| blob | 2f91e1e840a8b20baad3527f327ea14d6d38a04f |
1 /* call-scd.c - fork of the scdaemon to do SC operations
2 * Copyright (C) 2001, 2002, 2005 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
19 * USA.
20 */
22 #include <config.h>
23 #include <errno.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <ctype.h>
28 #include <assert.h>
29 #include <unistd.h>
30 #include <signal.h>
31 #include <sys/stat.h>
32 #include <sys/types.h>
33 #ifndef HAVE_W32_SYSTEM
34 #include <sys/wait.h>
35 #endif
36 #include <pth.h>
39 #include <assuan.h>
41 #ifdef _POSIX_OPEN_MAX
42 #define MAX_OPEN_FDS _POSIX_OPEN_MAX
43 #else
44 #define MAX_OPEN_FDS 20
45 #endif
47 /* Definition of module local data of the CTRL structure. */
48 struct scd_local_s
49 {
50 /* We keep a list of all allocated context with a an achnor at
51 SCD_LOCAL_LIST (see below). */
54 /* We need to get back to the ctrl object actually referencing this
55 structure. This is really an awkward way of enumerint the lcoal
56 contects. A much cleaner way would be to keep a global list of
57 ctrl objects to enumerate them. */
58 ctrl_t ctrl_backlink;
61 used with this connection. */
63 start_scd and unlock_scd. */
65 };
68 /* Callback parameter for learn card */
69 struct learn_parm_s
70 {
77 };
79 struct inq_needpin_s
80 {
81 assuan_context_t ctx;
84 };
87 /* To keep track of all active SCD contexts, we keep a linked list
88 anchored at this variable. */
91 /* A Mutex used inside the start_scd function. */
94 /* A malloced string with the name of the socket to be used for
95 additional connections. May be NULL if not provided by
96 SCdaemon. */
99 /* The context of the primary connection. This is also used as a flag
100 to indicate whether the scdaemon has been started. */
103 /* To allow reuse of the primary connection, the following flag is set
104 to true if the primary context has been reset and is not in use by
105 any connection. */
110 /* Local prototypes. */
116 \f
117 /* This function must be called once to initialize this module. This
118 has to be done before a second thread is spawned. We can't do the
119 static initialization because Pth emulation code might not be able
120 to do a static init; in particular, it is not possible for W32. */
121 void
123 {
127 {
131 }
132 }
135 static void
137 {
142 else
144 }
147 /* This function may be called to print infromation pertaining to the
148 current state of this module to the log. */
149 void
151 {
156 primary_scd_ctx,
158 primary_scd_ctx_reusable);
161 }
164 /* The unlock_scd function shall be called after having accessed the
165 SCD. It is currently not very useful but gives an opportunity to
166 keep track of connections currently calling SCD. Note that the
167 "lock" operation is done by the start_scd() function which must be
168 called and error checked before any SCD operation. CTRL is the
169 usual connection context and RC the error code to be passed trhough
170 the function. */
171 static int
173 {
175 {
180 }
183 }
185 /* To make sure we leave no secrets in our image after forking of the
186 scdaemon, we use this callback. */
187 static void
189 {
192 }
195 /* Fork off the SCdaemon if this has not already been done. Lock the
196 daemon and make sure that a proper context has been setup in CTRL.
197 This function might also lock the daemon, which means that the
198 caller must call unlock_scd after this fucntion has returned
199 success and the actual Assuan transaction been done. */
200 static int
202 {
205 assuan_context_t ctx;
214 /* If this is the first call for this session, setup the local data
215 structure. */
217 {
224 }
227 /* Assert that the lock count is as expected. */
229 {
233 }
238 alive context here and do an disconnect. Now that we
239 have a ticker function to check for it, it is easier
240 not to check here but to let the connection run on an
241 error instead. */
244 /* We need to protect the following code. */
246 {
250 }
252 /* Check whether the pipe server has already been started and in
253 this case either reuse a lingering pipe connection or establish a
254 new socket based one. */
256 {
262 }
265 {
268 {
273 }
278 }
281 {
285 }
287 /* Nope, it has not been started. Fire it up now. */
292 {
296 }
302 else
303 pgmname++;
311 {
315 }
318 /* Connect to the pinentry and perform initial handshaking */
322 {
327 }
332 /* Get the name of the additional socket opened by scdaemon. */
333 {
334 membuf_t data;
346 {
351 else
352 {
357 }
358 }
360 }
362 /* Tell the scdaemon we want him to send us an event signal. */
363 #ifndef HAVE_W32_SYSTEM
364 {
369 }
370 #endif
375 leave:
377 {
379 }
380 else
381 {
383 }
387 }
390 /* Check whether the Scdaemon is still alive and clean it up if not. */
391 void
393 {
394 pth_event_t evt;
395 pid_t pid;
401 /* This is not a critical function so we use a short timeout while
402 acquiring the lock. */
405 {
407 {
411 }
412 else
417 }
421 {
425 {
426 /* Okay, scdaemon died. Disconnect the primary connection
427 now but take care that it won't do another wait. Also
428 cleanup all other connections and release their
429 resources. The next use will start a new daemon then.
430 Due to the use of the START_SCD_LOCAL we are sure that
431 none of these context are actually in use. */
438 {
440 {
444 }
445 }
452 }
453 }
458 }
462 /* Reset the SCD if it has been used. Actually it is not a reset but
463 a cleanup of resources used by the current connection. */
464 int
466 {
468 {
470 {
471 /* We can't disconnect the primary context because libassuan
472 does a waitpid on it and thus the system would hang.
473 Instead we send a reset and keep that connection for
474 reuse. */
476 {
477 /* Send a RESTART to the SCD. This is required for the
478 primary connection as a kind of virtual EOF; we don't
479 have another way to tell it that the next command
480 should be viewed as if a new connection has been
481 made. For the non-primary connections this is not
482 needed as we simply close the socket. We don't check
483 for an error here because the RESTART may fail for
484 example if the scdaemon has already been terminated.
485 Anyway, we need to set the reusable flag to make sure
486 that the aliveness check can clean it up. */
490 }
491 else
494 }
496 /* Remove the local context from our list and release it. */
501 else
502 {
511 }
514 }
517 }
520 \f
521 /* Return a new malloced string by unescaping the string S. Escaping
522 is percent escaping and '+'/space mapping. A binary Nul will
523 silently be replaced by a 0xFF. Function returns NULL to indicate
524 an out of memory status. */
527 {
534 {
536 {
537 s++;
541 d++;
543 }
545 {
547 s++;
548 }
549 else
551 }
554 }
557 \f
558 static int
560 {
566 ;
568 line++;
570 {
572 }
574 {
576 }
578 {
580 }
583 }
585 /* Perform the LEARN command and return a list of all private keys
586 stored on the card. */
587 int
595 {
617 }
620 \f
621 static int
623 {
630 ;
632 line++;
635 {
639 ;
647 }
650 }
652 /* Return the serial number of the card or an appropriate error. The
653 serial number is returned as a hexstring. */
654 int
656 {
668 {
671 }
674 }
678 \f
679 static int
681 {
687 }
689 /* Handle the NEEDPIN inquiry. */
690 static int
692 {
699 {
702 line++;
713 }
715 {
722 line++;
725 }
726 else
727 {
730 }
733 }
737 /* Create a signature using the current card */
738 int
745 {
748 membuf_t data;
783 {
786 }
789 /* Create an S-expression from it which is formatted like this:
790 "(7:sig-val(3:rsa(1:sSIGBUFLEN:SIGBUF)))" */
806 }
808 /* Decipher INDATA using the current card. Note that the returned value is */
809 int
816 {
819 membuf_t data;
828 /* FIXME: use secure memory where appropriate */
852 {
855 }
861 }
864 \f
865 /* Read a certificate with ID into R_BUF and R_BUFLEN. */
866 int
869 {
872 membuf_t data;
888 {
891 }
897 }
900 \f
901 /* Read a key with ID and return it in an allocate buffer pointed to
902 by r_BUF as a valid S-expression. */
903 int
905 {
908 membuf_t data;
924 {
927 }
933 {
936 }
939 }
942 \f
943 /* Type used with the card_getattr_cb. */
949 };
951 /* Callback function for agent_card_getattr. */
952 static assuan_error_t
954 {
963 ;
965 line++;
969 {
973 }
976 }
979 /* Call the agent to retrieve a single line data object. On success
980 the object is malloced and stored at RESULT; it is guaranteed that
981 NULL is never stored in this case. On error an error code is
982 returned and NULL stored at RESULT. */
983 gpg_error_t
985 {
999 /* We assume that NAME does not need escaping. */
1019 else
1023 }
1027 \f
1028 static int
1030 {
1038 /* truncate any remaining keyword stuff. */
1040 ;
1042 line++;
1046 }
1048 static int
1050 {
1055 }
1058 /* Send the line CMDLINE with command for the SCDdaemon to it and send
1059 all status messages back. This command is used as a general quoting
1060 mechanism to pass everything verbatim to SCDAEMOPN. The PIN
1061 inquirey is handled inside gpg-agent. */
1062 int
1066 {
1082 {
1084 }
1087 }