Add comment about Cherry.
[gnupg.git] / agent / learncard.c
blob77f2bb09d7a9d6df0a51acae243334dc3ab37029
1 /* learncard.c - Handle the LEARN command
2 * Copyright (C) 2002, 2003, 2004, 2009 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
20 #include <config.h>
21 #include <errno.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <ctype.h>
26 #include <assert.h>
27 #include <unistd.h>
28 #include <sys/stat.h>
30 #include "agent.h"
31 #include <assuan.h>
33 /* Structures used by the callback mechanism to convey information
34 pertaining to key pairs. */
35 struct keypair_info_s
37 struct keypair_info_s *next;
38 int no_cert;
39 char *id; /* points into grip */
40 char hexgrip[1]; /* The keygrip (i.e. a hash over the public key
41 parameters) formatted as a hex string.
42 Allocated somewhat large to also act as
43 memeory for the above ID field. */
45 typedef struct keypair_info_s *KEYPAIR_INFO;
47 struct kpinfo_cb_parm_s
49 ctrl_t ctrl;
50 int error;
51 KEYPAIR_INFO info;
55 /* Structures used by the callback mechanism to convey information
56 pertaining to certificates. */
57 struct certinfo_s {
58 struct certinfo_s *next;
59 int type;
60 int done;
61 char id[1];
63 typedef struct certinfo_s *CERTINFO;
65 struct certinfo_cb_parm_s
67 ctrl_t ctrl;
68 int error;
69 CERTINFO info;
73 /* Structures used by the callback mechanism to convey assuan status
74 lines. */
75 struct sinfo_s {
76 struct sinfo_s *next;
77 char *data; /* Points into keyword. */
78 char keyword[1];
80 typedef struct sinfo_s *SINFO;
82 struct sinfo_cb_parm_s {
83 int error;
84 SINFO info;
88 /* Destructor for key information objects. */
89 static void
90 release_keypair_info (KEYPAIR_INFO info)
92 while (info)
94 KEYPAIR_INFO tmp = info->next;
95 xfree (info);
96 info = tmp;
100 /* Destructor for certificate information objects. */
101 static void
102 release_certinfo (CERTINFO info)
104 while (info)
106 CERTINFO tmp = info->next;
107 xfree (info);
108 info = tmp;
112 /* Destructor for status information objects. */
113 static void
114 release_sinfo (SINFO info)
116 while (info)
118 SINFO tmp = info->next;
119 xfree (info);
120 info = tmp;
126 /* This callback is used by agent_card_learn and passed the content of
127 all KEYPAIRINFO lines. It merely stores this data away */
128 static void
129 kpinfo_cb (void *opaque, const char *line)
131 struct kpinfo_cb_parm_s *parm = opaque;
132 KEYPAIR_INFO item;
133 char *p;
135 if (parm->error)
136 return; /* no need to gather data after an error coccured */
138 if ((parm->error = agent_write_status (parm->ctrl, "PROGRESS",
139 "learncard", "k", "0", "0", NULL)))
140 return;
142 item = xtrycalloc (1, sizeof *item + strlen (line));
143 if (!item)
145 parm->error = out_of_core ();
146 return;
148 strcpy (item->hexgrip, line);
149 for (p = item->hexgrip; hexdigitp (p); p++)
151 if (p == item->hexgrip && *p == 'X' && spacep (p+1))
153 item->no_cert = 1;
154 p++;
156 else if ((p - item->hexgrip) != 40 || !spacep (p))
157 { /* not a 20 byte hex keygrip or not followed by a space */
158 parm->error = gpg_error (GPG_ERR_INV_RESPONSE);
159 xfree (item);
160 return;
162 *p++ = 0;
163 while (spacep (p))
164 p++;
165 item->id = p;
166 while (*p && !spacep (p))
167 p++;
168 if (p == item->id)
169 { /* invalid ID string */
170 parm->error = gpg_error (GPG_ERR_INV_RESPONSE);
171 xfree (item);
172 return;
174 *p = 0; /* ignore trailing stuff */
176 /* store it */
177 item->next = parm->info;
178 parm->info = item;
182 /* This callback is used by agent_card_learn and passed the content of
183 all CERTINFO lines. It merely stores this data away */
184 static void
185 certinfo_cb (void *opaque, const char *line)
187 struct certinfo_cb_parm_s *parm = opaque;
188 CERTINFO item;
189 int type;
190 char *p, *pend;
192 if (parm->error)
193 return; /* no need to gather data after an error coccured */
195 if ((parm->error = agent_write_status (parm->ctrl, "PROGRESS",
196 "learncard", "c", "0", "0", NULL)))
197 return;
199 type = strtol (line, &p, 10);
200 while (spacep (p))
201 p++;
202 for (pend = p; *pend && !spacep (pend); pend++)
204 if (p == pend || !*p)
206 parm->error = gpg_error (GPG_ERR_INV_RESPONSE);
207 return;
209 *pend = 0; /* ignore trailing stuff */
211 item = xtrycalloc (1, sizeof *item + strlen (p));
212 if (!item)
214 parm->error = out_of_core ();
215 return;
217 item->type = type;
218 strcpy (item->id, p);
219 /* store it */
220 item->next = parm->info;
221 parm->info = item;
225 /* This callback is used by agent_card_learn and passed the content of
226 all SINFO lines. It merely stores this data away */
227 static void
228 sinfo_cb (void *opaque, const char *keyword, size_t keywordlen,
229 const char *data)
231 struct sinfo_cb_parm_s *sparm = opaque;
232 SINFO item;
234 if (sparm->error)
235 return; /* no need to gather data after an error coccured */
237 item = xtrycalloc (1, sizeof *item + keywordlen + 1 + strlen (data));
238 if (!item)
240 sparm->error = out_of_core ();
241 return;
243 memcpy (item->keyword, keyword, keywordlen);
244 item->data = item->keyword + keywordlen;
245 *item->data = 0;
246 item->data++;
247 strcpy (item->data, data);
248 /* store it */
249 item->next = sparm->info;
250 sparm->info = item;
255 static int
256 send_cert_back (ctrl_t ctrl, const char *id, void *assuan_context)
258 int rc;
259 char *derbuf;
260 size_t derbuflen;
262 rc = agent_card_readcert (ctrl, id, &derbuf, &derbuflen);
263 if (rc)
265 const char *action;
267 switch (gpg_err_code (rc))
269 case GPG_ERR_INV_ID:
270 case GPG_ERR_NOT_FOUND:
271 action = " - ignored";
272 break;
273 default:
274 action = "";
275 break;
277 if (opt.verbose || !*action)
278 log_info ("error reading certificate `%s': %s%s\n",
279 id? id:"?", gpg_strerror (rc), action);
281 return *action? 0 : rc;
284 rc = assuan_send_data (assuan_context, derbuf, derbuflen);
285 xfree (derbuf);
286 if (!rc)
287 rc = assuan_send_data (assuan_context, NULL, 0);
288 if (!rc)
289 rc = assuan_write_line (assuan_context, "END");
290 if (rc)
292 log_error ("sending certificate failed: %s\n",
293 gpg_strerror (rc));
294 return rc;
296 return 0;
299 /* Perform the learn operation. If ASSUAN_CONTEXT is not NULL all new
300 certificates are send back via Assuan. */
302 agent_handle_learn (ctrl_t ctrl, void *assuan_context)
304 int rc;
306 struct kpinfo_cb_parm_s parm;
307 struct certinfo_cb_parm_s cparm;
308 struct sinfo_cb_parm_s sparm;
309 char *serialno = NULL;
310 KEYPAIR_INFO item;
311 SINFO sitem;
312 unsigned char grip[20];
313 char *p;
314 int i;
315 static int certtype_list[] = {
316 111, /* Root CA */
317 101, /* trusted */
318 102, /* useful */
319 100, /* regular */
320 /* We don't include 110 here because gpgsm can't handle that
321 special root CA format. */
322 -1 /* end of list */
326 memset (&parm, 0, sizeof parm);
327 memset (&cparm, 0, sizeof cparm);
328 memset (&sparm, 0, sizeof sparm);
329 parm.ctrl = ctrl;
330 cparm.ctrl = ctrl;
332 /* Check whether a card is present and get the serial number */
333 rc = agent_card_serialno (ctrl, &serialno);
334 if (rc)
335 goto leave;
337 /* Now gather all the available info. */
338 rc = agent_card_learn (ctrl, kpinfo_cb, &parm, certinfo_cb, &cparm,
339 sinfo_cb, &sparm);
340 if (!rc && (parm.error || cparm.error || sparm.error))
341 rc = parm.error? parm.error : cparm.error? cparm.error : sparm.error;
342 if (rc)
344 log_debug ("agent_card_learn failed: %s\n", gpg_strerror (rc));
345 goto leave;
348 log_info ("card has S/N: %s\n", serialno);
350 /* Pass on all the collected status information. */
351 if (assuan_context)
353 for (sitem = sparm.info; sitem; sitem = sitem->next)
355 assuan_write_status (assuan_context, sitem->keyword, sitem->data);
359 /* Write out the certificates in a standard order. */
360 for (i=0; certtype_list[i] != -1; i++)
362 CERTINFO citem;
363 for (citem = cparm.info; citem; citem = citem->next)
365 if (certtype_list[i] != citem->type)
366 continue;
368 if (opt.verbose)
369 log_info (" id: %s (type=%d)\n",
370 citem->id, citem->type);
372 if (assuan_context)
374 rc = send_cert_back (ctrl, citem->id, assuan_context);
375 if (rc)
376 goto leave;
377 citem->done = 1;
382 for (item = parm.info; item; item = item->next)
384 unsigned char *pubkey, *shdkey;
385 size_t n;
387 if (opt.verbose)
388 log_info (" id: %s (grip=%s)\n", item->id, item->hexgrip);
390 if (item->no_cert)
391 continue; /* No public key yet available. */
393 if (assuan_context)
395 agent_write_status (ctrl, "KEYPAIRINFO",
396 item->hexgrip, item->id, NULL);
399 for (p=item->hexgrip, i=0; i < 20; p += 2, i++)
400 grip[i] = xtoi_2 (p);
402 if (!agent_key_available (grip))
403 continue; /* The key is already available. */
405 /* Unknown key - store it. */
406 rc = agent_card_readkey (ctrl, item->id, &pubkey);
407 if (rc)
409 log_debug ("agent_card_readkey failed: %s\n", gpg_strerror (rc));
410 goto leave;
414 unsigned char *shadow_info = make_shadow_info (serialno, item->id);
415 if (!shadow_info)
417 rc = gpg_error (GPG_ERR_ENOMEM);
418 xfree (pubkey);
419 goto leave;
421 rc = agent_shadow_key (pubkey, shadow_info, &shdkey);
422 xfree (shadow_info);
424 xfree (pubkey);
425 if (rc)
427 log_error ("shadowing the key failed: %s\n", gpg_strerror (rc));
428 goto leave;
430 n = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
431 assert (n);
433 rc = agent_write_private_key (grip, shdkey, n, 0);
434 xfree (shdkey);
435 if (rc)
437 log_error ("error writing key: %s\n", gpg_strerror (rc));
438 goto leave;
441 if (opt.verbose)
442 log_info ("stored\n");
444 if (assuan_context)
446 CERTINFO citem;
448 /* only send the certificate if we have not done so before */
449 for (citem = cparm.info; citem; citem = citem->next)
451 if (!strcmp (citem->id, item->id))
452 break;
454 if (!citem)
456 rc = send_cert_back (ctrl, item->id, assuan_context);
457 if (rc)
458 goto leave;
464 leave:
465 xfree (serialno);
466 release_keypair_info (parm.info);
467 release_certinfo (cparm.info);
468 release_sinfo (sparm.info);
469 return rc;