }, { oDirmngrProgram, "dirmngr-program", 2 , "@" }, { oProtectToolProgram, "protect-tool-program", 2 , "@" }, { oFakedSystemTime, "faked-system-time", 2, "@" }, /* (epoch time) */ @@ -831,6 +835,7 @@ main ( int argc, char **argv) int default_config =1; int default_keyring = 1; char *logfile = NULL; + char *auditlog = NULL; int greeting = 0; int nogreeting = 0; int debug_wait = 0; @@ -1151,6 +1156,8 @@ main ( int argc, char **argv) case oLogFile: logfile = pargs.r.ret_str; break; case oNoLogFile: logfile = NULL; break; + case oAuditLog: auditlog = pargs.r.ret_str; break; + case oBatch: opt.batch = 1; greeting = 0; @@ -1201,6 +1208,7 @@ main ( int argc, char **argv) case oTTYtype: opt.ttytype = xstrdup (pargs.r.ret_str); break; case oLCctype: opt.lc_ctype = xstrdup (pargs.r.ret_str); break; case oLCmessages: opt.lc_messages = xstrdup (pargs.r.ret_str); break; + case oXauthority: opt.xauthority = xstrdup (pargs.r.ret_str); break; case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break; case oPreferSystemDirmngr: opt.prefer_system_dirmngr = 1; break; case oProtectToolProgram: @@ -1343,6 +1351,11 @@ main ( int argc, char **argv) } # endif + if (auditlog) + log_info ("NOTE: The audit log feature (--audit-log) is " + "WORK IN PRORESS and not ready for use!\n"); + + if (may_coredump && !opt.quiet) log_info (_("WARNING: program may create a core file!\n")); @@ -1636,6 +1649,7 @@ main ( int argc, char **argv) case aVerify: { FILE *fp = NULL; + FILE *auditfp = NULL; set_binary (stdin); if (argc == 2 && opt.outfile) @@ -1643,6 +1657,13 @@ main ( int argc, char **argv) else if (opt.outfile) fp = open_fwrite (opt.outfile); + if (auditlog) + { + audit_release (ctrl.audit); + ctrl.audit = audit_new (); + auditfp = open_fwrite (auditlog); + } + if (!argc) gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */ else if (argc == 1) @@ -1652,8 +1673,17 @@ main ( int argc, char **argv) else wrong_args ("--verify [signature [detached_data]]"); + if (auditlog) + { + audit_print_result (ctrl.audit, auditfp); + audit_release (ctrl.audit); + ctrl.audit = NULL; + } + if (fp && fp != stdout) fclose (fp); + if (auditfp && auditfp != stdout) + fclose (auditfp); } break; diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 7c9066577..8f9692a73 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -29,8 +29,9 @@ #include <ksba.h> #include "../common/util.h" -#include "../common/errors.h" +#include "../common/status.h" #include "../common/estream.h" +#include "../common/audit.h" #define MAX_DIGEST_LEN 24 @@ -53,6 +54,8 @@ struct char *ttytype; char *lc_ctype; char *lc_messages; + char *xauthority; + char *pinentry_user_data; const char *dirmngr_program; int prefer_system_dirmngr; /* Prefer using a system wide drimngr. */ @@ -147,6 +150,9 @@ struct server_control_s int no_server; /* We are not running under server control */ int status_fd; /* Only for non-server mode */ struct server_local_s *server_local; + + audit_ctx_t audit; /* NULL or a context for the audit subsystem. */ + int with_colons; /* Use column delimited output format */ int with_chain; /* Include the certifying certs in a listing */ int with_validation;/* Validate each key while listing. */ @@ -248,6 +254,7 @@ void gpgsm_dump_string (const char *string); char *gpgsm_format_serial (ksba_const_sexp_t p); char *gpgsm_format_name2 (const char *name, int translate); char *gpgsm_format_name (const char *name); +char *gpgsm_format_sn_issuer (ksba_sexp_t sn, const char *issuer); char *gpgsm_fpr_and_name_for_status (ksba_cert_t cert); @@ -76,6 +76,13 @@ setup_pinentry_env (void) else if ( (lc = setlocale (LC_MESSAGES, "")) ) setenv ("LC_MESSAGES", lc, 1); #endif + + if (opt.xauthority) + setenv ("XAUTHORITY", opt.xauthority, 1); + + if (opt.pinentry_user_data) + setenv ("PINENTRY_USER_DATA", opt.pinentry_user_data, 1); + #endif /*!HAVE_W32_SYSTEM*/ } diff --git a/sm/server.c b/sm/server.c index f780bf832..3b0968257 100644 --- a/sm/server.c +++ b/sm/server.c @@ -1,5 +1,6 @@ /* server.c - Server mode and main entry point - * Copyright (C) 2001, 2002, 2003, 2004 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, + * 2007 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -44,6 +45,7 @@ struct server_local_s { int list_internal; int list_external; int list_to_output; /* Write keylistings to the output fd. */ + int enable_audit_log; /* Use an audit log. */ certlist_t recplist; certlist_t signerlist; certlist_t default_recplist; /* As set by main() - don't release. */ @@ -161,6 +163,19 @@ close_message_fd (ctrl_t ctrl) } +/* Start a new audit session if this has been enabled. */ +static gpg_error_t +start_audit_session (ctrl_t ctrl) +{ + audit_release (ctrl->audit); + ctrl->audit = NULL; + if (ctrl->server_local->enable_audit_log && !(ctrl->audit = audit_new ()) ) + return gpg_error_from_syserror (); + + return 0; +} + + static int option_handler (assuan_context_t ctx, const char *key, const char *value) { @@ -213,6 +228,22 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) if (!opt.lc_messages) return out_of_core (); } + else if (!strcmp (key, "xauthority")) + { + if (opt.xauthority) + free (opt.xauthority); + opt.xauthority = strdup (value); + if (!opt.xauthority) + return out_of_core (); + } + else if (!strcmp (key, "pinentry-user-data")) + { + if (opt.pinentry_user_data) + free (opt.pinentry_user_data); + opt.pinentry_user_data = strdup (value); + if (!opt.pinentry_user_data) + return out_of_core (); + } else if (!strcmp (key, "list-mode")) { int i = *value? atoi (value) : 0; @@ -256,6 +287,11 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) { opt.with_key_data = 1; } + else if (!strcmp (key, "enable-audit-log")) + { + int i = *value? atoi (value) : 0; + ctrl->server_local->enable_audit_log = i; + } else return gpg_error (GPG_ERR_UNKNOWN_OPTION); @@ -519,8 +555,10 @@ cmd_verify (assuan_context_t ctx, char *line) return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); } - rc = gpgsm_verify (assuan_get_pointer (ctx), fd, - ctrl->server_local->message_fd, out_fp); + rc = start_audit_session (ctrl); + if (!rc) + rc = gpgsm_verify (assuan_get_pointer (ctx), fd, + ctrl->server_local->message_fd, out_fp); if (out_fp) fclose (out_fp); @@ -1037,91 +1075,13 @@ gpgsm_server (certlist_t default_recplist) ctrl.server_local->signerlist = NULL; xfree (ctrl.server_local); + audit_release (ctrl.audit); + ctrl.audit = NULL; + assuan_deinit_server (ctx); } -static const char * -get_status_string ( int no ) -{ - const char *s; - - switch (no) - { - case STATUS_ENTER : s = "ENTER"; break; - case STATUS_LEAVE : s = "LEAVE"; break; - case STATUS_ABORT : s = "ABORT"; break; - case STATUS_NEWSIG : s = "NEWSIG"; break; - case STATUS_GOODSIG: s = "GOODSIG"; break; - case STATUS_SIGEXPIRED: s = "SIGEXPIRED"; break; - case STATUS_KEYREVOKED: s = "KEYREVOKED"; break; - case STATUS_BADSIG : s = "BADSIG"; break; - case STATUS_ERRSIG : s = "ERRSIG"; break; - case STATUS_BADARMOR : s = "BADARMOR"; break; - case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA"; break; - case STATUS_TRUST_UNDEFINED: s = "TRUST_UNDEFINED"; break; - case STATUS_TRUST_NEVER : s = "TRUST_NEVER"; break; - case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL"; break; - case STATUS_TRUST_FULLY : s = "TRUST_FULLY"; break; - case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE"; break; - case STATUS_GET_BOOL : s = "GET_BOOL"; break; - case STATUS_GET_LINE : s = "GET_LINE"; break; - case STATUS_GET_HIDDEN : s = "GET_HIDDEN"; break; - case STATUS_GOT_IT : s = "GOT_IT"; break; - case STATUS_SHM_INFO : s = "SHM_INFO"; break; - case STATUS_SHM_GET : s = "SHM_GET"; break; - case STATUS_SHM_GET_BOOL : s = "SHM_GET_BOOL"; break; - case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN"; break; - case STATUS_NEED_PASSPHRASE: s = "NEED_PASSPHRASE"; break; - case STATUS_VALIDSIG : s = "VALIDSIG"; break; - case STATUS_SIG_ID : s = "SIG_ID"; break; - case STATUS_ENC_TO : s = "ENC_TO"; break; - case STATUS_NODATA : s = "NODATA"; break; - case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE"; break; - case STATUS_NO_PUBKEY : s = "NO_PUBKEY"; break; - case STATUS_NO_SECKEY : s = "NO_SECKEY"; break; - case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM"; break; - case STATUS_DECRYPTION_FAILED: s = "DECRYPTION_FAILED"; break; - case STATUS_DECRYPTION_OKAY: s = "DECRYPTION_OKAY"; break; - case STATUS_MISSING_PASSPHRASE: s = "MISSING_PASSPHRASE"; break; - case STATUS_GOOD_PASSPHRASE : s = "GOOD_PASSPHRASE"; break; - case STATUS_GOODMDC : s = "GOODMDC"; break; - case STATUS_BADMDC : s = "BADMDC"; break; - case STATUS_ERRMDC : s = "ERRMDC"; break; - case STATUS_IMPORTED : s = "IMPORTED"; break; - case STATUS_IMPORT_OK : s = "IMPORT_OK"; break; - case STATUS_IMPORT_RES : s = "IMPORT_RES"; break; - case STATUS_FILE_START : s = "FILE_START"; break; - case STATUS_FILE_DONE : s = "FILE_DONE"; break; - case STATUS_FILE_ERROR : s = "FILE_ERROR"; break; - case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION"; break; - case STATUS_END_DECRYPTION : s = "END_DECRYPTION"; break; - case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION"; break; - case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION"; break; - case STATUS_DELETE_PROBLEM : s = "DELETE_PROBLEM"; break; - case STATUS_PROGRESS : s = "PROGRESS"; break; - case STATUS_SIG_CREATED : s = "SIG_CREATED"; break; - case STATUS_SESSION_KEY : s = "SESSION_KEY"; break; - case STATUS_NOTATION_NAME : s = "NOTATION_NAME" ; break; - case STATUS_NOTATION_DATA : s = "NOTATION_DATA" ; break; - case STATUS_POLICY_URL : s = "POLICY_URL" ; break; - case STATUS_BEGIN_STREAM : s = "BEGIN_STREAM"; break; - case STATUS_END_STREAM : s = "END_STREAM"; break; - case STATUS_KEY_CREATED : s = "KEY_CREATED"; break; - case STATUS_UNEXPECTED : s = "UNEXPECTED"; break; - case STATUS_INV_RECP : s = "INV_RECP"; break; - case STATUS_NO_RECP : s = "NO_RECP"; break; - case STATUS_ALREADY_SIGNED : s = "ALREADY_SIGNED"; break; - case STATUS_EXPSIG : s = "EXPSIG"; break; - case STATUS_EXPKEYSIG : s = "EXPKEYSIG"; break; - case STATUS_TRUNCATED : s = "TRUNCATED"; break; - case STATUS_ERROR : s = "ERROR"; break; - case STATUS_IMPORT_PROBLEM : s = "IMPORT_PROBLEM"; break; - default: s = "?"; break; - } - return s; -} - gpg_error_t gpgsm_status2 (ctrl_t ctrl, int no, ...) diff --git a/sm/verify.c b/sm/verify.c index 4e92c11d8..b0ced0062 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -47,10 +47,11 @@ strtimestamp_r (ksba_isotime_t atime) -/* Hash the data for a detached signature */ -static void +/* Hash the data for a detached signature. Returns 0 on success. */ +static gpg_error_t hash_data (int fd, gcry_md_hd_t md) { + gpg_error_t err = 0; FILE *fp; char buffer[4096]; int nread; @@ -58,8 +59,9 @@ hash_data (int fd, gcry_md_hd_t md) fp = fdopen ( dup (fd), "rb"); if (!fp) { - log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno)); - return; + err = gpg_error_from_syserror (); + log_error ("fdopen(%d) failed: %s\n", fd, gpg_strerror (err)); + return err; } do @@ -69,8 +71,12 @@ hash_data (int fd, gcry_md_hd_t md) } while (nread); if (ferror (fp)) - log_error ("read error on fd %d: %s\n", fd, strerror (errno)); + { + err = gpg_error_from_syserror (); + log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err)); + } fclose (fp); + return err; } @@ -99,6 +105,8 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) FILE *fp = NULL; char *p; + audit_set_type (ctrl->audit, AUDIT_TYPE_VERIFY); + kh = keydb_new (0); if (!kh) { @@ -154,6 +162,8 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (DBG_HASHING) gcry_md_start_debug (data_md, "vrfy.data"); + audit_log (ctrl->audit, AUDIT_SETUP_READY); + is_detached = 0; do { @@ -167,6 +177,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (stopreason == KSBA_SR_NEED_HASH) { is_detached = 1; + audit_log (ctrl->audit, AUDIT_DETACHED_SIGNATURE); if (opt.verbose) log_info ("detached signature\n"); } @@ -185,17 +196,25 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) && ( !strcmp (algoid, "1.2.840.113549.1.1.2") ||!strcmp (algoid, "1.2.840.113549.2.2"))) log_info (_("(this is the MD2 algorithm)\n")); + audit_log_s (ctrl->audit, AUDIT_BAD_DATA_HASH_ALGO, algoid); } else - gcry_md_enable (data_md, algo); + { + gcry_md_enable (data_md, algo); + audit_log_i (ctrl->audit, AUDIT_DATA_HASH_ALGO, algo); + } } if (is_detached) { if (data_fd == -1) - log_info ("detached signature w/o data " - "- assuming certs-only\n"); + { + log_info ("detached signature w/o data " + "- assuming certs-only\n"); + audit_log (ctrl->audit, AUDIT_CERT_ONLY_SIG); + } else - hash_data (data_fd, data_md); + audit_log_ok (ctrl->audit, AUDIT_DATA_HASHING, + hash_data (data_fd, data_md)); } else { @@ -215,6 +234,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); + audit_log_ok (ctrl->audit, AUDIT_WRITE_ERROR, rc); goto leave; } } @@ -223,6 +243,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) { log_error ("data given for a non-detached signature\n"); rc = gpg_error (GPG_ERR_CONFLICT); + audit_log (ctrl->audit, AUDIT_USAGE_ERROR); goto leave; } @@ -232,7 +253,8 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) certificate first before entering it into the DB. This way we would avoid cluttering the DB with invalid certificates. */ - keydb_store_cert (cert, 0, NULL); + audit_log_cert (ctrl->audit, AUDIT_SAVE_CERT, cert, + keydb_store_cert (cert, 0, NULL)); ksba_cert_release (cert); } @@ -265,6 +287,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) } gpgsm_status (ctrl, STATUS_NEWSIG, NULL); + audit_log_i (ctrl->audit, AUDIT_NEW_SIG, signer); if (DBG_X509) { @@ -274,6 +297,12 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) gpgsm_dump_serial (serial); log_printf ("\n"); } + if (ctrl->audit) + { + char *tmpstr = gpgsm_format_sn_issuer (serial, issuer); + audit_log_s (ctrl->audit, AUDIT_SIG_NAME, tmpstr); + xfree (tmpstr); + } rc = ksba_cms_get_signing_time (cms, signer, sigtime); if (gpg_err_code (rc) == GPG_ERR_NO_DATA) @@ -300,6 +329,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) || !is_enabled) { log_error ("digest algo %d has not been enabled\n", algo); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "unsupported"); goto next_signer; } } @@ -311,7 +341,10 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) algo = 0; } else /* real error */ - break; + { + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error"); + break; + } rc = ksba_cms_get_sigattr_oids (cms, signer, "1.2.840.113549.1.9.3", &ctattr); @@ -330,6 +363,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) "actual content-type\n"); ksba_free (ctattr); ctattr = NULL; + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad"); goto next_signer; } ksba_free (ctattr); @@ -339,6 +373,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) { log_error ("error getting content-type attribute: %s\n", gpg_strerror (rc)); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad"); goto next_signer; } rc = 0; @@ -348,6 +383,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (!sigval) { log_error ("no signature value available\n"); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad"); goto next_signer; } if (DBG_X509) @@ -373,8 +409,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) gpgsm_status2 (ctrl, STATUS_ERROR, "verify.findkey", numbuf, NULL); } - /* fixme: we might want to append the issuer and serial - using our standard notation */ + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "no-cert"); goto next_signer; } @@ -382,6 +417,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (rc) { log_error ("failed to get cert: %s\n", gpg_strerror (rc)); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error"); goto next_signer; } @@ -413,6 +449,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) fpr = gpgsm_fpr_and_name_for_status (cert); gpgsm_status (ctrl, STATUS_BADSIG, fpr); xfree (fpr); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad"); goto next_signer; } @@ -420,6 +457,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (rc) { log_error ("md_open failed: %s\n", gpg_strerror (rc)); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error"); goto next_signer; } if (DBG_HASHING) @@ -432,6 +470,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) log_error ("hashing signed attrs failed: %s\n", gpg_strerror (rc)); gcry_md_close (md); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error"); goto next_signer; } rc = gpgsm_check_cms_signature (cert, sigval, md, algo, @@ -452,6 +491,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) fpr = gpgsm_fpr_and_name_for_status (cert); gpgsm_status (ctrl, STATUS_BADSIG, fpr); xfree (fpr); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad"); goto next_signer; } rc = gpgsm_cert_use_verify_p (cert); /*(this displays an info message)*/ @@ -464,6 +504,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) if (DBG_X509) log_debug ("signature okay - checking certs\n"); + audit_log (ctrl->audit, AUDIT_VALIDATE_CHAIN); rc = gpgsm_validate_chain (ctrl, cert, *sigtime? sigtime : "19700101T000000", keyexptime, 0, @@ -506,9 +547,12 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) else gpgsm_status_with_err_code (ctrl, STATUS_TRUST_UNDEFINED, NULL, gpg_err_code (rc)); + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad"); goto next_signer; } + audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "good"); + for (i=0; (p = ksba_cert_get_subject (cert, i)); i++) { log_info (!i? _("Good signature from") |