trunk/Src/wptPassphraseCB.cpp

/* wptPassphraseCB.cpp - GPGME Passphrase Callback
 *      Copyright (C) 2001, 2002, 2003, 2005 Timo Schulz
 *      Copyright (C) 2005 g10 Code GmbH
 *
 * This file is part of WinPT.
 *
 * WinPT is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License 
 * as published by the Free Software Foundation; either version 2 
 * of the License, or (at your option) any later version.
 *  
 * WinPT is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License 
 * along with WinPT; if not, write to the Free Software Foundation, 
 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <windows.h>
#include <ctype.h>

#include "resource.h"
#include "wptNLS.h"
#include "wptW32API.h"
#include "wptVersion.h"
#include "wptGPG.h"
#include "wptCommonCtl.h"
#include "wptContext.h"
#include "wptDlgs.h"
#include "wptUTF8.h"
#include "wptErrors.h"
#include "wptTypes.h"
#include "wptKeylist.h"
#include "wptAgent.h"
#include "wptRegistry.h"

const char* get_symkey_algo (int algo);

#define item_ctrl_id( cmd ) \
    ((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_PWD : IDC_DECRYPT_SIGN_PWD)

#define item_ctrl_id2(cmd) \
    ((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_HIDE : IDC_DECRYPT_SIGN_HIDE)


/* Overwrite passphrase and free memory. */
static void
burn_passphrase (char **pwd)
{
    char *pass = *pwd;
    wipememory (pass, strlen (pass));
    delete []pass;
    *pwd = NULL;
}


/* Dialog procedure for the passphrase callback. */
static BOOL CALLBACK
passphrase_callback_proc (HWND dlg, UINT msg, WPARAM wparam, LPARAM lparam)
{    
    static passphrase_cb_s *c;
    gpgme_decrypt_result_t res=NULL;
    gpgme_sign_result_t res_sig=NULL;
    gpgme_key_t key;
    gpgme_recipient_t recip=NULL, r;
    void *item;
    const char *id;
    char *info;
    int n;

    switch (msg) {
    case WM_INITDIALOG:
        c = (passphrase_cb_s *)lparam;
        if (!c)
            BUG (0);
        SetDlgItemText (dlg, IDCANCEL, _("&Cancel"));
        SetDlgItemText (dlg, IDC_DECRYPT_HIDE, _("&Hide Typing"));
        SetWindowText (dlg, c->title);
        if (c->gpg_cmd == GPG_CMD_DECRYPT) {
            SetDlgItemText (dlg, IDC_DECRYPT_LISTINF,
                            _("Encrypted with the following public key(s)"));
            CheckDlgButton (dlg, IDC_DECRYPT_HIDE, BST_CHECKED);
        }
        else if (c->gpg_cmd == GPG_CMD_SIGN) {
            SetDlgItemText (dlg, IDC_DECRYPT_SIGN_HIDE, _("&Hide Typing"));
            CheckDlgButton (dlg, IDC_DECRYPT_SIGN_HIDE, BST_CHECKED);
        }
        if (c->recipients)
            recip = c->recipients; /* recipients were already extracted. */
        else {
            /* XXX: not all ENCRYPT_TO entries are listed here. */
            res = gpgme_op_decrypt_result (c->gpg);
            if (res && res->recipients)
                recip = res->recipients;
        }
        if (recip != NULL && c->gpg_cmd == GPG_CMD_DECRYPT) {
            for (r = res->recipients; r; r = r->next) {
                get_pubkey (r->keyid, &key);
                if (key) {
                    char *uid;
                    id = key->uids->name;
                    if (!id)
                        id = _("Invalid User ID");
                    uid = utf8_to_wincp (id, strlen (id));
                    info = new char [32+strlen (uid)+1 + 4 + strlen (r->keyid)+1
                                     + strlen (key->uids->email)+1];
                    if (!info)
                        BUG (NULL);
                    sprintf (info, "%s <%s> (%s, 0x%s)", uid, key->uids->email,
                             get_key_pubalgo (r->pubkey_algo), r->keyid+8);
                    free (uid);
                    
                }
                else {
                    info = new char [32 + strlen (r->keyid)+1 + 4];
                    if (!info)
                        BUG (NULL);
                    sprintf (info, _("Unknown key ID (%s, 0x%s)"), 
                             get_key_pubalgo (r->pubkey_algo), r->keyid+8);
                }
                listbox_add_string (GetDlgItem (dlg, IDC_DECRYPT_LIST), info);
                free_if_alloc (info);
            }
        }
        else if (c->gpg_cmd == GPG_CMD_DECRYPT)
            EnableWindow (GetDlgItem (dlg, IDC_DECRYPT_LIST), FALSE);
        SetDlgItemText (dlg, c->gpg_cmd == GPG_CMD_DECRYPT?
                        IDC_DECRYPT_PWDINFO : IDC_DECRYPT_SIGN_PWDINFO,
                        c->bad_pwd? _("Bad passphrase; Enter passphrase again") :
                        _("Please enter your passphrase"));
        if (c->gpg_cmd == GPG_CMD_DECRYPT) {
            SetFocus (GetDlgItem (dlg, IDC_DECRYPT_PWD));
            if (res && !res->recipients) {
                const char *s = _("Symmetric encryption.\n"
                                  "%s encrypted data.");
                const char *alg = get_symkey_algo (c->sym.sym_algo);
                info = new char[strlen (s) + strlen (alg) + 2];
                if (!info)
                    BUG (NULL);
                sprintf (info, s, alg);
                SetDlgItemText (dlg, IDC_DECRYPT_MSG, info);
                free_if_alloc (info);
            }
            else
                SetDlgItemText (dlg, IDC_DECRYPT_MSG, c->info);
        }
        else {
            SetFocus( GetDlgItem (dlg, IDC_DECRYPT_SIGN_PWD));
            SetDlgItemText (dlg, IDC_DECRYPT_SIGN_MSG, c->info);
        }
        center_window (dlg, NULL);
        SetForegroundWindow (dlg);
        return FALSE;

        case WM_SYSCOMMAND:
            if (LOWORD (wparam) == SC_CLOSE) {
                SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
                c->cancel = 1;
                EndDialog (dlg, TRUE);
            }
            break;

        case WM_COMMAND:
            switch (HIWORD (wparam)) {
            case BN_CLICKED:
                if  (LOWORD (wparam) == IDC_DECRYPT_HIDE
                    || LOWORD (wparam) == IDC_DECRYPT_SIGN_HIDE) {
                    HWND hwnd;
                    int hide = IsDlgButtonChecked (dlg, item_ctrl_id2 (c->gpg_cmd));
                    hwnd = GetDlgItem (dlg, item_ctrl_id (c->gpg_cmd));
                    SendMessage (hwnd, EM_SETPASSWORDCHAR, hide? '*' : 0, 0);
                    SetFocus (hwnd);
                }
            }

            switch (LOWORD (wparam)) {
            case IDOK:  
                /* XXX: the item is even cached when the passphrase is not
                        correct, which means that the user needs to delete all
                        cached entries to continue. */
                if (c->pwd)
                    burn_passphrase (&c->pwd);
                n = item_get_text_length (dlg, item_ctrl_id (c->gpg_cmd));
                if (!n) {
                    c->pwd = new char[2];
                    if (!c->pwd)
                        BUG (NULL);
                    strcpy (c->pwd, "");
                }
                else {
                    c->pwd = new char[n+2];
                    if (!c->pwd)
                        BUG (NULL);
                    GetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), c->pwd, n+1);
                }
                res = gpgme_op_decrypt_result (c->gpg);
                if (!res)
                    res_sig = gpgme_op_sign_result (c->gpg);            
                if (reg_prefs.cache_time > 0 && !c->is_card &&
                    (res || res_sig)) {
                    if (agent_get_cache (c->keyid, &item))                      
                        agent_unlock_cache_entry (&item);
                    else 
                        agent_put_cache (c->keyid, c->pwd, reg_prefs.cache_time);
                }
                c->cancel = 0;
                EndDialog (dlg, TRUE);
                return TRUE;
                
            case IDCANCEL:
                SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
                c->cancel = 1;
                EndDialog (dlg, FALSE);
                return FALSE;
            }
            break;
    }
    
    return FALSE;
}


/* Extract the main keyid from @pass_info.
   Return value: long main keyid or NULL for an error. */
static const char*
parse_gpg_keyid (const char *pass_info)
{
    static char keyid[16+1];
    
    /* XXX: check for leading alpha-chars? */
    if (strlen (pass_info) < 16) {
        log_debug ("parse_gpg_keyid: error '%s'\r\n", pass_info);
        return NULL;
    }
    /* the format of the desc buffer looks like this:
       request_keyid[16] main_keyid[16] keytype[1] keylength[4]
       we use the main keyid to use only one cache entry. */
    strncpy (keyid, pass_info+17, 16);
    keyid[16] = 0;
    return keyid;
}


/* Parse the information in @uid_hint and @pass_info to generate
   a input message for the user in @desc. */
static int
parse_gpg_description (const char *uid_hint, const char *pass_info,
                       char *desc, int size)
{
    gpgme_pubkey_algo_t algo;
    char usedkey[16+1];
    char mainkey[16+1];
    char *uid, *p;
    int n=0;

    algo = (gpgme_pubkey_algo_t)0;
    /* Each uid_hint contains a long key-ID so it is at least 16 bytes. */
    if (strlen (uid_hint) < 17) {
        *desc = 0;
        log_debug ("parse_gpg_description: error '%s'\r\n", uid_hint);
        return -1;
    }

    while (p = strsep ((char**)&pass_info, " ")) {
        switch (n++) {
        case 0: strncpy (mainkey, p, 16); mainkey[16] = 0; break;
        case 1: strncpy (usedkey, p, 16); usedkey[16] = 0; break;
        case 2: algo = (gpgme_pubkey_algo_t)atol (p); break;
        }
    }
    uid_hint += 16; /* skip keyid */
    uid_hint += 1;  /* space */

    uid = utf8_to_wincp (uid_hint, strlen (uid_hint));

    if (strcmp (usedkey, mainkey))
        _snprintf (desc, size-1, 
                   _("You need a passphrase to unlock the secret key for\n"
                     "user: \"%s\"\n"
                     "%s key, ID %s (main key ID %s)\n"),
                   uid, get_key_pubalgo (algo), usedkey+8, mainkey+8);
    else if (!strcmp (usedkey, mainkey))
        _snprintf (desc, size-1,
                   _("You need a passphrase to unlock the secret key for\n"
                     "user: \"%s\"\n"
                     "%s key, ID %s\n"),
                     uid, get_key_pubalgo (algo), usedkey+8);
    free (uid);
    return 0;
}


/* Extract the serial number from the card ID @id and return it. */
const char*
extract_serial_no (const char *id)
{
    static char buf[8];
    char *p;

    p = strchr (id, '/');
    if (!p) {
        log_debug ("extract_serial_no: error '%s'\r\n", id);
        return NULL;
    }
    strncpy (buf, id+(p-id)-6, 6);
    return buf;
}


/* Passphrase callback with the ability to support caching. */
gpgme_error_t
passphrase_cb (void *hook, const char *uid_hint,
               const char *passphrase_info,
               int prev_was_bad, int fd)
{
    passphrase_cb_s *c = (passphrase_cb_s*)hook;
    HANDLE hd = (HANDLE)fd;
    void *item;
    const char *keyid=NULL, *pass;
    DWORD n;
    int rc = 0;

    if (!c) {
        log_debug ("passphrase_cb: error '!c'\r\n");
        return gpg_error (GPG_ERR_INV_ARG);
    }
    c->bad_pwd = prev_was_bad? 1 : 0;
    if (prev_was_bad && !c->cancel) {
        if (c->pwd)
            burn_passphrase (&c->pwd);
        agent_del_cache (c->keyid);
        c->pwd_init = 1;
    }

    if (passphrase_info) {
        if (strlen (passphrase_info) < 16 && 
            !strstr (passphrase_info, "OPENPGP")) {
            /* assume symetric encryption. */
            int pos=2;
            c->sym.sym_algo = atoi (passphrase_info);
            if (c->sym.sym_algo > 9)
                pos++;
            /* XXX: be more strict. */
            c->sym.s2k_mode = atoi (passphrase_info+pos);
            c->sym.s2k_hash = atoi (passphrase_info+pos+2);
        }

        keyid = parse_gpg_keyid (passphrase_info);
        pass = agent_get_cache (keyid+8, &item);        
        if (pass) {
            agent_unlock_cache_entry (&item);
            c->pwd_init = 0;
            if (!WriteFile (hd, pass, strlen (pass), &n, NULL))
                log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
            if (!WriteFile (hd, "\n", 1, &n, NULL))
                log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
            return 0;
        }
    }

    if (c->pwd_init) {
        if (keyid && strlen (keyid) == 16)
            strcpy (c->keyid, keyid+8);

        /* if @passphrase_info contains 'OPENPGP' we assume a smart card
            has been used. */
        if (strstr (passphrase_info, "OPENPGP")) {
            const char *s=passphrase_info;
            while (s && *s && *s != 'D')
                s++;
            _snprintf (c->info, sizeof c->info-1,
                       _("Please enter the PIN to unlock your secret card key\n"
                         "Card: %s"), extract_serial_no (s));
            c->is_card = 1;
        }
        else if (uid_hint)
            parse_gpg_description (uid_hint, passphrase_info, 
                                   c->info, sizeof c->info - 1);
        if (c->gpg_cmd == GPG_CMD_DECRYPT) {
            rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT,
                                 (HWND)c->hwnd, passphrase_callback_proc,
                                 (LPARAM)c);
        }
        else if (c->gpg_cmd == GPG_CMD_SIGN) {
            rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT_SIGN,
                                 (HWND)c->hwnd, passphrase_callback_proc,
                                 (LPARAM)c);
        }
        if (rc == -1) {
            if (!WriteFile (hd, "\n", 1, &n, NULL))
                log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
            return 0;
        }
        c->pwd_init = 0;
    }
    if (c->cancel) {
        if (!WriteFile (hd, "\n", 1, &n, NULL))
            log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
        return 0;
    }

    if (!WriteFile (hd, c->pwd, strlen (c->pwd), &n, NULL))
        log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
    if (!WriteFile (hd, "\n", 1, &n, NULL))
        log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
    return 0;
}


/* Initialize the given passphrase callback @cb with the
   used gpgme context @ctx, the command @cmd and a title
   @title for the dialog. */
void
set_gpg_passphrase_cb (passphrase_cb_s *cb, gpgme_ctx_t ctx, 
                       int cmd, HWND hwnd, const char *title)
{
    memset (cb, 0, sizeof *cb);
    cb->gpg_cmd = cmd;
    cb->bad_pwd = 0;
    cb->is_card = 0;
    cb->cancel = 0;
    cb->hwnd = hwnd;
    cb->pwd_init = 1;
    free_if_alloc (cb->title);
    cb->title = m_strdup (title);
    if (!cb->title)
        BUG (NULL);
    gpgme_set_passphrase_cb (ctx, passphrase_cb, cb);
    cb->gpg = ctx;
}


/* Release a passphrase callback @ctx. */
void
release_gpg_passphrase_cb (passphrase_cb_s *ctx)
{
    gpgme_recipient_t r, n;

    if (!ctx)
        return;
    sfree_if_alloc (ctx->pwd);
    free_if_alloc (ctx->title);
    r = ctx->recipients;
    while (r) {
        n = r->next;
        safe_free (r->keyid);
        safe_free (r);
        r = n;
    }
}


/* Simple check to measure passphrase (@pass) quality.
   Return value: 0 on success. */
int
check_passwd_quality (const char *pass, int strict)
{
    int i, nd=0, nc=0, n;

    n = strlen (pass);
    if (n < 8)
        return -1;

    for (i=0; i < n; i++) {
        if (isdigit (pass[i])) 
            nd++;
        if (isalpha (pass[i])) 
            nc++;
    }

    /* check that the passphrase contains letters and numbers. */
    if (nd == n || nc == n)
        return -1;

    return 0;
}
1	/* wptPassphraseCB.cpp - GPGME Passphrase Callback
2	* Copyright (C) 2001, 2002, 2003, 2005 Timo Schulz
3	* Copyright (C) 2005 g10 Code GmbH
4	*
5	* This file is part of WinPT.
6	*
7	* WinPT is free software; you can redistribute it and/or
8	* modify it under the terms of the GNU General Public License
9	* as published by the Free Software Foundation; either version 2
10	* of the License, or (at your option) any later version.
11	*
12	* WinPT is distributed in the hope that it will be useful,
13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15	* General Public License for more details.
16	*
17	* You should have received a copy of the GNU General Public License
18	* along with WinPT; if not, write to the Free Software Foundation,
19	* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20	*/
21
22	#ifdef HAVE_CONFIG_H
23	#include <config.h>
24	#endif
25
26	#include <windows.h>
27	#include <ctype.h>
28
29	#include "resource.h"
30	#include "wptNLS.h"
31	#include "wptW32API.h"
32	#include "wptVersion.h"
33	#include "wptGPG.h"
34	#include "wptCommonCtl.h"
35	#include "wptContext.h"
36	#include "wptDlgs.h"
37	#include "wptUTF8.h"
38	#include "wptErrors.h"
39	#include "wptTypes.h"
40	#include "wptKeylist.h"
41	#include "wptAgent.h"
42	#include "wptRegistry.h"
43
44	const char* get_symkey_algo (int algo);
45
46	#define item_ctrl_id( cmd ) \
47	((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_PWD : IDC_DECRYPT_SIGN_PWD)
48
49	#define item_ctrl_id2(cmd) \
50	((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_HIDE : IDC_DECRYPT_SIGN_HIDE)
51
52
53	/* Overwrite passphrase and free memory. */
54	static void
55	burn_passphrase (char **pwd)
56	{
57	char pass = pwd;
58	wipememory (pass, strlen (pass));
59	delete []pass;
60	*pwd = NULL;
61	}
62
63
64	/* Dialog procedure for the passphrase callback. */
65	static BOOL CALLBACK
66	passphrase_callback_proc (HWND dlg, UINT msg, WPARAM wparam, LPARAM lparam)
67	{
68	static passphrase_cb_s *c;
69	gpgme_decrypt_result_t res=NULL;
70	gpgme_sign_result_t res_sig=NULL;
71	gpgme_key_t key;
72	gpgme_recipient_t recip=NULL, r;
73	void *item;
74	const char *id;
75	char *info;
76	int n;
77
78	switch (msg) {
79	case WM_INITDIALOG:
80	c = (passphrase_cb_s *)lparam;
81	if (!c)
82	BUG (0);
83	SetDlgItemText (dlg, IDCANCEL, _("&Cancel"));
84	SetDlgItemText (dlg, IDC_DECRYPT_HIDE, _("&Hide Typing"));
85	SetWindowText (dlg, c->title);
86	if (c->gpg_cmd == GPG_CMD_DECRYPT) {
87	SetDlgItemText (dlg, IDC_DECRYPT_LISTINF,
88	_("Encrypted with the following public key(s)"));
89	CheckDlgButton (dlg, IDC_DECRYPT_HIDE, BST_CHECKED);
90	}
91	else if (c->gpg_cmd == GPG_CMD_SIGN) {
92	SetDlgItemText (dlg, IDC_DECRYPT_SIGN_HIDE, _("&Hide Typing"));
93	CheckDlgButton (dlg, IDC_DECRYPT_SIGN_HIDE, BST_CHECKED);
94	}
95	if (c->recipients)
96	recip = c->recipients; /* recipients were already extracted. */
97	else {
98	/* XXX: not all ENCRYPT_TO entries are listed here. */
99	res = gpgme_op_decrypt_result (c->gpg);
100	if (res && res->recipients)
101	recip = res->recipients;
102	}
103	if (recip != NULL && c->gpg_cmd == GPG_CMD_DECRYPT) {
104	for (r = res->recipients; r; r = r->next) {
105	get_pubkey (r->keyid, &key);
106	if (key) {
107	char *uid;
108	id = key->uids->name;
109	if (!id)
110	id = _("Invalid User ID");
111	uid = utf8_to_wincp (id, strlen (id));
112	info = new char [32+strlen (uid)+1 + 4 + strlen (r->keyid)+1
113	+ strlen (key->uids->email)+1];
114	if (!info)
115	BUG (NULL);
116	sprintf (info, "%s <%s> (%s, 0x%s)", uid, key->uids->email,
117	get_key_pubalgo (r->pubkey_algo), r->keyid+8);
118	free (uid);
119
120	}
121	else {
122	info = new char [32 + strlen (r->keyid)+1 + 4];
123	if (!info)
124	BUG (NULL);
125	sprintf (info, _("Unknown key ID (%s, 0x%s)"),
126	get_key_pubalgo (r->pubkey_algo), r->keyid+8);
127	}
128	listbox_add_string (GetDlgItem (dlg, IDC_DECRYPT_LIST), info);
129	free_if_alloc (info);
130	}
131	}
132	else if (c->gpg_cmd == GPG_CMD_DECRYPT)
133	EnableWindow (GetDlgItem (dlg, IDC_DECRYPT_LIST), FALSE);
134	SetDlgItemText (dlg, c->gpg_cmd == GPG_CMD_DECRYPT?
135	IDC_DECRYPT_PWDINFO : IDC_DECRYPT_SIGN_PWDINFO,
136	c->bad_pwd? _("Bad passphrase; Enter passphrase again") :
137	_("Please enter your passphrase"));
138	if (c->gpg_cmd == GPG_CMD_DECRYPT) {
139	SetFocus (GetDlgItem (dlg, IDC_DECRYPT_PWD));
140	if (res && !res->recipients) {
141	const char *s = _("Symmetric encryption.\n"
142	"%s encrypted data.");
143	const char *alg = get_symkey_algo (c->sym.sym_algo);
144	info = new char[strlen (s) + strlen (alg) + 2];
145	if (!info)
146	BUG (NULL);
147	sprintf (info, s, alg);
148	SetDlgItemText (dlg, IDC_DECRYPT_MSG, info);
149	free_if_alloc (info);
150	}
151	else
152	SetDlgItemText (dlg, IDC_DECRYPT_MSG, c->info);
153	}
154	else {
155	SetFocus( GetDlgItem (dlg, IDC_DECRYPT_SIGN_PWD));
156	SetDlgItemText (dlg, IDC_DECRYPT_SIGN_MSG, c->info);
157	}
158	center_window (dlg, NULL);
159	SetForegroundWindow (dlg);
160	return FALSE;
161
162	case WM_SYSCOMMAND:
163	if (LOWORD (wparam) == SC_CLOSE) {
164	SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
165	c->cancel = 1;
166	EndDialog (dlg, TRUE);
167	}
168	break;
169
170	case WM_COMMAND:
171	switch (HIWORD (wparam)) {
172	case BN_CLICKED:
173	if (LOWORD (wparam) == IDC_DECRYPT_HIDE
174	\|\| LOWORD (wparam) == IDC_DECRYPT_SIGN_HIDE) {
175	HWND hwnd;
176	int hide = IsDlgButtonChecked (dlg, item_ctrl_id2 (c->gpg_cmd));
177	hwnd = GetDlgItem (dlg, item_ctrl_id (c->gpg_cmd));
178	SendMessage (hwnd, EM_SETPASSWORDCHAR, hide? '*' : 0, 0);
179	SetFocus (hwnd);
180	}
181	}
182
183	switch (LOWORD (wparam)) {
184	case IDOK:
185	/* XXX: the item is even cached when the passphrase is not
186	correct, which means that the user needs to delete all
187	cached entries to continue. */
188	if (c->pwd)
189	burn_passphrase (&c->pwd);
190	n = item_get_text_length (dlg, item_ctrl_id (c->gpg_cmd));
191	if (!n) {
192	c->pwd = new char[2];
193	if (!c->pwd)
194	BUG (NULL);
195	strcpy (c->pwd, "");
196	}
197	else {
198	c->pwd = new char[n+2];
199	if (!c->pwd)
200	BUG (NULL);
201	GetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), c->pwd, n+1);
202	}
203	res = gpgme_op_decrypt_result (c->gpg);
204	if (!res)
205	res_sig = gpgme_op_sign_result (c->gpg);
206	if (reg_prefs.cache_time > 0 && !c->is_card &&
207	(res \|\| res_sig)) {
208	if (agent_get_cache (c->keyid, &item))
209	agent_unlock_cache_entry (&item);
210	else
211	agent_put_cache (c->keyid, c->pwd, reg_prefs.cache_time);
212	}
213	c->cancel = 0;
214	EndDialog (dlg, TRUE);
215	return TRUE;
216
217	case IDCANCEL:
218	SetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), "");
219	c->cancel = 1;
220	EndDialog (dlg, FALSE);
221	return FALSE;
222	}
223	break;
224	}
225
226	return FALSE;
227	}
228
229
230	/* Extract the main keyid from @pass_info.
231	Return value: long main keyid or NULL for an error. */
232	static const char*
233	parse_gpg_keyid (const char *pass_info)
234	{
235	static char keyid[16+1];
236
237	/* XXX: check for leading alpha-chars? */
238	if (strlen (pass_info) < 16) {
239	log_debug ("parse_gpg_keyid: error '%s'\r\n", pass_info);
240	return NULL;
241	}
242	/* the format of the desc buffer looks like this:
243	request_keyid[16] main_keyid[16] keytype[1] keylength[4]
244	we use the main keyid to use only one cache entry. */
245	strncpy (keyid, pass_info+17, 16);
246	keyid[16] = 0;
247	return keyid;
248	}
249
250
251	/* Parse the information in @uid_hint and @pass_info to generate
252	a input message for the user in @desc. */
253	static int
254	parse_gpg_description (const char uid_hint, const char pass_info,
255	char *desc, int size)
256	{
257	gpgme_pubkey_algo_t algo;
258	char usedkey[16+1];
259	char mainkey[16+1];
260	char uid, p;
261	int n=0;
262
263	algo = (gpgme_pubkey_algo_t)0;
264	/* Each uid_hint contains a long key-ID so it is at least 16 bytes. */
265	if (strlen (uid_hint) < 17) {
266	*desc = 0;
267	log_debug ("parse_gpg_description: error '%s'\r\n", uid_hint);
268	return -1;
269	}
270
271	while (p = strsep ((char**)&pass_info, " ")) {
272	switch (n++) {
273	case 0: strncpy (mainkey, p, 16); mainkey[16] = 0; break;
274	case 1: strncpy (usedkey, p, 16); usedkey[16] = 0; break;
275	case 2: algo = (gpgme_pubkey_algo_t)atol (p); break;
276	}
277	}
278	uid_hint += 16; /* skip keyid */
279	uid_hint += 1; /* space */
280
281	uid = utf8_to_wincp (uid_hint, strlen (uid_hint));
282
283	if (strcmp (usedkey, mainkey))
284	_snprintf (desc, size-1,
285	_("You need a passphrase to unlock the secret key for\n"
286	"user: \"%s\"\n"
287	"%s key, ID %s (main key ID %s)\n"),
288	uid, get_key_pubalgo (algo), usedkey+8, mainkey+8);
289	else if (!strcmp (usedkey, mainkey))
290	_snprintf (desc, size-1,
291	_("You need a passphrase to unlock the secret key for\n"
292	"user: \"%s\"\n"
293	"%s key, ID %s\n"),
294	uid, get_key_pubalgo (algo), usedkey+8);
295	free (uid);
296	return 0;
297	}
298
299
300	/* Extract the serial number from the card ID @id and return it. */
301	const char*
302	extract_serial_no (const char *id)
303	{
304	static char buf[8];
305	char *p;
306
307	p = strchr (id, '/');
308	if (!p) {
309	log_debug ("extract_serial_no: error '%s'\r\n", id);
310	return NULL;
311	}
312	strncpy (buf, id+(p-id)-6, 6);
313	return buf;
314	}
315
316
317	/* Passphrase callback with the ability to support caching. */
318	gpgme_error_t
319	passphrase_cb (void hook, const char uid_hint,
320	const char *passphrase_info,
321	int prev_was_bad, int fd)
322	{
323	passphrase_cb_s c = (passphrase_cb_s)hook;
324	HANDLE hd = (HANDLE)fd;
325	void *item;
326	const char keyid=NULL, pass;
327	DWORD n;
328	int rc = 0;
329
330	if (!c) {
331	log_debug ("passphrase_cb: error '!c'\r\n");
332	return gpg_error (GPG_ERR_INV_ARG);
333	}
334	c->bad_pwd = prev_was_bad? 1 : 0;
335	if (prev_was_bad && !c->cancel) {
336	if (c->pwd)
337	burn_passphrase (&c->pwd);
338	agent_del_cache (c->keyid);
339	c->pwd_init = 1;
340	}
341
342	if (passphrase_info) {
343	if (strlen (passphrase_info) < 16 &&
344	!strstr (passphrase_info, "OPENPGP")) {
345	/* assume symetric encryption. */
346	int pos=2;
347	c->sym.sym_algo = atoi (passphrase_info);
348	if (c->sym.sym_algo > 9)
349	pos++;
350	/* XXX: be more strict. */
351	c->sym.s2k_mode = atoi (passphrase_info+pos);
352	c->sym.s2k_hash = atoi (passphrase_info+pos+2);
353	}
354
355	keyid = parse_gpg_keyid (passphrase_info);
356	pass = agent_get_cache (keyid+8, &item);
357	if (pass) {
358	agent_unlock_cache_entry (&item);
359	c->pwd_init = 0;
360	if (!WriteFile (hd, pass, strlen (pass), &n, NULL))
361	log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
362	if (!WriteFile (hd, "\n", 1, &n, NULL))
363	log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
364	return 0;
365	}
366	}
367
368	if (c->pwd_init) {
369	if (keyid && strlen (keyid) == 16)
370	strcpy (c->keyid, keyid+8);
371
372	/* if @passphrase_info contains 'OPENPGP' we assume a smart card
373	has been used. */
374	if (strstr (passphrase_info, "OPENPGP")) {
375	const char *s=passphrase_info;
376	while (s && s && s != 'D')
377	s++;
378	_snprintf (c->info, sizeof c->info-1,
379	_("Please enter the PIN to unlock your secret card key\n"
380	"Card: %s"), extract_serial_no (s));
381	c->is_card = 1;
382	}
383	else if (uid_hint)
384	parse_gpg_description (uid_hint, passphrase_info,
385	c->info, sizeof c->info - 1);
386	if (c->gpg_cmd == GPG_CMD_DECRYPT) {
387	rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT,
388	(HWND)c->hwnd, passphrase_callback_proc,
389	(LPARAM)c);
390	}
391	else if (c->gpg_cmd == GPG_CMD_SIGN) {
392	rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT_SIGN,
393	(HWND)c->hwnd, passphrase_callback_proc,
394	(LPARAM)c);
395	}
396	if (rc == -1) {
397	if (!WriteFile (hd, "\n", 1, &n, NULL))
398	log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
399	return 0;
400	}
401	c->pwd_init = 0;
402	}
403	if (c->cancel) {
404	if (!WriteFile (hd, "\n", 1, &n, NULL))
405	log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
406	return 0;
407	}
408
409	if (!WriteFile (hd, c->pwd, strlen (c->pwd), &n, NULL))
410	log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
411	if (!WriteFile (hd, "\n", 1, &n, NULL))
412	log_debug ("passphrase_cb: WriteFile() failed ec=%d\n", w32_errno);
413	return 0;
414	}
415
416
417	/* Initialize the given passphrase callback @cb with the
418	used gpgme context @ctx, the command @cmd and a title
419	@title for the dialog. */
420	void
421	set_gpg_passphrase_cb (passphrase_cb_s *cb, gpgme_ctx_t ctx,
422	int cmd, HWND hwnd, const char *title)
423	{
424	memset (cb, 0, sizeof *cb);
425	cb->gpg_cmd = cmd;
426	cb->bad_pwd = 0;
427	cb->is_card = 0;
428	cb->cancel = 0;
429	cb->hwnd = hwnd;
430	cb->pwd_init = 1;
431	free_if_alloc (cb->title);
432	cb->title = m_strdup (title);
433	if (!cb->title)
434	BUG (NULL);
435	gpgme_set_passphrase_cb (ctx, passphrase_cb, cb);
436	cb->gpg = ctx;
437	}
438
439
440	/* Release a passphrase callback @ctx. */
441	void
442	release_gpg_passphrase_cb (passphrase_cb_s *ctx)
443	{
444	gpgme_recipient_t r, n;
445
446	if (!ctx)
447	return;
448	sfree_if_alloc (ctx->pwd);
449	free_if_alloc (ctx->title);
450	r = ctx->recipients;
451	while (r) {
452	n = r->next;
453	safe_free (r->keyid);
454	safe_free (r);
455	r = n;
456	}
457	}
458
459
460	/* Simple check to measure passphrase (@pass) quality.
461	Return value: 0 on success. */
462	int
463	check_passwd_quality (const char *pass, int strict)
464	{
465	int i, nd=0, nc=0, n;
466
467	n = strlen (pass);
468	if (n < 8)
469	return -1;
470
471	for (i=0; i < n; i++) {
472	if (isdigit (pass[i]))
473	nd++;
474	if (isalpha (pass[i]))
475	nc++;
476	}
477
478	/* check that the passphrase contains letters and numbers. */
479	if (nd == n \|\| nc == n)
480	return -1;
481
482	return 0;
483	}