search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2006-09-06 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / g10 / call-agent.c
blob14218f83cbdd8a447eb7659f5395b3c757eb6998
1 /* call-agent.c - divert operations to the agent
2 * Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
19 * USA.
20 */
21
22 #if 0 /* let Emacs display a red warning */
23 #error fixme: this shares a lot of code with the file in ../sm
24 #endif
25
26 #include <config.h>
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <string.h>
30 #include <errno.h>
31 #include <unistd.h>
32 #include <time.h>
33 #include <assert.h>
34 #ifdef HAVE_LOCALE_H
35 #include <locale.h>
36 #endif
37 #include <assuan.h>
38
39 #include "gpg.h"
40 #include "util.h"
41 #include "membuf.h"
42 #include "options.h"
43 #include "i18n.h"
44 #include "call-agent.h"
45
46 #ifndef DBG_ASSUAN
47 # define DBG_ASSUAN 1
48 #endif
49
50 static assuan_context_t agent_ctx = NULL;
51 static int force_pipe_server;
52
53 struct cipher_parm_s
54 {
55 assuan_context_t ctx;
56 const char *ciphertext;
57 size_t ciphertextlen;
58 };
59
60 struct writekey_parm_s
61 {
62 assuan_context_t ctx;
63 const unsigned char *keydata;
64 size_t keydatalen;
65 };
66
67 struct genkey_parm_s
68 {
69 assuan_context_t ctx;
70 const char *sexp;
71 size_t sexplen;
72 };
73
74
75 \f
76 /* Try to connect to the agent via socket or fork it off and work by
77 pipes. Handle the server's initial greeting */
78 static int
79 start_agent (void)
80 {
81 int rc = 0;
82 char *infostr, *p;
83 assuan_context_t ctx;
84 char *dft_display = NULL;
85 char *dft_ttyname = NULL;
86 char *dft_ttytype = NULL;
87 char *old_lc = NULL;
88 char *dft_lc = NULL;
89
90 if (agent_ctx)
91 return 0; /* fixme: We need a context for each thread or serialize
92 the access to the agent. */
93
94 infostr = force_pipe_server? NULL : getenv ("GPG_AGENT_INFO");
95 if (!infostr || !*infostr)
96 {
97 const char *pgmname;
98 const char *argv[3];
99 int no_close_list[3];
100 int i;
101
102 if (opt.verbose)
103 log_info (_("no running gpg-agent - starting one\n"));
104
105 if (fflush (NULL))
106 {
107 gpg_error_t tmperr = gpg_error_from_errno (errno);
108 log_error ("error flushing pending output: %s\n", strerror (errno));
109 return tmperr;
110 }
111
112 if (!opt.agent_program || !*opt.agent_program)
113 opt.agent_program = GNUPG_DEFAULT_AGENT;
114 if ( !(pgmname = strrchr (opt.agent_program, '/')))
115 pgmname = opt.agent_program;
116 else
117 pgmname++;
118
119 argv[0] = pgmname;
120 argv[1] = "--server";
121 argv[2] = NULL;
122
123 i=0;
124 if (log_get_fd () != -1)
125 no_close_list[i++] = log_get_fd ();
126 no_close_list[i++] = fileno (stderr);
127 no_close_list[i] = -1;
128
129 /* connect to the agent and perform initial handshaking */
130 rc = assuan_pipe_connect (&ctx, opt.agent_program, argv,
131 no_close_list);
132 }
133 else
134 {
135 int prot;
136 int pid;
137
138 infostr = xstrdup (infostr);
139 if ( !(p = strchr (infostr, ':')) || p == infostr)
140 {
141 log_error (_("malformed GPG_AGENT_INFO environment variable\n"));
142 xfree (infostr);
143 force_pipe_server = 1;
144 return start_agent ();
145 }
146 *p++ = 0;
147 pid = atoi (p);
148 while (*p && *p != ':')
149 p++;
150 prot = *p? atoi (p+1) : 0;
151 if (prot != 1)
152 {
153 log_error (_("gpg-agent protocol version %d is not supported\n"),
154 prot);
155 xfree (infostr);
156 force_pipe_server = 1;
157 return start_agent ();
158 }
159
160 rc = assuan_socket_connect (&ctx, infostr, pid);
161 xfree (infostr);
162 if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED)
163 {
164 log_error (_("can't connect to the agent - trying fall back\n"));
165 force_pipe_server = 1;
166 return start_agent ();
167 }
168 }
169
170 if (rc)
171 {
172 log_error ("can't connect to the agent: %s\n", gpg_strerror (rc));
173 return gpg_error (GPG_ERR_NO_AGENT);
174 }
175 agent_ctx = ctx;
176
177 if (DBG_ASSUAN)
178 log_debug ("connection to agent established\n");
179
180 rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL);
181 if (rc)
182 return rc;
183
184 #ifdef __GNUC__
185 #warning put this code into common/asshelp.c
186 #endif
187
188 dft_display = getenv ("DISPLAY");
189 if (opt.display || dft_display)
190 {
191 char *optstr;
192 if (asprintf (&optstr, "OPTION display=%s",
193 opt.display ? opt.display : dft_display) < 0)
194 return gpg_error_from_errno (errno);
195 rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
196 NULL);
197 free (optstr);
198 if (rc)
199 return rc;
200 }
201 if (!opt.ttyname)
202 {
203 dft_ttyname = getenv ("GPG_TTY");
204 if ((!dft_ttyname || !*dft_ttyname) && ttyname (0))
205 dft_ttyname = ttyname (0);
206 }
207 if (opt.ttyname || dft_ttyname)
208 {
209 char *optstr;
210 if (asprintf (&optstr, "OPTION ttyname=%s",
211 opt.ttyname ? opt.ttyname : dft_ttyname) < 0)
212 return gpg_error_from_errno (errno);
213 rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
214 NULL);
215 free (optstr);
216 if (rc)
217 return rc;
218 }
219 dft_ttytype = getenv ("TERM");
220 if (opt.ttytype || (dft_ttyname && dft_ttytype))
221 {
222 char *optstr;
223 if (asprintf (&optstr, "OPTION ttytype=%s",
224 opt.ttyname ? opt.ttytype : dft_ttytype) < 0)
225 return gpg_error_from_errno (errno);
226 rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
227 NULL);
228 free (optstr);
229 if (rc)
230 return rc;
231 }
232 #if defined(HAVE_SETLOCALE) && defined(LC_CTYPE)
233 old_lc = setlocale (LC_CTYPE, NULL);
234 if (old_lc)
235 {
236 old_lc = strdup (old_lc);
237 if (!old_lc)
238 return gpg_error_from_errno (errno);
239
240 }
241 dft_lc = setlocale (LC_CTYPE, "");
242 #endif
243 if (opt.lc_ctype || (dft_ttyname && dft_lc))
244 {
245 char *optstr;
246 if (asprintf (&optstr, "OPTION lc-ctype=%s",
247 opt.lc_ctype ? opt.lc_ctype : dft_lc) < 0)
248 rc = gpg_error_from_errno (errno);
249 else
250 {
251 rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
252 NULL);
253 free (optstr);
254 }
255 }
256 #if defined(HAVE_SETLOCALE) && defined(LC_CTYPE)
257 if (old_lc)
258 {
259 setlocale (LC_CTYPE, old_lc);
260 free (old_lc);
261 }
262 #endif
263 if (rc)
264 return rc;
265 #if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES)
266 old_lc = setlocale (LC_MESSAGES, NULL);
267 if (old_lc)
268 {
269 old_lc = strdup (old_lc);
270 if (!old_lc)
271 return gpg_error_from_errno (errno);
272 }
273 dft_lc = setlocale (LC_MESSAGES, "");
274 #endif
275 if (opt.lc_messages || (dft_ttyname && dft_lc))
276 {
277 char *optstr;
278 if (asprintf (&optstr, "OPTION lc-messages=%s",
279 opt.lc_messages ? opt.lc_messages : dft_lc) < 0)
280 rc = gpg_error_from_errno (errno);
281 else
282 {
283 rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
284 NULL);
285 free (optstr);
286 }
287 }
288 #if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES)
289 if (old_lc)
290 {
291 setlocale (LC_MESSAGES, old_lc);
292 free (old_lc);
293 }
294 #endif
295
296 return rc;
297 }
298
299
300 /* Return a new malloced string by unescaping the string S. Escaping
301 is percent escaping and '+'/space mapping. A binary nul will
302 silently be replaced by a 0xFF. Function returns NULL to indicate
303 an out of memory status. */
304 static char *
305 unescape_status_string (const unsigned char *s)
306 {
307 char *buffer, *d;
308
309 buffer = d = xtrymalloc (strlen (s)+1);
310 if (!buffer)
311 return NULL;
312 while (*s)
313 {
314 if (*s == '%' && s[1] && s[2])
315 {
316 s++;
317 *d = xtoi_2 (s);
318 if (!*d)
319 *d = '\xff';
320 d++;
321 s += 2;
322 }
323 else if (*s == '+')
324 {
325 *d++ = ' ';
326 s++;
327 }
328 else
329 *d++ = *s++;
330 }
331 *d = 0;
332 return buffer;
333 }
334
335 /* Take a 20 byte hexencoded string and put it into the the provided
336 20 byte buffer FPR in binary format. */
337 static int
338 unhexify_fpr (const char *hexstr, unsigned char *fpr)
339 {
340 const char *s;
341 int n;
342
343 for (s=hexstr, n=0; hexdigitp (s); s++, n++)
344 ;
345 if (*s || (n != 40))
346 return 0; /* no fingerprint (invalid or wrong length). */
347 n /= 2;
348 for (s=hexstr, n=0; *s; s += 2, n++)
349 fpr[n] = xtoi_2 (s);
350 return 1; /* okay */
351 }
352
353 /* Take the serial number from LINE and return it verbatim in a newly
354 allocated string. We make sure that only hex characters are
355 returned. */
356 static char *
357 store_serialno (const char *line)
358 {
359 const char *s;
360 char *p;
361
362 for (s=line; hexdigitp (s); s++)
363 ;
364 p = xtrymalloc (s + 1 - line);
365 if (p)
366 {
367 memcpy (p, line, s-line);
368 p[s-line] = 0;
369 }
370 return p;
371 }
372
373
374 \f
375 #if 0
376 /* Handle a KEYPARMS inquiry. Note, we only send the data,
377 assuan_transact takes care of flushing and writing the end */
378 static int
379 inq_genkey_parms (void *opaque, const char *keyword)
380 {
381 struct genkey_parm_s *parm = opaque;
382 int rc;
383
384 rc = assuan_send_data (parm->ctx, parm->sexp, parm->sexplen);
385 return rc;
386 }
387
388
389 \f
390 /* Call the agent to generate a new key */
391 int
392 agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey)
393 {
394 int rc;
395 struct genkey_parm_s gk_parm;
396 membuf_t data;
397 size_t len;
398 char *buf;
399
400 *r_pubkey = NULL;
401 rc = start_agent ();
402 if (rc)
403 return rc;
404
405 rc = assuan_transact (agent_ctx, "RESET", NULL, NULL,
406 NULL, NULL, NULL, NULL);
407 if (rc)
408 return rc;
409
410 init_membuf (&data, 1024);
411 gk_parm.ctx = agent_ctx;
412 gk_parm.sexp = keyparms;
413 gk_parm.sexplen = gcry_sexp_canon_len (keyparms, 0, NULL, NULL);
414 if (!gk_parm.sexplen)
415 return gpg_error (GPG_ERR_INV_VALUE);
416 rc = assuan_transact (agent_ctx, "GENKEY",
417 membuf_data_cb, &data,
418 inq_genkey_parms, &gk_parm, NULL, NULL);
419 if (rc)
420 {
421 xfree (get_membuf (&data, &len));
422 return rc;
423 }
424 buf = get_membuf (&data, &len);
425 if (!buf)
426 return gpg_error (GPG_ERR_ENOMEM);
427 if (!gcry_sexp_canon_len (buf, len, NULL, NULL))
428 {
429 xfree (buf);
430 return gpg_error (GPG_ERR_INV_SEXP);
431 }
432 *r_pubkey = buf;
433 return 0;
434 }
435 #endif /*0*/
436
437
438 \f
439 /* Ask the agent whether the corresponding secret key is available for
440 the given keygrip. */
441 int
442 agent_havekey (const char *hexkeygrip)
443 {
444 int rc;
445 char line[ASSUAN_LINELENGTH];
446
447 rc = start_agent ();
448 if (rc)
449 return rc;
450
451 if (!hexkeygrip || strlen (hexkeygrip) != 40)
452 return gpg_error (GPG_ERR_INV_VALUE);
453
454 snprintf (line, DIM(line)-1, "HAVEKEY %s", hexkeygrip);
455 line[DIM(line)-1] = 0;
456
457 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
458 return rc;
459 }
460
461 \f
462 /* Release the card info structure INFO. */
463 void
464 agent_release_card_info (struct agent_card_info_s *info)
465 {
466 if (!info)
467 return;
468
469 xfree (info->serialno); info->serialno = NULL;
470 xfree (info->disp_name); info->disp_name = NULL;
471 xfree (info->disp_lang); info->disp_lang = NULL;
472 xfree (info->pubkey_url); info->pubkey_url = NULL;
473 xfree (info->login_data); info->login_data = NULL;
474 info->cafpr1valid = info->cafpr2valid = info->cafpr3valid = 0;
475 info->fpr1valid = info->fpr2valid = info->fpr3valid = 0;
476 }
477
478 static int
479 learn_status_cb (void *opaque, const char *line)
480 {
481 struct agent_card_info_s *parm = opaque;
482 const char *keyword = line;
483 int keywordlen;
484 int i;
485
486 for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
487 ;
488 while (spacep (line))
489 line++;
490
491 if (keywordlen == 8 && !memcmp (keyword, "SERIALNO", keywordlen))
492 {
493 xfree (parm->serialno);
494 parm->serialno = store_serialno (line);
495 }
496 else if (keywordlen == 9 && !memcmp (keyword, "DISP-NAME", keywordlen))
497 {
498 xfree (parm->disp_name);
499 parm->disp_name = unescape_status_string (line);
500 }
501 else if (keywordlen == 9 && !memcmp (keyword, "DISP-LANG", keywordlen))
502 {
503 xfree (parm->disp_lang);
504 parm->disp_lang = unescape_status_string (line);
505 }
506 else if (keywordlen == 8 && !memcmp (keyword, "DISP-SEX", keywordlen))
507 {
508 parm->disp_sex = *line == '1'? 1 : *line == '2' ? 2: 0;
509 }
510 else if (keywordlen == 10 && !memcmp (keyword, "PUBKEY-URL", keywordlen))
511 {
512 xfree (parm->pubkey_url);
513 parm->pubkey_url = unescape_status_string (line);
514 }
515 else if (keywordlen == 10 && !memcmp (keyword, "LOGIN-DATA", keywordlen))
516 {
517 xfree (parm->login_data);
518 parm->login_data = unescape_status_string (line);
519 }
520 else if (keywordlen == 11 && !memcmp (keyword, "SIG-COUNTER", keywordlen))
521 {
522 parm->sig_counter = strtoul (line, NULL, 0);
523 }
524 else if (keywordlen == 10 && !memcmp (keyword, "CHV-STATUS", keywordlen))
525 {
526 char *p, *buf;
527
528 buf = p = unescape_status_string (line);
529 if (buf)
530 {
531 while (spacep (p))
532 p++;
533 parm->chv1_cached = atoi (p);
534 while (*p && !spacep (p))
535 p++;
536 while (spacep (p))
537 p++;
538 for (i=0; *p && i < 3; i++)
539 {
540 parm->chvmaxlen[i] = atoi (p);
541 while (*p && !spacep (p))
542 p++;
543 while (spacep (p))
544 p++;
545 }
546 for (i=0; *p && i < 3; i++)
547 {
548 parm->chvretry[i] = atoi (p);
549 while (*p && !spacep (p))
550 p++;
551 while (spacep (p))
552 p++;
553 }
554 xfree (buf);
555 }
556 }
557 else if (keywordlen == 7 && !memcmp (keyword, "KEY-FPR", keywordlen))
558 {
559 int no = atoi (line);
560 while (*line && !spacep (line))
561 line++;
562 while (spacep (line))
563 line++;
564 if (no == 1)
565 parm->fpr1valid = unhexify_fpr (line, parm->fpr1);
566 else if (no == 2)
567 parm->fpr2valid = unhexify_fpr (line, parm->fpr2);
568 else if (no == 3)
569 parm->fpr3valid = unhexify_fpr (line, parm->fpr3);
570 }
571 else if (keywordlen == 6 && !memcmp (keyword, "CA-FPR", keywordlen))
572 {
573 int no = atoi (line);
574 while (*line && !spacep (line))
575 line++;
576 while (spacep (line))
577 line++;
578 if (no == 1)
579 parm->cafpr1valid = unhexify_fpr (line, parm->cafpr1);
580 else if (no == 2)
581 parm->cafpr2valid = unhexify_fpr (line, parm->cafpr2);
582 else if (no == 3)
583 parm->cafpr3valid = unhexify_fpr (line, parm->cafpr3);
584 }
585
586 return 0;
587 }
588
589 /* Call the agent to learn about a smartcard */
590 int
591 agent_learn (struct agent_card_info_s *info)
592 {
593 int rc;
594
595 rc = start_agent ();
596 if (rc)
597 return rc;
598
599 memset (info, 0, sizeof *info);
600 rc = assuan_transact (agent_ctx, "LEARN --send",
601 NULL, NULL, NULL, NULL,
602 learn_status_cb, info);
603
604 return rc;
605 }
606
607 /* Call the agent to retrieve a data object. This function returns
608 the data in the same structure as used by the learn command. It is
609 allowed to update such a structure using this commmand. */
610 int
611 agent_scd_getattr (const char *name, struct agent_card_info_s *info)
612 {
613 int rc;
614 char line[ASSUAN_LINELENGTH];
615
616 if (!*name)
617 return gpg_error (GPG_ERR_INV_VALUE);
618
619 /* We assume that NAME does not need escaping. */
620 if (12 + strlen (name) > DIM(line)-1)
621 return gpg_error (GPG_ERR_TOO_LARGE);
622 stpcpy (stpcpy (line, "SCD GETATTR "), name);
623
624 rc = start_agent ();
625 if (rc)
626 return rc;
627
628 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL,
629 learn_status_cb, info);
630
631 return rc;
632 }
633
634 \f
635 /* Send an setattr command to the SCdaemon. SERIALNO is not actually
636 used here but required by gpg 1.4's implementation of this code in
637 cardglue.c. */
638 int
639 agent_scd_setattr (const char *name,
640 const unsigned char *value, size_t valuelen,
641 const char *serialno)
642 {
643 int rc;
644 char line[ASSUAN_LINELENGTH];
645 char *p;
646
647 if (!*name || !valuelen)
648 return gpg_error (GPG_ERR_INV_VALUE);
649
650 /* We assume that NAME does not need escaping. */
651 if (12 + strlen (name) > DIM(line)-1)
652 return gpg_error (GPG_ERR_TOO_LARGE);
653
654 p = stpcpy (stpcpy (line, "SCD SETATTR "), name);
655 *p++ = ' ';
656 for (; valuelen; value++, valuelen--)
657 {
658 if (p >= line + DIM(line)-5 )
659 return gpg_error (GPG_ERR_TOO_LARGE);
660 if (*value < ' ' || *value == '+' || *value == '%')
661 {
662 sprintf (p, "%%%02X", *value);
663 p += 3;
664 }
665 else if (*value == ' ')
666 *p++ = '+';
667 else
668 *p++ = *value;
669 }
670 *p = 0;
671
672 rc = start_agent ();
673 if (rc)
674 return rc;
675
676 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
677 return rc;
678 }
679
680
681 \f
682 /* Handle a KEYDATA inquiry. Note, we only send the data,
683 assuan_transact takes care of flushing and writing the end */
684 static assuan_error_t
685 inq_writekey_parms (void *opaque, const char *keyword)
686 {
687 struct writekey_parm_s *parm = opaque;
688
689 return assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen);
690 }
691
692
693 /* Send a WRITEKEY command to the SCdaemon. */
694 int
695 agent_scd_writekey (int keyno, const char *serialno,
696 const unsigned char *keydata, size_t keydatalen)
697 {
698 int rc;
699 char line[ASSUAN_LINELENGTH];
700 struct writekey_parm_s parms;
701
702 rc = start_agent ();
703 if (rc)
704 return rc;
705
706 memset (&parms, 0, sizeof parms);
707
708 snprintf (line, DIM(line)-1, "SCD WRITEKEY --force OPENPGP.%d", keyno);
709 line[DIM(line)-1] = 0;
710 parms.ctx = agent_ctx;
711 parms.keydata = keydata;
712 parms.keydatalen = keydatalen;
713
714 rc = assuan_transact (agent_ctx, line, NULL, NULL,
715 inq_writekey_parms, &parms, NULL, NULL);
716
717 return rc;
718 }
719
720
721
722 \f
723 /* Status callback for the SCD GENKEY command. */
724 static int
725 scd_genkey_cb (void *opaque, const char *line)
726 {
727 struct agent_card_genkey_s *parm = opaque;
728 const char *keyword = line;
729 int keywordlen;
730 gpg_error_t rc;
731
732 log_debug ("got status line `%s'\n", line);
733 for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
734 ;
735 while (spacep (line))
736 line++;
737
738 if (keywordlen == 7 && !memcmp (keyword, "KEY-FPR", keywordlen))
739 {
740 parm->fprvalid = unhexify_fpr (line, parm->fpr);
741 }
742 if (keywordlen == 8 && !memcmp (keyword, "KEY-DATA", keywordlen))
743 {
744 gcry_mpi_t a;
745 const char *name = line;
746
747 while (*line && !spacep (line))
748 line++;
749 while (spacep (line))
750 line++;
751
752 rc = gcry_mpi_scan (&a, GCRYMPI_FMT_HEX, line, 0, NULL);
753 if (rc)
754 log_error ("error parsing received key data: %s\n", gpg_strerror (rc));
755 else if (*name == 'n' && spacep (name+1))
756 parm->n = a;
757 else if (*name == 'e' && spacep (name+1))
758 parm->e = a;
759 else
760 {
761 log_info ("unknown parameter name in received key data\n");
762 gcry_mpi_release (a);
763 }
764 }
765 else if (keywordlen == 14 && !memcmp (keyword,"KEY-CREATED-AT", keywordlen))
766 {
767 parm->created_at = (u32)strtoul (line, NULL, 10);
768 }
769
770 return 0;
771 }
772
773 /* Send a GENKEY command to the SCdaemon. SERIALNO is not used in
774 this implementation. */
775 int
776 agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
777 const char *serialno)
778 {
779 int rc;
780 char line[ASSUAN_LINELENGTH];
781
782 rc = start_agent ();
783 if (rc)
784 return rc;
785
786 memset (info, 0, sizeof *info);
787 snprintf (line, DIM(line)-1, "SCD GENKEY %s%d",
788 force? "--force ":"", keyno);
789 line[DIM(line)-1] = 0;
790
791 memset (info, 0, sizeof *info);
792 rc = assuan_transact (agent_ctx, line,
793 NULL, NULL, NULL, NULL,
794 scd_genkey_cb, info);
795
796 return rc;
797 }
798
799 \f
800 static int
801 membuf_data_cb (void *opaque, const void *buffer, size_t length)
802 {
803 membuf_t *data = opaque;
804
805 if (buffer)
806 put_membuf (data, buffer, length);
807 return 0;
808 }
809
810 /* Send a sign command to the scdaemon via gpg-agent's pass thru
811 mechanism. */
812 int
813 agent_scd_pksign (const char *serialno, int hashalgo,
814 const unsigned char *indata, size_t indatalen,
815 unsigned char **r_buf, size_t *r_buflen)
816 {
817 int rc, i;
818 char *p, line[ASSUAN_LINELENGTH];
819 membuf_t data;
820 size_t len;
821
822 /* Note, hashalgo is not yet used but hardwired to SHA1 in SCdaemon. */
823
824 *r_buf = NULL;
825 *r_buflen = 0;
826
827 rc = start_agent ();
828 if (rc)
829 return rc;
830
831 if (indatalen*2 + 50 > DIM(line))
832 return gpg_error (GPG_ERR_GENERAL);
833
834 sprintf (line, "SCD SETDATA ");
835 p = line + strlen (line);
836 for (i=0; i < indatalen ; i++, p += 2 )
837 sprintf (p, "%02X", indata[i]);
838 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
839 if (rc)
840 return rc;
841
842 init_membuf (&data, 1024);
843 #if 0
844 if (!hashalgo) /* Temporary test hack. */
845 snprintf (line, DIM(line)-1, "SCD PKAUTH %s", serialno);
846 else
847 #endif
848 snprintf (line, DIM(line)-1, "SCD PKSIGN %s", serialno);
849 line[DIM(line)-1] = 0;
850 rc = assuan_transact (agent_ctx, line, membuf_data_cb, &data,
851 NULL, NULL, NULL, NULL);
852 if (rc)
853 {
854 xfree (get_membuf (&data, &len));
855 return rc;
856 }
857 *r_buf = get_membuf (&data, r_buflen);
858
859 return 0;
860 }
861
862
863 /* Decrypt INDATA of length INDATALEN using the card identified by
864 SERIALNO. Return the plaintext in a nwly allocated buffer stored
865 at the address of R_BUF.
866
867 Note, we currently support only RSA or more exactly algorithms
868 taking one input data element. */
869 int
870 agent_scd_pkdecrypt (const char *serialno,
871 const unsigned char *indata, size_t indatalen,
872 unsigned char **r_buf, size_t *r_buflen)
873 {
874 int rc, i;
875 char *p, line[ASSUAN_LINELENGTH];
876 membuf_t data;
877 size_t len;
878
879 *r_buf = NULL;
880 rc = start_agent ();
881 if (rc)
882 return rc;
883
884 /* FIXME: use secure memory where appropriate */
885 if (indatalen*2 + 50 > DIM(line))
886 return gpg_error (GPG_ERR_GENERAL);
887
888 sprintf (line, "SCD SETDATA ");
889 p = line + strlen (line);
890 for (i=0; i < indatalen ; i++, p += 2 )
891 sprintf (p, "%02X", indata[i]);
892 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
893 if (rc)
894 return rc;
895
896 init_membuf (&data, 1024);
897 snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
898 line[DIM(line)-1] = 0;
899 rc = assuan_transact (agent_ctx, line,
900 membuf_data_cb, &data,
901 NULL, NULL, NULL, NULL);
902 if (rc)
903 {
904 xfree (get_membuf (&data, &len));
905 return rc;
906 }
907 *r_buf = get_membuf (&data, r_buflen);
908 if (!*r_buf)
909 return gpg_error (GPG_ERR_ENOMEM);
910
911 return 0;
912 }
913
914
915 /* Change the PIN of an OpenPGP card or reset the retry counter.
916 CHVNO 1: Change the PIN
917 2: Same as 1
918 3: Change the admin PIN
919 101: Set a new PIN and reset the retry counter
920 102: Same as 101
921 SERIALNO is not used.
922 */
923 int
924 agent_scd_change_pin (int chvno, const char *serialno)
925 {
926 int rc;
927 char line[ASSUAN_LINELENGTH];
928 const char *reset = "";
929
930 if (chvno >= 100)
931 reset = "--reset";
932 chvno %= 100;
933
934 rc = start_agent ();
935 if (rc)
936 return rc;
937
938 snprintf (line, DIM(line)-1, "SCD PASSWD %s %d", reset, chvno);
939 line[DIM(line)-1] = 0;
940 rc = assuan_transact (agent_ctx, line, NULL, NULL,
941 NULL, NULL, NULL, NULL);
942 return rc;
943 }
944
945
946 /* Perform a CHECKPIN operation. SERIALNO should be the serial
947 number of the card - optionally followed by the fingerprint;
948 however the fingerprint is ignored here. */
949 int
950 agent_scd_checkpin (const char *serialno)
951 {
952 int rc;
953 char line[ASSUAN_LINELENGTH];
954
955 rc = start_agent ();
956 if (rc)
957 return rc;
958
959 snprintf (line, DIM(line)-1, "SCD CHECKPIN %s", serialno);
960 line[DIM(line)-1] = 0;
961 return assuan_transact (agent_ctx, line,
962 NULL, NULL,
963 NULL, NULL, NULL, NULL);
964 }
965
966
967 /* Dummy function, only used by the gpg 1.4 implementation. */
968 void
969 agent_clear_pin_cache (const char *sn)
970 {
971
972 }
gnupg svn clone