diff options
| author | Werner Koch <[email protected]> | 2021-08-13 11:42:31 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2021-08-13 11:42:31 +0000 |
| commit | 7c45a69eb988e9c0329d75900af0c5b1e47291b7 (patch) | |
| tree | 96ced8bfada21a95699d862e4b44ad8025c43573 /agent/agent.h | |
| parent | indent: Add a git blame ignore file (diff) | |
| download | gnupg-7c45a69eb988e9c0329d75900af0c5b1e47291b7.tar.gz gnupg-7c45a69eb988e9c0329d75900af0c5b1e47291b7.zip | |
agent: New option --check-sym-passphrase-pattern.
* agent/gpg-agent.c (oCheckSymPassphrasePattern): New.
(opts): Add --check-sym-passphrase-pattern.
(parse_rereadable_options): Set option.
(main): Return option info.
* tools/gpgconf-comp.c: Add new option.
* agent/agent.h (opt): Add var check_sym_passphrase_pattern.
(struct pin_entry_info_s): Add var constraints_flags.
(CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1.
(CHECK_CONSTRAINTS_NEW_SYMKEY): New.
* agent/genkey.c (check_passphrase_pattern): Rename to ...
(do_check_passphrase_pattern): this to make code reading
easier. Handle the --check-sym-passphrase-pattern option.
(check_passphrase_constraints): Replace arg no_empty by a generic
flags arg. Also handle --check-sym-passphrase-pattern here.
* agent/command.c (cmd_get_passphrase): In --newsymkey mode pass
CHECK_CONSTRAINTS_NEW_SYMKEY flag.
* agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags.
(struct inq_cb_parm_s): New.
(inq_cb): Use new struct for parameter passing. Pass flags to teh
constraints checking.
(do_getpin): Pass constraints flag down.
(agent_askpin): Take constrainst flag from the supplied pinentry
struct.
--
Requirements for a passphrase to protect a private key and for a
passphrase used for symmetric encryption are different. Thus a
the use of a different pattern file will be useful. Note that a
pattern file can be used to replace the other passphrase constraints
options and thus we don't need to duplicate them for symmetric
encryption.
GnuPG-bug-id: 5517
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'agent/agent.h')
| -rw-r--r-- | agent/agent.h | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/agent/agent.h b/agent/agent.h index 23982626d..2bdee97c8 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -126,8 +126,11 @@ struct /* The minimum number of non-alpha characters in a passphrase. */ unsigned int min_passphrase_nonalpha; - /* File name with a patternfile or NULL if not enabled. */ + /* File name with a patternfile or NULL if not enabled. If the + * second one is set, it is used for symmetric only encryption + * instead of the former. */ const char *check_passphrase_pattern; + const char *check_sym_passphrase_pattern; /* If not 0 the user is asked to change his passphrase after these number of days. */ @@ -302,6 +305,7 @@ struct pin_entry_info_s int min_digits; /* min. number of digits required or 0 for freeform entry */ int max_digits; /* max. number of allowed digits allowed*/ int max_tries; /* max. number of allowed tries. */ + unsigned int constraints_flags; /* CHECK_CONSTRAINTS_... */ int failed_tries; /* Number of tries so far failed. */ int with_qualitybar; /* Set if the quality bar should be displayed. */ int with_repeat; /* Request repetition of the passphrase. */ @@ -524,7 +528,11 @@ gpg_error_t agent_pkdecrypt (ctrl_t ctrl, const char *desc_text, membuf_t *outbuf, int *r_padding); /*-- genkey.c --*/ -int check_passphrase_constraints (ctrl_t ctrl, const char *pw, int no_empty, +#define CHECK_CONSTRAINTS_NOT_EMPTY 1 +#define CHECK_CONSTRAINTS_NEW_SYMKEY 2 + +int check_passphrase_constraints (ctrl_t ctrl, const char *pw, + unsigned int flags, char **failed_constraint); gpg_error_t agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, char **r_passphrase); |