trunk/Src/wptGPGUtil.cpp

/* wptGPGUtil.cpp - GPG util functions
 *      Copyright (C) 2005, 2006 Timo Schulz
 *      Copyright (C) 2005 g10 Code GmbH
 *
 * This file is part of WinPT.
 *
 * WinPT is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * WinPT is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <windows.h>
#include <sys/stat.h>
#include <string.h>
#include <errno.h>

#include "gpgme.h"
#include "wptTypes.h"
#include "wptErrors.h"
#include "wptW32API.h"
#include "wptGPG.h"
#include "wptRegistry.h"
#include "StringBuffer.h"
#include "openpgp.h"


static char*
char_alloc (size_t n)
{
    char *p;

    p = new char[n];
    if (!p)
        BUG (0);
    memset (p, 0, n);
    return p;
}


#define NROFHEXDIGITS 2  
/* Convert two hexadecimal digits from STR to the value they
   represent.  Returns -1 if one of the characters is not a
   hexadecimal digit.  */
static int
hextobyte (const unsigned char *str)
{
    int val = 0;  
    int i;

    for (i = 0; i < NROFHEXDIGITS; i++) {
        if (*str >= '0' && *str <= '9')
            val += *str - '0';
        else if (*str >= 'A' && *str <= 'F')
            val += 10 + *str - 'A';
        else if (*str >= 'a' && *str <= 'f')
            val += 10 + *str - 'a';
        else
            return -1;
        if (i < NROFHEXDIGITS - 1)
            val *= 16;
        str++;
    }
    return val;
}

/* Decode the C formatted string @src and store the result in the
   buffer @destp which is @len bytes long.  If @len is zero, then a
   large enough buffer is allocated with malloc and @destp is set to
   the result.  Currently, @len is only used to specify if allocation
   is desired or not, the caller is expected to make sure that @destp
   is large enough if @len is not zero.  */
gpgme_error_t
gpg_decode_c_string (const char *src, char **destp, size_t len)
{
  char *dest;

  /* Set up the destination buffer.  */
  if (len) {
      if (len < strlen (src) + 1)
          return gpg_error (GPG_ERR_TOO_SHORT);
      dest = *destp;
  }
  else {
  /* The converted string will never be larger than the original string.  */
      dest = char_alloc (strlen (src) + 1);
      *destp = dest;
  }

  /* Convert the string.  */
  while (*src) {    
      if (*src != '\\') {
          *(dest++) = *(src++);
          continue;
      }

      switch (src[1]) {
#define DECODE_ONE(match,result)        \
      case match:                       \
          src += 2;                     \
          *(dest++) = result;           \
          break;

          DECODE_ONE ('\'', '\'');
          DECODE_ONE ('\"', '\"');
          DECODE_ONE ('\?', '\?');
          DECODE_ONE ('\\', '\\');
          DECODE_ONE ('a', '\a');
          DECODE_ONE ('b', '\b');
          DECODE_ONE ('f', '\f');
          DECODE_ONE ('n', '\n');
          DECODE_ONE ('r', '\r');
          DECODE_ONE ('t', '\t');
          DECODE_ONE ('v', '\v');

      case 'x': {
            int val = hextobyte ((unsigned char*)&src[2]);
            if (val == -1) { /* Should not happen.  */
                *(dest++) = *(src++);
                *(dest++) = *(src++);
                if (*src)
                  *(dest++) = *(src++);
                if (*src)
                  *(dest++) = *(src++);
            }
            else {
                if (!val) {
                    /* A binary zero is not representable in a C string.  */
                    *(dest++) = '\\';
                    *(dest++) = '0'; 
                }
                else 
                    *((unsigned char *) dest++) = val;
                src += 4;
            }
        }

        default: /* Should not happen.  */
          {
            *(dest++) = *(src++);
            *(dest++) = *(src++);
          }
        } 
  }
  *(dest++) = 0;
  return 0;
}


static char*
read_gpg_program (void)
{
    return get_reg_entry (HKEY_CURRENT_USER, 
                          "Software\\GNU\\GnuPG", "gpgProgram");
}


/* Create a temp file based on the name of @name.
   Return value: handle to the file in case of success. */
static HANDLE
create_tmpfile (const char *name)
{    
    HANDLE out;
    SECURITY_ATTRIBUTES sec_attr;
    char tmp[MAX_PATH+64];

    memset (&sec_attr, 0, sizeof (sec_attr));
    sec_attr.bInheritHandle = TRUE;
    sec_attr.lpSecurityDescriptor = NULL;
    sec_attr.nLength = sizeof (sec_attr);

    get_temp_name (tmp, DIM (tmp)-1, name);
    out = CreateFile (tmp, GENERIC_READ|GENERIC_WRITE, 
                      FILE_SHARE_WRITE, &sec_attr,
                      OPEN_ALWAYS, FILE_FLAG_DELETE_ON_CLOSE, NULL);
    if (out == INVALID_HANDLE_VALUE)
        log_debug ("create_tmpfile: CreateFile failed ec=%d\r\n",
                   (int)GetLastError ());
    return out;
}


/* Create a pipe with a readable remote end and
   write the data from @dat to the local end.
   Return value: read handle on success. */
static HANDLE
create_in_pipe (const char *dat)
{
    HANDLE r, w;
    SECURITY_ATTRIBUTES sec_attr;
    DWORD n;

    memset (&sec_attr, 0, sizeof sec_attr);
    sec_attr.bInheritHandle = TRUE;
    sec_attr.nLength = sizeof sec_attr;

    if (!CreatePipe (&r, &w, &sec_attr, 4096)) {
        log_debug ("create_in_pipe: CreatePipeFailed ec=%d\r\n", 
                   (int)GetLastError ());
        return NULL;
    }

    WriteFile (w, dat, strlen (dat), &n, NULL);
    CloseHandle (w);

    return r;
}


/* Map the contents of the file handle @out to
   a buffer and return it. */
static char*
map_tmpfile (HANDLE out, DWORD *nread)
{
    DWORD n;
    char *p;

    FlushFileBuffers (out);
    SetFilePointer (out, 0, NULL, FILE_BEGIN);
    n = GetFileSize (out, NULL);
    p = char_alloc (n+1);
    ReadFile (out, p, n, &n, NULL);
    p[n] = 0;
    if (nread)
        *nread = n;
    return p;
}


/* Create a process from the command line in @cmd.
   If @out is != NULL, the output of the process will
   be redirected to @out. If @in is != NULL the input
   will be read from @in.
   Return value: 0 on success. */
static int
create_process (const char *cmd, HANDLE in, HANDLE out, HANDLE err)
{
    STARTUPINFO si;
    PROCESS_INFORMATION pi;

    memset (&si, 0, sizeof (si));
    si.cb = sizeof si;
    if (in || out || err)
        si.dwFlags = STARTF_USESTDHANDLES;
    if (out)
        si.hStdOutput = out;
    if (in)
        si.hStdInput = in;
    if (err)
        si.hStdError = err;
    si.dwFlags |= STARTF_USESHOWWINDOW;
    si.wShowWindow = SW_HIDE;
    if (!CreateProcess (NULL, (char*)cmd, NULL, NULL, TRUE, 0, 
                        NULL, NULL, &si, &pi)) {
        log_debug ("create_process: CreateProcess failed ec=%d\r\n", 
                   (int)GetLastError ());
        return -1;
    }
    WaitForSingleObject (pi.hProcess, INFINITE);
    CloseHandle (pi.hProcess);
    CloseHandle (pi.hThread);
    return 0;
}


/* We execute gpg and check the process return code.
   A return code != 0 indicates a problem (error). */
int
gpg_check_return_code (const char *args)
{
    STARTUPINFO si;
    PROCESS_INFORMATION pi;
    StringBuffer cmd;
    char *p;
    DWORD ec;

    memset (&si, 0, sizeof (si));
    si.cb = sizeof (si);
    si.dwFlags = STARTF_USESHOWWINDOW;
    si.wShowWindow = SW_HIDE;

    p = read_gpg_program ();
    if (!p)
        return 1; /* general error */
    cmd = p;
    cmd = cmd + " " + args;    
    free_if_alloc (p);

    if (!CreateProcess (NULL, (char*)cmd.getBuffer (), NULL, NULL,
                        FALSE, 0, NULL, NULL, &si, &pi))
        return 1; /* general error */

    WaitForSingleObject (pi.hProcess, INFINITE);
    GetExitCodeProcess (pi.hProcess, &ec);

    CloseHandle (pi.hProcess);
    CloseHandle (pi.hThread);
    return (int)ec;
}


/* Export a GPG secret key given by @keyid into the file @outfile.
   Return value: 0 on success. */
gpgme_error_t
gpg_export_seckey (const char *keyid, const char *outfile)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    struct stat st;
    char *p;
    StringBuffer cmd;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    cmd = p;
    cmd = cmd + " --armor --yes --output \"" + outfile + "\"";
    cmd = cmd + " --export-secret-key " + keyid;

    if (create_process (cmd.getBuffer (), NULL, NULL, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    if (stat (outfile, &st) == -1 || st.st_size == 0)
        err = gpg_error (GPG_ERR_NO_DATA);

    free_if_alloc (p);
    return err;
}


/* If @export is 1, export the ownertrust data to the
   buffer @data. Otherwise import the ownertrust data from @data.
   Return value: 0 on success. */
gpgme_error_t
gpg_manage_ownertrust (char **data, int do_export)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out = NULL, in = NULL;    
    StringBuffer cmd;
    char *p;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    cmd = p;
    cmd = cmd + (do_export? " --export-ownertrust" : " --import-ownertrust");

    if (do_export)
        out = create_tmpfile ("tmp_gpg_ot_out");
    else {
        DWORD nw;

        in = create_tmpfile ("tmp_gpg_ot_in");
        WriteFile (in, *data, strlen (*data), &nw, NULL);
        FlushFileBuffers (in);
    }
    if (create_process (cmd.getBuffer (), in, out, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    free_if_alloc (p);

    if (in)
        CloseHandle (in);
    if (out) {
        *data = map_tmpfile (out, NULL);
        CloseHandle (out);
    }

    return err;
}


/* Call gpg --rebuild-keydb-caches to speed up signature listings. */
gpgme_error_t
gpg_rebuild_cache (char **r_inf)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out = NULL;
    StringBuffer cmd;
    char *p;   

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    cmd = p;
    cmd = cmd + " --logger-fd=1 --batch --rebuild-keydb-caches";

    if (r_inf)
        out = create_tmpfile ("tmp_gpg_rebuild_cache");

    if (create_process (cmd.getBuffer (), NULL, out, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    if (r_inf)
        *r_inf = map_tmpfile (out, NULL);
    if (out)
        CloseHandle (out);
    free_if_alloc (p);
    return err;
}


/* Call gpg --version to retrieve the 'about' information. */
gpgme_error_t
gpg_get_version (char **r_inf)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out;
    StringBuffer cmd;
    char *p;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    cmd = p;
    cmd = cmd + " --version";
    
    out = create_tmpfile ("tmp_gpg_out");
    if (create_process (cmd.getBuffer (), NULL, out, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    free_if_alloc (p);

    *r_inf = map_tmpfile (out, NULL);
    CloseHandle (out);    
    return err;
}


/* Return the colon file output of the given file @fname in @r_out.
   Return value: 0 on success. */ 
gpgme_error_t
gpg_import_key_list (const char *fname, char **r_out)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out;
    StringBuffer cmd;
    char *p;
    
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    cmd = p;
    cmd = cmd + " --fixed-list-mode --with-colons ";
    cmd = cmd + "\"" + fname + "\"";

    out = create_tmpfile ("tmp_gpg_keys");
    if (create_process (cmd.getBuffer (), NULL, out, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    free_if_alloc (p);

    *r_out = map_tmpfile (out, NULL);
    CloseHandle (out);
    return err;
}


/* Generate a revocation certificate for the key with the keyid @keyid.
   @inp_data contains all needed data to answer the questions of the
   command handler. Each separate with a '\n'.
   @r_revcert contains the revocation cert on success.
   if @desig_revoke is 1, the designated revoker mode is used.
   Return value: 0 on success. */
gpgme_error_t
gpg_revoke_cert (int desig_revoke, const char *inp_data, 
                 const char *keyid, char **r_revcert)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE in, out;
    StringBuffer cmd;
    char *rcrt;
    char *p;   
    
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    cmd = p;
    cmd = cmd + " --pgp7 --command-fd=0 --status-fd=2 ";
    cmd = cmd + (desig_revoke? "--desig-revoke" : "--gen-revoke");
    cmd = cmd + " " + keyid;

    in = create_in_pipe (inp_data);
    out = create_tmpfile ("tmp_gpg_revcert");
    if (create_process (cmd.getBuffer (), in, out, NULL)) {
        *r_revcert = NULL;
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);
    }
    else {
        rcrt = map_tmpfile (out, NULL);
        *r_revcert = rcrt;
        if (rcrt && strlen (rcrt) == 0)
            err = gpg_error (GPG_ERR_BAD_PASSPHRASE);
    }

    free_if_alloc (p);

    CloseHandle (in);
    CloseHandle (out);
    return err;
}


/* Return the raw photo-id data combined with the status-fd
   entry in @r_data. If @keyid is set, only the data for this 
   key will be returned.
   Return value: 0 on success. */
gpgme_error_t
gpg_get_photoid_data (const char *keyid, char **r_status_data,
                      unsigned char **r_data, unsigned long *ndata)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE herr, hdat;
    StringBuffer cmd;
    char *p;

    if (ndata)
        *ndata = 0;
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    hdat = create_tmpfile ("tmp_gpg_uat_data");
    herr = create_tmpfile ("tmp_gpg_uat_status");

    /* XXX: add --list-options show-unsuable-uid to display
            revoked attribute IDs */   
    cmd = p;
    cmd = cmd + " --attribute-fd=" + ((int)hdat);
    cmd = cmd + " --status-fd=2 --list-keys ";
    if (keyid != NULL)
        cmd = cmd + keyid;

    if (create_process (cmd.getBuffer (), NULL, NULL, herr))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    free_if_alloc (p);

    *r_data = (BYTE*)map_tmpfile (hdat, ndata);
    *r_status_data = map_tmpfile (herr, NULL);
    CloseHandle (hdat);
    CloseHandle (herr);

    return err;
}


/* Extract one or more keys from the key file @keyfile.
   The keys to extract are give in @keys and the size of it is @nkeys.
   @new_keyfile is a file with the extract keys.
   Return value: 0 on success. */
gpgme_error_t
gpg_extract_keys (const char *keyfile, const char **keys, DWORD nkeys,
                  char **new_keyfile)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    StringBuffer cmd;
    char *p;
    char tmpnam[MAX_PATH], tmpdir[MAX_PATH];
    int i;

    /* copy key file to temp dir. */
    GetTempPath (MAX_PATH-1, tmpdir);
    get_temp_name (tmpnam, MAX_PATH-1, NULL);
    CopyFile (keyfile, tmpnam, FALSE);

    /* create temp file for output. */
    *new_keyfile = new char[MAX_PATH];
    if (!*new_keyfile)
        BUG (NULL);
    get_temp_name (*new_keyfile, MAX_PATH-1, "tmp_sel_keys");

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    
    /* Use the temp key file as a keyring and export the selected
       keys from it. */
    cmd = p;
    cmd = cmd + " --yes --output " + "\"" + *new_keyfile + "\"";
    cmd = cmd + " --no-options --homedir " + tmpdir + " --keyring " + tmpnam + " --export ";
    for (i=0; i < (int)nkeys; i++)
        cmd = cmd + keys[i] + " ";

    if (create_process (cmd.getBuffer (), NULL, NULL, NULL))
        err = gpgme_error (GPG_ERR_MODULE_NOT_FOUND);

    DeleteFile (tmpnam);
    free_if_alloc (p);
    return err;
}


/* Return the validity of the user attribute, informerly known 
   as photo-ID. If no uat was found, return 0 for unknown. */
gpgme_error_t
get_uat_validity (const char *keyid, gpgme_validity_t *r_valid)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out;
    StringBuffer cmd;
    char *p;
    char *uat;

    *r_valid = GPGME_VALIDITY_UNKNOWN;
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    cmd = p;
    cmd = cmd + " --with-colons --fixed-list-mode";
    cmd = cmd + " --list-keys " + "\"" + keyid + "\"";

    out = create_tmpfile ("tmp_gpg_keys");
    if (create_process (cmd.getBuffer (), NULL, out, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    free_if_alloc (p);
    
    p = map_tmpfile (out, NULL);
    if ((uat = strstr (p, "uat:"))) {
        switch (*(uat+4)) {
        case 'm': *r_valid = GPGME_VALIDITY_MARGINAL; break;
        case 'f':
        case 'u': *r_valid = GPGME_VALIDITY_FULL; break;
        default : *r_valid = GPGME_VALIDITY_UNDEFINED; break;
        }
    }

    free_if_alloc (p);
    CloseHandle (out);
    return err;
}


static gpgme_error_t
clip_store_data (char *tmp_outname, DWORD outlen)
{
    gpgme_data_t in;
    gpgme_error_t err;

    get_temp_name (tmp_outname, outlen-1, NULL);
    err = gpg_data_new_from_clipboard (&in, 0);
    if (err)
        return err;
    err = gpg_data_release_and_set_file (in, tmp_outname);
    return err;
}


/* Extract all recipients from the file @file.
   Return value: 0 on success. */
static gpgme_error_t
file_extract_recipient (const char *file, gpgme_recipient_t *r_list)
{    
    PACKET *pkt;
    PKT_pubkey_enc *enc;
    gpg_iobuf_t inp = NULL;
    armor_filter_context_t afx;
    gpgme_recipient_t l;
    int rc = 0, quit=0;

    if (!file || !r_list) {
        log_debug ("do_list_packets: !r_list || !file");
        return gpgme_error (GPG_ERR_INV_ARG);
    }

    *r_list = NULL;
    inp = gpg_iobuf_open (file);
    if (!inp)
        return gpgme_err_code_from_errno (errno);
    gpg_iobuf_ioctl (inp, 3, 1, NULL); /* disable cache */
    if (gpg_use_armor_filter (inp)) {
        memset (&afx, 0, sizeof (afx));
        gpg_iobuf_push_filter (inp, gpg_armor_filter, &afx);
    }
    pkt = (PACKET *)calloc(1, sizeof *pkt);
    gpg_init_packet (pkt);
    while (!quit && (rc = gpg_parse_packet (inp, pkt)) != -1) {
        switch (pkt->pkttype) {
        case PKT_PUBKEY_ENC:
            enc = pkt->pkt.pubkey_enc;
            if (!enc)
                break;
            l = (gpgme_recipient_t)calloc (1, sizeof *l);
            l->keyid = char_alloc (16+1);
            _snprintf (l->keyid, 16, "%08lX%08lX", 
                       enc->keyid[0], enc->keyid[1]);
            l->pubkey_algo = (gpgme_pubkey_algo_t)enc->pubkey_algo;
            l->status = 0;
            l->next = (*r_list);
            *r_list = l;
            break;

        case PKT_ENCRYPTED:     
        case PKT_ENCRYPTED_MDC:
        case PKT_PLAINTEXT:
        case PKT_COMPRESSED:
        case PKT_PUBLIC_KEY:
        case PKT_SECRET_KEY:
            quit = 1;
            break;

        default:
            break;
        }
        gpg_free_packet (pkt);
        gpg_init_packet (pkt);
    }
    gpg_iobuf_close (inp);
    safe_free (pkt);
    return 0;
}


/* Either extract the list of recipients from the file @file or
   if the string is NULL, try to extract them from the clipboard.
   Return value: 0 on success. */
gpgme_error_t
gpg_get_recipients (const char *file, gpgme_recipient_t *r_list)
{
    gpgme_error_t err;
    char tmp[MAX_PATH+1];

    if (!file) {
        clip_store_data (tmp, DIM (tmp)-2);
        err = file_extract_recipient (tmp, r_list);
        DeleteFile (tmp);
    }
    else
        err = file_extract_recipient (file, r_list);
    return err;
}


/* Try to find a subpacket with the given id @subpktid
   inside the key @key.
   Return value: 0 on success. */
gpgme_error_t
gpg_find_key_subpacket (const char *key, int subpktid, char **value)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    StringBuffer cmd;
    HANDLE out;
    const char *spk;
    char *p;

    *value = NULL;
    p = read_gpg_program ();
    cmd = p;
    cmd = cmd + " --with-colons --no-options --list-options ";
    cmd = cmd + "show-sig-subpackets=" + subpktid + " --list-sigs " + key;

    out = create_tmpfile ("tmp_gpg_subpackets");
    if (create_process (cmd.getBuffer (), NULL, out, NULL))
        err = gpg_error (GPG_ERR_MODULE_NOT_FOUND);

    free_if_alloc (p);

    p = map_tmpfile (out, NULL);
    if (p && (spk=strstr (p, "spk"))) {
        char *end = strstr (spk, "\n");
        
        if (end) {
            *value = char_alloc ((end-spk)+1);
            memcpy (*value, spk, (end-spk)-1);
        }
    }

    free_if_alloc (p);
    CloseHandle (out);
    return err;
}