search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2009-05-15 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / agent / agent.h
blobe37485fcc9c579bf9832db36158f73abcb575763
1 /* agent.h - Global definitions for the agent
2 * Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #ifndef AGENT_H
21 #define AGENT_H
22
23 #ifdef GPG_ERR_SOURCE_DEFAULT
24 #error GPG_ERR_SOURCE_DEFAULT already defined
25 #endif
26 #define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GPGAGENT
27 #include <gpg-error.h>
28 #define map_assuan_err(a) \
29 map_assuan_err_with_source (GPG_ERR_SOURCE_DEFAULT, (a))
30 #include <errno.h>
31
32 #include <gcrypt.h>
33 #include "../common/util.h"
34 #include "../common/membuf.h"
35 #include "../common/sysutils.h" /* (gnupg_fd_t) */
36
37 /* To convey some special hash algorithms we use algorithm numbers
38 reserved for application use. */
39 #ifndef GCRY_MODULE_ID_USER
40 #define GCRY_MODULE_ID_USER 1024
41 #endif
42 #define MD_USER_TLS_MD5SHA1 (GCRY_MODULE_ID_USER+1)
43
44 /* Maximum length of a digest. */
45 #define MAX_DIGEST_LEN 64
46
47 /* A large struct name "opt" to keep global flags */
48 struct
49 {
50 unsigned int debug; /* Debug flags (DBG_foo_VALUE) */
51 int verbose; /* Verbosity level */
52 int quiet; /* Be as quiet as possible */
53 int dry_run; /* Don't change any persistent data */
54 int batch; /* Batch mode */
55 const char *homedir; /* Configuration directory name */
56
57 /* Environment setting gathered at program start or changed using the
58 Assuan command UPDATESTARTUPTTY. */
59 char *startup_display;
60 char *startup_ttyname;
61 char *startup_ttytype;
62 char *startup_lc_ctype;
63 char *startup_lc_messages;
64 char *startup_xauthority;
65 char *startup_pinentry_user_data;
66
67
68 const char *pinentry_program; /* Filename of the program to start as
69 pinentry. */
70 const char *scdaemon_program; /* Filename of the program to handle
71 smartcard tasks. */
72 int disable_scdaemon; /* Never use the SCdaemon. */
73 int no_grab; /* Don't let the pinentry grab the keyboard */
74
75 /* The name of the file pinentry shall tocuh before exiting. If
76 this is not set the filoe name of the standard socket is used. */
77 const char *pinentry_touch_file;
78
79 /* The default and maximum TTL of cache entries. */
80 unsigned long def_cache_ttl; /* Default. */
81 unsigned long def_cache_ttl_ssh; /* for SSH. */
82 unsigned long max_cache_ttl; /* Default. */
83 unsigned long max_cache_ttl_ssh; /* for SSH. */
84
85 /* Flag disallowing bypassing of the warning. */
86 int enforce_passphrase_constraints;
87 /* The require minmum length of a passphrase. */
88 unsigned int min_passphrase_len;
89 /* The minimum number of non-alpha characters in a passphrase. */
90 unsigned int min_passphrase_nonalpha;
91 /* File name with a patternfile or NULL if not enabled. */
92 const char *check_passphrase_pattern;
93 /* If not 0 the user is asked to change his passphrase after these
94 number of days. */
95 unsigned int max_passphrase_days;
96 /* If set, a passphrase history will be written and checked at each
97 passphrase change. */
98 int enable_passhrase_history;
99
100 int running_detached; /* We are running detached from the tty. */
101
102 int ignore_cache_for_signing;
103 int allow_mark_trusted;
104 int allow_preset_passphrase;
105 int keep_tty; /* Don't switch the TTY (for pinentry) on request */
106 int keep_display; /* Don't switch the DISPLAY (for pinentry) on request */
107 int ssh_support; /* Enable ssh-agent emulation. */
108 } opt;
109
110
111 #define DBG_COMMAND_VALUE 1 /* debug commands i/o */
112 #define DBG_MPI_VALUE 2 /* debug mpi details */
113 #define DBG_CRYPTO_VALUE 4 /* debug low level crypto */
114 #define DBG_MEMORY_VALUE 32 /* debug memory allocation stuff */
115 #define DBG_CACHE_VALUE 64 /* debug the caching */
116 #define DBG_MEMSTAT_VALUE 128 /* show memory statistics */
117 #define DBG_HASHING_VALUE 512 /* debug hashing operations */
118 #define DBG_ASSUAN_VALUE 1024
119
120 #define DBG_COMMAND (opt.debug & DBG_COMMAND_VALUE)
121 #define DBG_CRYPTO (opt.debug & DBG_CRYPTO_VALUE)
122 #define DBG_MEMORY (opt.debug & DBG_MEMORY_VALUE)
123 #define DBG_CACHE (opt.debug & DBG_CACHE_VALUE)
124 #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
125 #define DBG_ASSUAN (opt.debug & DBG_ASSUAN_VALUE)
126
127 struct server_local_s;
128 struct scd_local_s;
129
130 /* Collection of data per session (aka connection). */
131 struct server_control_s
132 {
133 /* Private data used to fire up the connection thread. We use this
134 structure do avoid an extra allocation for just a few bytes. */
135 struct {
136 gnupg_fd_t fd;
137 } thread_startup;
138
139 /* Private data of the server (command.c). */
140 struct server_local_s *server_local;
141
142 /* Private data of the SCdaemon (call-scd.c). */
143 struct scd_local_s *scd_local;
144
145 char *display;
146 char *ttyname;
147 char *ttytype;
148 char *lc_ctype;
149 char *lc_messages;
150 char *xauthority;
151 char *pinentry_user_data;
152 struct {
153 int algo;
154 unsigned char value[MAX_DIGEST_LEN];
155 int valuelen;
156 int raw_value: 1;
157 } digest;
158 unsigned char keygrip[20];
159 int have_keygrip;
160
161 int use_auth_call; /* Hack to send the PKAUTH command instead of the
162 PKSIGN command to the scdaemon. */
163 int in_passwd; /* Hack to inhibit enforced passphrase change
164 during an explicit passwd command. */
165 };
166
167
168 struct pin_entry_info_s
169 {
170 int min_digits; /* min. number of digits required or 0 for freeform entry */
171 int max_digits; /* max. number of allowed digits allowed*/
172 int max_tries;
173 int failed_tries;
174 int with_qualitybar; /* Set if the quality bar should be displayed. */
175 int (*check_cb)(struct pin_entry_info_s *); /* CB used to check the PIN */
176 void *check_cb_arg; /* optional argument which might be of use in the CB */
177 const char *cb_errtext; /* used by the cb to displaye a specific error */
178 size_t max_length; /* allocated length of the buffer */
179 char pin[1];
180 };
181
182
183 enum
184 {
185 PRIVATE_KEY_UNKNOWN = 0,
186 PRIVATE_KEY_CLEAR = 1,
187 PRIVATE_KEY_PROTECTED = 2,
188 PRIVATE_KEY_SHADOWED = 3
189 };
190
191
192 /* Values for the cache_mode arguments. */
193 typedef enum
194 {
195 CACHE_MODE_IGNORE = 0, /* Special mode to bypass the cache. */
196 CACHE_MODE_ANY, /* Any mode except ignore matches. */
197 CACHE_MODE_NORMAL, /* Normal cache (gpg-agent). */
198 CACHE_MODE_USER, /* GET_PASSPHRASE related cache. */
199 CACHE_MODE_SSH /* SSH related cache. */
200 }
201 cache_mode_t;
202
203
204 /* The type of a function to lookup a TTL by a keygrip. */
205 typedef int (*lookup_ttl_t)(const char *hexgrip);
206
207
208 /*-- gpg-agent.c --*/
209 void agent_exit (int rc) JNLIB_GCC_A_NR; /* Also implemented in other tools */
210 const char *get_agent_socket_name (void);
211 const char *get_agent_ssh_socket_name (void);
212 #ifdef HAVE_W32_SYSTEM
213 void *get_agent_scd_notify_event (void);
214 #endif
215 void agent_sighup_action (void);
216
217 /*-- command.c --*/
218 gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid);
219 gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...)
220 GNUPG_GCC_A_SENTINEL(0);
221 void bump_key_eventcounter (void);
222 void bump_card_eventcounter (void);
223 void start_command_handler (ctrl_t, gnupg_fd_t, gnupg_fd_t);
224
225 /*-- command-ssh.c --*/
226 void start_command_handler_ssh (ctrl_t, gnupg_fd_t);
227
228 /*-- findkey.c --*/
229 int agent_write_private_key (const unsigned char *grip,
230 const void *buffer, size_t length, int force);
231 gpg_error_t agent_key_from_file (ctrl_t ctrl,
232 const char *desc_text,
233 const unsigned char *grip,
234 unsigned char **shadow_info,
235 cache_mode_t cache_mode,
236 lookup_ttl_t lookup_ttl,
237 gcry_sexp_t *result);
238 gpg_error_t agent_public_key_from_file (ctrl_t ctrl,
239 const unsigned char *grip,
240 gcry_sexp_t *result);
241 int agent_key_available (const unsigned char *grip);
242 gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
243 int *r_keytype,
244 unsigned char **r_shadow_info);
245
246 /*-- call-pinentry.c --*/
247 void initialize_module_call_pinentry (void);
248 void agent_query_dump_state (void);
249 void agent_reset_query (ctrl_t ctrl);
250 int pinentry_active_p (ctrl_t ctrl, int waitseconds);
251 int agent_askpin (ctrl_t ctrl,
252 const char *desc_text, const char *prompt_text,
253 const char *inital_errtext,
254 struct pin_entry_info_s *pininfo);
255 int agent_get_passphrase (ctrl_t ctrl, char **retpass,
256 const char *desc, const char *prompt,
257 const char *errtext, int with_qualitybar);
258 int agent_get_confirmation (ctrl_t ctrl, const char *desc, const char *ok,
259 const char *cancel);
260 int agent_show_message (ctrl_t ctrl, const char *desc, const char *ok_btn);
261 int agent_popup_message_start (ctrl_t ctrl,
262 const char *desc, const char *ok_btn);
263 void agent_popup_message_stop (ctrl_t ctrl);
264
265
266 /*-- cache.c --*/
267 void agent_flush_cache (void);
268 int agent_put_cache (const char *key, cache_mode_t cache_mode,
269 const char *data, int ttl);
270 const char *agent_get_cache (const char *key, cache_mode_t cache_mode,
271 void **cache_id);
272 void agent_unlock_cache_entry (void **cache_id);
273
274
275 /*-- pksign.c --*/
276 int agent_pksign_do (ctrl_t ctrl, const char *desc_text,
277 gcry_sexp_t *signature_sexp,
278 cache_mode_t cache_mode, lookup_ttl_t lookup_ttl);
279 int agent_pksign (ctrl_t ctrl, const char *desc_text,
280 membuf_t *outbuf, cache_mode_t cache_mode);
281
282 /*-- pkdecrypt.c --*/
283 int agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
284 const unsigned char *ciphertext, size_t ciphertextlen,
285 membuf_t *outbuf);
286
287 /*-- genkey.c --*/
288 int check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent);
289 int agent_genkey (ctrl_t ctrl,
290 const char *keyparam, size_t keyparmlen, membuf_t *outbuf);
291 int agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey);
292
293 /*-- protect.c --*/
294 int agent_protect (const unsigned char *plainkey, const char *passphrase,
295 unsigned char **result, size_t *resultlen);
296 int agent_unprotect (const unsigned char *protectedkey, const char *passphrase,
297 gnupg_isotime_t protected_at,
298 unsigned char **result, size_t *resultlen);
299 int agent_private_key_type (const unsigned char *privatekey);
300 unsigned char *make_shadow_info (const char *serialno, const char *idstring);
301 int agent_shadow_key (const unsigned char *pubkey,
302 const unsigned char *shadow_info,
303 unsigned char **result);
304 int agent_get_shadow_info (const unsigned char *shadowkey,
305 unsigned char const **shadow_info);
306 gpg_error_t parse_shadow_info (const unsigned char *shadow_info,
307 char **r_hexsn, char **r_idstr);
308
309
310 /*-- trustlist.c --*/
311 void initialize_module_trustlist (void);
312 gpg_error_t agent_istrusted (ctrl_t ctrl, const char *fpr, int *r_disabled);
313 gpg_error_t agent_listtrusted (void *assuan_context);
314 gpg_error_t agent_marktrusted (ctrl_t ctrl, const char *name,
315 const char *fpr, int flag);
316 void agent_reload_trustlist (void);
317
318
319 /*-- divert-scd.c --*/
320 int divert_pksign (ctrl_t ctrl,
321 const unsigned char *digest, size_t digestlen, int algo,
322 const unsigned char *shadow_info, unsigned char **r_sig);
323 int divert_pkdecrypt (ctrl_t ctrl,
324 const unsigned char *cipher,
325 const unsigned char *shadow_info,
326 char **r_buf, size_t *r_len);
327 int divert_generic_cmd (ctrl_t ctrl,
328 const char *cmdline, void *assuan_context);
329
330
331 /*-- call-scd.c --*/
332 void initialize_module_call_scd (void);
333 void agent_scd_dump_state (void);
334 int agent_scd_check_running (void);
335 void agent_scd_check_aliveness (void);
336 int agent_reset_scd (ctrl_t ctrl);
337 int agent_card_learn (ctrl_t ctrl,
338 void (*kpinfo_cb)(void*, const char *),
339 void *kpinfo_cb_arg,
340 void (*certinfo_cb)(void*, const char *),
341 void *certinfo_cb_arg,
342 void (*sinfo_cb)(void*, const char *,
343 size_t, const char *),
344 void *sinfo_cb_arg);
345 int agent_card_serialno (ctrl_t ctrl, char **r_serialno);
346 int agent_card_pksign (ctrl_t ctrl,
347 const char *keyid,
348 int (*getpin_cb)(void *, const char *, char*, size_t),
349 void *getpin_cb_arg,
350 const unsigned char *indata, size_t indatalen,
351 unsigned char **r_buf, size_t *r_buflen);
352 int agent_card_pkdecrypt (ctrl_t ctrl,
353 const char *keyid,
354 int (*getpin_cb)(void *, const char *, char*,size_t),
355 void *getpin_cb_arg,
356 const unsigned char *indata, size_t indatalen,
357 char **r_buf, size_t *r_buflen);
358 int agent_card_readcert (ctrl_t ctrl,
359 const char *id, char **r_buf, size_t *r_buflen);
360 int agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf);
361 gpg_error_t agent_card_getattr (ctrl_t ctrl, const char *name, char **result);
362 int agent_card_scd (ctrl_t ctrl, const char *cmdline,
363 int (*getpin_cb)(void *, const char *, char*, size_t),
364 void *getpin_cb_arg, void *assuan_context);
365
366
367 /*-- learncard.c --*/
368 int agent_handle_learn (ctrl_t ctrl, void *assuan_context);
369
370
371 #endif /*AGENT_H*/
gnupg svn clone