1 /* agent.h - Global definitions for the agent
2 * Copyright (C) 2001, 2002, 2003, 2005, 2011 Free Software Foundation, Inc.
3 * Copyright (C) 2015 g10 Code GmbH.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
24 #ifdef GPG_ERR_SOURCE_DEFAULT
25 #error GPG_ERR_SOURCE_DEFAULT already defined
27 #define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GPGAGENT
28 #include <gpg-error.h>
29 #define map_assuan_err(a) \
30 map_assuan_err_with_source (GPG_ERR_SOURCE_DEFAULT, (a))
34 #include "../common/util.h"
35 #include "../common/membuf.h"
36 #include "../common/sysutils.h" /* (gnupg_fd_t) */
37 #include "../common/session-env.h"
38 #include "../common/shareddefs.h"
40 /* To convey some special hash algorithms we use algorithm numbers
41 reserved for application use. */
42 #ifndef GCRY_MODULE_ID_USER
43 #define GCRY_MODULE_ID_USER 1024
45 #define MD_USER_TLS_MD5SHA1 (GCRY_MODULE_ID_USER+1)
47 /* Maximum length of a digest. */
48 #define MAX_DIGEST_LEN 64
52 /* A large struct name "opt" to keep global flags */
55 unsigned int debug; /* Debug flags (DBG_foo_VALUE) */
56 int verbose; /* Verbosity level */
57 int quiet; /* Be as quiet as possible */
58 int dry_run; /* Don't change any persistent data */
59 int batch; /* Batch mode */
60 const char *homedir; /* Configuration directory name */
62 /* True if we handle sigusr2. */
65 /* Environment settings gathered at program start or changed using the
66 Assuan command UPDATESTARTUPTTY. */
67 session_env_t startup_env;
68 char *startup_lc_ctype;
69 char *startup_lc_messages;
71 /* Enable pinentry debugging (--debug 1024 should also be used). */
74 /* Filename of the program to start as pinentry. */
75 const char *pinentry_program;
77 /* Filename of the program to handle smartcard tasks. */
78 const char *scdaemon_program;
80 int disable_scdaemon; /* Never use the SCdaemon. */
82 int no_grab; /* Don't let the pinentry grab the keyboard */
84 /* The name of the file pinentry shall tocuh before exiting. If
85 this is not set the filoe name of the standard socket is used. */
86 const char *pinentry_touch_file;
88 /* The default and maximum TTL of cache entries. */
89 unsigned long def_cache_ttl; /* Default. */
90 unsigned long def_cache_ttl_ssh; /* for SSH. */
91 unsigned long max_cache_ttl; /* Default. */
92 unsigned long max_cache_ttl_ssh; /* for SSH. */
94 /* Flag disallowing bypassing of the warning. */
95 int enforce_passphrase_constraints;
97 /* The require minmum length of a passphrase. */
98 unsigned int min_passphrase_len;
100 /* The minimum number of non-alpha characters in a passphrase. */
101 unsigned int min_passphrase_nonalpha;
103 /* File name with a patternfile or NULL if not enabled. */
104 const char *check_passphrase_pattern;
106 /* If not 0 the user is asked to change his passphrase after these
108 unsigned int max_passphrase_days;
110 /* If set, a passphrase history will be written and checked at each
111 passphrase change. */
112 int enable_passhrase_history;
114 int running_detached; /* We are running detached from the tty. */
116 /* If this global option is true, the passphrase cache is ignored
117 for signing operations. */
118 int ignore_cache_for_signing;
120 /* If this global option is true, the user is allowed to
121 interactively mark certificate in trustlist.txt as trusted. */
122 int allow_mark_trusted;
124 /* If this global option is true, the Assuan command
125 PRESET_PASSPHRASE is allowed. */
126 int allow_preset_passphrase;
128 /* If this global option is true, the Assuan option
129 pinentry-mode=loopback is allowed. */
130 int allow_loopback_pinentry;
132 /* Allow the use of an external password cache. If this option is
133 enabled (which is the default) we send an option to Pinentry
134 to allow it to enable such a cache. */
135 int allow_external_cache;
137 /* If this global option is true, the Assuan option of Pinentry
138 allow-emacs-prompt is allowed. */
139 int allow_emacs_pinentry;
141 int keep_tty; /* Don't switch the TTY (for pinentry) on request */
142 int keep_display; /* Don't switch the DISPLAY (for pinentry) on request */
144 /* This global options indicates the use of an extra socket. Note
145 that we use a hack for cleanup handling in gpg-agent.c: If the
146 value is less than 2 the name has not yet been malloced. */
149 /* This global options indicates the use of an extra socket for web
150 browsers. Note that we use a hack for cleanup handling in
151 gpg-agent.c: If the value is less than 2 the name has not yet
157 /* Bit values for the --debug option. */
158 #define DBG_COMMAND_VALUE 1 /* debug commands i/o */
159 #define DBG_MPI_VALUE 2 /* debug mpi details */
160 #define DBG_CRYPTO_VALUE 4 /* debug low level crypto */
161 #define DBG_MEMORY_VALUE 32 /* debug memory allocation stuff */
162 #define DBG_CACHE_VALUE 64 /* debug the caching */
163 #define DBG_MEMSTAT_VALUE 128 /* show memory statistics */
164 #define DBG_HASHING_VALUE 512 /* debug hashing operations */
165 #define DBG_IPC_VALUE 1024 /* Enable Assuan debugging. */
167 /* Test macros for the debug option. */
168 #define DBG_COMMAND (opt.debug & DBG_COMMAND_VALUE)
169 #define DBG_CRYPTO (opt.debug & DBG_CRYPTO_VALUE)
170 #define DBG_MEMORY (opt.debug & DBG_MEMORY_VALUE)
171 #define DBG_CACHE (opt.debug & DBG_CACHE_VALUE)
172 #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
173 #define DBG_IPC (opt.debug & DBG_IPC_VALUE)
175 /* Forward reference for local definitions in command.c. */
176 struct server_local_s;
178 /* Declaration of objects from command-ssh.c. */
179 struct ssh_control_file_s;
180 typedef struct ssh_control_file_s *ssh_control_file_t;
182 /* Forward reference for local definitions in call-scd.c. */
185 /* Collection of data per session (aka connection). */
186 struct server_control_s
188 /* Private data used to fire up the connection thread. We use this
189 structure do avoid an extra allocation for only a few bytes while
190 spawning a new connection thread. */
195 /* Flag indicating the connection is run in restricted mode.
196 A value of 1 if used for --extra-socket,
197 a value of 2 is used for --browser-socket. */
200 /* Private data of the server (command.c). */
201 struct server_local_s *server_local;
203 /* Private data of the SCdaemon (call-scd.c). */
204 struct scd_local_s *scd_local;
206 /* Environment settings for the connection. */
207 session_env_t session_env;
211 /* The current pinentry mode. */
212 pinentry_mode_t pinentry_mode;
214 /* The TTL used for the --preset option of certain commands. */
215 int cache_ttl_opt_preset;
217 /* Information on the currently used digest (for signing commands). */
220 unsigned char value[MAX_DIGEST_LEN];
224 unsigned char keygrip[20];
227 /* A flag to enable a hack to send the PKAUTH command instead of the
228 PKSIGN command to the scdaemon. */
231 /* A flag to inhibit enforced passphrase change during an explicit
235 /* The current S2K which might be different from the calibrated
237 unsigned long s2k_count;
241 /* Information pertaining to pinentry requests. */
242 struct pin_entry_info_s
244 int min_digits; /* min. number of digits required or 0 for freeform entry */
245 int max_digits; /* max. number of allowed digits allowed*/
246 int max_tries; /* max. number of allowed tries. */
247 int failed_tries; /* Number of tries so far failed. */
248 int with_qualitybar; /* Set if the quality bar should be displayed. */
249 int with_repeat; /* Request repetition of the passphrase. */
250 int repeat_okay; /* Repetition worked. */
251 int (*check_cb)(struct pin_entry_info_s *); /* CB used to check the PIN */
252 void *check_cb_arg; /* optional argument which might be of use in the CB */
253 const char *cb_errtext; /* used by the cb to display a specific error */
254 size_t max_length; /* Allocated length of the buffer PIN. */
255 char pin[1]; /* The buffer to hold the PIN or passphrase.
256 It's actual allocated length is given by
257 MAX_LENGTH (above). */
261 /* Types of the private keys. */
264 PRIVATE_KEY_UNKNOWN = 0, /* Type of key is not known. */
265 PRIVATE_KEY_CLEAR = 1, /* The key is not protected. */
266 PRIVATE_KEY_PROTECTED = 2, /* The key is protected. */
267 PRIVATE_KEY_SHADOWED = 3, /* The key is a stub for a smartcard
269 PROTECTED_SHARED_SECRET = 4, /* RFU. */
270 PRIVATE_KEY_OPENPGP_NONE = 5 /* openpgp-native with protection "none". */
274 /* Values for the cache_mode arguments. */
277 CACHE_MODE_IGNORE = 0, /* Special mode to bypass the cache. */
278 CACHE_MODE_ANY, /* Any mode except ignore matches. */
279 CACHE_MODE_NORMAL, /* Normal cache (gpg-agent). */
280 CACHE_MODE_USER, /* GET_PASSPHRASE related cache. */
281 CACHE_MODE_SSH, /* SSH related cache. */
282 CACHE_MODE_NONCE /* This is a non-predictable nonce. */
286 /* The TTL is seconds used for adding a new nonce mode cache item. */
287 #define CACHE_TTL_NONCE 120
289 /* The TTL in seconds used by the --preset option of some commands.
290 This is the default value changeable by an OPTION command. */
291 #define CACHE_TTL_OPT_PRESET 900
294 /* The type of a function to lookup a TTL by a keygrip. */
295 typedef int (*lookup_ttl_t)(const char *hexgrip);
298 /* This is a special version of the usual _() gettext macro. It
299 assumes a server connection control variable with the name "ctrl"
300 and uses that to translate a string according to the locale set for
301 the connection. The macro LunderscoreIMPL is used by i18n to
302 actually define the inline function when needed. */
303 #define L_(a) agent_Lunderscore (ctrl, (a))
304 #define LunderscorePROTO \
305 static inline const char *agent_Lunderscore (ctrl_t ctrl, \
306 const char *string) \
307 GNUPG_GCC_ATTR_FORMAT_ARG(2);
308 #define LunderscoreIMPL \
309 static inline const char * \
310 agent_Lunderscore (ctrl_t ctrl, const char *string) \
312 return ctrl? i18n_localegettext (ctrl->lc_messages, string) \
313 /* */: gettext (string); \
317 /*-- gpg-agent.c --*/
318 void agent_exit (int rc) GPGRT_GCC_A_NR; /* Also implemented in other tools */
319 gpg_error_t agent_copy_startup_env (ctrl_t ctrl);
320 const char *get_agent_socket_name (void);
321 const char *get_agent_ssh_socket_name (void);
322 #ifdef HAVE_W32_SYSTEM
323 void *get_agent_scd_notify_event (void);
325 void agent_sighup_action (void);
326 int map_pk_openpgp_to_gcry (int openpgp_algo);
329 gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid);
330 gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...)
331 GNUPG_GCC_A_SENTINEL(0);
332 gpg_error_t agent_print_status (ctrl_t ctrl, const char *keyword,
333 const char *format, ...)
334 GPGRT_GCC_A_PRINTF(3,4);
335 void bump_key_eventcounter (void);
336 void bump_card_eventcounter (void);
337 void start_command_handler (ctrl_t, gnupg_fd_t, gnupg_fd_t);
338 gpg_error_t pinentry_loopback (ctrl_t, const char *keyword,
339 unsigned char **buffer, size_t *size,
342 #ifdef HAVE_W32_SYSTEM
343 int serve_mmapped_ssh_request (ctrl_t ctrl,
344 unsigned char *request, size_t maxreqlen);
345 #endif /*HAVE_W32_SYSTEM*/
347 /*-- command-ssh.c --*/
348 ssh_control_file_t ssh_open_control_file (void);
349 void ssh_close_control_file (ssh_control_file_t cf);
350 gpg_error_t ssh_read_control_file (ssh_control_file_t cf,
351 char *r_hexgrip, int *r_disabled,
352 int *r_ttl, int *r_confirm);
353 gpg_error_t ssh_search_control_file (ssh_control_file_t cf,
356 int *r_ttl, int *r_confirm);
358 void start_command_handler_ssh (ctrl_t, gnupg_fd_t);
361 int agent_write_private_key (const unsigned char *grip,
362 const void *buffer, size_t length, int force);
363 gpg_error_t agent_key_from_file (ctrl_t ctrl,
364 const char *cache_nonce,
365 const char *desc_text,
366 const unsigned char *grip,
367 unsigned char **shadow_info,
368 cache_mode_t cache_mode,
369 lookup_ttl_t lookup_ttl,
371 char **r_passphrase);
372 gpg_error_t agent_raw_key_from_file (ctrl_t ctrl, const unsigned char *grip,
373 gcry_sexp_t *result);
374 gpg_error_t agent_public_key_from_file (ctrl_t ctrl,
375 const unsigned char *grip,
376 gcry_sexp_t *result);
377 int agent_is_dsa_key (gcry_sexp_t s_key);
378 int agent_is_eddsa_key (gcry_sexp_t s_key);
379 int agent_key_available (const unsigned char *grip);
380 gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
382 unsigned char **r_shadow_info);
383 gpg_error_t agent_delete_key (ctrl_t ctrl, const char *desc_text,
384 const unsigned char *grip);
386 /*-- call-pinentry.c --*/
387 void initialize_module_call_pinentry (void);
388 void agent_query_dump_state (void);
389 void agent_reset_query (ctrl_t ctrl);
390 int pinentry_active_p (ctrl_t ctrl, int waitseconds);
391 int agent_askpin (ctrl_t ctrl,
392 const char *desc_text, const char *prompt_text,
393 const char *inital_errtext,
394 struct pin_entry_info_s *pininfo,
395 const char *keyinfo, cache_mode_t cache_mode);
396 int agent_get_passphrase (ctrl_t ctrl, char **retpass,
397 const char *desc, const char *prompt,
398 const char *errtext, int with_qualitybar,
399 const char *keyinfo, cache_mode_t cache_mode);
400 int agent_get_confirmation (ctrl_t ctrl, const char *desc, const char *ok,
401 const char *notokay, int with_cancel);
402 int agent_show_message (ctrl_t ctrl, const char *desc, const char *ok_btn);
403 int agent_popup_message_start (ctrl_t ctrl,
404 const char *desc, const char *ok_btn);
405 void agent_popup_message_stop (ctrl_t ctrl);
406 int agent_clear_passphrase (ctrl_t ctrl,
407 const char *keyinfo, cache_mode_t cache_mode);
410 void initialize_module_cache (void);
411 void deinitialize_module_cache (void);
412 void agent_flush_cache (void);
413 int agent_put_cache (const char *key, cache_mode_t cache_mode,
414 const char *data, int ttl);
415 char *agent_get_cache (const char *key, cache_mode_t cache_mode);
416 void agent_store_cache_hit (const char *key);
420 int agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
421 const char *desc_text,
422 gcry_sexp_t *signature_sexp,
423 cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
424 const void *overridedata, size_t overridedatalen);
425 int agent_pksign (ctrl_t ctrl, const char *cache_nonce,
426 const char *desc_text,
427 membuf_t *outbuf, cache_mode_t cache_mode);
429 /*-- pkdecrypt.c --*/
430 int agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
431 const unsigned char *ciphertext, size_t ciphertextlen,
432 membuf_t *outbuf, int *r_padding);
435 int check_passphrase_constraints (ctrl_t ctrl, const char *pw,
436 char **failed_constraint);
437 gpg_error_t agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
438 char **r_passphrase);
439 int agent_genkey (ctrl_t ctrl, const char *cache_nonce,
440 const char *keyparam, size_t keyparmlen,
441 int no_protection, const char *override_passphrase,
442 int preset, membuf_t *outbuf);
443 gpg_error_t agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey,
444 char **passphrase_addr);
447 unsigned long get_standard_s2k_count (void);
448 unsigned char get_standard_s2k_count_rfc4880 (void);
449 int agent_protect (const unsigned char *plainkey, const char *passphrase,
450 unsigned char **result, size_t *resultlen,
451 unsigned long s2k_count);
452 int agent_unprotect (ctrl_t ctrl,
453 const unsigned char *protectedkey, const char *passphrase,
454 gnupg_isotime_t protected_at,
455 unsigned char **result, size_t *resultlen);
456 int agent_private_key_type (const unsigned char *privatekey);
457 unsigned char *make_shadow_info (const char *serialno, const char *idstring);
458 int agent_shadow_key (const unsigned char *pubkey,
459 const unsigned char *shadow_info,
460 unsigned char **result);
461 int agent_get_shadow_info (const unsigned char *shadowkey,
462 unsigned char const **shadow_info);
463 gpg_error_t parse_shadow_info (const unsigned char *shadow_info,
464 char **r_hexsn, char **r_idstr, int *r_pinlen);
465 gpg_error_t s2k_hash_passphrase (const char *passphrase, int hashalgo,
467 const unsigned char *s2ksalt,
468 unsigned int s2kcount,
469 unsigned char *key, size_t keylen);
472 /*-- trustlist.c --*/
473 void initialize_module_trustlist (void);
474 gpg_error_t agent_istrusted (ctrl_t ctrl, const char *fpr, int *r_disabled);
475 gpg_error_t agent_listtrusted (void *assuan_context);
476 gpg_error_t agent_marktrusted (ctrl_t ctrl, const char *name,
477 const char *fpr, int flag);
478 void agent_reload_trustlist (void);
481 /*-- divert-scd.c --*/
482 int divert_pksign (ctrl_t ctrl,
483 const unsigned char *digest, size_t digestlen, int algo,
484 const unsigned char *shadow_info, unsigned char **r_sig,
486 int divert_pkdecrypt (ctrl_t ctrl,
487 const unsigned char *cipher,
488 const unsigned char *shadow_info,
489 char **r_buf, size_t *r_len, int *r_padding);
490 int divert_generic_cmd (ctrl_t ctrl,
491 const char *cmdline, void *assuan_context);
492 int divert_writekey (ctrl_t ctrl, int force, const char *serialno,
493 const char *id, const char *keydata, size_t keydatalen);
497 void initialize_module_call_scd (void);
498 void agent_scd_dump_state (void);
499 int agent_scd_check_running (void);
500 void agent_scd_check_aliveness (void);
501 int agent_reset_scd (ctrl_t ctrl);
502 int agent_card_learn (ctrl_t ctrl,
503 void (*kpinfo_cb)(void*, const char *),
505 void (*certinfo_cb)(void*, const char *),
506 void *certinfo_cb_arg,
507 void (*sinfo_cb)(void*, const char *,
508 size_t, const char *),
510 int agent_card_serialno (ctrl_t ctrl, char **r_serialno);
511 int agent_card_pksign (ctrl_t ctrl,
513 int (*getpin_cb)(void *, const char *, char*, size_t),
516 const unsigned char *indata, size_t indatalen,
517 unsigned char **r_buf, size_t *r_buflen);
518 int agent_card_pkdecrypt (ctrl_t ctrl,
520 int (*getpin_cb)(void *, const char *, char*,size_t),
522 const unsigned char *indata, size_t indatalen,
523 char **r_buf, size_t *r_buflen, int *r_padding);
524 int agent_card_readcert (ctrl_t ctrl,
525 const char *id, char **r_buf, size_t *r_buflen);
526 int agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf);
527 int agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
528 const char *id, const char *keydata,
530 int (*getpin_cb)(void *, const char *, char*, size_t),
531 void *getpin_cb_arg);
532 gpg_error_t agent_card_getattr (ctrl_t ctrl, const char *name, char **result);
533 int agent_card_scd (ctrl_t ctrl, const char *cmdline,
534 int (*getpin_cb)(void *, const char *, char*, size_t),
535 void *getpin_cb_arg, void *assuan_context);
538 /*-- learncard.c --*/
539 int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force);
542 /*-- cvt-openpgp.c --*/
544 extract_private_key (gcry_sexp_t s_key, int req_private_key_data,
545 const char **r_algoname, int *r_npkey, int *r_nskey,
546 const char **r_format,
547 gcry_mpi_t *mpi_array, int arraysize,
548 gcry_sexp_t *r_curve, gcry_sexp_t *r_flags);