search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Move password repetition from gpg to gpg-agent.
[gnupg.git] / sm / call-agent.c
bloba6ac6da36938652e221534cbc40100c63fdab3d8
1 /* call-agent.c - Divert GPGSM operations to the agent
2 * Copyright (C) 2001, 2002, 2003, 2005, 2007,
3 * 2008, 2009 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <unistd.h>
27 #include <time.h>
28 #include <assert.h>
29 #ifdef HAVE_LOCALE_H
30 #include <locale.h>
31 #endif
32
33 #include "gpgsm.h"
34 #include <gcrypt.h>
35 #include <assuan.h>
36 #include "i18n.h"
37 #include "asshelp.h"
38 #include "keydb.h" /* fixme: Move this to import.c */
39 #include "membuf.h"
40
41
42 static assuan_context_t agent_ctx = NULL;
43
44
45 struct cipher_parm_s
46 {
47 ctrl_t ctrl;
48 assuan_context_t ctx;
49 const unsigned char *ciphertext;
50 size_t ciphertextlen;
51 };
52
53 struct genkey_parm_s
54 {
55 ctrl_t ctrl;
56 assuan_context_t ctx;
57 const unsigned char *sexp;
58 size_t sexplen;
59 };
60
61 struct learn_parm_s
62 {
63 int error;
64 ctrl_t ctrl;
65 assuan_context_t ctx;
66 membuf_t *data;
67 };
68
69
70 \f
71 /* Try to connect to the agent via socket or fork it off and work by
72 pipes. Handle the server's initial greeting */
73 static int
74 start_agent (ctrl_t ctrl)
75 {
76 int rc;
77
78 if (agent_ctx)
79 rc = 0; /* fixme: We need a context for each thread or
80 serialize the access to the agent (which is
81 suitable given that the agent is not MT. */
82 else
83 {
84 rc = start_new_gpg_agent (&agent_ctx,
85 GPG_ERR_SOURCE_DEFAULT,
86 opt.homedir,
87 opt.agent_program,
88 opt.display, opt.ttyname, opt.ttytype,
89 opt.lc_ctype, opt.lc_messages,
90 opt.xauthority, opt.pinentry_user_data,
91 opt.verbose, DBG_ASSUAN,
92 gpgsm_status2, ctrl);
93
94 if (!rc)
95 {
96 /* Tell the agent that we support Pinentry notifications. No
97 error checking so that it will work also with older
98 agents. */
99 assuan_transact (agent_ctx, "OPTION allow-pinentry-notify",
100 NULL, NULL, NULL, NULL, NULL, NULL);
101 }
102 }
103
104 if (!ctrl->agent_seen)
105 {
106 ctrl->agent_seen = 1;
107 audit_log_ok (ctrl->audit, AUDIT_AGENT_READY, rc);
108 }
109
110 return rc;
111 }
112
113
114
115 static int
116 membuf_data_cb (void *opaque, const void *buffer, size_t length)
117 {
118 membuf_t *data = opaque;
119
120 if (buffer)
121 put_membuf (data, buffer, length);
122 return 0;
123 }
124
125
126 /* This is the default inquiry callback. It mainly handles the
127 Pinentry notifications. */
128 static int
129 default_inq_cb (void *opaque, const char *line)
130 {
131 gpg_error_t err;
132 ctrl_t ctrl = opaque;
133
134 if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17]))
135 {
136 err = gpgsm_proxy_pinentry_notify (ctrl, line);
137 if (err)
138 log_error (_("failed to proxy %s inquiry to client\n"),
139 "PINENTRY_LAUNCHED");
140 /* We do not pass errors to avoid breaking other code. */
141 }
142 else
143 log_error ("ignoring gpg-agent inquiry `%s'\n", line);
144
145 return 0;
146 }
147
148
149
150 \f
151 /* Call the agent to do a sign operation using the key identified by
152 the hex string KEYGRIP. */
153 int
154 gpgsm_agent_pksign (ctrl_t ctrl, const char *keygrip, const char *desc,
155 unsigned char *digest, size_t digestlen, int digestalgo,
156 unsigned char **r_buf, size_t *r_buflen )
157 {
158 int rc, i;
159 char *p, line[ASSUAN_LINELENGTH];
160 membuf_t data;
161 size_t len;
162
163 *r_buf = NULL;
164 rc = start_agent (ctrl);
165 if (rc)
166 return rc;
167
168 if (digestlen*2 + 50 > DIM(line))
169 return gpg_error (GPG_ERR_GENERAL);
170
171 rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL);
172 if (rc)
173 return rc;
174
175 snprintf (line, DIM(line)-1, "SIGKEY %s", keygrip);
176 line[DIM(line)-1] = 0;
177 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
178 if (rc)
179 return rc;
180
181 if (desc)
182 {
183 snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
184 line[DIM(line)-1] = 0;
185 rc = assuan_transact (agent_ctx, line,
186 NULL, NULL, NULL, NULL, NULL, NULL);
187 if (rc)
188 return rc;
189 }
190
191 sprintf (line, "SETHASH %d ", digestalgo);
192 p = line + strlen (line);
193 for (i=0; i < digestlen ; i++, p += 2 )
194 sprintf (p, "%02X", digest[i]);
195 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
196 if (rc)
197 return rc;
198
199 init_membuf (&data, 1024);
200 rc = assuan_transact (agent_ctx, "PKSIGN",
201 membuf_data_cb, &data, default_inq_cb, ctrl,
202 NULL, NULL);
203 if (rc)
204 {
205 xfree (get_membuf (&data, &len));
206 return rc;
207 }
208 *r_buf = get_membuf (&data, r_buflen);
209
210 if (!gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL))
211 {
212 xfree (*r_buf); *r_buf = NULL;
213 return gpg_error (GPG_ERR_INV_VALUE);
214 }
215
216 return *r_buf? 0 : out_of_core ();
217 }
218
219
220 /* Call the scdaemon to do a sign operation using the key identified by
221 the hex string KEYID. */
222 int
223 gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc,
224 unsigned char *digest, size_t digestlen, int digestalgo,
225 unsigned char **r_buf, size_t *r_buflen )
226 {
227 int rc, i;
228 char *p, line[ASSUAN_LINELENGTH];
229 membuf_t data;
230 size_t len;
231 const char *hashopt;
232 unsigned char *sigbuf;
233 size_t sigbuflen;
234
235 (void)desc;
236
237 *r_buf = NULL;
238
239 switch(digestalgo)
240 {
241 case GCRY_MD_SHA1: hashopt = "--hash=sha1"; break;
242 case GCRY_MD_RMD160:hashopt = "--hash=rmd160"; break;
243 case GCRY_MD_MD5: hashopt = "--hash=md5"; break;
244 case GCRY_MD_SHA256:hashopt = "--hash=sha256"; break;
245 default:
246 return gpg_error (GPG_ERR_DIGEST_ALGO);
247 }
248
249 rc = start_agent (ctrl);
250 if (rc)
251 return rc;
252
253 if (digestlen*2 + 50 > DIM(line))
254 return gpg_error (GPG_ERR_GENERAL);
255
256 p = stpcpy (line, "SCD SETDATA " );
257 for (i=0; i < digestlen ; i++, p += 2 )
258 sprintf (p, "%02X", digest[i]);
259 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
260 if (rc)
261 return rc;
262
263 init_membuf (&data, 1024);
264
265 snprintf (line, DIM(line)-1, "SCD PKSIGN %s %s", hashopt, keyid);
266 line[DIM(line)-1] = 0;
267 rc = assuan_transact (agent_ctx, line,
268 membuf_data_cb, &data, default_inq_cb, ctrl,
269 NULL, NULL);
270 if (rc)
271 {
272 xfree (get_membuf (&data, &len));
273 return rc;
274 }
275 sigbuf = get_membuf (&data, &sigbuflen);
276
277 /* Create an S-expression from it which is formatted like this:
278 "(7:sig-val(3:rsa(1:sSIGBUFLEN:SIGBUF)))" Fixme: If a card ever
279 creates non-RSA keys we need to change things. */
280 *r_buflen = 21 + 11 + sigbuflen + 4;
281 p = xtrymalloc (*r_buflen);
282 *r_buf = (unsigned char*)p;
283 if (!p)
284 {
285 xfree (sigbuf);
286 return 0;
287 }
288 p = stpcpy (p, "(7:sig-val(3:rsa(1:s" );
289 sprintf (p, "%u:", (unsigned int)sigbuflen);
290 p += strlen (p);
291 memcpy (p, sigbuf, sigbuflen);
292 p += sigbuflen;
293 strcpy (p, ")))");
294 xfree (sigbuf);
295
296 assert (gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL));
297 return 0;
298 }
299
300
301
302 \f
303 /* Handle a CIPHERTEXT inquiry. Note, we only send the data,
304 assuan_transact talkes care of flushing and writing the end */
305 static int
306 inq_ciphertext_cb (void *opaque, const char *line)
307 {
308 struct cipher_parm_s *parm = opaque;
309 int rc;
310
311 if (!strncmp (line, "CIPHERTEXT", 10) && (line[10]==' '||!line[10]))
312 {
313 assuan_begin_confidential (parm->ctx);
314 rc = assuan_send_data (parm->ctx, parm->ciphertext, parm->ciphertextlen);
315 assuan_end_confidential (parm->ctx);
316 }
317 else
318 rc = default_inq_cb (parm->ctrl, line);
319
320 return rc;
321 }
322
323
324 /* Call the agent to do a decrypt operation using the key identified by
325 the hex string KEYGRIP. */
326 int
327 gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
328 ksba_const_sexp_t ciphertext,
329 char **r_buf, size_t *r_buflen )
330 {
331 int rc;
332 char line[ASSUAN_LINELENGTH];
333 membuf_t data;
334 struct cipher_parm_s cipher_parm;
335 size_t n, len;
336 char *p, *buf, *endp;
337 size_t ciphertextlen;
338
339 if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
340 return gpg_error (GPG_ERR_INV_VALUE);
341 *r_buf = NULL;
342
343 ciphertextlen = gcry_sexp_canon_len (ciphertext, 0, NULL, NULL);
344 if (!ciphertextlen)
345 return gpg_error (GPG_ERR_INV_VALUE);
346
347 rc = start_agent (ctrl);
348 if (rc)
349 return rc;
350
351 rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL);
352 if (rc)
353 return rc;
354
355 assert ( DIM(line) >= 50 );
356 snprintf (line, DIM(line)-1, "SETKEY %s", keygrip);
357 line[DIM(line)-1] = 0;
358 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
359 if (rc)
360 return rc;
361
362 if (desc)
363 {
364 snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
365 line[DIM(line)-1] = 0;
366 rc = assuan_transact (agent_ctx, line,
367 NULL, NULL, NULL, NULL, NULL, NULL);
368 if (rc)
369 return rc;
370 }
371
372 init_membuf (&data, 1024);
373 cipher_parm.ctrl = ctrl;
374 cipher_parm.ctx = agent_ctx;
375 cipher_parm.ciphertext = ciphertext;
376 cipher_parm.ciphertextlen = ciphertextlen;
377 rc = assuan_transact (agent_ctx, "PKDECRYPT",
378 membuf_data_cb, &data,
379 inq_ciphertext_cb, &cipher_parm, NULL, NULL);
380 if (rc)
381 {
382 xfree (get_membuf (&data, &len));
383 return rc;
384 }
385
386 put_membuf (&data, "", 1); /* Make sure it is 0 terminated. */
387 buf = get_membuf (&data, &len);
388 if (!buf)
389 return gpg_error (GPG_ERR_ENOMEM);
390 assert (len); /* (we forced Nul termination.) */
391
392 if (*buf == '(')
393 {
394 if (len < 13 || memcmp (buf, "(5:value", 8) ) /* "(5:valueN:D)\0" */
395 return gpg_error (GPG_ERR_INV_SEXP);
396 len -= 11; /* Count only the data of the second part. */
397 p = buf + 8; /* Skip leading parenthesis and the value tag. */
398 }
399 else
400 {
401 /* For compatibility with older gpg-agents handle the old style
402 incomplete S-exps. */
403 len--; /* Do not count the Nul. */
404 p = buf;
405 }
406
407 n = strtoul (p, &endp, 10);
408 if (!n || *endp != ':')
409 return gpg_error (GPG_ERR_INV_SEXP);
410 endp++;
411 if (endp-p+n > len)
412 return gpg_error (GPG_ERR_INV_SEXP); /* Oops: Inconsistent S-Exp. */
413
414 memmove (buf, endp, n);
415
416 *r_buflen = n;
417 *r_buf = buf;
418 return 0;
419 }
420
421
422
423
424 \f
425 /* Handle a KEYPARMS inquiry. Note, we only send the data,
426 assuan_transact takes care of flushing and writing the end */
427 static int
428 inq_genkey_parms (void *opaque, const char *line)
429 {
430 struct genkey_parm_s *parm = opaque;
431 int rc;
432
433 if (!strncmp (line, "KEYPARAM", 8) && (line[8]==' '||!line[8]))
434 {
435 rc = assuan_send_data (parm->ctx, parm->sexp, parm->sexplen);
436 }
437 else
438 rc = default_inq_cb (parm->ctrl, line);
439
440 return rc;
441 }
442
443
444 \f
445 /* Call the agent to generate a newkey */
446 int
447 gpgsm_agent_genkey (ctrl_t ctrl,
448 ksba_const_sexp_t keyparms, ksba_sexp_t *r_pubkey)
449 {
450 int rc;
451 struct genkey_parm_s gk_parm;
452 membuf_t data;
453 size_t len;
454 unsigned char *buf;
455
456 *r_pubkey = NULL;
457 rc = start_agent (ctrl);
458 if (rc)
459 return rc;
460
461 rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL);
462 if (rc)
463 return rc;
464
465 init_membuf (&data, 1024);
466 gk_parm.ctrl = ctrl;
467 gk_parm.ctx = agent_ctx;
468 gk_parm.sexp = keyparms;
469 gk_parm.sexplen = gcry_sexp_canon_len (keyparms, 0, NULL, NULL);
470 if (!gk_parm.sexplen)
471 return gpg_error (GPG_ERR_INV_VALUE);
472 rc = assuan_transact (agent_ctx, "GENKEY",
473 membuf_data_cb, &data,
474 inq_genkey_parms, &gk_parm, NULL, NULL);
475 if (rc)
476 {
477 xfree (get_membuf (&data, &len));
478 return rc;
479 }
480 buf = get_membuf (&data, &len);
481 if (!buf)
482 return gpg_error (GPG_ERR_ENOMEM);
483 if (!gcry_sexp_canon_len (buf, len, NULL, NULL))
484 {
485 xfree (buf);
486 return gpg_error (GPG_ERR_INV_SEXP);
487 }
488 *r_pubkey = buf;
489 return 0;
490 }
491
492 \f
493 /* Call the agent to read the public key part for a given keygrip. If
494 FROMCARD is true, the key is directly read from the current
495 smartcard. In this case HEXKEYGRIP should be the keyID
496 (e.g. OPENPGP.3). */
497 int
498 gpgsm_agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip,
499 ksba_sexp_t *r_pubkey)
500 {
501 int rc;
502 membuf_t data;
503 size_t len;
504 unsigned char *buf;
505 char line[ASSUAN_LINELENGTH];
506
507 *r_pubkey = NULL;
508 rc = start_agent (ctrl);
509 if (rc)
510 return rc;
511
512 rc = assuan_transact (agent_ctx, "RESET",NULL, NULL, NULL, NULL, NULL, NULL);
513 if (rc)
514 return rc;
515
516 snprintf (line, DIM(line)-1, "%sREADKEY %s",
517 fromcard? "SCD ":"", hexkeygrip);
518 line[DIM(line)-1] = 0;
519
520 init_membuf (&data, 1024);
521 rc = assuan_transact (agent_ctx, line,
522 membuf_data_cb, &data,
523 default_inq_cb, ctrl, NULL, NULL);
524 if (rc)
525 {
526 xfree (get_membuf (&data, &len));
527 return rc;
528 }
529 buf = get_membuf (&data, &len);
530 if (!buf)
531 return gpg_error (GPG_ERR_ENOMEM);
532 if (!gcry_sexp_canon_len (buf, len, NULL, NULL))
533 {
534 xfree (buf);
535 return gpg_error (GPG_ERR_INV_SEXP);
536 }
537 *r_pubkey = buf;
538 return 0;
539 }
540
541 \f
542
543 static int
544 istrusted_status_cb (void *opaque, const char *line)
545 {
546 struct rootca_flags_s *flags = opaque;
547
548 if (!strncmp (line, "TRUSTLISTFLAG", 13) && (line[13]==' ' || !line[13]))
549 {
550 for (line += 13; *line == ' '; line++)
551 ;
552 if (!strncmp (line, "relax", 5) && (line[5] == ' ' || !line[5]))
553 flags->relax = 1;
554 else if (!strncmp (line, "cm", 2) && (line[2] == ' ' || !line[2]))
555 flags->chain_model = 1;
556 }
557 return 0;
558 }
559
560
561
562 /* Ask the agent whether the certificate is in the list of trusted
563 keys. The certificate is either specified by the CERT object or by
564 the fingerprint HEXFPR. ROOTCA_FLAGS is guaranteed to be cleared
565 on error. */
566 int
567 gpgsm_agent_istrusted (ctrl_t ctrl, ksba_cert_t cert, const char *hexfpr,
568 struct rootca_flags_s *rootca_flags)
569 {
570 int rc;
571 char line[ASSUAN_LINELENGTH];
572
573 memset (rootca_flags, 0, sizeof *rootca_flags);
574
575 if (cert && hexfpr)
576 return gpg_error (GPG_ERR_INV_ARG);
577
578 rc = start_agent (ctrl);
579 if (rc)
580 return rc;
581
582 if (hexfpr)
583 {
584 snprintf (line, DIM(line)-1, "ISTRUSTED %s", hexfpr);
585 line[DIM(line)-1] = 0;
586 }
587 else
588 {
589 char *fpr;
590
591 fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
592 if (!fpr)
593 {
594 log_error ("error getting the fingerprint\n");
595 return gpg_error (GPG_ERR_GENERAL);
596 }
597
598 snprintf (line, DIM(line)-1, "ISTRUSTED %s", fpr);
599 line[DIM(line)-1] = 0;
600 xfree (fpr);
601 }
602
603 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL,
604 istrusted_status_cb, rootca_flags);
605 if (!rc)
606 rootca_flags->valid = 1;
607 return rc;
608 }
609
610 /* Ask the agent to mark CERT as a trusted Root-CA one */
611 int
612 gpgsm_agent_marktrusted (ctrl_t ctrl, ksba_cert_t cert)
613 {
614 int rc;
615 char *fpr, *dn;
616 char line[ASSUAN_LINELENGTH];
617
618 rc = start_agent (ctrl);
619 if (rc)
620 return rc;
621
622 fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
623 if (!fpr)
624 {
625 log_error ("error getting the fingerprint\n");
626 return gpg_error (GPG_ERR_GENERAL);
627 }
628
629 dn = ksba_cert_get_issuer (cert, 0);
630 if (!dn)
631 {
632 xfree (fpr);
633 return gpg_error (GPG_ERR_GENERAL);
634 }
635 snprintf (line, DIM(line)-1, "MARKTRUSTED %s S %s", fpr, dn);
636 line[DIM(line)-1] = 0;
637 ksba_free (dn);
638 xfree (fpr);
639
640 rc = assuan_transact (agent_ctx, line, NULL, NULL,
641 default_inq_cb, ctrl, NULL, NULL);
642 return rc;
643 }
644
645
646 \f
647 /* Ask the agent whether the a corresponding secret key is available
648 for the given keygrip */
649 int
650 gpgsm_agent_havekey (ctrl_t ctrl, const char *hexkeygrip)
651 {
652 int rc;
653 char line[ASSUAN_LINELENGTH];
654
655 rc = start_agent (ctrl);
656 if (rc)
657 return rc;
658
659 if (!hexkeygrip || strlen (hexkeygrip) != 40)
660 return gpg_error (GPG_ERR_INV_VALUE);
661
662 snprintf (line, DIM(line)-1, "HAVEKEY %s", hexkeygrip);
663 line[DIM(line)-1] = 0;
664
665 rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
666 return rc;
667 }
668
669 \f
670 static int
671 learn_cb (void *opaque, const void *buffer, size_t length)
672 {
673 struct learn_parm_s *parm = opaque;
674 size_t len;
675 char *buf;
676 ksba_cert_t cert;
677 int rc;
678
679 if (parm->error)
680 return 0;
681
682 if (buffer)
683 {
684 put_membuf (parm->data, buffer, length);
685 return 0;
686 }
687 /* END encountered - process what we have */
688 buf = get_membuf (parm->data, &len);
689 if (!buf)
690 {
691 parm->error = gpg_error (GPG_ERR_ENOMEM);
692 return 0;
693 }
694
695
696 /* FIXME: this should go into import.c */
697 rc = ksba_cert_new (&cert);
698 if (rc)
699 {
700 parm->error = rc;
701 return 0;
702 }
703 rc = ksba_cert_init_from_mem (cert, buf, len);
704 if (rc)
705 {
706 log_error ("failed to parse a certificate: %s\n", gpg_strerror (rc));
707 ksba_cert_release (cert);
708 parm->error = rc;
709 return 0;
710 }
711
712 rc = gpgsm_basic_cert_check (parm->ctrl, cert);
713 if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT)
714 { /* For later use we store it in the ephemeral database. */
715 log_info ("issuer certificate missing - storing as ephemeral\n");
716 keydb_store_cert (cert, 1, NULL);
717 }
718 else if (rc)
719 log_error ("invalid certificate: %s\n", gpg_strerror (rc));
720 else
721 {
722 int existed;
723
724 if (!keydb_store_cert (cert, 0, &existed))
725 {
726 if (opt.verbose > 1 && existed)
727 log_info ("certificate already in DB\n");
728 else if (opt.verbose && !existed)
729 log_info ("certificate imported\n");
730 }
731 }
732
733 ksba_cert_release (cert);
734 init_membuf (parm->data, 4096);
735 return 0;
736 }
737
738 /* Call the agent to learn about a smartcard */
739 int
740 gpgsm_agent_learn (ctrl_t ctrl)
741 {
742 int rc;
743 struct learn_parm_s learn_parm;
744 membuf_t data;
745 size_t len;
746
747 rc = start_agent (ctrl);
748 if (rc)
749 return rc;
750
751 init_membuf (&data, 4096);
752 learn_parm.error = 0;
753 learn_parm.ctrl = ctrl;
754 learn_parm.ctx = agent_ctx;
755 learn_parm.data = &data;
756 rc = assuan_transact (agent_ctx, "LEARN --send",
757 learn_cb, &learn_parm,
758 NULL, NULL, NULL, NULL);
759 xfree (get_membuf (&data, &len));
760 if (rc)
761 return rc;
762 return learn_parm.error;
763 }
764
765 \f
766 /* Ask the agent to change the passphrase of the key identified by
767 HEXKEYGRIP. If DESC is not NULL, display instead of the default
768 description message. */
769 int
770 gpgsm_agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc)
771 {
772 int rc;
773 char line[ASSUAN_LINELENGTH];
774
775 rc = start_agent (ctrl);
776 if (rc)
777 return rc;
778
779 if (!hexkeygrip || strlen (hexkeygrip) != 40)
780 return gpg_error (GPG_ERR_INV_VALUE);
781
782 if (desc)
783 {
784 snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
785 line[DIM(line)-1] = 0;
786 rc = assuan_transact (agent_ctx, line,
787 NULL, NULL, NULL, NULL, NULL, NULL);
788 if (rc)
789 return rc;
790 }
791
792 snprintf (line, DIM(line)-1, "PASSWD %s", hexkeygrip);
793 line[DIM(line)-1] = 0;
794
795 rc = assuan_transact (agent_ctx, line, NULL, NULL,
796 default_inq_cb, ctrl, NULL, NULL);
797 return rc;
798 }
799
800
801 \f
802 /* Ask the agent to pop up a confirmation dialog with the text DESC
803 and an okay and cancel button. */
804 gpg_error_t
805 gpgsm_agent_get_confirmation (ctrl_t ctrl, const char *desc)
806 {
807 int rc;
808 char line[ASSUAN_LINELENGTH];
809
810 rc = start_agent (ctrl);
811 if (rc)
812 return rc;
813
814 snprintf (line, DIM(line)-1, "GET_CONFIRMATION %s", desc);
815 line[DIM(line)-1] = 0;
816
817 rc = assuan_transact (agent_ctx, line, NULL, NULL,
818 default_inq_cb, ctrl, NULL, NULL);
819 return rc;
820 }
821
822
823 \f
824 /* Return 0 if the agent is alive. This is useful to make sure that
825 an agent has been started. */
826 gpg_error_t
827 gpgsm_agent_send_nop (ctrl_t ctrl)
828 {
829 int rc;
830
831 rc = start_agent (ctrl);
832 if (!rc)
833 rc = assuan_transact (agent_ctx, "NOP",
834 NULL, NULL, NULL, NULL, NULL, NULL);
835 return rc;
836 }
837
838
839 \f
840 static int
841 keyinfo_status_cb (void *opaque, const char *line)
842 {
843 char **serialno = opaque;
844 const char *s, *s2;
845
846 if (!strncmp (line, "KEYINFO ", 8) && !*serialno)
847 {
848 s = strchr (line+8, ' ');
849 if (s && s[1] == 'T' && s[2] == ' ' && s[3])
850 {
851 s += 3;
852 s2 = strchr (s, ' ');
853 if ( s2 > s )
854 {
855 *serialno = xtrymalloc ((s2 - s)+1);
856 if (*serialno)
857 {
858 memcpy (*serialno, s, s2 - s);
859 (*serialno)[s2 - s] = 0;
860 }
861 }
862 }
863 }
864 return 0;
865 }
866
867 /* Return the serial number for a secret key. If the returned serial
868 number is NULL, the key is not stored on a smartcard. Caller needs
869 to free R_SERIALNO. */
870 gpg_error_t
871 gpgsm_agent_keyinfo (ctrl_t ctrl, const char *hexkeygrip, char **r_serialno)
872 {
873 gpg_error_t err;
874 char line[ASSUAN_LINELENGTH];
875 char *serialno = NULL;
876
877 *r_serialno = NULL;
878
879 err = start_agent (ctrl);
880 if (err)
881 return err;
882
883 if (!hexkeygrip || strlen (hexkeygrip) != 40)
884 return gpg_error (GPG_ERR_INV_VALUE);
885
886 snprintf (line, DIM(line)-1, "KEYINFO %s", hexkeygrip);
887 line[DIM(line)-1] = 0;
888
889 err = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL,
890 keyinfo_status_cb, &serialno);
891 if (!err && serialno)
892 {
893 /* Sanity check for bad characters. */
894 if (strpbrk (serialno, ":\n\r"))
895 err = GPG_ERR_INV_VALUE;
896 }
897 if (err)
898 xfree (serialno);
899 else
900 *r_serialno = serialno;
901 return err;
902 }
903
gnupg svn clone