| blob | 63919dd1f312a736df45cf97b676233ec74a8c95 |
1 /* call-agent.c - Divert GPG operations to the agent.
2 * Copyright (C) 2001, 2002, 2003, 2006, 2007,
3 * 2008 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <unistd.h>
27 #include <time.h>
28 #include <assert.h>
29 #ifdef HAVE_LOCALE_H
30 #include <locale.h>
31 #endif
32 #include <assuan.h>
43 #ifndef DBG_ASSUAN
44 # define DBG_ASSUAN 1
45 #endif
49 struct cipher_parm_s
50 {
51 assuan_context_t ctx;
54 };
56 struct writecert_parm_s
57 {
58 assuan_context_t ctx;
61 };
63 struct writekey_parm_s
64 {
65 assuan_context_t ctx;
68 };
70 struct genkey_parm_s
71 {
72 assuan_context_t ctx;
75 };
78 \f
79 /* Try to connect to the agent via socket or fork it off and work by
80 pipes. Handle the server's initial greeting */
81 static int
83 {
88 the access to the agent. */
91 GPG_ERR_SOURCE_DEFAULT,
100 {
101 /* Tell the agent that we support Pinentry notifications. No
102 error checking so that it will work also with older
103 agents. */
106 }
109 }
112 /* Return a new malloced string by unescaping the string S. Escaping
113 is percent escaping and '+'/space mapping. A binary nul will
114 silently be replaced by a 0xFF. Function returns NULL to indicate
115 an out of memory status. */
118 {
120 }
123 /* Take a 20 byte hexencoded string and put it into the the provided
124 20 byte buffer FPR in binary format. */
125 static int
127 {
132 ;
139 }
141 /* Take the serial number from LINE and return it verbatim in a newly
142 allocated string. We make sure that only hex characters are
143 returned. */
146 {
151 ;
154 {
157 }
159 }
162 \f
163 /* This is a dummy data line callback. */
164 static int
166 {
171 }
174 /* This is the default inquiry callback. It mainly handles the
175 Pinentry notifications. */
176 static int
178 {
182 {
183 /* There is no working server mode yet thus we use
184 AllowSetForegroundWindow window right here. We might want to
185 do this anyway in case gpg is called on the console. */
187 /* We do not pass errors to avoid breaking other code. */
188 }
189 else
193 }
197 /* Release the card info structure INFO. */
198 void
200 {
212 }
214 static int
216 {
223 ;
225 line++;
228 {
233 }
235 {
238 }
240 {
243 }
245 {
248 }
250 {
252 }
254 {
257 }
259 {
262 }
264 {
266 }
268 {
273 {
275 p++;
278 p++;
280 p++;
282 {
285 p++;
287 p++;
288 }
290 {
293 p++;
295 p++;
296 }
298 }
299 }
301 {
304 line++;
306 line++;
313 }
315 {
318 line++;
320 line++;
327 }
329 {
333 keyno--;
335 {
338 }
339 }
342 }
344 /* Call the agent to learn about a smartcard */
345 int
347 {
358 /* Also try to get the key attributes. */
363 }
365 /* Call the agent to retrieve a data object. This function returns
366 the data in the same structure as used by the learn command. It is
367 allowed to update such a structure using this commmand. */
368 int
370 {
377 /* We assume that NAME does not need escaping. */
390 }
392 \f
393 /* Send an setattr command to the SCdaemon. SERIALNO is not actually
394 used here but required by gpg 1.4's implementation of this code in
395 cardglue.c. */
396 int
400 {
410 /* We assume that NAME does not need escaping. */
417 {
421 {
424 }
427 else
429 }
439 }
442 \f
443 /* Handle a CERTDATA inquiry. Note, we only send the data,
444 assuan_transact takes care of flushing and writing the END
445 command. */
446 static int
448 {
453 {
455 }
456 else
460 }
463 /* Send a WRITECERT command to the SCdaemon. */
464 int
467 {
488 }
492 \f
493 /* Handle a KEYDATA inquiry. Note, we only send the data,
494 assuan_transact takes care of flushing and writing the end */
495 static int
497 {
502 {
504 }
505 else
509 }
512 /* Send a WRITEKEY command to the SCdaemon. */
513 int
516 {
539 }
543 \f
544 /* Status callback for the SCD GENKEY command. */
545 static int
547 {
551 gpg_error_t rc;
554 ;
556 line++;
559 {
561 }
563 {
564 gcry_mpi_t a;
568 line++;
570 line++;
579 else
580 {
583 }
584 }
586 {
588 }
591 }
593 /* Send a GENKEY command to the SCdaemon. SERIALNO is not used in
594 this implementation. If CREATEDATE has been given, it will be
595 passed to SCDAEMON so that the key can be created with this
596 timestamp; note the user needs to use the returned timestamp as old
597 versions of scddaemon don't support this option. */
598 int
601 {
604 gnupg_isotime_t tbuf;
614 else
621 keyno);
630 }
632 \f
633 static int
635 {
641 }
643 /* Send a sign command to the scdaemon via gpg-agent's pass thru
644 mechanism. */
645 int
649 {
652 membuf_t data;
655 /* Note, hashalgo is not yet used but hardwired to SHA1 in SCdaemon. */
667 /* Send the serialno command to initialize the connection. We don't
668 care about the data returned. If the card has already been
669 initialized, this is a very fast command. We request the openpgp
670 card because that is what we expect. */
685 #if 0
688 else
689 #endif
692 serialno);
697 {
700 }
704 }
707 /* Decrypt INDATA of length INDATALEN using the card identified by
708 SERIALNO. Return the plaintext in a nwly allocated buffer stored
709 at the address of R_BUF.
711 Note, we currently support only RSA or more exactly algorithms
712 taking one input data element. */
713 int
717 {
720 membuf_t data;
728 /* FIXME: use secure memory where appropriate */
732 /* Send the serialno command to initialize the connection. We don't
733 care about the data returned. If the card has already been
734 initialized, this is a very fast command. We request the openpgp
735 card because that is what we expect. */
756 {
759 }
765 }
768 /* Change the PIN of an OpenPGP card or reset the retry counter.
769 CHVNO 1: Change the PIN
770 2: For v1 cards: Same as 1.
771 For v2 cards: Reset the PIN using the Reset Code.
772 3: Change the admin PIN
773 101: Set a new PIN and reset the retry counter
774 102: For v1 cars: Same as 101.
775 For v2 cards: Set a new Reset Code.
776 SERIALNO is not used.
777 */
778 int
780 {
800 }
803 /* Perform a CHECKPIN operation. SERIALNO should be the serial
804 number of the card - optionally followed by the fingerprint;
805 however the fingerprint is ignored here. */
806 int
808 {
821 }
824 /* Dummy function, only used by the gpg 1.4 implementation. */
825 void
827 {
829 }
833 \f
834 /* Note: All strings shall be UTF-8. On success the caller needs to
835 free the string stored at R_PASSPHRASE. On error NULL will be
836 stored at R_PASSPHRASE and an appropriate fpf error code
837 returned. */
838 gpg_error_t
846 {
853 membuf_t data;
861 /* Check that the gpg-agent understands the repeat option. */
882 repeat,
901 else
902 {
907 }
909 no_mem:
916 }
919 gpg_error_t
921 {
936 }