aboutsummaryrefslogtreecommitdiffstats
path: root/agent
diff options
context:
space:
mode:
Diffstat (limited to 'agent')
-rw-r--r--agent/ChangeLog27
-rw-r--r--agent/agent.h19
-rw-r--r--agent/call-scd.c83
-rw-r--r--agent/command.c19
-rw-r--r--agent/divert-scd.c16
-rw-r--r--agent/findkey.c12
-rw-r--r--agent/genkey.c12
-rw-r--r--agent/gpg-agent.c26
-rw-r--r--agent/learncard.c92
-rw-r--r--agent/minip12.c58
-rw-r--r--agent/minip12.h9
-rw-r--r--agent/pkdecrypt.c10
-rw-r--r--agent/pksign.c12
-rw-r--r--agent/protect-tool.c58
-rw-r--r--agent/protect.c30
15 files changed, 346 insertions, 137 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog
index 573a13649..98d86ed74 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,3 +1,30 @@
+2003-06-26 Werner Koch <[email protected]>
+
+ * call-scd.c (agent_card_serialno): Don't do a RESET anymore.
+
+2003-06-25 Werner Koch <[email protected]>
+
+ * command.c (cmd_scd): New.
+ * call-scd.c (agent_card_scd): New.
+ * divert-scd.c (divert_generic_cmd): New
+
+ * call-scd.c (agent_card_learn): New callback args SINFO.
+ (learn_status_cb): Pass all other status lines to the sinfo
+ callback.
+ * learncard.c (release_sinfo, sinfo_cb): New.
+ (agent_handle_learn): Pass the new cb to the learn function and
+ pass the collected information back to the client's assuan
+ connection.
+
+ * gpg-agent.c (main): Moved pth_init before gcry_check_version.
+
+2003-06-24 Werner Koch <[email protected]>
+
+ * gpg-agent.c (handle_connections): Adjusted for Pth 2.0
+
+ Adjusted for changes in the libgcrypt API. Some more fixes for the
+ libgpg-error stuff.
+
2003-06-04 Werner Koch <[email protected]>
Renamed error codes from INVALID to INV and removed _ERROR suffixes.
diff --git a/agent/agent.h b/agent/agent.h
index cc4bb7a20..eb4f4e32d 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -1,5 +1,5 @@
/* agent.h - Global definitions for the agent
- * Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -130,8 +130,9 @@ void start_command_handler (int, int);
/*-- findkey.c --*/
int agent_write_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force);
-GCRY_SEXP agent_key_from_file (CTRL ctrl, const unsigned char *grip,
- unsigned char **shadow_info, int ignore_cache);
+gcry_sexp_t agent_key_from_file (CTRL ctrl, const unsigned char *grip,
+ unsigned char **shadow_info,
+ int ignore_cache);
int agent_key_available (const unsigned char *grip);
/*-- query.c --*/
@@ -160,7 +161,7 @@ int agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
/*-- genkey.c --*/
int agent_genkey (CTRL ctrl,
const char *keyparam, size_t keyparmlen, FILE *outfp);
-int agent_protect_and_store (CTRL ctrl, GCRY_SEXP s_skey);
+int agent_protect_and_store (CTRL ctrl, gcry_sexp_t s_skey);
/*-- protect.c --*/
int agent_protect (const unsigned char *plainkey, const char *passphrase,
@@ -189,12 +190,17 @@ int divert_pkdecrypt (CTRL ctrl,
const unsigned char *cipher,
const unsigned char *shadow_info,
char **r_buf, size_t *r_len);
+int divert_generic_cmd (CTRL ctrl, const char *cmdline, void *assuan_context);
+
/*-- call-scd.c --*/
int agent_card_learn (void (*kpinfo_cb)(void*, const char *),
void *kpinfo_cb_arg,
void (*certinfo_cb)(void*, const char *),
- void *certinfo_cb_arg);
+ void *certinfo_cb_arg,
+ void (*sinfo_cb)(void*, const char *,
+ size_t, const char *),
+ void *sinfo_cb_arg);
int agent_card_serialno (char **r_serialno);
int agent_card_pksign (const char *keyid,
int (*getpin_cb)(void *, const char *, char*, size_t),
@@ -208,6 +214,9 @@ int agent_card_pkdecrypt (const char *keyid,
char **r_buf, size_t *r_buflen);
int agent_card_readcert (const char *id, char **r_buf, size_t *r_buflen);
int agent_card_readkey (const char *id, unsigned char **r_buf);
+int agent_card_scd (const char *cmdline,
+ int (*getpin_cb)(void *, const char *, char*, size_t),
+ void *getpin_cb_arg, void *assuan_context);
/*-- learncard.c --*/
diff --git a/agent/call-scd.c b/agent/call-scd.c
index 30e7d6f00..90d4a6caf 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -57,6 +57,8 @@ struct learn_parm_s {
void *kpinfo_cb_arg;
void (*certinfo_cb)(void*, const char *);
void *certinfo_cb_arg;
+ void (*sinfo_cb)(void*, const char *, size_t, const char *);
+ void *sinfo_cb_arg;
};
struct inq_needpin_s {
@@ -245,8 +247,10 @@ learn_status_cb (void *opaque, const char *line)
{
log_debug ("learn_status_cb: serialno `%s'\n", line);
}
- else
- log_debug ("learn_status_cb: ignoring `%.*s'\n", keywordlen, keyword);
+ else if (keywordlen && *line)
+ {
+ parm->sinfo_cb (parm->sinfo_cb_arg, keyword, keywordlen, line);
+ }
return 0;
}
@@ -257,7 +261,9 @@ int
agent_card_learn (void (*kpinfo_cb)(void*, const char *),
void *kpinfo_cb_arg,
void (*certinfo_cb)(void*, const char *),
- void *certinfo_cb_arg)
+ void *certinfo_cb_arg,
+ void (*sinfo_cb)(void*, const char *, size_t, const char *),
+ void *sinfo_cb_arg)
{
int rc;
struct learn_parm_s parm;
@@ -271,6 +277,8 @@ agent_card_learn (void (*kpinfo_cb)(void*, const char *),
parm.kpinfo_cb_arg = kpinfo_cb_arg;
parm.certinfo_cb = certinfo_cb;
parm.certinfo_cb_arg = certinfo_cb_arg;
+ parm.sinfo_cb = sinfo_cb;
+ parm.sinfo_cb_arg = sinfo_cb_arg;
rc = assuan_transact (scd_ctx, "LEARN --force",
NULL, NULL, NULL, NULL,
learn_status_cb, &parm);
@@ -329,9 +337,9 @@ agent_card_serialno (char **r_serialno)
we can do this if we for some reason figure out that the
operation might have failed due to a missing RESET. Hmmm, I feel
this is really SCdaemon's duty */
- rc = assuan_transact (scd_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL);
- if (rc)
- return unlock_scd (map_assuan_err (rc));
+/* rc = assuan_transact (scd_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); */
+/* if (rc) */
+/* return unlock_scd (map_assuan_err (rc)); */
rc = assuan_transact (scd_ctx, "SERIALNO",
NULL, NULL, NULL, NULL,
@@ -592,3 +600,66 @@ agent_card_readkey (const char *id, unsigned char **r_buf)
+
+static AssuanError
+pass_status_thru (void *opaque, const char *line)
+{
+ ASSUAN_CONTEXT ctx = opaque;
+ char keyword[200];
+ int i;
+
+ for (i=0; *line && !spacep (line) && i < DIM(keyword)-1; line++, i++)
+ keyword[i] = *line;
+ keyword[i] = 0;
+ /* truncate any remaining keyword stuff. */
+ for (; *line && !spacep (line); line++)
+ ;
+ while (spacep (line))
+ line++;
+
+ assuan_write_status (ctx, keyword, line);
+ return 0;
+}
+
+static AssuanError
+pass_data_thru (void *opaque, const void *buffer, size_t length)
+{
+ ASSUAN_CONTEXT ctx = opaque;
+
+ assuan_send_data (ctx, buffer, length);
+ return 0;
+}
+
+
+/* Send the line CMDLINE with command for the SCDdaemon to it and send
+ all status messages back. This command is used as a general quoting
+ mechanism to pass everything verbatim to SCDAEMOPN. The PIN
+ inquirey is handled inside gpg-agent. */
+int
+agent_card_scd (const char *cmdline,
+ int (*getpin_cb)(void *, const char *, char*, size_t),
+ void *getpin_cb_arg, void *assuan_context)
+{
+ int rc;
+ struct inq_needpin_s inqparm;
+
+ rc = start_scd ();
+ if (rc)
+ return rc;
+
+ inqparm.ctx = scd_ctx;
+ inqparm.getpin_cb = getpin_cb;
+ inqparm.getpin_cb_arg = getpin_cb_arg;
+ rc = assuan_transact (scd_ctx, cmdline,
+ pass_data_thru, assuan_context,
+ inq_needpin, &inqparm,
+ pass_status_thru, assuan_context);
+ if (rc)
+ {
+ return unlock_scd (map_assuan_err (rc));
+ }
+
+ return unlock_scd (0);
+}
+
+
diff --git a/agent/command.c b/agent/command.c
index 594b31fed..ed4ea6b02 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -549,7 +549,7 @@ cmd_passwd (ASSUAN_CONTEXT ctx, char *line)
CTRL ctrl = assuan_get_pointer (ctx);
int rc;
unsigned char grip[20];
- GCRY_SEXP s_skey = NULL;
+ gcry_sexp_t s_skey = NULL;
unsigned char *shadow_info = NULL;
rc = parse_keygrip (ctx, line, grip);
@@ -575,6 +575,22 @@ cmd_passwd (ASSUAN_CONTEXT ctx, char *line)
return map_to_assuan_status (rc);
}
+
+/* SCD <commands to pass to the scdaemon>
+
+ This is a general quote command to redirect everything to the
+ SCDAEMON. */
+static int
+cmd_scd (ASSUAN_CONTEXT ctx, char *line)
+{
+ CTRL ctrl = assuan_get_pointer (ctx);
+ int rc;
+
+ rc = divert_generic_cmd (ctrl, line, ctx);
+
+ return map_to_assuan_status (rc);
+}
+
static int
@@ -661,6 +677,7 @@ register_commands (ASSUAN_CONTEXT ctx)
{ "PASSWD", cmd_passwd },
{ "INPUT", NULL },
{ "OUTPUT", NULL },
+ { "SCD", cmd_scd },
{ NULL }
};
int i, rc;
diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 3a0c22e48..69f184474 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -1,5 +1,5 @@
/* divert-scd.c - divert operations to the scdaemon
- * Copyright (C) 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -103,7 +103,7 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid)
}
else
{
- log_error ("error accesing card: %s\n", gnupg_strerror (rc));
+ log_error ("error accesing card: %s\n", gpg_strerror (rc));
}
if (!rc)
@@ -305,3 +305,15 @@ divert_pkdecrypt (CTRL ctrl,
xfree (kid);
return rc;
}
+
+
+int
+divert_generic_cmd (CTRL ctrl, const char *cmdline, void *assuan_context)
+{
+ return agent_card_scd (cmdline, getpin_cb, ctrl, assuan_context);
+}
+
+
+
+
+
diff --git a/agent/findkey.c b/agent/findkey.c
index e6c4ad7f7..db36cb1b9 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -1,5 +1,5 @@
/* findkey.c - locate the secret key
- * Copyright (C) 2001,02 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -204,7 +204,7 @@ unprotect (CTRL ctrl,
an allocated S-Expression with the shadow_info part from the file.
With IGNORE_CACHE passed as true the passphrase is not taken from
the cache.*/
-GCRY_SEXP
+gcry_sexp_t
agent_key_from_file (CTRL ctrl,
const unsigned char *grip, unsigned char **shadow_info,
int ignore_cache)
@@ -215,7 +215,7 @@ agent_key_from_file (CTRL ctrl,
struct stat st;
unsigned char *buf;
size_t len, buflen, erroff;
- GCRY_SEXP s_skey;
+ gcry_sexp_t s_skey;
char hexgrip[40+4+1];
if (shadow_info)
@@ -260,7 +260,7 @@ agent_key_from_file (CTRL ctrl,
if (rc)
{
log_error ("failed to build S-Exp (off=%u): %s\n",
- (unsigned int)erroff, gcry_strerror (rc));
+ (unsigned int)erroff, gpg_strerror (rc));
return NULL;
}
len = gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, NULL, 0);
@@ -283,7 +283,7 @@ agent_key_from_file (CTRL ctrl,
rc = unprotect (ctrl, &buf, grip, ignore_cache);
if (rc)
log_error ("failed to unprotect the secret key: %s\n",
- gnupg_strerror (rc));
+ gpg_strerror (rc));
break;
case PRIVATE_KEY_SHADOWED:
if (shadow_info)
@@ -329,7 +329,7 @@ agent_key_from_file (CTRL ctrl,
if (rc)
{
log_error ("failed to build S-Exp (off=%u): %s\n",
- (unsigned int)erroff, gcry_strerror (rc));
+ (unsigned int)erroff, gpg_strerror (rc));
return NULL;
}
diff --git a/agent/genkey.c b/agent/genkey.c
index 28d71a677..0a0577f17 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -1,5 +1,5 @@
/* pksign.c - Generate a keypair
- * Copyright (C) 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -30,7 +30,7 @@
#include "i18n.h"
static int
-store_key (GCRY_SEXP private, const char *passphrase, int force)
+store_key (gcry_sexp_t private, const char *passphrase, int force)
{
int rc;
char *buf;
@@ -91,7 +91,7 @@ int
agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
FILE *outfp)
{
- GCRY_SEXP s_keyparam, s_key, s_private, s_public;
+ gcry_sexp_t s_keyparam, s_key, s_private, s_public;
struct pin_entry_info_s *pi, *pi2;
int rc;
size_t len;
@@ -100,7 +100,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
rc = gcry_sexp_sscan (&s_keyparam, NULL, keyparam, keyparamlen);
if (rc)
{
- log_error ("failed to convert keyparam: %s\n", gcry_strerror (rc));
+ log_error ("failed to convert keyparam: %s\n", gpg_strerror (rc));
return gpg_error (GPG_ERR_INV_DATA);
}
@@ -135,7 +135,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
gcry_sexp_release (s_keyparam);
if (rc)
{
- log_error ("key generation failed: %s\n", gcry_strerror (rc));
+ log_error ("key generation failed: %s\n", gpg_strerror (rc));
xfree (pi);
return map_gcry_err (rc);
}
@@ -204,7 +204,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen,
/* Apply a new passpahrse to the key S_SKEY and store it. */
int
-agent_protect_and_store (CTRL ctrl, GCRY_SEXP s_skey)
+agent_protect_and_store (CTRL ctrl, gcry_sexp_t s_skey)
{
struct pin_entry_info_s *pi, *pi2;
int rc;
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 780dfaddd..b8c69fb56 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -1,5 +1,5 @@
/* gpg-agent.c - The GnuPG Agent
- * Copyright (C) 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -37,11 +37,9 @@
# include <pth.h>
#endif
-#include <gcrypt.h>
-
#define JNLIB_NEED_LOG_LOGV
#include "agent.h"
-#include "../assuan/assuan.h" /* malloc hooks */
+#include <assuan.h> /* malloc hooks */
#include "i18n.h"
#include "sysutils.h"
@@ -336,6 +334,18 @@ main (int argc, char **argv )
log_set_prefix ("gpg-agent", 1|4);
i18n_init ();
+ /* We need to initialize Pth before libgcrypt, because the libgcrypt
+ initialization done by gcry_check_version internally sets up its
+ mutex system. Note that one must not link against pth if
+ USE_GNU_PTH is not defined. */
+#ifdef USE_GNU_PTH
+ if (!pth_init ())
+ {
+ log_error ("failed to initialize the Pth library\n");
+ exit (1);
+ }
+#endif /*USE_GNU_PTH*/
+
/* check that the libraries are suitable. Do it here because
the option parsing may need services of the library */
if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
@@ -715,12 +725,6 @@ main (int argc, char **argv )
{
struct sigaction sa;
- if (!pth_init ())
- {
- log_error ("failed to initialize the Pth library\n");
- exit (1);
- }
-
sa.sa_handler = SIG_IGN;
sigemptyset (&sa.sa_mask);
sa.sa_flags = 0;
@@ -1030,7 +1034,7 @@ handle_connections (int listen_fd)
fd = pth_accept_ev (listen_fd, (struct sockaddr *)&paddr, &plen, ev);
if (fd == -1)
{
- if (pth_event_occurred (ev))
+ if (pth_event_status (ev) == PTH_STATUS_OCCURRED)
{
handle_signal (signo);
continue;
diff --git a/agent/learncard.c b/agent/learncard.c
index d5c1aae26..28a74f972 100644
--- a/agent/learncard.c
+++ b/agent/learncard.c
@@ -1,5 +1,5 @@
/* learncard.c - Handle the LEARN command
- * Copyright (C) 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -59,6 +59,20 @@ struct certinfo_cb_parm_s {
};
+struct sinfo_s {
+ struct sinfo_s *next;
+ char *data; /* Points into keyword. */
+ char keyword[1];
+};
+typedef struct sinfo_s *SINFO;
+
+struct sinfo_cb_parm_s {
+ int error;;
+ SINFO info;
+};
+
+
+
static void
release_keypair_info (KEYPAIR_INFO info)
{
@@ -81,9 +95,20 @@ release_certinfo (CERTINFO info)
}
}
+static void
+release_sinfo (SINFO info)
+{
+ while (info)
+ {
+ SINFO tmp = info->next;
+ xfree (info);
+ info = tmp;
+ }
+}
+
-/* This callback is used by agent_card_leanr and passed the content of
+/* This callback is used by agent_card_learn and passed the content of
all KEYPAIRINFO lines. It merely stores this data away */
static void
kpinfo_cb (void *opaque, const char *line)
@@ -134,7 +159,7 @@ kpinfo_cb (void *opaque, const char *line)
}
-/* This callback is used by agent_card_leanr and passed the content of
+/* This callback is used by agent_card_learn and passed the content of
all CERTINFO lines. It merely stores this data away */
static void
certinfo_cb (void *opaque, const char *line)
@@ -173,6 +198,35 @@ certinfo_cb (void *opaque, const char *line)
}
+/* This callback is used by agent_card_learn and passed the content of
+ all SINFO lines. It merely stores this data away */
+static void
+sinfo_cb (void *opaque, const char *keyword, size_t keywordlen,
+ const char *data)
+{
+ struct sinfo_cb_parm_s *sparm = opaque;
+ SINFO item;
+
+ if (sparm->error)
+ return; /* no need to gather data after an error coccured */
+
+ item = xtrycalloc (1, sizeof *item + keywordlen + 1 + strlen (data));
+ if (!item)
+ {
+ sparm->error = out_of_core ();
+ return;
+ }
+ memcpy (item->keyword, keyword, keywordlen);
+ item->data = item->keyword + keywordlen;
+ *item->data = 0;
+ item->data++;
+ strcpy (item->data, data);
+ /* store it */
+ item->next = sparm->info;
+ sparm->info = item;
+}
+
+
/* Create an S-expression with the shadow info. */
static unsigned char *
make_shadow_info (const char *serialno, const char *idstring)
@@ -211,7 +265,7 @@ send_cert_back (const char *id, void *assuan_context)
if (rc)
{
log_error ("error reading certificate: %s\n",
- gnupg_strerror (rc));
+ gpg_strerror (rc));
return rc;
}
@@ -238,8 +292,10 @@ agent_handle_learn (void *assuan_context)
int rc;
struct kpinfo_cb_parm_s parm;
struct certinfo_cb_parm_s cparm;
+ struct sinfo_cb_parm_s sparm;
char *serialno = NULL;
KEYPAIR_INFO item;
+ SINFO sitem;
unsigned char grip[20];
char *p;
int i;
@@ -253,24 +309,35 @@ agent_handle_learn (void *assuan_context)
memset (&parm, 0, sizeof parm);
memset (&cparm, 0, sizeof cparm);
+ memset (&sparm, 0, sizeof sparm);
/* Check whether a card is present and get the serial number */
rc = agent_card_serialno (&serialno);
if (rc)
goto leave;
- /* now gather all the availabe info */
- rc = agent_card_learn (kpinfo_cb, &parm, certinfo_cb, &cparm);
- if (!rc && (parm.error || cparm.error))
- rc = parm.error? parm.error : cparm.error;
+ /* now gather all the available info */
+ rc = agent_card_learn (kpinfo_cb, &parm, certinfo_cb, &cparm,
+ sinfo_cb, &sparm);
+ if (!rc && (parm.error || cparm.error || sparm.error))
+ rc = parm.error? parm.error : cparm.error? cparm.error : sparm.error;
if (rc)
{
- log_debug ("agent_card_learn failed: %s\n", gnupg_strerror (rc));
+ log_debug ("agent_card_learn failed: %s\n", gpg_strerror (rc));
goto leave;
}
log_info ("card has S/N: %s\n", serialno);
+ /* Pass on all the collected status information. */
+ if (assuan_context)
+ {
+ for (sitem = sparm.info; sitem; sitem = sitem->next)
+ {
+ assuan_write_status (assuan_context, sitem->keyword, sitem->data);
+ }
+ }
+
/* Write out the certificates in a standard order. */
for (i=0; certtype_list[i] != -1; i++)
{
@@ -315,7 +382,7 @@ agent_handle_learn (void *assuan_context)
rc = agent_card_readkey (item->id, &pubkey);
if (rc)
{
- log_debug ("agent_card_readkey failed: %s\n", gnupg_strerror (rc));
+ log_debug ("agent_card_readkey failed: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -333,7 +400,7 @@ agent_handle_learn (void *assuan_context)
xfree (pubkey);
if (rc)
{
- log_error ("shadowing the key failed: %s\n", gnupg_strerror (rc));
+ log_error ("shadowing the key failed: %s\n", gpg_strerror (rc));
goto leave;
}
n = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
@@ -343,7 +410,7 @@ agent_handle_learn (void *assuan_context)
xfree (shdkey);
if (rc)
{
- log_error ("error writing key: %s\n", gnupg_strerror (rc));
+ log_error ("error writing key: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -374,6 +441,7 @@ agent_handle_learn (void *assuan_context)
xfree (serialno);
release_keypair_info (parm.info);
release_certinfo (cparm.info);
+ release_sinfo (sparm.info);
return rc;
}
diff --git a/agent/minip12.c b/agent/minip12.c
index d8d47336c..d86bcf00c 100644
--- a/agent/minip12.c
+++ b/agent/minip12.c
@@ -1,5 +1,5 @@
-/* minip12.c - A minilam pkcs-12 implementation.
- * Copyright (C) 2002 Free Software Foundation, Inc.
+/* minip12.c - A minimal pkcs-12 implementation.
+ * Copyright (C) 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -211,8 +211,8 @@ string_to_key (int id, char *salt, int iter, const char *pw,
int req_keylen, unsigned char *keybuf)
{
int rc, i, j;
- GcryMDHd md;
- GcryMPI num_b1 = NULL;
+ gcry_md_hd_t md;
+ gcry_mpi_t num_b1 = NULL;
int pwlen;
unsigned char hash[20], buf_b[64], buf_i[128], *p;
size_t cur_keylen;
@@ -240,11 +240,11 @@ string_to_key (int id, char *salt, int iter, const char *pw,
for (;;)
{
- md = gcry_md_open (GCRY_MD_SHA1, 0);
- if (!md)
+ rc = gcry_md_open (&md, GCRY_MD_SHA1, 0);
+ if (rc)
{
- log_error ( "gcry_md_open failed: %s\n", gcry_strerror (-1));
- return -1;
+ log_error ( "gcry_md_open failed: %s\n", gpg_strerror (rc));
+ return rc;
}
for(i=0; i < 64; i++)
gcry_md_putc (md, id);
@@ -269,20 +269,20 @@ string_to_key (int id, char *salt, int iter, const char *pw,
rc = gcry_mpi_scan (&num_b1, GCRYMPI_FMT_USG, buf_b, &n);
if (rc)
{
- log_error ( "gcry_mpi_scan failed: %s\n", gcry_strerror (rc));
+ log_error ( "gcry_mpi_scan failed: %s\n", gpg_strerror (rc));
return -1;
}
gcry_mpi_add_ui (num_b1, num_b1, 1);
for (i=0; i < 128; i += 64)
{
- GcryMPI num_ij;
+ gcry_mpi_t num_ij;
n = 64;
rc = gcry_mpi_scan (&num_ij, GCRYMPI_FMT_USG, buf_i + i, &n);
if (rc)
{
log_error ( "gcry_mpi_scan failed: %s\n",
- gcry_strerror (rc));
+ gpg_strerror (rc));
return -1;
}
gcry_mpi_add (num_ij, num_ij, num_b1);
@@ -292,7 +292,7 @@ string_to_key (int id, char *salt, int iter, const char *pw,
if (rc)
{
log_error ( "gcry_mpi_print failed: %s\n",
- gcry_strerror (rc));
+ gpg_strerror (rc));
return -1;
}
gcry_mpi_release (num_ij);
@@ -302,7 +302,7 @@ string_to_key (int id, char *salt, int iter, const char *pw,
static int
-set_key_iv (GcryCipherHd chd, char *salt, int iter, const char *pw)
+set_key_iv (gcry_cipher_hd_t chd, char *salt, int iter, const char *pw)
{
unsigned char keybuf[24];
int rc;
@@ -312,7 +312,7 @@ set_key_iv (GcryCipherHd chd, char *salt, int iter, const char *pw)
rc = gcry_cipher_setkey (chd, keybuf, 24);
if (rc)
{
- log_error ( "gcry_cipher_setkey failed: %s\n", gcry_strerror (rc));
+ log_error ( "gcry_cipher_setkey failed: %s\n", gpg_strerror (rc));
return -1;
}
@@ -321,7 +321,7 @@ set_key_iv (GcryCipherHd chd, char *salt, int iter, const char *pw)
rc = gcry_cipher_setiv (chd, keybuf, 8);
if (rc)
{
- log_error ("gcry_cipher_setiv failed: %s\n", gcry_strerror (rc));
+ log_error ("gcry_cipher_setiv failed: %s\n", gpg_strerror (rc));
return -1;
}
return 0;
@@ -332,13 +332,13 @@ static void
crypt_block (unsigned char *buffer, size_t length, char *salt, int iter,
const char *pw, int encrypt)
{
- GcryCipherHd chd;
+ gcry_cipher_hd_t chd;
int rc;
- chd = gcry_cipher_open (GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0);
- if (!chd)
+ rc = gcry_cipher_open (&chd, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0);
+ if (rc)
{
- log_error ( "gcry_cipher_open failed: %s\n", gcry_strerror(-1));
+ log_error ( "gcry_cipher_open failed: %s\n", gpg_strerror(-1));
return;
}
if (set_key_iv (chd, salt, iter, pw))
@@ -349,7 +349,7 @@ crypt_block (unsigned char *buffer, size_t length, char *salt, int iter,
if (rc)
{
- log_error ( "en/de-crytion failed: %s\n", gcry_strerror (rc));
+ log_error ( "en/de-crytion failed: %s\n", gpg_strerror (rc));
goto leave;
}
@@ -414,7 +414,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
return -1;
}
-static GcryMPI *
+static gcry_mpi_t *
parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
const char *pw)
{
@@ -427,7 +427,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
unsigned int iter;
int len;
unsigned char *plain = NULL;
- GcryMPI *result = NULL;
+ gcry_mpi_t *result = NULL;
int result_count, i;
where = "start";
@@ -593,7 +593,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
if (rc)
{
log_error ("error parsing key parameter: %s\n",
- gcry_strerror (rc));
+ gpg_strerror (rc));
goto bailout;
}
result_count++;
@@ -625,7 +625,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
that it is only able to look for 3DES encoded enctyptedData and
tries to extract the first private key object it finds. In case of
an error NULL is returned. */
-GcryMPI *
+gcry_mpi_t *
p12_parse (const unsigned char *buffer, size_t length, const char *pw)
{
struct tag_info ti;
@@ -859,7 +859,7 @@ create_final (struct buffer_s *sequences, size_t *r_length)
PW. Create a PKCS structure from it and return it as well as the
length in R_LENGTH; return NULL in case of an error. */
unsigned char *
-p12_build (GcryMPI *kparms, const char *pw, size_t *r_length)
+p12_build (gcry_mpi_t *kparms, const char *pw, size_t *r_length)
{
int rc, i;
size_t needed, n;
@@ -877,7 +877,7 @@ p12_build (GcryMPI *kparms, const char *pw, size_t *r_length)
rc = gcry_mpi_print (GCRYMPI_FMT_STD, NULL, &n, kparms[i]);
if (rc)
{
- log_error ("error formatting parameter: %s\n", gcry_strerror (rc));
+ log_error ("error formatting parameter: %s\n", gpg_strerror (rc));
return NULL;
}
needed += n;
@@ -951,7 +951,7 @@ p12_build (GcryMPI *kparms, const char *pw, size_t *r_length)
if (rc)
{
log_error ("oops: error formatting parameter: %s\n",
- gcry_strerror (rc));
+ gpg_strerror (rc));
gcry_free (plain);
return NULL;
}
@@ -962,7 +962,7 @@ p12_build (GcryMPI *kparms, const char *pw, size_t *r_length)
if (rc)
{
log_error ("oops: error storing parameter: %s\n",
- gcry_strerror (rc));
+ gpg_strerror (rc));
gcry_free (plain);
return NULL;
}
@@ -1131,7 +1131,7 @@ main (int argc, char **argv)
NULL, result[i]);
if (rc)
printf ("%d: [error printing number: %s]\n",
- i, gcry_strerror (rc));
+ i, gpg_strerror (rc));
else
{
printf ("%d: %s\n", i, buf);
diff --git a/agent/minip12.h b/agent/minip12.h
index 8573a2db0..122215549 100644
--- a/agent/minip12.h
+++ b/agent/minip12.h
@@ -1,5 +1,5 @@
/* minip12.h - Global definitions for the minimal pkcs-12 implementation.
- * Copyright (C) 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -23,10 +23,11 @@
#include <gcrypt.h>
-GcryMPI *p12_parse (const unsigned char *buffer, size_t length,
- const char *pw);
+gcry_mpi_t *p12_parse (const unsigned char *buffer, size_t length,
+ const char *pw);
-unsigned char *p12_build (GcryMPI *kparms, const char *pw, size_t *r_length);
+unsigned char *p12_build (gcry_mpi_t *kparms, const char *pw,
+ size_t *r_length);
#endif /*MINIP12_H*/
diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c
index baa886556..543a82737 100644
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@@ -1,5 +1,5 @@
/* pkdecrypt.c - public key decryption (well, acually using a secret key)
- * Copyright (C) 2001 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -38,7 +38,7 @@ int
agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
FILE *outfp)
{
- GCRY_SEXP s_skey = NULL, s_cipher = NULL, s_plain = NULL;
+ gcry_sexp_t s_skey = NULL, s_cipher = NULL, s_plain = NULL;
unsigned char *shadow_info = NULL;
int rc;
char *buf = NULL;
@@ -54,7 +54,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
rc = gcry_sexp_sscan (&s_cipher, NULL, ciphertext, ciphertextlen);
if (rc)
{
- log_error ("failed to convert ciphertext: %s\n", gcry_strerror (rc));
+ log_error ("failed to convert ciphertext: %s\n", gpg_strerror (rc));
rc = gpg_error (GPG_ERR_INV_DATA);
goto leave;
}
@@ -84,7 +84,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
rc = divert_pkdecrypt (ctrl, ciphertext, shadow_info, &buf, &len );
if (rc)
{
- log_error ("smartcard decryption failed: %s\n", gnupg_strerror (rc));
+ log_error ("smartcard decryption failed: %s\n", gpg_strerror (rc));
goto leave;
}
/* FIXME: don't use buffering and change the protocol to return
@@ -104,7 +104,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen,
rc = gcry_pk_decrypt (&s_plain, s_cipher, s_skey);
if (rc)
{
- log_error ("decryption failed: %s\n", gcry_strerror (rc));
+ log_error ("decryption failed: %s\n", gpg_strerror (rc));
rc = map_gcry_err (rc);
goto leave;
}
diff --git a/agent/pksign.c b/agent/pksign.c
index 25f1238df..a5f89e3f6 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -1,5 +1,5 @@
/* pksign.c - public key signing (well, acually using a secret key)
- * Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -33,7 +33,7 @@
static int
do_encode_md (const unsigned char *digest, size_t digestlen, int algo,
- unsigned int nbits, GCRY_MPI *r_val)
+ unsigned int nbits, gcry_mpi_t *r_val)
{
int nframe = (nbits+7) / 8;
byte *frame;
@@ -88,8 +88,8 @@ do_encode_md (const unsigned char *digest, size_t digestlen, int algo,
int
agent_pksign (CTRL ctrl, FILE *outfp, int ignore_cache)
{
- GCRY_SEXP s_skey = NULL, s_hash = NULL, s_sig = NULL;
- GCRY_MPI frame = NULL;
+ gcry_sexp_t s_skey = NULL, s_hash = NULL, s_sig = NULL;
+ gcry_mpi_t frame = NULL;
unsigned char *shadow_info = NULL;
int rc;
char *buf = NULL;
@@ -118,7 +118,7 @@ agent_pksign (CTRL ctrl, FILE *outfp, int ignore_cache)
shadow_info, &sigbuf);
if (rc)
{
- log_error ("smartcard signing failed: %s\n", gnupg_strerror (rc));
+ log_error ("smartcard signing failed: %s\n", gpg_strerror (rc));
goto leave;
}
len = gcry_sexp_canon_len (sigbuf, 0, NULL, NULL);
@@ -149,7 +149,7 @@ agent_pksign (CTRL ctrl, FILE *outfp, int ignore_cache)
rc = gcry_pk_sign (&s_sig, s_hash, s_skey);
if (rc)
{
- log_error ("signing failed: %s\n", gcry_strerror (rc));
+ log_error ("signing failed: %s\n", gpg_strerror (rc));
rc = map_gcry_err (rc);
goto leave;
}
diff --git a/agent/protect-tool.c b/agent/protect-tool.c
index 20e288779..b41730c10 100644
--- a/agent/protect-tool.c
+++ b/agent/protect-tool.c
@@ -1,5 +1,5 @@
/* protect-tool.c - A tool to test the secret key protection
- * Copyright (C) 2002 Free Software Foundation, Inc.
+ * Copyright (C) 2002, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -30,8 +30,6 @@
#include <sys/stat.h>
#include <unistd.h>
-#include <gcrypt.h>
-
#define JNLIB_NEED_LOG_LOGV
#include "agent.h"
#include "minip12.h"
@@ -61,12 +59,12 @@ aTest };
struct rsa_secret_key_s
{
- MPI n; /* public modulus */
- MPI e; /* public exponent */
- MPI d; /* exponent */
- MPI p; /* prime p. */
- MPI q; /* prime q. */
- MPI u; /* inverse of p mod q. */
+ gcry_mpi_t n; /* public modulus */
+ gcry_mpi_t e; /* public exponent */
+ gcry_mpi_t d; /* exponent */
+ gcry_mpi_t p; /* prime p. */
+ gcry_mpi_t q; /* prime q. */
+ gcry_mpi_t u; /* inverse of p mod q. */
};
@@ -162,7 +160,7 @@ my_gcry_logger (void *dummy, int level, const char *fmt, va_list arg_ptr)
/* static void */
-/* print_mpi (const char *text, GcryMPI a) */
+/* print_mpi (const char *text, gcry_mpi_t a) */
/* { */
/* char *buf; */
/* void *bufaddr = &buf; */
@@ -170,7 +168,7 @@ my_gcry_logger (void *dummy, int level, const char *fmt, va_list arg_ptr)
/* rc = gcry_mpi_aprint (GCRYMPI_FMT_HEX, bufaddr, NULL, a); */
/* if (rc) */
-/* log_info ("%s: [error printing number: %s]\n", text, gcry_strerror (rc)); */
+/* log_info ("%s: [error printing number: %s]\n", text, gpg_strerror (rc)); */
/* else */
/* { */
/* log_info ("%s: %s\n", text, buf); */
@@ -185,14 +183,14 @@ make_canonical (const char *fname, const char *buf, size_t buflen)
{
int rc;
size_t erroff, len;
- GCRY_SEXP sexp;
+ gcry_sexp_t sexp;
unsigned char *result;
rc = gcry_sexp_sscan (&sexp, &erroff, buf, buflen);
if (rc)
{
log_error ("invalid S-Expression in `%s' (off=%u): %s\n",
- fname, (unsigned int)erroff, gcry_strerror (rc));
+ fname, (unsigned int)erroff, gpg_strerror (rc));
return NULL;
}
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_CANON, NULL, 0);
@@ -209,14 +207,14 @@ make_advanced (const unsigned char *buf, size_t buflen)
{
int rc;
size_t erroff, len;
- GCRY_SEXP sexp;
+ gcry_sexp_t sexp;
unsigned char *result;
rc = gcry_sexp_sscan (&sexp, &erroff, buf, buflen);
if (rc)
{
log_error ("invalid canonical S-Expression (off=%u): %s\n",
- (unsigned int)erroff, gcry_strerror (rc));
+ (unsigned int)erroff, gpg_strerror (rc));
return NULL;
}
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0);
@@ -453,7 +451,7 @@ static void
show_keygrip (const char *fname)
{
unsigned char *key;
- GcrySexp private;
+ gcry_sexp_t private;
unsigned char grip[20];
int i;
@@ -485,10 +483,10 @@ static int
rsa_key_check (struct rsa_secret_key_s *skey)
{
int err = 0;
- MPI t = gcry_mpi_snew (0);
- MPI t1 = gcry_mpi_snew (0);
- MPI t2 = gcry_mpi_snew (0);
- MPI phi = gcry_mpi_snew (0);
+ gcry_mpi_t t = gcry_mpi_snew (0);
+ gcry_mpi_t t1 = gcry_mpi_snew (0);
+ gcry_mpi_t t2 = gcry_mpi_snew (0);
+ gcry_mpi_t phi = gcry_mpi_snew (0);
/* check that n == p * q */
gcry_mpi_mul (t, skey->p, skey->q);
@@ -501,7 +499,7 @@ rsa_key_check (struct rsa_secret_key_s *skey)
/* check that p is less than q */
if (gcry_mpi_cmp (skey->p, skey->q) > 0)
{
- GcryMPI tmp;
+ gcry_mpi_t tmp;
log_info ("swapping secret primes\n");
tmp = gcry_mpi_copy (skey->p);
@@ -573,9 +571,9 @@ import_p12_file (const char *fname)
size_t buflen, resultlen;
int i;
int rc;
- GcryMPI *kparms;
+ gcry_mpi_t *kparms;
struct rsa_secret_key_s sk;
- GcrySexp s_key;
+ gcry_sexp_t s_key;
unsigned char *key;
unsigned char grip[20];
@@ -635,7 +633,7 @@ import_p12_file (const char *fname)
if (rc)
{
log_error ("failed to created S-expression from key: %s\n",
- gcry_strerror (rc));
+ gpg_strerror (rc));
return;
}
@@ -687,16 +685,16 @@ import_p12_file (const char *fname)
-static GcryMPI *
-sexp_to_kparms (GCRY_SEXP sexp)
+static gcry_mpi_t *
+sexp_to_kparms (gcry_sexp_t sexp)
{
- GcrySexp list, l2;
+ gcry_sexp_t list, l2;
const char *name;
const char *s;
size_t n;
int i, idx;
const char *elems;
- GcryMPI *array;
+ gcry_mpi_t *array;
list = gcry_sexp_find_token (sexp, "private-key", 0 );
if(!list)
@@ -747,10 +745,10 @@ sexp_to_kparms (GCRY_SEXP sexp)
static void
export_p12_file (const char *fname)
{
- GcryMPI kparms[9], *kp;
+ gcry_mpi_t kparms[9], *kp;
unsigned char *key;
size_t keylen;
- GcrySexp private;
+ gcry_sexp_t private;
struct rsa_secret_key_s sk;
int i;
diff --git a/agent/protect.c b/agent/protect.c
index b686f3665..e438d53b4 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -1,5 +1,6 @@
/* protect.c - Un/Protect a secret key
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ * 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -135,19 +136,19 @@ do_encryption (const char *protbegin, size_t protlen,
const char *passphrase, const unsigned char *sha1hash,
unsigned char **result, size_t *resultlen)
{
- GCRY_CIPHER_HD hd;
+ gcry_cipher_hd_t hd;
const char *modestr = "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc";
int blklen, enclen, outlen;
char *iv = NULL;
- int rc = 0;
+ int rc;
char *outbuf = NULL;
char *p;
int saltpos, ivpos, encpos;
- hd = gcry_cipher_open (PROT_CIPHER, GCRY_CIPHER_MODE_CBC,
+ rc = gcry_cipher_open (&hd, PROT_CIPHER, GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
- if (!hd)
- return map_gcry_err (gcry_errno());
+ if (rc)
+ return rc;
/* We need to work on a copy of the data because this makes it
@@ -387,7 +388,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
{
int rc = 0;
int blklen;
- GCRY_CIPHER_HD hd;
+ gcry_cipher_hd_t hd;
unsigned char *outbuf;
size_t reallen;
@@ -395,10 +396,10 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
if (protectedlen < 4 || (protectedlen%blklen))
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
- hd = gcry_cipher_open (PROT_CIPHER, GCRY_CIPHER_MODE_CBC,
+ rc = gcry_cipher_open (&hd, PROT_CIPHER, GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
- if (!hd)
- return map_gcry_err (gcry_errno());
+ if (rc)
+ return rc;
outbuf = gcry_malloc_secure (protectedlen);
if (!outbuf)
@@ -750,7 +751,8 @@ hash_passphrase (const char *passphrase, int hashalgo,
unsigned long s2kcount,
unsigned char *key, size_t keylen)
{
- GCRY_MD_HD md;
+ int rc;
+ gcry_md_hd_t md;
int pass, i;
int used = 0;
int pwlen = strlen (passphrase);
@@ -761,9 +763,9 @@ hash_passphrase (const char *passphrase, int hashalgo,
if ((s2kmode == 1 ||s2kmode == 3) && !s2ksalt)
return gpg_error (GPG_ERR_INV_VALUE);
- md = gcry_md_open (hashalgo, GCRY_MD_FLAG_SECURE);
- if (!md)
- return map_gcry_err (gcry_errno());
+ rc = gcry_md_open (&md, hashalgo, GCRY_MD_FLAG_SECURE);
+ if (rc)
+ return rc;
for (pass=0; used < keylen; pass++)
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 10:26:17 +0000