trunk/Src/wptGPG.cpp

/* wptGPG.cpp - GnuPG configuration
 *      Copyright (C) 2001-2009 Timo Schulz
 *
 * This file is part of WinPT.
 *
 * WinPT is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License 
 * as published by the Free Software Foundation; either version 2 
 * of the License, or (at your option) any later version.
 *  
 * WinPT is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <windows.h>
#include <string.h>
#include <stdio.h>
#include <shlobj.h>
#include <ctype.h>
#include <io.h>
#include <time.h>

#include "wptGPG.h"
#include "wptGpgCmds.h"
#include "wptTypes.h"
#include "wptNLS.h"
#include "wptRegistry.h"
#include "wptErrors.h"
#include "wptW32API.h"
#include "wptCrypto.h"

#define GPG_CONF        "gpg.conf"
#define GPG_REG_EXE     "gpgProgram"    /* registry name for the binary. */
#define GPG_REG_HOME    "HomeDir"       /* registry name of the home dir. */

/* Context to monitor GPG file changes. */
struct gpg_monitor_s {
    FILETIME    last_access;    /* last write access. */
    FILETIME    access;
    char        *object;        /* name of the object. */
    char        *fpath_object;  /* full path to the object. */
    int         modified;       /* 1 = modified. */
};
typedef struct gpg_monitor_s *gpg_monitor_t;

static const char *gpg_objs[] = {"pubring.gpg", "secring.gpg", "trustdb.gpg"};
static gpg_monitor_s gpg_table[3];
static int gpg_table_count = DIM (gpg_table);

int idea_available = 0; /* if the IDEA extension is available. */


static int check_keyring (char ** r_path);


/* Return the application data folder of the current user. */
char*
multi_gnupg_path (int strict)
{
    static char buf[MAX_PATH+64];
    BOOL ec;

    /* MSDN: buf must be at least MAX_PATH=256 bytes */
    memset (buf, 0, sizeof (buf));
    /* XXX: ec should be NOERROR (MSDN) but NOERROR is defined as '0' !? */
    ec = SHGetSpecialFolderPath (HWND_DESKTOP, buf, CSIDL_APPDATA, TRUE);
    if (ec != 1) {
        log_debug ("multi_gnupg_path: SHGetSpecialFolderPath() failed\r\n",
                   (int)GetLastError ());
        return NULL;
    }
    strcat (buf, "\\gnupg");
    if (strict && access (buf, 00))
        return NULL;
    return m_strdup (buf);
}


/* Return the full path to the GPG home directory. First the 'HomeDir' entry
   from the registry is used. Then the default $APPDATA\gnupg path. */
char*
get_gnupg_path (void)
{
    char *path;

    path = get_reg_entry_gpg (GPG_REG_HOME);
    if (path && dir_exist_check (path) == 0)
        return path;
    free_if_alloc (path);
    return multi_gnupg_path (1);
}


/* Return the full path of the gpg config file.
   A value of NULL indicates an error. */
char*
get_gnupg_cfgfile (void)
{
    char *optfile;
    char *path;

    path = get_gnupg_path ();
    if (!path)
        return NULL;
    optfile = make_filename (path, GPG_CONF, NULL);
    free_if_alloc (path);

    return optfile;
}


static char*
get_keyring_from_conf (const char *fname, int pub)
{
    config_file_t opt;
    conf_option_t e;
    char *kring = NULL;
    int rc;

    rc = parse_config (fname, &opt);
    if (rc)
        return NULL;
    if (pub)
        e = conf_find_option (opt, "keyring");
    else
        e = conf_find_option (opt, "secret-keyring");
    if (e != NULL)
        kring = m_strdup (e->val);
    release_config (opt);

    return kring;
}


/* Return the full path of the keyring. If @pub is 1, the public
   keyring is return, otherwise the secret keyring. */
char*
get_gnupg_keyring (int pub, int strict)
{    
    char *optfile;
    char *path;
    char *keyring;

    path = get_gnupg_path ();
    if (!path)
        return NULL;
    keyring = make_filename (path, pub? "pubring" : "secring", "gpg");
    if (strict && !file_exist_check (keyring)) {
        free_if_alloc (path);
        return keyring;
    }
    else if (!strict) {
        free_if_alloc (path);
        return keyring;
    }
    if (file_exist_check (keyring) || 
        (pub && get_file_size (keyring) == 0)) {
        free_if_alloc (keyring);
        optfile = make_filename (path, GPG_CONF, NULL);
        keyring = get_keyring_from_conf (optfile, pub);
        free_if_alloc (optfile);
    }
    free_if_alloc (path);
    
    return keyring;
}


/* Return the full path (with the gpg exe name). First the registry is scanned
   for the entry 'gpgProgram'. If it wasn't set, the default path is the
   appended string 'gpg.exe' is used. */
char*
get_gnupg_prog (void)
{    
    char *path;
    char *pgm;

    pgm = get_reg_entry_gpg (GPG_REG_EXE);
    if (pgm)
        return pgm;
    path = get_gnupg_path ();
    if (!path)
        return NULL;    
    pgm = make_filename (path, "gpg", "exe");
    free_if_alloc (path);
    return pgm;
}


/* Retrieve the first usable secret key from cache.
   If no usable was found, @ret_no_useable is 1. 
   Return value: the keyid of the secret key. */
static char*
default_key_from_cache (int *ret_no_useable)
{    
    gpgme_key_t key, pk;
    gpg_keycache_t sec, pub;
    const char *s;
    char *keyid = NULL;

    sec = keycache_get_ctx (0);
    pub = keycache_get_ctx (1);
    gpg_keycache_rewind (sec);
    while (!gpg_keycache_next_key (sec, 1, &key)) {
        if (key_is_useable (key) && !get_pubkey (key->subkeys->keyid, &pk)) {
            s = key->subkeys->keyid;
            if (s)
                keyid = m_strdup (s+8);
            break;
        }
    }
    if (!keyid)
        *ret_no_useable = 1;
    return keyid;
}


/* Load the gpg.conf and search for some options
   and store the result in the global preference context.
   Return value: 0 on success. */
int
gnupg_load_config (void)
{    
    config_file_t opt;
    char *conf;
    int rc = 0;
    
    conf = get_gnupg_cfgfile ();
    if (!conf)
        return -1;
    if (parse_config (conf, &opt)) {
        free_if_alloc (conf);
        return -1;
    }
    free_if_alloc (conf);
    if (conf_find_option (opt, "ask-cert-level"))
        reg_prefs.gpg.ask_cert_level = 1;
    if (conf_find_option (opt, "ask-cert-expire"))
        reg_prefs.gpg.ask_cert_expire = 1;
    /* The 'textmode' option for GPG is useful for text files
       but it breaks the output of any binary data. Thus we return
       a warning here to inform the user that binary output is broken. */
    if (conf_find_option (opt, "textmode"))
        rc = -2;
    release_config (opt);

    return rc;
}


/* handle the case the user added a '!' to force a subkey. */
static char*
extract_keyid (const char *val)
{    
    size_t len = strlen (val);

    if (len > 1 && val[len-1] == '!')
        return substr (val, 0, len-1);
    return m_strdup (val);
}


/* Return the default key.
   This can be either a substring or a key ID. */
char*
get_gnupg_default_key (void)
{    
    config_file_t opt = NULL;
    conf_option_t e;
    char *keyid = NULL, *optfile = NULL;
    int no_usable=0;

    optfile = get_gnupg_cfgfile ();
    if (!optfile)
        return default_key_from_cache (&no_usable);
    if (parse_config (optfile, &opt)) {
        free_if_alloc (optfile);
        return default_key_from_cache (&no_usable);
    }
    /* First we search for config entries which specify a default key. */
    e = conf_find_option (opt, "default-key");
    if (!e)
        e = conf_find_option (opt, "local-user");
    if (e)
        keyid = extract_keyid (e->val);

    free_if_alloc (optfile);
    release_config (opt);

    /* If no entry in the config has been found, we get a key
       from the key cache. */
    if (!keyid)
        keyid = default_key_from_cache (&no_usable);
    return keyid;
}


/* Check if GPG4WIN is available and if so, use the
   install path to figure out where the gpg.exe is. */
char*
check_for_gpg4win (void)
{
    return get_reg_entry_gpg4win ("gpg.exe");
}


/* Check if the gpg application (exe file) is available. */
int
check_gnupg_prog (void)
{
    char *gpgexe = NULL;
    int rc = 0;

    gpgexe = get_gnupg_prog ();
    if (!gpgexe || file_exist_check (gpgexe)) {
        free_if_alloc (gpgexe);
        gpgexe = check_for_gpg4win ();
        if (!gpgexe || file_exist_check (gpgexe))
            rc = WPTERR_GPG_EXEFILE;
        else
            set_reg_entry_gpg (GPG_REG_EXE, gpgexe);
    }
    free_if_alloc (gpgexe);
    return rc;
}


static int
parse_version_nr (const char *buf, int *major, int *minor, int *patch)
{   
    char *p;
    char *tmp = m_strdup(buf);
    
    int pos=0;
    while ((p = strsep(&tmp, ".")) != NULL) {
        switch (++pos) {
        case 1: *major = atoi (p); break;
        case 2: *minor = atoi (p); break;
        case 3: *patch = atoi (p); break;
        }
    }
    delete[] tmp;   
    if (pos != 3)
        return -1;   
    return 0;
}


/* Check if the gnupg engine fullfills the minimum requirement
   version given in @r_major.@r_minor.@r_patch. On success these
   variables contain the GPG version which is installed. */
int
check_gnupg_engine (const char *need_gpg_ver,
                    int *r_major, int *r_minor, int *r_patch)
{
    gpgme_engine_info_t inf;
    char *eng = NULL;
    int major=0, minor=0, patch=0;
    int need_major = 0, need_minor = 0, need_patch = 0;
    int rc = 1;

    /* Convert the needed GPG version to the integer format. */
    if (parse_version_nr (need_gpg_ver, 
                          &need_major, &need_minor, &need_patch))
        return 1;
    
    if (gpgme_get_engine_info (&inf))
     return -1;

    /* We need to exec GPG again to find out if IDEA is available. */
    if (gpg_get_version (&eng))
     return -1;
    if (strstr (eng, "IDEA"))
        idea_available = 1;
    safe_free (eng);
   
    if (parse_version_nr (inf->version, &major, &minor, &patch))
        return 1;

    if (major > need_major)
        rc = 0;
    else if (major == need_major && minor > need_minor)      
        rc = 0;
    else if (major == need_major && minor == need_minor &&
             patch >= need_patch)
        rc = 0;

    /* Return the current GPG version. */
    *r_major = major;
    *r_minor = minor;
    *r_patch = patch;
    return rc;
}


/* Count the keyring entries in the gpg.conf file.
   Return value: 0 on success. */
static int
cfgfile_count_keyrings (const char *fname, int *r_secrings, int *r_pubrings)
{
    config_file_t opt;    
    conf_option_t e;

    *r_secrings = 0;
    *r_pubrings = 0;

    if (parse_config (fname, &opt))
        return WPTERR_FILE_OPEN;
    for (e = opt->list; e; e = e->next) {
        if (!strcmp (e->name, "secret-keyring")) {
            if (!file_exist_check (e->val))
                r_secrings[0]++;
        }
        else if (!strcmp (e->name, "keyring")) {
            if (!file_exist_check (e->val))
                r_pubrings[0]++;
        }
    }
    release_config (opt);
    return 0;
}


/* Usually GPG creates the pubring.gpg, secring.gpg on
   the first start, but to make sure they always exist
   create them empty if needed. */
static void
create_empty_keyring (int _pub)
{
    char *name;
    FILE *fp;

    name = get_gnupg_keyring (_pub, 0);
    if (name && file_exist_check (name) != 0) {
        fp = fopen (name, "ab");
        if (fp != NULL)
            fclose (fp);
    }
    free_if_alloc (name);
}


/* Check if both keyrings are located in the gnupg home directory. */
int
gnupg_access_files (void)
{
    int rc = 0;
    int pubring_ok = 0, secring_ok = 0;
    int secrings = 0, pubrings = 0;
    char *optfile;

    create_empty_keyring (1);
    if (gnupg_access_keyring (1))
        rc = WPTERR_GPG_KEYRINGS;
    else
        pubring_ok = 1;

    create_empty_keyring (0);
    if (gnupg_access_keyring (0))
        rc = WPTERR_GPG_KEYRINGS;
    else
        secring_ok = 1;

    if (!pubring_ok || !secring_ok) {
        optfile = get_gnupg_cfgfile ();
        if (!optfile)
            return WPTERR_GPG_KEYRINGS;
        rc = file_exist_check (optfile);
        if (!rc && get_file_size (optfile) > 0) {
            rc = cfgfile_count_keyrings (optfile, &secrings, &pubrings);
            if (!rc && secrings > 0 && pubrings > 0) {
                free_if_alloc (optfile);
                return 0; /* found two keyrings in the option file */
            }
            else if ((!rc && pubrings && secring_ok) 
                  || (!rc && secrings && pubring_ok)) {
                free_if_alloc (optfile);
                return 0; /* found one keyring and one entry in the options file */
            }
            else
                return WPTERR_GPG_OPT_KEYRINGS;
        }
        free_if_alloc (optfile);
        rc = WPTERR_GPG_KEYRINGS;
    }
    return rc;
}


/* Return the contents of the options file as a char buf. */
char*
get_gnupg_config (void)
{
    FILE *fp;
    char *p = NULL, *optfile;
    int fsize;
        
    optfile = get_gnupg_cfgfile ();
    if (!optfile)
        return NULL;
    fsize = get_file_size (optfile);
    if (fsize < 1 || fsize > 100000)
        goto leave; /* too large or does not exist */
    
    fp = fopen (optfile, "rb");
    if (!fp)
        goto leave;
    p = new char[fsize+1];
    if (!p)
        BUG (NULL);
    fread (p, 1, fsize, fp);
    fclose (fp);
    p[fsize] = '\0';
    
leave:
    free_if_alloc (optfile);
    return p;
}


/* Set the default key in the gpg.conf.
   If @key is NULL, the entry will be deleted. */
int
set_gnupg_default_key (const char *key)
{
    config_file_t opt;
    conf_option_t e;
    char *optfile = NULL;
    int rc = 0;

    optfile = get_gnupg_cfgfile ();
    if (!optfile)
        return WPTERR_FILE_OPEN;
    rc = parse_config (optfile, &opt);
    if (rc) {
        free_if_alloc (optfile);
        return WPTERR_GENERAL;
    }
    e = conf_find_option (opt, "default-key");
    if (e && !key)
        e->used = 0;
    else if (e) {
        free_if_alloc (e->val);
        e->val = m_strdup (key);
        e->used = 1;
    }
    else if (key)
        conf_add_entry (opt, ENTRY_MULTI, "default-key", key);
    rc = commit_config (optfile, opt);

    free_if_alloc (optfile);
    release_config (opt);
    return rc;
}


/* Set the contents of the options file. */
int
set_gnupg_options (const char *buf, size_t buflen)
{
    FILE *fp;   
    char *optfile;

    optfile = get_gnupg_cfgfile ();
    if (!optfile)
        return WPTERR_FILE_CREAT;

    fp = fopen (optfile, "wb");
    if (!fp) {
        free_if_alloc (optfile);
        return WPTERR_FILE_CREAT;
    }
    fwrite (buf, 1, buflen, fp);
    fclose (fp);
    free_if_alloc (optfile);
    return 0;
}


/* Check if the parameter for the option @buf is an existing file name.
   Return value: 0 on success. */
static int
check_arg_file_exist (const char *buf)
{
    const char *s = "load-extension ";

    /* XXX: this is a bit of a kludge because we just
            detect errors for 'load-extension'. */
    if (!strncmp (buf, s, strlen (s)))
        buf += strlen (s);
    else
        return 0;
    return file_exist_check (buf);
}


/* Check if the line contains a valid GPG argument. */
static int
check_line (const char *buf)
{
    int j, len;
    int rc = 0;

    if (*buf == '#' || *buf == '\r' || *buf == '\n')
        return 1;
    for (j = 0; valid_gpg_args[j]; j++) {
        len = strlen (valid_gpg_args[j]);
        if (!strncmp (valid_gpg_args[j], buf, len))
            rc = 1;
    }
    return rc;
}


int
check_gnupg_options (const char *buf, int showerr)
{
    char line[1024];
    int nbytes = 0, lineno=0;
    unsigned j;
        
    for  (j = 0; j < strlen (buf) && j < DIM (line); j++) {
        line[nbytes++] = buf[j];
        if (buf[j] == '\n' || j == (strlen (buf) - 1)) {
            line[nbytes] = '\0';
            lineno++;
            if (!check_line (line)) {
                if (showerr)
                    log_box ("GPG Config File", MB_ERR, 
                             "gpg.conf:%d: invalid keyword '%s'",
                             lineno, line);
                return 1;       
            }
            if (check_arg_file_exist (line))
                return WPTERR_FILE_EXIST;
            nbytes = 0;
        }
    }
    return 0;
}


/* Store the last access of the file inside the watcher @ctx. */
static int
get_last_gnupg_access (gpg_monitor_t ctx)
{
    HANDLE fd;

    fd = CreateFile (ctx->fpath_object, GENERIC_READ, FILE_SHARE_READ, 
                     NULL, OPEN_EXISTING, 0, NULL);
    if (fd == INVALID_HANDLE_VALUE)
        return WPTERR_FILE_OPEN;
    GetFileTime (fd, NULL, NULL, &ctx->access);
    CloseHandle (fd);
    return 0;
}


/* Check if the file inside watcher @ctx was modified. */
static void
check_last_gnupg_access (gpg_monitor_t ctx)
{               
    ctx->modified = 0;

    if (ctx->last_access.dwHighDateTime != ctx->access.dwHighDateTime &&
        ctx->last_access.dwLowDateTime != ctx->access.dwLowDateTime)
        ctx->modified = 1;

    if (ctx->last_access.dwLowDateTime == 0)
        ctx->modified = 0;

    ctx->last_access.dwLowDateTime = ctx->access.dwLowDateTime;
    ctx->last_access.dwHighDateTime = ctx->access.dwHighDateTime;
}


/* Init GPG monitor table for all monitored files. */
void
init_gnupg_table (void)
{       
    char *path;
    int j;

    path = get_gnupg_path ();
    for (j = 0; j < gpg_table_count; j++) {
        gpg_table[j].object = m_strdup (gpg_objs[j]);
        gpg_table[j].fpath_object = make_filename (path, gpg_objs[j], NULL);
        memset (&gpg_table[j].access, 0, sizeof (FILETIME));
        memset (&gpg_table[j].last_access, 0, sizeof (FILETIME));
        gpg_table[j].modified = 0;
    }
    free_if_alloc (path);
}


/* Release the GPG monitor table. */
void
free_gnupg_table (void)
{
    for (int j=0; j < gpg_table_count; j++) {
        free_if_alloc (gpg_table[j].object);
        free_if_alloc (gpg_table[j].fpath_object);
    }
}


/* Return the amount of files modified since the last call. */
int
keyring_check_last_access (void)
{
    int nfiles;

    nfiles = 0;
    for (int pos = 0; pos < gpg_table_count; pos++) {
        get_last_gnupg_access (&gpg_table[pos]);
        check_last_gnupg_access (&gpg_table[pos]);
        if (gpg_table[pos].modified)
            nfiles++;
    }

    return nfiles;
}


const char*
gnupg_check_file_ext (const char *fname, int *r_type)
{               
    char file_ext[5];

    if (r_type) 
        *r_type = PGP_NONE;
    if (!strchr (fname, '.' ))
        return "UNKNOWN";

    strncpy (file_ext, fname + strlen (fname) - 4, 4);
    file_ext[4] = '\0';
    if (!stricmp (file_ext, ".asc"))
        return "ARMORED";
    else if (!stricmp (file_ext, ".sig")) {
        if (r_type) 
            *r_type = PGP_SIG;
        return "SIGNED";
    }
    else if  (!stricmp (file_ext, ".gpg") || 
              !stricmp (file_ext, ".pgp")) {
        if (r_type) 
            *r_type = PGP_MESSAGE;
        return "ENCRYPTED";
    }
    return "UNKNOWN";
}


/* Check if the device where file @fname is stored on, is write-protected. */
static int
check_file_access (const char *fname, int mode)
{
    HANDLE hd;

    if (!mode)
        mode = FILE_SHARE_WRITE;
    hd = CreateFile (fname, GENERIC_WRITE, mode,
                     NULL, OPEN_EXISTING, 0, NULL);
    if (hd == INVALID_HANDLE_VALUE)
        return -1;
    CloseHandle (hd);
    return 0;
}

    
/* Check the device where the file @fname is stored on, is either
   write-protected or if the file is already opened by another process
   exclusively. And as a result, we cannot use the file for output. */
int
gpg_check_file_permissions (const char *fname, int mode)
{
    int api_mode;
    
    switch (mode) {
    case 0: api_mode = FILE_SHARE_READ; break;
    case 1: api_mode = FILE_SHARE_WRITE; break;
    case 2: api_mode = FILE_SHARE_WRITE|FILE_SHARE_READ; break;
    default: api_mode = FILE_SHARE_READ; break;
    }

    return check_file_access (fname, api_mode);
}


/* Check the file permissions of the public keyring.
   If @showmsg is 1 output a message in case of errors.
   Return value: 1 if read-only attribute
                 2 if file is opened by another process exclusively. */
int
gpg_check_permissions (int showmsg)
{
    char *p = NULL;
    char *name = NULL;
    int failed = 0, ans=0, attrs=0;

    p = get_gnupg_path ();
    if (p && check_keyring (&p)) {
        name = make_filename (p, "pubring", "gpg");
        if ((attrs=GetFileAttributes (name)) & FILE_ATTRIBUTE_READONLY) {
            ans = msg_box (NULL, 
                           _("The selected keyring has the read-only file\n"
                             "attribute. In this state you do not have write\n"
                             "access. Do you want to remove the attribute?"),
                     _("GPG Information"), MB_YESNO);
            if (ans == IDYES) {
                attrs &= ~FILE_ATTRIBUTE_READONLY;
                if (!SetFileAttributes (name, attrs)) {
                    msg_box (NULL, _("Could not reset read-only state."), 
                             _("GPG Error"), MB_ERR);
                    failed = 1;
                }
            }
            else if (ans == IDNO) {
                /* All commands with write access will be disabled. */
                failed = 1;
            }
        }
        if (gpg_check_file_permissions (name, 1)) {
            if (showmsg)
                msg_box (NULL, 
                _("You do not have file access to modify the contents of\n"
                  "one or both of the selected keyrings.\n"
                  "\n"
                  "The keyrings are in a read-only state which is propably\n"
                  "caused by another program which already opened the files.\n"),
                   _("GPG Warning"), MB_WARN);
            failed = 2;
        }
    }
    free_if_alloc (p);
    free_if_alloc (name);
    return failed;
}


/* Check the GPG home dir. First try to read the 'HomeDir' registry entry, 
   then check for $APPDATA\gnupg. Create the dir if it does not exists. */
int
gnupg_check_homedir (void)
{       
    char *homedir;
    int val;
    int rc = 0;

    homedir = get_reg_entry_gpg (GPG_REG_HOME);
    if (!homedir)
        homedir = multi_gnupg_path (0);
    if (homedir) {
        if (GetFileAttributes (homedir) == 0xFFFFFFFF) {
            val = log_box (_("Preferences"), MB_YESNO,
                           _("%s does not exit.\n"
                             "Do you want to create this directory?"), homedir);
            if (val == IDYES) {
                if (!CreateDirectory (homedir, NULL))
                    rc = WPTERR_DIR_CREAT;
            }
            else
                rc = WPTERR_DIR_OPEN;
        }
        free_if_alloc (homedir);
    }
    return rc;
}


int
gnupg_copy_keyrings (void)
{
    const char *pring, *sring;
    char *file = NULL, *path;
    int id, rc = 0;
    HWND hwnd;
    
    path = get_gnupg_path ();
    if (!path)
        return WPTERR_GENERAL;
    hwnd = GetDesktopWindow ();

    pring = get_fileopen_dlg (hwnd, _("Please choose your Public Keyring"),
                              "GPG Keyrings (*.gpg)\0*.gpg\0\0", NULL);
    if (!pring) {
        msg_box (hwnd, _("No keyring was chosen. Exit."),
                 _("WinPT Error"), MB_ERR);
        free_if_alloc (path);
        return WPTERR_GENERAL;
    }
    file = make_filename (path, "pubring", "gpg");
    if (file_exist_check (file) == 0) {
        id = msg_box (hwnd, _("Overwrite old public keyring?"),
                      "WinPT", MB_INFO|MB_YESNO);
        if (id == IDNO)
            goto fail;
    }
    if (!CopyFile (pring, file, FALSE)) {
        msg_box (hwnd, _("Could not copy public keyring."), 
                 _("WinPT Error"), MB_ERR);
        rc = WPTERR_FILE_READ;
        goto fail;
    }
    free_if_alloc (file);

    sring = get_fileopen_dlg (hwnd, _("Please choose your Secret Keyring"),
                              "GPG Keyrings (*.gpg)\0*.gpg\0\0", NULL);
    if (!sring) {
        msg_box (NULL, _("No keyring was chosen. Exit."), 
                 _("WinPT Error"), MB_ERR);
        return WPTERR_GENERAL;
    }
    file = make_filename (path, "secring", "gpg");
    if (file_exist_check (file) == 0) {
        id = msg_box (hwnd, _("Overwrite old secret keyring?"),
                      "WinPT", MB_INFO|MB_YESNO);
        if (id == IDNO)
            goto fail;
    }
    if (!CopyFile (sring, file, FALSE)) {
        msg_box (NULL, _("Could not copy secret keyring."), _("WinPT Error"), MB_ERR);
        rc = WPTERR_FILE_READ;
    }

fail:
    free_if_alloc (file);
    free_if_alloc (path);
    return rc;
}


/* Backup the gpg.conf file. */
void
gnupg_backup_options (void)
{
    char *cfgfile;
    char bak[MAX_PATH+32];

    cfgfile = get_gnupg_cfgfile ();
    if (!cfgfile)
        return;
    _snprintf (bak, DIM (bak)-1, "%s.bak", cfgfile);
    CopyFile (cfgfile, bak, FALSE);
    free_if_alloc (cfgfile);
}


static int
backup_one_file (const char *srcpath, const char *srcn,
                 const char *dstpath, const char *dstn)
{
    char *src, *dst;
    BOOL rc;

    src = make_filename (srcpath, srcn, "gpg");
    dst = make_filename (dstpath, dstn, "gpg");
    rc = CopyFile (src, dst, FALSE);
    free_if_alloc (src);
    free_if_alloc (dst);
    if (!rc) {
        log_box (_("Backup"), MB_ERR, _("Backup keyring \"%s\" failed"), srcn);
        return WPTERR_GENERAL;
    }
    return 0;
}


/* Figure out first public keyring which is not empty.
   Return value: 1 on success. */
static int
check_keyring (char **r_path)
{
    char *p;
    char *opt;
    char *name;

    if (!*r_path)
        return 0;
    p = make_filename (*r_path, "pubring", "gpg");
    if (get_file_size (p) <= 0)
        return 0;

    opt = get_gnupg_cfgfile ();
    if (!opt)
        BUG (0);
    name = get_keyring_from_conf (opt, 1);
    free_if_alloc (opt);
    free_if_alloc (p);
    if (!name)
        return 0;
    p = strrchr (name, '\\');
    if (!p) {
        free_if_alloc (name);
        return 0;       
    }
    free_if_alloc (*r_path);
    *r_path = new char [strlen (name)+1];
    memset (*r_path, 0, strlen (name));
    strncpy (*r_path, name, (p-name));
    free_if_alloc (name);
    return 1;
}


/* Return a temp name based on the day of the week. */
static char*
get_backup_name (const char *templ)
{
    struct tm *tm;
    const char *fmt;
    char *p;
    time_t t;

    t = time (NULL);
    tm = localtime (&t);
    fmt = "%s-%d";
    p = new char [strlen (templ) + strlen (fmt) + 8 + 1];
    if (!p)
        BUG (0);
    sprintf (p, fmt, templ, tm->tm_wday % 3);
    return p;
}


/* Make backups of all keyrings. The public key ring is rotated like 
   this pubring-%d.gpg.
   If @auto_backup is false, no action is performed.
   @include_secr indicated if the backup includes the secret keyring. */
void
gnupg_backup_keyrings (int auto_backup, int backup_mode, int include_secr)
{
    char *srcpath, *dstpath;
    char *name;
    int rc;

    if (!auto_backup)
        return;
    srcpath = get_gnupg_path ();
    check_keyring (&srcpath);
    if (backup_mode == 1) {
        /* If the backup mode uses the home directory the source
           and destination folder will be the same. */
        dstpath = get_gnupg_path ();
        check_keyring (&dstpath);
    }
    else if (backup_mode == 2) {
        char *tmpfile;
        FILE *fp;

        dstpath = m_strdup (reg_prefs.backup.path);
        tmpfile = make_filename (reg_prefs.backup.path, "test", "tmp");
        fp = fopen (tmpfile, "wb");
        if (!fp)
            rc = log_box (_("Backup"), MB_WARN|MB_RETRYCANCEL,
                          _("The backup drive '%s' does not seems to be accessable.\n"
                            "Please insert/check the drive to continue."), dstpath);
        else {
            rc = 0;
            fclose (fp);
            DeleteFile (tmpfile);
        }
        free_if_alloc (tmpfile);
        if (!fp || rc == IDCANCEL) {
            free_if_alloc (dstpath);
            free_if_alloc (srcpath);
            return;
        }
    }
    else {
        log_box (_("Backup"), MB_ERR, _("Invalid backup mode %d"), backup_mode);
        free_if_alloc (srcpath);
        return;
    }
    name = get_backup_name ("pubring-bak");
    rc = backup_one_file (srcpath, "pubring", dstpath, name);
    if (!rc && include_secr)
        rc = backup_one_file (srcpath, "secring", dstpath, "secring-bak");
    free_if_alloc (name);
    free_if_alloc (srcpath);
    free_if_alloc (dstpath);
}


/* check that the requested GPG keyring exist and.
   Return value: 0 for success. */
int
gnupg_access_keyring (int _pub)
{
    int rc = 0;
    char *name = get_gnupg_keyring (_pub, 1);
    if (!name || file_exist_check (name))
        rc = -1;
    free_if_alloc (name);
    return rc;
}