crypto/dist/heimdal/lib/hx509/lock.c

   1 /*
   2  * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include "hx_locl.h"
  35 __RCSID("$Heimdal: lock.c 22327 2007-12-15 04:49:37Z lha $"
  36         "$NetBSD$");
  37
  38 /**
  39  * @page page_lock Locking and unlocking certificates and encrypted data.
  40  *
  41  * See the library functions here: @ref hx509_lock
  42  */
  43
  44 struct hx509_lock_data {
  45     struct _hx509_password password;
  46     hx509_certs certs;
  47     hx509_prompter_fct prompt;
  48     void *prompt_data;
  49 };
  50
  51 static struct hx509_lock_data empty_lock_data = {
  52     { 0, NULL }
  53 };
  54
  55 hx509_lock _hx509_empty_lock = &empty_lock_data;
  56
  57 /*
  58  *
  59  */
  60
  61 int
  62 hx509_lock_init(hx509_context context, hx509_lock *lock)
  63 {
  64     hx509_lock l;
  65     int ret;
  66
  67     *lock = NULL;
  68
  69     l = calloc(1, sizeof(*l));
  70     if (l == NULL)
  71         return ENOMEM;
  72
  73     ret = hx509_certs_init(context,
  74                            "MEMORY:locks-internal",
  75                            0,
  76                            NULL,
  77                            &l->certs);
  78     if (ret) {
  79         free(l);
  80         return ret;
  81     }
  82
  83     *lock = l;
  84
  85     return 0;
  86 }
  87
  88 int
  89 hx509_lock_add_password(hx509_lock lock, const char *password)
  90 {
  91     void *d;
  92     char *s;
  93
  94     s = strdup(password);
  95     if (s == NULL)
  96         return ENOMEM;
  97
  98     d = realloc(lock->password.val,
  99                 (lock->password.len + 1) * sizeof(lock->password.val[0]));
 100     if (d == NULL) {
 101         free(s);
 102         return ENOMEM;
 103     }
 104     lock->password.val = d;
 105     lock->password.val[lock->password.len] = s;
 106     lock->password.len++;
 107
 108     return 0;
 109 }
 110
 111 const struct _hx509_password *
 112 _hx509_lock_get_passwords(hx509_lock lock)
 113 {
 114     return &lock->password;
 115 }
 116
 117 hx509_certs
 118 _hx509_lock_unlock_certs(hx509_lock lock)
 119 {
 120     return lock->certs;
 121 }
 122
 123 void
 124 hx509_lock_reset_passwords(hx509_lock lock)
 125 {
 126     int i;
 127     for (i = 0; i < lock->password.len; i++)
 128         free(lock->password.val[i]);
 129     free(lock->password.val);
 130     lock->password.val = NULL;
 131     lock->password.len = 0;
 132 }
 133
 134 int
 135 hx509_lock_add_cert(hx509_context context, hx509_lock lock, hx509_cert cert)
 136 {
 137     return hx509_certs_add(context, lock->certs, cert);
 138 }
 139
 140 int
 141 hx509_lock_add_certs(hx509_context context, hx509_lock lock, hx509_certs certs)
 142 {
 143     return hx509_certs_merge(context, lock->certs, certs);
 144 }
 145
 146 void
 147 hx509_lock_reset_certs(hx509_context context, hx509_lock lock)
 148 {
 149     hx509_certs certs = lock->certs;
 150     int ret;
 151
 152     ret = hx509_certs_init(context,
 153                            "MEMORY:locks-internal",
 154                            0,
 155                            NULL,
 156                            &lock->certs);
 157     if (ret == 0)
 158         hx509_certs_free(&certs);
 159     else
 160         lock->certs = certs;
 161 }
 162
 163 int
 164 _hx509_lock_find_cert(hx509_lock lock, const hx509_query *q, hx509_cert *c)
 165 {
 166     *c = NULL;
 167     return 0;
 168 }
 169
 170 int
 171 hx509_lock_set_prompter(hx509_lock lock, hx509_prompter_fct prompt, void *data)
 172 {
 173     lock->prompt = prompt;
 174     lock->prompt_data = data;
 175     return 0;
 176 }
 177
 178 void
 179 hx509_lock_reset_promper(hx509_lock lock)
 180 {
 181     lock->prompt = NULL;
 182     lock->prompt_data = NULL;
 183 }
 184
 185 static int
 186 default_prompter(void *data, const hx509_prompt *prompter)
 187 {
 188     if (hx509_prompt_hidden(prompter->type)) {
 189         if(UI_UTIL_read_pw_string(prompter->reply.data,
 190                                   prompter->reply.length,
 191                                   prompter->prompt,
 192                                   0))
 193             return 1;
 194     } else {
 195         char *s = prompter->reply.data;
 196
 197         fputs (prompter->prompt, stdout);
 198         fflush (stdout);
 199         if(fgets(prompter->reply.data,
 200                  prompter->reply.length,
 201                  stdin) == NULL)
 202             return 1;
 203         s[strcspn(s, "\n")] = '\0';
 204     }
 205     return 0;
 206 }
 207
 208 int
 209 hx509_lock_prompt(hx509_lock lock, hx509_prompt *prompt)
 210 {
 211     if (lock->prompt == NULL)
 212         return HX509_CRYPTO_NO_PROMPTER;
 213     return (*lock->prompt)(lock->prompt_data, prompt);
 214 }
 215
 216 void
 217 hx509_lock_free(hx509_lock lock)
 218 {
 219     hx509_certs_free(&lock->certs);
 220     hx509_lock_reset_passwords(lock);
 221     memset(lock, 0, sizeof(*lock));
 222     free(lock);
 223 }
 224
 225 int
 226 hx509_prompt_hidden(hx509_prompt_type type)
 227 {
 228     /* default to hidden if unknown */
 229
 230     switch (type) {
 231     case HX509_PROMPT_TYPE_QUESTION:
 232     case HX509_PROMPT_TYPE_INFO:
 233         return 0;
 234     default:
 235         return 1;
 236     }
 237 }
 238
 239 int
 240 hx509_lock_command_string(hx509_lock lock, const char *string)
 241 {
 242     if (strncasecmp(string, "PASS:", 5) == 0) {
 243         hx509_lock_add_password(lock, string + 5);
 244     } else if (strcasecmp(string, "PROMPT") == 0) {
 245         hx509_lock_set_prompter(lock, default_prompter, NULL);
 246     } else
 247         return HX509_UNKNOWN_LOCK_COMMAND;
 248     return 0;
 249 }