search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix bug#1003.
[gnupg.git] / g10 / passphrase.c
blob0d7580d36e4d137dddb13c242d489d8d57de51e8
1 /* passphrase.c - Get a passphrase
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3 * 2005, 2006, 2007 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22 #include <stddef.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <assert.h>
28 #include <errno.h>
29 #ifdef HAVE_LOCALE_H
30 #include <locale.h>
31 #endif
32 #ifdef HAVE_LANGINFO_CODESET
33 #include <langinfo.h>
34 #endif
35
36 #include "gpg.h"
37 #include "util.h"
38 #include "options.h"
39 #include "ttyio.h"
40 #include "cipher.h"
41 #include "keydb.h"
42 #include "main.h"
43 #include "i18n.h"
44 #include "status.h"
45 #include "call-agent.h"
46
47
48 static char *fd_passwd = NULL;
49 static char *next_pw = NULL;
50 static char *last_pw = NULL;
51
52
53 /* Hash a passphrase using the supplied s2k. If create is true, create
54 a new salt or what else must be filled into the s2k for a new key.
55 always needs: dek->algo, s2k->mode, s2k->hash_algo. */
56 static void
57 hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k, int create )
58 {
59 gcry_md_hd_t md;
60 int pass, i;
61 int used = 0;
62 int pwlen = strlen(pw);
63
64 assert ( s2k->hash_algo );
65 dek->keylen = gcry_cipher_get_algo_keylen (dek->algo);
66 if ( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) )
67 BUG();
68
69 if (gcry_md_open (&md, s2k->hash_algo, 1))
70 BUG ();
71 for (pass=0; used < dek->keylen ; pass++ )
72 {
73 if ( pass )
74 {
75 gcry_md_reset (md);
76 for (i=0; i < pass; i++ ) /* Preset the hash context. */
77 gcry_md_putc (md, 0 );
78 }
79
80 if ( s2k->mode == 1 || s2k->mode == 3 )
81 {
82 int len2 = pwlen + 8;
83 ulong count = len2;
84
85 if ( create && !pass )
86 {
87 gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
88 if ( s2k->mode == 3 )
89 s2k->count = opt.s2k_count;
90 }
91
92 if ( s2k->mode == 3 )
93 {
94 count = S2K_DECODE_COUNT(s2k->count);
95 if ( count < len2 )
96 count = len2;
97 }
98
99 /* A little bit complicated because we need a ulong for count. */
100 while ( count > len2 ) /* maybe iterated+salted */
101 {
102 gcry_md_write ( md, s2k->salt, 8 );
103 gcry_md_write ( md, pw, pwlen );
104 count -= len2;
105 }
106 if ( count < 8 )
107 gcry_md_write ( md, s2k->salt, count );
108 else
109 {
110 gcry_md_write ( md, s2k->salt, 8 );
111 count -= 8;
112 gcry_md_write ( md, pw, count );
113 }
114 }
115 else
116 gcry_md_write ( md, pw, pwlen );
117 gcry_md_final( md );
118
119 i = gcry_md_get_algo_dlen ( s2k->hash_algo );
120 if ( i > dek->keylen - used )
121 i = dek->keylen - used;
122
123 memcpy (dek->key+used, gcry_md_read (md, s2k->hash_algo), i);
124 used += i;
125 }
126 gcry_md_close(md);
127 }
128
129
130
131 int
132 have_static_passphrase()
133 {
134 return !!fd_passwd && opt.batch;
135 }
136
137 /****************
138 * Set the passphrase to be used for the next query and only for the next
139 * one.
140 */
141 void
142 set_next_passphrase( const char *s )
143 {
144 xfree(next_pw);
145 next_pw = NULL;
146 if ( s )
147 {
148 next_pw = xmalloc_secure( strlen(s)+1 );
149 strcpy (next_pw, s );
150 }
151 }
152
153 /****************
154 * Get the last passphrase used in passphrase_to_dek.
155 * Note: This removes the passphrase from this modules and
156 * the caller must free the result. May return NULL:
157 */
158 char *
159 get_last_passphrase()
160 {
161 char *p = last_pw;
162 last_pw = NULL;
163 return p;
164 }
165
166 /* As if we had used the passphrase - make it the last_pw. */
167 void
168 next_to_last_passphrase(void)
169 {
170 if (next_pw)
171 {
172 last_pw=next_pw;
173 next_pw=NULL;
174 }
175 }
176
177 /* Here's an interesting question: since this passphrase was passed in
178 on the command line, is there really any point in using secure
179 memory for it? I'm going with 'yes', since it doesn't hurt, and
180 might help in some small way (swapping). */
181
182 void
183 set_passphrase_from_string(const char *pass)
184 {
185 xfree (fd_passwd);
186 fd_passwd = xmalloc_secure(strlen(pass)+1);
187 strcpy (fd_passwd, pass);
188 }
189
190
191 void
192 read_passphrase_from_fd( int fd )
193 {
194 int i, len;
195 char *pw;
196
197 if ( !opt.batch )
198 { /* Not used but we have to do a dummy read, so that it won't end
199 up at the begin of the message if the quite usual trick to
200 prepend the passphtrase to the message is used. */
201 char buf[1];
202
203 while (!(read (fd, buf, 1) != 1 || *buf == '\n' ))
204 ;
205 *buf = 0;
206 return;
207 }
208
209 for (pw = NULL, i = len = 100; ; i++ )
210 {
211 if (i >= len-1 )
212 {
213 char *pw2 = pw;
214 len += 100;
215 pw = xmalloc_secure( len );
216 if( pw2 )
217 {
218 memcpy(pw, pw2, i );
219 xfree (pw2);
220 }
221 else
222 i=0;
223 }
224 if (read( fd, pw+i, 1) != 1 || pw[i] == '\n' )
225 break;
226 }
227 pw[i] = 0;
228 if (!opt.batch)
229 tty_printf("\b\b\b \n" );
230
231 xfree ( fd_passwd );
232 fd_passwd = pw;
233 }
234
235
236 /*
237 * Ask the GPG Agent for the passphrase.
238 * Mode 0: Allow cached passphrase
239 * 1: No cached passphrase FIXME: Not really implemented
240 * 2: Ditto, but change the text to "repeat entry"
241 *
242 * Note that TRYAGAIN_TEXT must not be translated. If CANCELED is not
243 * NULL, the function does set it to 1 if the user canceled the
244 * operation. If CACHEID is not NULL, it will be used as the cacheID
245 * for the gpg-agent; if is NULL and a key fingerprint can be
246 * computed, this will be used as the cacheid.
247 */
248 static char *
249 passphrase_get ( u32 *keyid, int mode, const char *cacheid,
250 const char *tryagain_text,
251 const char *custom_description,
252 const char *custom_prompt, int *canceled)
253 {
254 int rc;
255 char *atext = NULL;
256 char *pw = NULL;
257 PKT_public_key *pk = xmalloc_clear( sizeof *pk );
258 byte fpr[MAX_FINGERPRINT_LEN];
259 int have_fpr = 0;
260 char *orig_codeset;
261 char *my_prompt;
262 char hexfprbuf[20*2+1];
263 const char *my_cacheid;
264
265 if (canceled)
266 *canceled = 0;
267
268 #if MAX_FINGERPRINT_LEN < 20
269 #error agent needs a 20 byte fingerprint
270 #endif
271
272 memset (fpr, 0, MAX_FINGERPRINT_LEN );
273 if( keyid && get_pubkey( pk, keyid ) )
274 {
275 if (pk)
276 free_public_key( pk );
277 pk = NULL; /* oops: no key for some reason */
278 }
279
280 orig_codeset = i18n_switchto_utf8 ();
281
282 if (custom_description)
283 atext = native_to_utf8 (custom_description);
284 else if ( !mode && pk && keyid )
285 {
286 char *uid;
287 size_t uidlen;
288 const char *algo_name = gcry_pk_algo_name ( pk->pubkey_algo );
289 const char *timestr;
290 char *maink;
291
292 if ( !algo_name )
293 algo_name = "?";
294
295 #define KEYIDSTRING _(" (main key ID %s)")
296
297 maink = xmalloc ( strlen (KEYIDSTRING) + keystrlen() + 20 );
298 if( keyid[2] && keyid[3] && keyid[0] != keyid[2]
299 && keyid[1] != keyid[3] )
300 sprintf( maink, KEYIDSTRING, keystr(&keyid[2]) );
301 else
302 *maink = 0;
303
304 uid = get_user_id ( keyid, &uidlen );
305 timestr = strtimestamp (pk->timestamp);
306
307 #undef KEYIDSTRING
308
309 #define PROMPTSTRING _("Please enter the passphrase to unlock the" \
310 " secret key for the OpenPGP certificate:\n" \
311 "\"%.*s\"\n" \
312 "%u-bit %s key, ID %s,\n" \
313 "created %s%s.\n" )
314
315 atext = xmalloc ( 100 + strlen (PROMPTSTRING)
316 + uidlen + 15 + strlen(algo_name) + keystrlen()
317 + strlen (timestr) + strlen (maink) );
318 sprintf (atext, PROMPTSTRING,
319 (int)uidlen, uid,
320 nbits_from_pk (pk), algo_name, keystr(&keyid[0]), timestr,
321 maink );
322 xfree (uid);
323 xfree (maink);
324
325 #undef PROMPTSTRING
326
327 {
328 size_t dummy;
329 fingerprint_from_pk( pk, fpr, &dummy );
330 have_fpr = 1;
331 }
332
333 }
334 else if (mode == 2 )
335 atext = xstrdup ( _("Repeat passphrase\n") );
336 else
337 atext = xstrdup ( _("Enter passphrase\n") );
338
339
340 if (!mode && cacheid)
341 my_cacheid = cacheid;
342 else if (!mode && have_fpr)
343 my_cacheid = bin2hex (fpr, 20, hexfprbuf);
344 else
345 my_cacheid = NULL;
346
347 if (tryagain_text)
348 tryagain_text = _(tryagain_text);
349
350 my_prompt = custom_prompt ? native_to_utf8 (custom_prompt): NULL;
351
352 rc = agent_get_passphrase (my_cacheid, tryagain_text, my_prompt, atext, &pw);
353
354 xfree (my_prompt);
355 xfree (atext); atext = NULL;
356
357 i18n_switchback (orig_codeset);
358
359
360 if (!rc)
361 ;
362 else if ( gpg_err_code (rc) == GPG_ERR_CANCELED )
363 {
364 log_info (_("cancelled by user\n") );
365 if (canceled)
366 *canceled = 1;
367 }
368 else
369 {
370 log_error (_("problem with the agent: %s\n"), gpg_strerror (rc));
371 /* Due to limitations in the API of the upper layers they
372 consider an error as no passphrase entered. This works in
373 most cases but not during key creation where this should
374 definitely not happen and let it continue without requiring a
375 passphrase. Given that now all the upper layers handle a
376 cancel correctly, we simply set the cancel flag now for all
377 errors from the agent. */
378 if (canceled)
379 *canceled = 1;
380
381 write_status_error ("get_passphrase", rc);
382 }
383
384 if (pk)
385 free_public_key( pk );
386 if (rc)
387 {
388 xfree (pw);
389 return NULL;
390 }
391 return pw;
392 }
393
394
395 /*
396 * Clear the cached passphrase. If CACHEID is not NULL, it will be
397 * used instead of a cache ID derived from KEYID.
398 */
399 void
400 passphrase_clear_cache ( u32 *keyid, const char *cacheid, int algo )
401 {
402 int rc;
403
404 (void)algo;
405
406 if (!cacheid)
407 {
408 PKT_public_key *pk;
409 # if MAX_FINGERPRINT_LEN < 20
410 # error agent needs a 20 byte fingerprint
411 # endif
412 byte fpr[MAX_FINGERPRINT_LEN];
413 char hexfprbuf[2*20+1];
414 size_t dummy;
415
416 pk = xcalloc (1, sizeof *pk);
417 if ( !keyid || get_pubkey( pk, keyid ) )
418 {
419 log_error ("key not found in passphrase_clear_cache\n");
420 free_public_key (pk);
421 return;
422 }
423 memset (fpr, 0, MAX_FINGERPRINT_LEN );
424 fingerprint_from_pk ( pk, fpr, &dummy );
425 bin2hex (fpr, 20, hexfprbuf);
426 rc = agent_clear_passphrase (hexfprbuf);
427 free_public_key ( pk );
428 }
429 else
430 rc = agent_clear_passphrase (cacheid);
431
432 if (rc)
433 log_error (_("problem with the agent: %s\n"), gpg_strerror (rc));
434 }
435
436
437 /****************
438 * Ask for a passphrase and return that string.
439 */
440 char *
441 ask_passphrase (const char *description,
442 const char *tryagain_text,
443 const char *promptid,
444 const char *prompt,
445 const char *cacheid, int *canceled)
446 {
447 char *pw = NULL;
448
449 (void)promptid;
450
451 if (canceled)
452 *canceled = 0;
453
454 if (!opt.batch && description)
455 {
456 if (strchr (description, '%'))
457 {
458 char *tmp = unescape_percent_string
459 ((const unsigned char*)description);
460 tty_printf ("\n%s\n", tmp);
461 xfree (tmp);
462 }
463 else
464 tty_printf ("\n%s\n",description);
465 }
466
467 if (have_static_passphrase ())
468 {
469 pw = xmalloc_secure (strlen(fd_passwd)+1);
470 strcpy (pw, fd_passwd);
471 }
472 else
473 pw = passphrase_get (NULL, 0, cacheid,
474 tryagain_text, description, prompt,
475 canceled );
476
477 if (!pw || !*pw)
478 write_status( STATUS_MISSING_PASSPHRASE );
479
480 return pw;
481 }
482
483
484 /* Return a new DEK object Using the string-to-key sepcifier S2K. Use
485 KEYID and PUBKEY_ALGO to prompt the user. Returns NULL is the user
486 selected to cancel the passphrase entry and if CANCELED is not
487 NULL, sets it to true.
488
489 MODE 0: Allow cached passphrase
490 1: Ignore cached passphrase
491 2: Ditto, but change the text to "repeat entry"
492 */
493 DEK *
494 passphrase_to_dek (u32 *keyid, int pubkey_algo,
495 int cipher_algo, STRING2KEY *s2k, int mode,
496 const char *tryagain_text, int *canceled)
497 {
498 char *pw = NULL;
499 DEK *dek;
500 STRING2KEY help_s2k;
501 int dummy_canceled;
502
503 if (!canceled)
504 canceled = &dummy_canceled;
505 *canceled = 0;
506
507 if ( !s2k )
508 {
509 /* This is used for the old rfc1991 mode
510 * Note: This must match the code in encode.c with opt.rfc1991 set */
511 s2k = &help_s2k;
512 s2k->mode = 0;
513 s2k->hash_algo = S2K_DIGEST_ALGO;
514 }
515
516 /* If we do not have a passphrase available in NEXT_PW and status
517 information are request, we print them now. */
518 if ( !next_pw && is_status_enabled() )
519 {
520 char buf[50];
521
522 if ( keyid )
523 {
524 u32 used_kid[2];
525 char *us;
526
527 if ( keyid[2] && keyid[3] )
528 {
529 used_kid[0] = keyid[2];
530 used_kid[1] = keyid[3];
531 }
532 else
533 {
534 used_kid[0] = keyid[0];
535 used_kid[1] = keyid[1];
536 }
537
538 us = get_long_user_id_string ( keyid );
539 write_status_text ( STATUS_USERID_HINT, us );
540 xfree(us);
541
542 snprintf (buf, sizeof buf -1, "%08lX%08lX %08lX%08lX %d 0",
543 (ulong)keyid[0], (ulong)keyid[1],
544 (ulong)used_kid[0], (ulong)used_kid[1],
545 pubkey_algo );
546
547 write_status_text ( STATUS_NEED_PASSPHRASE, buf );
548 }
549 else
550 {
551 snprintf (buf, sizeof buf -1, "%d %d %d",
552 cipher_algo, s2k->mode, s2k->hash_algo );
553 write_status_text ( STATUS_NEED_PASSPHRASE_SYM, buf );
554 }
555 }
556
557 /* If we do have a keyID, we do not have a passphrase available in
558 NEXT_PW, we are not running in batch mode and we do not want to
559 ignore the passphrase cache (mode!=1), print a prompt with
560 information on that key. */
561 if ( keyid && !opt.batch && !next_pw && mode!=1 )
562 {
563 PKT_public_key *pk = xmalloc_clear( sizeof *pk );
564 char *p;
565
566 p = get_user_id_native(keyid);
567 tty_printf ("\n");
568 tty_printf (_("You need a passphrase to unlock the secret key for\n"
569 "user: \"%s\"\n"),p);
570 xfree(p);
571
572 if ( !get_pubkey( pk, keyid ) )
573 {
574 const char *s = gcry_pk_algo_name ( pk->pubkey_algo );
575
576 tty_printf (_("%u-bit %s key, ID %s, created %s"),
577 nbits_from_pk( pk ), s?s:"?", keystr(keyid),
578 strtimestamp(pk->timestamp) );
579 if ( keyid[2] && keyid[3]
580 && keyid[0] != keyid[2] && keyid[1] != keyid[3] )
581 {
582 if ( keystrlen () > 10 )
583 {
584 tty_printf ("\n");
585 tty_printf (_(" (subkey on main key ID %s)"),
586 keystr(&keyid[2]) );
587 }
588 else
589 tty_printf ( _(" (main key ID %s)"), keystr(&keyid[2]) );
590 }
591 tty_printf("\n");
592 }
593
594 tty_printf("\n");
595 if (pk)
596 free_public_key( pk );
597 }
598
599 if ( next_pw )
600 {
601 /* Simply return the passphrase we already have in NEXT_PW. */
602 pw = next_pw;
603 next_pw = NULL;
604 }
605 else if ( have_static_passphrase () )
606 {
607 /* Return the passphrase we have stored in FD_PASSWD. */
608 pw = xmalloc_secure ( strlen(fd_passwd)+1 );
609 strcpy ( pw, fd_passwd );
610 }
611 else
612 {
613 /* Divert to the gpg-agent. */
614 pw = passphrase_get ( keyid, mode == 2? 1: 0, NULL,
615 tryagain_text, NULL, NULL, canceled );
616 if (*canceled)
617 {
618 xfree (pw);
619 write_status( STATUS_MISSING_PASSPHRASE );
620 return NULL;
621 }
622 if (!pw)
623 pw = xstrdup ("");
624 if ( *pw && mode == 2 )
625 {
626 int i;
627 for(i=0;i<opt.passwd_repeat;i++)
628 {
629 char *pw2 = passphrase_get ( keyid, 2, NULL, NULL, NULL,
630 NULL, canceled );
631 if (*canceled)
632 {
633 xfree (pw);
634 xfree (pw2);
635 write_status( STATUS_MISSING_PASSPHRASE );
636 return NULL;
637 }
638 if (!pw2)
639 pw2 = xstrdup ("");
640 if ( strcmp(pw, pw2) )
641 {
642 xfree(pw2);
643 xfree(pw);
644 return NULL;
645 }
646 xfree(pw2);
647 }
648 }
649 }
650
651 if ( !pw || !*pw )
652 write_status( STATUS_MISSING_PASSPHRASE );
653
654 /* Hash the passphrase and store it in a newly allocated DEK object.
655 Keep a copy of the passphrase in LAST_PW for use by
656 get_last_passphrase(). */
657 dek = xmalloc_secure_clear ( sizeof *dek );
658 dek->algo = cipher_algo;
659 if ( !*pw && mode == 2 )
660 dek->keylen = 0;
661 else
662 hash_passphrase( dek, pw, s2k, mode==2 );
663 xfree(last_pw);
664 last_pw = pw;
665 return dek;
666 }
gnupg svn clone