/[winpt]/trunk/Src/wptPassphraseCB.cpp
ViewVC logotype

Annotation of /trunk/Src/wptPassphraseCB.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 181 - (hide annotations)
Tue Mar 14 11:01:22 2006 UTC (18 years, 11 months ago) by twoaday
File size: 13893 byte(s) 
2006-03-12  Timo Schulz  <ts@g10code.de>
 
        * wptGPG.cpp (gnupg_load_config): Search for 'ask-cert-expire'.
        * wptKeyPropsDlg.cpp (display_key_info): Automatically update
        sym algorithm preferences if needed.
        * wptKeysignDlg.cpp (date_is_today): New.
        (keysign_dlg_proc): Only allow to set cert expire date if
        the option was found.
        * wptGPGPrefsDlg.cpp (gpgprefs_dlg_proc): Allow to set
        'ask-cert-expire'.
1 werner 36 /* wptPassphraseCB.cpp - GPGME Passphrase Callback
2     * Copyright (C) 2001, 2002, 2003, 2005 Timo Schulz
3     * Copyright (C) 2005 g10 Code GmbH
4     *
5     * This file is part of WinPT.
6     *
7     * WinPT is free software; you can redistribute it and/or
8     * modify it under the terms of the GNU General Public License
9     * as published by the Free Software Foundation; either version 2
10     * of the License, or (at your option) any later version.
11     *
12     * WinPT is distributed in the hope that it will be useful,
13     * but WITHOUT ANY WARRANTY; without even the implied warranty of
14     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15     * General Public License for more details.
16     *
17     * You should have received a copy of the GNU General Public License
18     * along with WinPT; if not, write to the Free Software Foundation,
19     * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20     */
21    
22     #ifdef HAVE_CONFIG_H
23     #include <config.h>
24     #endif
25    
26     #include <windows.h>
27     #include <ctype.h>
28    
29 werner 47 #include "resource.h"
30 werner 36 #include "wptNLS.h"
31     #include "wptW32API.h"
32     #include "wptVersion.h"
33     #include "wptGPG.h"
34     #include "wptCommonCtl.h"
35     #include "wptContext.h"
36     #include "wptDlgs.h"
37     #include "wptUTF8.h"
38     #include "wptErrors.h"
39     #include "wptTypes.h"
40 werner 48 #include "wptKeylist.h"
41 werner 36 #include "wptAgent.h"
42     #include "wptRegistry.h"
43    
44     const char* get_symkey_algo (int algo);
45    
46 twoaday 181 #define item_ctrl_id(cmd) \
47 werner 36 ((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_PWD : IDC_DECRYPT_SIGN_PWD)
48    
49     #define item_ctrl_id2(cmd) \
50     ((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_HIDE : IDC_DECRYPT_SIGN_HIDE)
51    
52    
53     /* Overwrite passphrase and free memory. */
54     static void
55     burn_passphrase (char **pwd)
56     {
57     char *pass = *pwd;
58     wipememory (pass, strlen (pass));
59     delete []pass;
60     *pwd = NULL;
61     }
62    
63    
64     /* Dialog procedure for the passphrase callback. */
65     static BOOL CALLBACK
66     passphrase_callback_proc (HWND dlg, UINT msg, WPARAM wparam, LPARAM lparam)
67     {
68 twoaday 77 static passphrase_cb_s *c;
69     gpgme_decrypt_result_t res=NULL;
70     gpgme_sign_result_t res_sig=NULL;
71 werner 36 gpgme_key_t key;
72 twoaday 69 gpgme_recipient_t recip=NULL, r;
73     void *item;
74 werner 36 const char *id;
75     char *info;
76     int n;
77    
78     switch (msg) {
79 twoaday 181 case WM_ACTIVATE:
80     safe_edit_control_init (dlg, item_ctrl_id (c->gpg_cmd));
81     break;
82    
83     case WM_DESTROY:
84     safe_edit_control_free (dlg, item_ctrl_id (c->gpg_cmd));
85     break;
86    
87 werner 36 case WM_INITDIALOG:
88     c = (passphrase_cb_s *)lparam;
89     if (!c)
90     BUG (0);
91 twoaday 105 SetDlgItemText (dlg, IDCANCEL, _("&Cancel"));
92 twoaday 85 SetDlgItemText (dlg, IDC_DECRYPT_HIDE, _("&Hide Typing"));
93 werner 36 SetWindowText (dlg, c->title);
94     if (c->gpg_cmd == GPG_CMD_DECRYPT) {
95     SetDlgItemText (dlg, IDC_DECRYPT_LISTINF,
96     _("Encrypted with the following public key(s)"));
97     CheckDlgButton (dlg, IDC_DECRYPT_HIDE, BST_CHECKED);
98     }
99 twoaday 95 else if (c->gpg_cmd == GPG_CMD_SIGN) {
100     SetDlgItemText (dlg, IDC_DECRYPT_SIGN_HIDE, _("&Hide Typing"));
101 werner 36 CheckDlgButton (dlg, IDC_DECRYPT_SIGN_HIDE, BST_CHECKED);
102 twoaday 95 }
103 twoaday 179 /* Because it depends on the order the keys are stored in the
104     keyring whether res->recipients is complete or not, we also
105     support that the recipients were externally extracted and then
106     we use this list. */
107 werner 36 if (c->recipients)
108     recip = c->recipients; /* recipients were already extracted. */
109     else {
110     res = gpgme_op_decrypt_result (c->gpg);
111     if (res && res->recipients)
112     recip = res->recipients;
113     }
114     if (recip != NULL && c->gpg_cmd == GPG_CMD_DECRYPT) {
115 twoaday 179 for (r = recip; r; r = r->next) {
116 werner 36 get_pubkey (r->keyid, &key);
117     if (key) {
118 twoaday 160 gpgme_user_id_t u = key->uids;
119 werner 36 char *uid;
120 twoaday 160
121     id = u->name;
122 werner 36 if (!id)
123     id = _("Invalid User ID");
124     uid = utf8_to_wincp (id, strlen (id));
125 twoaday 160 n = 32+strlen (uid)+1+4+strlen (r->keyid)+1;
126     if (u->email)
127     n += strlen (u->email)+1;
128     info = new char [n+1];
129 werner 36 if (!info)
130     BUG (NULL);
131 twoaday 160 if (!u->email || strlen (u->email) < 1)
132     sprintf (info, "%s (%s, 0x%s)", uid,
133     get_key_pubalgo (r->pubkey_algo), r->keyid+8);
134     else
135     sprintf (info, "%s <%s> (%s, 0x%s)", uid, u->email,
136     get_key_pubalgo (r->pubkey_algo), r->keyid+8);
137 werner 36 free (uid);
138     }
139     else {
140     info = new char [32 + strlen (r->keyid)+1 + 4];
141     if (!info)
142     BUG (NULL);
143     sprintf (info, _("Unknown key ID (%s, 0x%s)"),
144     get_key_pubalgo (r->pubkey_algo), r->keyid+8);
145     }
146     listbox_add_string (GetDlgItem (dlg, IDC_DECRYPT_LIST), info);
147     free_if_alloc (info);
148     }
149     }
150     else if (c->gpg_cmd == GPG_CMD_DECRYPT)
151     EnableWindow (GetDlgItem (dlg, IDC_DECRYPT_LIST), FALSE);
152     SetDlgItemText (dlg, c->gpg_cmd == GPG_CMD_DECRYPT?
153     IDC_DECRYPT_PWDINFO : IDC_DECRYPT_SIGN_PWDINFO,
154     c->bad_pwd? _("Bad passphrase; Enter passphrase again") :
155     _("Please enter your passphrase"));
156     if (c->gpg_cmd == GPG_CMD_DECRYPT) {
157     SetFocus (GetDlgItem (dlg, IDC_DECRYPT_PWD));
158     if (res && !res->recipients) {
159     const char *s = _("Symmetric encryption.\n"
160     "%s encrypted data.");
161     const char *alg = get_symkey_algo (c->sym.sym_algo);
162     info = new char[strlen (s) + strlen (alg) + 2];
163     if (!info)
164     BUG (NULL);
165     sprintf (info, s, alg);
166     SetDlgItemText (dlg, IDC_DECRYPT_MSG, info);
167     free_if_alloc (info);
168     }
169     else
170     SetDlgItemText (dlg, IDC_DECRYPT_MSG, c->info);
171     }
172     else {
173     SetFocus( GetDlgItem (dlg, IDC_DECRYPT_SIGN_PWD));
174     SetDlgItemText (dlg, IDC_DECRYPT_SIGN_MSG, c->info);
175     }
176     center_window (dlg, NULL);
177     SetForegroundWindow (dlg);
178     return FALSE;
179    
180     case WM_SYSCOMMAND:
181     if (LOWORD (wparam) == SC_CLOSE) {
182     SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
183     c->cancel = 1;
184     EndDialog (dlg, TRUE);
185     }
186     break;
187    
188     case WM_COMMAND:
189     switch (HIWORD (wparam)) {
190     case BN_CLICKED:
191     if (LOWORD (wparam) == IDC_DECRYPT_HIDE
192     || LOWORD (wparam) == IDC_DECRYPT_SIGN_HIDE) {
193     HWND hwnd;
194     int hide = IsDlgButtonChecked (dlg, item_ctrl_id2 (c->gpg_cmd));
195     hwnd = GetDlgItem (dlg, item_ctrl_id (c->gpg_cmd));
196     SendMessage (hwnd, EM_SETPASSWORDCHAR, hide? '*' : 0, 0);
197     SetFocus (hwnd);
198     }
199     }
200    
201     switch (LOWORD (wparam)) {
202     case IDOK:
203     /* XXX: the item is even cached when the passphrase is not
204     correct, which means that the user needs to delete all
205     cached entries to continue. */
206     if (c->pwd)
207     burn_passphrase (&c->pwd);
208     n = item_get_text_length (dlg, item_ctrl_id (c->gpg_cmd));
209     if (!n) {
210     c->pwd = new char[2];
211     if (!c->pwd)
212     BUG (NULL);
213     strcpy (c->pwd, "");
214     }
215     else {
216     c->pwd = new char[n+2];
217     if (!c->pwd)
218     BUG (NULL);
219 twoaday 181 SafeGetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd),
220     c->pwd, n+1);
221 werner 36 }
222     res = gpgme_op_decrypt_result (c->gpg);
223     if (!res)
224 twoaday 77 res_sig = gpgme_op_sign_result (c->gpg);
225     if (reg_prefs.cache_time > 0 && !c->is_card &&
226     (res || res_sig)) {
227     if (agent_get_cache (c->keyid, &item))
228 werner 36 agent_unlock_cache_entry (&item);
229 twoaday 77 else
230 werner 36 agent_put_cache (c->keyid, c->pwd, reg_prefs.cache_time);
231     }
232     c->cancel = 0;
233     EndDialog (dlg, TRUE);
234     return TRUE;
235    
236     case IDCANCEL:
237     SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
238     c->cancel = 1;
239     EndDialog (dlg, FALSE);
240     return FALSE;
241     }
242     break;
243     }
244    
245     return FALSE;
246     }
247    
248    
249     /* Extract the main keyid from @pass_info.
250     Return value: long main keyid or NULL for an error. */
251     static const char*
252     parse_gpg_keyid (const char *pass_info)
253     {
254     static char keyid[16+1];
255    
256     /* XXX: check for leading alpha-chars? */
257 twoaday 77 if (strlen (pass_info) < 16) {
258     log_debug ("parse_gpg_keyid: error '%s'\r\n", pass_info);
259 werner 36 return NULL;
260 twoaday 77 }
261 werner 36 /* the format of the desc buffer looks like this:
262     request_keyid[16] main_keyid[16] keytype[1] keylength[4]
263     we use the main keyid to use only one cache entry. */
264     strncpy (keyid, pass_info+17, 16);
265     keyid[16] = 0;
266     return keyid;
267     }
268    
269    
270     /* Parse the information in @uid_hint and @pass_info to generate
271     a input message for the user in @desc. */
272     static int
273     parse_gpg_description (const char *uid_hint, const char *pass_info,
274     char *desc, int size)
275     {
276     gpgme_pubkey_algo_t algo;
277     char usedkey[16+1];
278     char mainkey[16+1];
279     char *uid, *p;
280     int n=0;
281    
282 twoaday 69 algo = (gpgme_pubkey_algo_t)0;
283 werner 36 /* Each uid_hint contains a long key-ID so it is at least 16 bytes. */
284     if (strlen (uid_hint) < 17) {
285     *desc = 0;
286 twoaday 77 log_debug ("parse_gpg_description: error '%s'\r\n", uid_hint);
287 werner 36 return -1;
288     }
289    
290     while (p = strsep ((char**)&pass_info, " ")) {
291     switch (n++) {
292     case 0: strncpy (mainkey, p, 16); mainkey[16] = 0; break;
293     case 1: strncpy (usedkey, p, 16); usedkey[16] = 0; break;
294     case 2: algo = (gpgme_pubkey_algo_t)atol (p); break;
295     }
296     }
297     uid_hint += 16; /* skip keyid */
298     uid_hint += 1; /* space */
299    
300     uid = utf8_to_wincp (uid_hint, strlen (uid_hint));
301    
302     if (strcmp (usedkey, mainkey))
303     _snprintf (desc, size-1,
304     _("You need a passphrase to unlock the secret key for\n"
305     "user: \"%s\"\n"
306     "%s key, ID %s (main key ID %s)\n"),
307     uid, get_key_pubalgo (algo), usedkey+8, mainkey+8);
308     else if (!strcmp (usedkey, mainkey))
309     _snprintf (desc, size-1,
310     _("You need a passphrase to unlock the secret key for\n"
311     "user: \"%s\"\n"
312     "%s key, ID %s\n"),
313     uid, get_key_pubalgo (algo), usedkey+8);
314     free (uid);
315     return 0;
316     }
317    
318    
319     /* Extract the serial number from the card ID @id and return it. */
320     const char*
321     extract_serial_no (const char *id)
322     {
323     static char buf[8];
324     char *p;
325    
326     p = strchr (id, '/');
327 twoaday 77 if (!p) {
328     log_debug ("extract_serial_no: error '%s'\r\n", id);
329 werner 36 return NULL;
330 twoaday 77 }
331 werner 36 strncpy (buf, id+(p-id)-6, 6);
332     return buf;
333     }
334    
335    
336     /* Passphrase callback with the ability to support caching. */
337     gpgme_error_t
338     passphrase_cb (void *hook, const char *uid_hint,
339     const char *passphrase_info,
340     int prev_was_bad, int fd)
341     {
342     passphrase_cb_s *c = (passphrase_cb_s*)hook;
343     HANDLE hd = (HANDLE)fd;
344     void *item;
345 twoaday 69 const char *keyid=NULL, *pass;
346 werner 36 DWORD n;
347 twoaday 77 int rc = 0;
348 werner 36
349 twoaday 77 if (!c) {
350     log_debug ("passphrase_cb: error '!c'\r\n");
351 werner 36 return gpg_error (GPG_ERR_INV_ARG);
352 twoaday 77 }
353 werner 36 c->bad_pwd = prev_was_bad? 1 : 0;
354     if (prev_was_bad && !c->cancel) {
355     if (c->pwd)
356     burn_passphrase (&c->pwd);
357     agent_del_cache (c->keyid);
358     c->pwd_init = 1;
359     }
360    
361     if (passphrase_info) {
362     if (strlen (passphrase_info) < 16 &&
363     !strstr (passphrase_info, "OPENPGP")) {
364     /* assume symetric encryption. */
365 twoaday 69 int pos=2;
366 werner 36 c->sym.sym_algo = atoi (passphrase_info);
367     if (c->sym.sym_algo > 9)
368 twoaday 69 pos++;
369 werner 36 /* XXX: be more strict. */
370 twoaday 69 c->sym.s2k_mode = atoi (passphrase_info+pos);
371     c->sym.s2k_hash = atoi (passphrase_info+pos+2);
372 werner 36 }
373    
374     keyid = parse_gpg_keyid (passphrase_info);
375 twoaday 77 pass = agent_get_cache (keyid+8, &item);
376 werner 36 if (pass) {
377     agent_unlock_cache_entry (&item);
378     c->pwd_init = 0;
379     if (!WriteFile (hd, pass, strlen (pass), &n, NULL))
380     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
381     if (!WriteFile (hd, "\n", 1, &n, NULL))
382     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
383     return 0;
384     }
385     }
386    
387     if (c->pwd_init) {
388     if (keyid && strlen (keyid) == 16)
389     strcpy (c->keyid, keyid+8);
390    
391     /* if @passphrase_info contains 'OPENPGP' we assume a smart card
392     has been used. */
393     if (strstr (passphrase_info, "OPENPGP")) {
394     const char *s=passphrase_info;
395     while (s && *s && *s != 'D')
396     s++;
397     _snprintf (c->info, sizeof c->info-1,
398     _("Please enter the PIN to unlock your secret card key\n"
399     "Card: %s"), extract_serial_no (s));
400     c->is_card = 1;
401     }
402     else if (uid_hint)
403     parse_gpg_description (uid_hint, passphrase_info,
404 twoaday 181 c->info, sizeof (c->info) - 1);
405 werner 36 if (c->gpg_cmd == GPG_CMD_DECRYPT) {
406     rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT,
407     (HWND)c->hwnd, passphrase_callback_proc,
408     (LPARAM)c);
409     }
410     else if (c->gpg_cmd == GPG_CMD_SIGN) {
411     rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT_SIGN,
412     (HWND)c->hwnd, passphrase_callback_proc,
413     (LPARAM)c);
414     }
415     if (rc == -1) {
416     if (!WriteFile (hd, "\n", 1, &n, NULL))
417     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
418     return 0;
419     }
420     c->pwd_init = 0;
421     }
422     if (c->cancel) {
423     if (!WriteFile (hd, "\n", 1, &n, NULL))
424     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
425     return 0;
426     }
427    
428 twoaday 77 if (!WriteFile (hd, c->pwd, strlen (c->pwd), &n, NULL))
429     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
430     if (!WriteFile (hd, "\n", 1, &n, NULL))
431     log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
432 werner 36 return 0;
433     }
434    
435    
436     /* Initialize the given passphrase callback @cb with the
437     used gpgme context @ctx, the command @cmd and a title
438     @title for the dialog. */
439     void
440     set_gpg_passphrase_cb (passphrase_cb_s *cb, gpgme_ctx_t ctx,
441     int cmd, HWND hwnd, const char *title)
442     {
443     memset (cb, 0, sizeof *cb);
444     cb->gpg_cmd = cmd;
445     cb->bad_pwd = 0;
446     cb->is_card = 0;
447     cb->cancel = 0;
448     cb->hwnd = hwnd;
449     cb->pwd_init = 1;
450     free_if_alloc (cb->title);
451     cb->title = m_strdup (title);
452     if (!cb->title)
453     BUG (NULL);
454     gpgme_set_passphrase_cb (ctx, passphrase_cb, cb);
455     cb->gpg = ctx;
456     }
457    
458    
459     /* Release a passphrase callback @ctx. */
460     void
461     release_gpg_passphrase_cb (passphrase_cb_s *ctx)
462     {
463     gpgme_recipient_t r, n;
464    
465     if (!ctx)
466     return;
467     sfree_if_alloc (ctx->pwd);
468     free_if_alloc (ctx->title);
469     r = ctx->recipients;
470     while (r) {
471     n = r->next;
472     safe_free (r->keyid);
473     safe_free (r);
474     r = n;
475     }
476     }
477    
478    
479     /* Simple check to measure passphrase (@pass) quality.
480     Return value: 0 on success. */
481     int
482     check_passwd_quality (const char *pass, int strict)
483     {
484     int i, nd=0, nc=0, n;
485    
486     n = strlen (pass);
487     if (n < 8)
488     return -1;
489    
490     for (i=0; i < n; i++) {
491     if (isdigit (pass[i]))
492     nd++;
493     if (isalpha (pass[i]))
494     nc++;
495     }
496    
497     /* check that the passphrase contains letters and numbers. */
498     if (nd == n || nc == n)
499     return -1;
500    
501     return 0;
502     }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26