/[winpt]/trunk/Src/wptPassphraseCB.cpp
ViewVC logotype

Annotation of /trunk/Src/wptPassphraseCB.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 129 - (hide annotations)
Fri Dec 30 13:56:10 2005 UTC (19 years, 2 months ago) by twoaday
File size: 13378 byte(s) 
2005-12-27  Timo Schulz  <ts@g10code.com>
                                                                                
        * wptListView.cpp (listview_set_view): New.
        (listview_del_column): New.
        * wptW32API.cpp (get_locale_date): New.
        (get_menu_state): New.
        (force_foreground_window): New.
        * wptVerifyList.cpp (strtimestamp): Support for
        locale date formats.
        * wptGPGUtil.cpp (gpg_revoke_cert): Handle bad
        passphrases.
        * wptKeyEditCB.cpp (editkey_command_handler): Immediately
        return when a bad passphrase was submitted.
        * wptKeyRevokersDlg.cpp (keyrevokers_dlg_proc): Change
        column order.
        * wptKeylist.cpp (keylist_upd_col): New.
        * wptKeyManagerDlg.cpp (update_ui_items): Deactivate
        'Revocation' for public keys.
        (translate_menu_strings): s/Revoke/Revoke Cert.
        (modify_listview_columns): New.
1 werner 36 /* wptPassphraseCB.cpp - GPGME Passphrase Callback
2     * Copyright (C) 2001, 2002, 2003, 2005 Timo Schulz
3     * Copyright (C) 2005 g10 Code GmbH
4     *
5     * This file is part of WinPT.
6     *
7     * WinPT is free software; you can redistribute it and/or
8     * modify it under the terms of the GNU General Public License
9     * as published by the Free Software Foundation; either version 2
10     * of the License, or (at your option) any later version.
11     *
12     * WinPT is distributed in the hope that it will be useful,
13     * but WITHOUT ANY WARRANTY; without even the implied warranty of
14     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15     * General Public License for more details.
16     *
17     * You should have received a copy of the GNU General Public License
18     * along with WinPT; if not, write to the Free Software Foundation,
19     * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20     */
21    
22     #ifdef HAVE_CONFIG_H
23     #include <config.h>
24     #endif
25    
26     #include <windows.h>
27     #include <ctype.h>
28    
29 werner 47 #include "resource.h"
30 werner 36 #include "wptNLS.h"
31     #include "wptW32API.h"
32     #include "wptVersion.h"
33     #include "wptGPG.h"
34     #include "wptCommonCtl.h"
35     #include "wptContext.h"
36     #include "wptDlgs.h"
37     #include "wptUTF8.h"
38     #include "wptErrors.h"
39     #include "wptTypes.h"
40 werner 48 #include "wptKeylist.h"
41 werner 36 #include "wptAgent.h"
42     #include "wptRegistry.h"
43    
44     const char* get_symkey_algo (int algo);
45    
46     #define item_ctrl_id( cmd ) \
47     ((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_PWD : IDC_DECRYPT_SIGN_PWD)
48    
49     #define item_ctrl_id2(cmd) \
50     ((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_HIDE : IDC_DECRYPT_SIGN_HIDE)
51    
52    
53     /* Overwrite passphrase and free memory. */
54     static void
55     burn_passphrase (char **pwd)
56     {
57     char *pass = *pwd;
58     wipememory (pass, strlen (pass));
59     delete []pass;
60     *pwd = NULL;
61     }
62    
63    
64     /* Dialog procedure for the passphrase callback. */
65     static BOOL CALLBACK
66     passphrase_callback_proc (HWND dlg, UINT msg, WPARAM wparam, LPARAM lparam)
67     {
68 twoaday 77 static passphrase_cb_s *c;
69     gpgme_decrypt_result_t res=NULL;
70     gpgme_sign_result_t res_sig=NULL;
71 werner 36 gpgme_key_t key;
72 twoaday 69 gpgme_recipient_t recip=NULL, r;
73     void *item;
74 werner 36 const char *id;
75     char *info;
76     int n;
77    
78     switch (msg) {
79     case WM_INITDIALOG:
80     c = (passphrase_cb_s *)lparam;
81     if (!c)
82     BUG (0);
83 twoaday 105 SetDlgItemText (dlg, IDCANCEL, _("&Cancel"));
84 twoaday 85 SetDlgItemText (dlg, IDC_DECRYPT_HIDE, _("&Hide Typing"));
85 werner 36 SetWindowText (dlg, c->title);
86     if (c->gpg_cmd == GPG_CMD_DECRYPT) {
87     SetDlgItemText (dlg, IDC_DECRYPT_LISTINF,
88     _("Encrypted with the following public key(s)"));
89     CheckDlgButton (dlg, IDC_DECRYPT_HIDE, BST_CHECKED);
90     }
91 twoaday 95 else if (c->gpg_cmd == GPG_CMD_SIGN) {
92     SetDlgItemText (dlg, IDC_DECRYPT_SIGN_HIDE, _("&Hide Typing"));
93 werner 36 CheckDlgButton (dlg, IDC_DECRYPT_SIGN_HIDE, BST_CHECKED);
94 twoaday 95 }
95 werner 36 if (c->recipients)
96     recip = c->recipients; /* recipients were already extracted. */
97     else {
98     /* XXX: not all ENCRYPT_TO entries are listed here. */
99     res = gpgme_op_decrypt_result (c->gpg);
100     if (res && res->recipients)
101     recip = res->recipients;
102     }
103     if (recip != NULL && c->gpg_cmd == GPG_CMD_DECRYPT) {
104     for (r = res->recipients; r; r = r->next) {
105     get_pubkey (r->keyid, &key);
106     if (key) {
107     char *uid;
108     id = key->uids->name;
109     if (!id)
110     id = _("Invalid User ID");
111     uid = utf8_to_wincp (id, strlen (id));
112     info = new char [32+strlen (uid)+1 + 4 + strlen (r->keyid)+1
113     + strlen (key->uids->email)+1];
114     if (!info)
115     BUG (NULL);
116     sprintf (info, "%s <%s> (%s, 0x%s)", uid, key->uids->email,
117     get_key_pubalgo (r->pubkey_algo), r->keyid+8);
118     free (uid);
119    
120     }
121     else {
122     info = new char [32 + strlen (r->keyid)+1 + 4];
123     if (!info)
124     BUG (NULL);
125     sprintf (info, _("Unknown key ID (%s, 0x%s)"),
126     get_key_pubalgo (r->pubkey_algo), r->keyid+8);
127     }
128     listbox_add_string (GetDlgItem (dlg, IDC_DECRYPT_LIST), info);
129     free_if_alloc (info);
130     }
131     }
132     else if (c->gpg_cmd == GPG_CMD_DECRYPT)
133     EnableWindow (GetDlgItem (dlg, IDC_DECRYPT_LIST), FALSE);
134     SetDlgItemText (dlg, c->gpg_cmd == GPG_CMD_DECRYPT?
135     IDC_DECRYPT_PWDINFO : IDC_DECRYPT_SIGN_PWDINFO,
136     c->bad_pwd? _("Bad passphrase; Enter passphrase again") :
137     _("Please enter your passphrase"));
138     if (c->gpg_cmd == GPG_CMD_DECRYPT) {
139     SetFocus (GetDlgItem (dlg, IDC_DECRYPT_PWD));
140     if (res && !res->recipients) {
141     const char *s = _("Symmetric encryption.\n"
142     "%s encrypted data.");
143     const char *alg = get_symkey_algo (c->sym.sym_algo);
144     info = new char[strlen (s) + strlen (alg) + 2];
145     if (!info)
146     BUG (NULL);
147     sprintf (info, s, alg);
148     SetDlgItemText (dlg, IDC_DECRYPT_MSG, info);
149     free_if_alloc (info);
150     }
151     else
152     SetDlgItemText (dlg, IDC_DECRYPT_MSG, c->info);
153     }
154     else {
155     SetFocus( GetDlgItem (dlg, IDC_DECRYPT_SIGN_PWD));
156     SetDlgItemText (dlg, IDC_DECRYPT_SIGN_MSG, c->info);
157     }
158     center_window (dlg, NULL);
159     SetForegroundWindow (dlg);
160     return FALSE;
161    
162     case WM_SYSCOMMAND:
163     if (LOWORD (wparam) == SC_CLOSE) {
164     SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
165     c->cancel = 1;
166     EndDialog (dlg, TRUE);
167     }
168     break;
169    
170     case WM_COMMAND:
171     switch (HIWORD (wparam)) {
172     case BN_CLICKED:
173     if (LOWORD (wparam) == IDC_DECRYPT_HIDE
174     || LOWORD (wparam) == IDC_DECRYPT_SIGN_HIDE) {
175     HWND hwnd;
176     int hide = IsDlgButtonChecked (dlg, item_ctrl_id2 (c->gpg_cmd));
177     hwnd = GetDlgItem (dlg, item_ctrl_id (c->gpg_cmd));
178     SendMessage (hwnd, EM_SETPASSWORDCHAR, hide? '*' : 0, 0);
179     SetFocus (hwnd);
180     }
181     }
182    
183     switch (LOWORD (wparam)) {
184     case IDOK:
185     /* XXX: the item is even cached when the passphrase is not
186     correct, which means that the user needs to delete all
187     cached entries to continue. */
188     if (c->pwd)
189     burn_passphrase (&c->pwd);
190     n = item_get_text_length (dlg, item_ctrl_id (c->gpg_cmd));
191     if (!n) {
192     c->pwd = new char[2];
193     if (!c->pwd)
194     BUG (NULL);
195     strcpy (c->pwd, "");
196     }
197     else {
198     c->pwd = new char[n+2];
199     if (!c->pwd)
200     BUG (NULL);
201     GetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), c->pwd, n+1);
202     }
203     res = gpgme_op_decrypt_result (c->gpg);
204     if (!res)
205 twoaday 77 res_sig = gpgme_op_sign_result (c->gpg);
206     if (reg_prefs.cache_time > 0 && !c->is_card &&
207     (res || res_sig)) {
208     if (agent_get_cache (c->keyid, &item))
209 werner 36 agent_unlock_cache_entry (&item);
210 twoaday 77 else
211 werner 36 agent_put_cache (c->keyid, c->pwd, reg_prefs.cache_time);
212     }
213     c->cancel = 0;
214     EndDialog (dlg, TRUE);
215     return TRUE;
216    
217     case IDCANCEL:
218     SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
219     c->cancel = 1;
220     EndDialog (dlg, FALSE);
221     return FALSE;
222     }
223     break;
224     }
225    
226     return FALSE;
227     }
228    
229    
230     /* Extract the main keyid from @pass_info.
231     Return value: long main keyid or NULL for an error. */
232     static const char*
233     parse_gpg_keyid (const char *pass_info)
234     {
235     static char keyid[16+1];
236    
237     /* XXX: check for leading alpha-chars? */
238 twoaday 77 if (strlen (pass_info) < 16) {
239     log_debug ("parse_gpg_keyid: error '%s'\r\n", pass_info);
240 werner 36 return NULL;
241 twoaday 77 }
242 werner 36 /* the format of the desc buffer looks like this:
243     request_keyid[16] main_keyid[16] keytype[1] keylength[4]
244     we use the main keyid to use only one cache entry. */
245     strncpy (keyid, pass_info+17, 16);
246     keyid[16] = 0;
247     return keyid;
248     }
249    
250    
251     /* Parse the information in @uid_hint and @pass_info to generate
252     a input message for the user in @desc. */
253     static int
254     parse_gpg_description (const char *uid_hint, const char *pass_info,
255     char *desc, int size)
256     {
257     gpgme_pubkey_algo_t algo;
258     char usedkey[16+1];
259     char mainkey[16+1];
260     char *uid, *p;
261     int n=0;
262    
263 twoaday 69 algo = (gpgme_pubkey_algo_t)0;
264 werner 36 /* Each uid_hint contains a long key-ID so it is at least 16 bytes. */
265     if (strlen (uid_hint) < 17) {
266     *desc = 0;
267 twoaday 77 log_debug ("parse_gpg_description: error '%s'\r\n", uid_hint);
268 werner 36 return -1;
269     }
270    
271     while (p = strsep ((char**)&pass_info, " ")) {
272     switch (n++) {
273     case 0: strncpy (mainkey, p, 16); mainkey[16] = 0; break;
274     case 1: strncpy (usedkey, p, 16); usedkey[16] = 0; break;
275     case 2: algo = (gpgme_pubkey_algo_t)atol (p); break;
276     }
277     }
278     uid_hint += 16; /* skip keyid */
279     uid_hint += 1; /* space */
280    
281     uid = utf8_to_wincp (uid_hint, strlen (uid_hint));
282    
283     if (strcmp (usedkey, mainkey))
284     _snprintf (desc, size-1,
285     _("You need a passphrase to unlock the secret key for\n"
286     "user: \"%s\"\n"
287     "%s key, ID %s (main key ID %s)\n"),
288     uid, get_key_pubalgo (algo), usedkey+8, mainkey+8);
289     else if (!strcmp (usedkey, mainkey))
290     _snprintf (desc, size-1,
291     _("You need a passphrase to unlock the secret key for\n"
292     "user: \"%s\"\n"
293     "%s key, ID %s\n"),
294     uid, get_key_pubalgo (algo), usedkey+8);
295     free (uid);
296     return 0;
297     }
298    
299    
300     /* Extract the serial number from the card ID @id and return it. */
301     const char*
302     extract_serial_no (const char *id)
303     {
304     static char buf[8];
305     char *p;
306    
307     p = strchr (id, '/');
308 twoaday 77 if (!p) {
309     log_debug ("extract_serial_no: error '%s'\r\n", id);
310 werner 36 return NULL;
311 twoaday 77 }
312 werner 36 strncpy (buf, id+(p-id)-6, 6);
313     return buf;
314     }
315    
316    
317     /* Passphrase callback with the ability to support caching. */
318     gpgme_error_t
319     passphrase_cb (void *hook, const char *uid_hint,
320     const char *passphrase_info,
321     int prev_was_bad, int fd)
322     {
323     passphrase_cb_s *c = (passphrase_cb_s*)hook;
324     HANDLE hd = (HANDLE)fd;
325     void *item;
326 twoaday 69 const char *keyid=NULL, *pass;
327 werner 36 DWORD n;
328 twoaday 77 int rc = 0;
329 werner 36
330 twoaday 77 if (!c) {
331     log_debug ("passphrase_cb: error '!c'\r\n");
332 werner 36 return gpg_error (GPG_ERR_INV_ARG);
333 twoaday 77 }
334 werner 36 c->bad_pwd = prev_was_bad? 1 : 0;
335     if (prev_was_bad && !c->cancel) {
336     if (c->pwd)
337     burn_passphrase (&c->pwd);
338     agent_del_cache (c->keyid);
339     c->pwd_init = 1;
340     }
341    
342     if (passphrase_info) {
343     if (strlen (passphrase_info) < 16 &&
344     !strstr (passphrase_info, "OPENPGP")) {
345     /* assume symetric encryption. */
346 twoaday 69 int pos=2;
347 werner 36 c->sym.sym_algo = atoi (passphrase_info);
348     if (c->sym.sym_algo > 9)
349 twoaday 69 pos++;
350 werner 36 /* XXX: be more strict. */
351 twoaday 69 c->sym.s2k_mode = atoi (passphrase_info+pos);
352     c->sym.s2k_hash = atoi (passphrase_info+pos+2);
353 werner 36 }
354    
355     keyid = parse_gpg_keyid (passphrase_info);
356 twoaday 77 pass = agent_get_cache (keyid+8, &item);
357 werner 36 if (pass) {
358     agent_unlock_cache_entry (&item);
359     c->pwd_init = 0;
360     if (!WriteFile (hd, pass, strlen (pass), &n, NULL))
361     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
362     if (!WriteFile (hd, "\n", 1, &n, NULL))
363     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
364     return 0;
365     }
366     }
367    
368     if (c->pwd_init) {
369     if (keyid && strlen (keyid) == 16)
370     strcpy (c->keyid, keyid+8);
371    
372     /* if @passphrase_info contains 'OPENPGP' we assume a smart card
373     has been used. */
374     if (strstr (passphrase_info, "OPENPGP")) {
375     const char *s=passphrase_info;
376     while (s && *s && *s != 'D')
377     s++;
378     _snprintf (c->info, sizeof c->info-1,
379     _("Please enter the PIN to unlock your secret card key\n"
380     "Card: %s"), extract_serial_no (s));
381     c->is_card = 1;
382     }
383     else if (uid_hint)
384     parse_gpg_description (uid_hint, passphrase_info,
385     c->info, sizeof c->info - 1);
386     if (c->gpg_cmd == GPG_CMD_DECRYPT) {
387     rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT,
388     (HWND)c->hwnd, passphrase_callback_proc,
389     (LPARAM)c);
390     }
391     else if (c->gpg_cmd == GPG_CMD_SIGN) {
392     rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT_SIGN,
393     (HWND)c->hwnd, passphrase_callback_proc,
394     (LPARAM)c);
395     }
396     if (rc == -1) {
397     if (!WriteFile (hd, "\n", 1, &n, NULL))
398     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
399     return 0;
400     }
401     c->pwd_init = 0;
402     }
403     if (c->cancel) {
404     if (!WriteFile (hd, "\n", 1, &n, NULL))
405     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
406     return 0;
407     }
408    
409 twoaday 77 if (!WriteFile (hd, c->pwd, strlen (c->pwd), &n, NULL))
410     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
411     if (!WriteFile (hd, "\n", 1, &n, NULL))
412     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
413 werner 36 return 0;
414     }
415    
416    
417     /* Initialize the given passphrase callback @cb with the
418     used gpgme context @ctx, the command @cmd and a title
419     @title for the dialog. */
420     void
421     set_gpg_passphrase_cb (passphrase_cb_s *cb, gpgme_ctx_t ctx,
422     int cmd, HWND hwnd, const char *title)
423     {
424     memset (cb, 0, sizeof *cb);
425     cb->gpg_cmd = cmd;
426     cb->bad_pwd = 0;
427     cb->is_card = 0;
428     cb->cancel = 0;
429     cb->hwnd = hwnd;
430     cb->pwd_init = 1;
431     free_if_alloc (cb->title);
432     cb->title = m_strdup (title);
433     if (!cb->title)
434     BUG (NULL);
435     gpgme_set_passphrase_cb (ctx, passphrase_cb, cb);
436     cb->gpg = ctx;
437     }
438    
439    
440     /* Release a passphrase callback @ctx. */
441     void
442     release_gpg_passphrase_cb (passphrase_cb_s *ctx)
443     {
444     gpgme_recipient_t r, n;
445    
446     if (!ctx)
447     return;
448     sfree_if_alloc (ctx->pwd);
449     free_if_alloc (ctx->title);
450     r = ctx->recipients;
451     while (r) {
452     n = r->next;
453     safe_free (r->keyid);
454     safe_free (r);
455     r = n;
456     }
457     }
458    
459    
460     /* Simple check to measure passphrase (@pass) quality.
461     Return value: 0 on success. */
462     int
463     check_passwd_quality (const char *pass, int strict)
464     {
465     int i, nd=0, nc=0, n;
466    
467     n = strlen (pass);
468     if (n < 8)
469     return -1;
470    
471     for (i=0; i < n; i++) {
472     if (isdigit (pass[i]))
473     nd++;
474     if (isalpha (pass[i]))
475     nc++;
476     }
477    
478     /* check that the passphrase contains letters and numbers. */
479     if (nd == n || nc == n)
480     return -1;
481    
482     return 0;
483     }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26