| 1 |
/* wptPassphraseCB.cpp - GPGME Passphrase Callback |
/* wptPassphraseCB.cpp - GPGME Passphrase Callback |
| 2 |
* Copyright (C) 2001, 2002-2006 Timo Schulz |
* Copyright (C) 2001, 2002-2006, 2009, 2011 Timo Schulz |
| 3 |
* Copyright (C) 2005 g10 Code GmbH |
* Copyright (C) 2005 g10 Code GmbH |
| 4 |
* |
* |
| 5 |
* This file is part of WinPT. |
* This file is part of WinPT. |
| 46 |
((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_HIDE : IDC_DECRYPT_SIGN_HIDE) |
((cmd) == GPG_CMD_DECRYPT? IDC_DECRYPT_HIDE : IDC_DECRYPT_SIGN_HIDE) |
| 47 |
|
|
| 48 |
const char* get_symkey_algo (int algo); |
const char* get_symkey_algo (int algo); |
|
void ListBox_AddString_utf8 (HWND lb, const char *txt); |
|
| 49 |
|
|
| 50 |
|
|
| 51 |
/* Overwrite passphrase and free memory. */ |
/* Overwrites the passphrase and free the memory. |
| 52 |
|
Pointer is also reset to NULL. */ |
| 53 |
static void |
static void |
| 54 |
burn_passphrase (char **pwd) |
burn_passphrase (char **pwd) |
| 55 |
{ |
{ |
| 96 |
if (c->gpg_cmd == GPG_CMD_DECRYPT) { |
if (c->gpg_cmd == GPG_CMD_DECRYPT) { |
| 97 |
SetDlgItemText (dlg, IDC_DECRYPT_HIDE, _("&Hide Typing")); |
SetDlgItemText (dlg, IDC_DECRYPT_HIDE, _("&Hide Typing")); |
| 98 |
SetDlgItemText (dlg, IDC_DECRYPT_LISTINF, |
SetDlgItemText (dlg, IDC_DECRYPT_LISTINF, |
| 99 |
_("Encrypted with the following public key(s)")); |
_("Encrypted with the following public key(s):")); |
| 100 |
CheckDlgButton (dlg, IDC_DECRYPT_HIDE, BST_CHECKED); |
CheckDlgButton (dlg, IDC_DECRYPT_HIDE, BST_CHECKED); |
| 101 |
} |
} |
| 102 |
else if (c->gpg_cmd == GPG_CMD_SIGN) { |
else if (c->gpg_cmd == GPG_CMD_SIGN) { |
| 104 |
CheckDlgButton (dlg, IDC_DECRYPT_SIGN_HIDE, BST_CHECKED); |
CheckDlgButton (dlg, IDC_DECRYPT_SIGN_HIDE, BST_CHECKED); |
| 105 |
} |
} |
| 106 |
/* Because it depends on the order the keys are stored in the |
/* Because it depends on the order the keys are stored in the |
| 107 |
keyring whether res->recipients is complete or not, we also |
keyring, whether res->recipients is complete or not, we also |
| 108 |
support that the recipients were externally extracted and then |
support that the recipients were externally extracted and then |
| 109 |
we use this list. */ |
we use this list. */ |
| 110 |
if (c->recipients) |
if (c->recipients) /* recipients were already extracted. */ |
| 111 |
recip = c->recipients; /* recipients were already extracted. */ |
recip = c->recipients; |
| 112 |
else { |
else if (c->gpg) { |
| 113 |
res = gpgme_op_decrypt_result (c->gpg); |
res = gpgme_op_decrypt_result (c->gpg); |
| 114 |
if (res && res->recipients) |
if (res && res->recipients) |
| 115 |
recip = res->recipients; |
recip = res->recipients; |
| 121 |
memset (&key, 0, sizeof (key)); |
memset (&key, 0, sizeof (key)); |
| 122 |
if (!winpt_get_pubkey (r->keyid, &key)) { |
if (!winpt_get_pubkey (r->keyid, &key)) { |
| 123 |
gpgme_user_id_t u = key.ctx->uids; |
gpgme_user_id_t u = key.ctx->uids; |
|
|
|
| 124 |
inf = (u->name? u->name : _("Invalid User ID")); |
inf = (u->name? u->name : _("Invalid User ID")); |
| 125 |
if (u->email != NULL && strlen (u->email) > 1) |
if (u->email != NULL && strlen (u->email) > 1) |
| 126 |
inf = inf + " <" + u->email + ">"; |
inf = inf + " <" + u->email + ">"; |
| 141 |
EnableWindow (GetDlgItem (dlg, IDC_DECRYPT_LIST), FALSE); |
EnableWindow (GetDlgItem (dlg, IDC_DECRYPT_LIST), FALSE); |
| 142 |
SetDlgItemText (dlg, c->gpg_cmd == GPG_CMD_DECRYPT? |
SetDlgItemText (dlg, c->gpg_cmd == GPG_CMD_DECRYPT? |
| 143 |
IDC_DECRYPT_PWDINFO : IDC_DECRYPT_SIGN_PWDINFO, |
IDC_DECRYPT_PWDINFO : IDC_DECRYPT_SIGN_PWDINFO, |
| 144 |
c->bad_pwd? _("Bad passphrase; Enter passphrase again") : |
c->bad_pwd? _("Invalid passphrase; Please enter your passphrase again") : |
| 145 |
_("Please enter your passphrase")); |
_("Please enter your passphrase")); |
| 146 |
if (c->gpg_cmd == GPG_CMD_DECRYPT) { |
if (c->gpg_cmd == GPG_CMD_DECRYPT) { |
| 147 |
SetFocus (GetDlgItem (dlg, IDC_DECRYPT_PWD)); |
SetFocus (GetDlgItem (dlg, IDC_DECRYPT_PWD)); |
| 148 |
if (res && !res->recipients) { |
/* no recipients means symmetric encryption */ |
| 149 |
|
if (res && !res->recipients) { |
| 150 |
StringBuffer sinf; |
StringBuffer sinf; |
| 151 |
|
|
| 152 |
sinf = _("Symmetric encryption."); |
sinf = _("Symmetric encryption."); |
| 153 |
sinf = sinf + "\n" + get_symkey_algo (c->sym.sym_algo); |
sinf = sinf + "\n" + get_symkey_algo (c->sym.sym_algo); |
| 154 |
sinf = sinf + " " + _("encrypted data."); |
sinf = sinf + " " + _("encrypted data") + "."; |
| 155 |
SetDlgItemText (dlg, IDC_DECRYPT_MSG, sinf.getBuffer ()); |
SetDlgItemText (dlg, IDC_DECRYPT_MSG, sinf.getBuffer ()); |
| 156 |
} |
} |
| 157 |
else |
else |
| 168 |
case WM_COMMAND: |
case WM_COMMAND: |
| 169 |
switch (HIWORD (wparam)) { |
switch (HIWORD (wparam)) { |
| 170 |
case BN_CLICKED: |
case BN_CLICKED: |
| 171 |
if (LOWORD (wparam) == IDC_DECRYPT_HIDE |
if (LOWORD (wparam) == IDC_DECRYPT_HIDE || |
| 172 |
|| LOWORD (wparam) == IDC_DECRYPT_SIGN_HIDE) { |
LOWORD (wparam) == IDC_DECRYPT_SIGN_HIDE) { |
| 173 |
HWND hwnd; |
HWND hwnd; |
| 174 |
int hide = IsDlgButtonChecked (dlg, item_ctrl_id2 (c->gpg_cmd)); |
int hide; |
| 175 |
|
hide = IsDlgButtonChecked (dlg, item_ctrl_id2 (c->gpg_cmd)); |
| 176 |
hwnd = GetDlgItem (dlg, item_ctrl_id (c->gpg_cmd)); |
hwnd = GetDlgItem (dlg, item_ctrl_id (c->gpg_cmd)); |
| 177 |
SendMessage (hwnd, EM_SETPASSWORDCHAR, hide? '*' : 0, 0); |
SendMessage (hwnd, EM_SETPASSWORDCHAR, hide? '*' : 0, 0); |
| 178 |
SetFocus (hwnd); |
SetFocus (hwnd); |
| 180 |
} |
} |
| 181 |
|
|
| 182 |
switch (LOWORD (wparam)) { |
switch (LOWORD (wparam)) { |
| 183 |
case IDOK: |
case IDOK: |
| 184 |
/* XXX: the item is even cached when the passphrase is not |
/* XXX: the item is even cached when the passphrase is not |
| 185 |
correct, which means that the user needs to delete all |
correct, which means that the user needs to delete all |
| 186 |
cached entries to continue. */ |
cached entries to continue. */ |
| 189 |
n = item_get_text_length (dlg, item_ctrl_id (c->gpg_cmd)); |
n = item_get_text_length (dlg, item_ctrl_id (c->gpg_cmd)); |
| 190 |
if (!n) { |
if (!n) { |
| 191 |
c->pwd = new char[2]; |
c->pwd = new char[2]; |
|
if (!c->pwd) |
|
|
BUG (NULL); |
|
| 192 |
strcpy (c->pwd, ""); |
strcpy (c->pwd, ""); |
| 193 |
} |
} |
| 194 |
else { |
else { |
| 195 |
char *p = new char[n+2]; |
char *p = new char[n+2]; |
|
if (!p) |
|
|
BUG (NULL); |
|
|
/* Get the passphrase and convert it utf8. |
|
|
This does not just the us-ascii charset. */ |
|
| 196 |
SafeGetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), p, n+1); |
SafeGetDlgItemText (dlg, item_ctrl_id (c->gpg_cmd), p, n+1); |
| 197 |
c->pwd = native_to_utf8 (p); |
c->pwd = m_strdup (p); |
| 198 |
sfree_if_alloc (p); |
sfree_if_alloc (p); |
| 199 |
} |
} |
| 200 |
res = gpgme_op_decrypt_result (c->gpg); |
if (c->gpg != NULL) { |
| 201 |
if (!res) |
res = gpgme_op_decrypt_result (c->gpg); |
| 202 |
res_sig = gpgme_op_sign_result (c->gpg); |
if (!res) |
| 203 |
if (!c->is_card && reg_prefs.cache_time > 0 && |
res_sig = gpgme_op_sign_result (c->gpg); |
| 204 |
(res || res_sig)) { |
if (!c->is_card && reg_prefs.cache_time > 0 && (res || res_sig)) { |
| 205 |
if (agent_get_cache (c->keyid, &item)) |
if (agent_get_cache (c->keyid, &item)) |
| 206 |
agent_unlock_cache_entry (&item); |
agent_unlock_cache_entry (&item); |
| 207 |
else |
else |
| 208 |
agent_put_cache (c->keyid, c->pwd, reg_prefs.cache_time); |
agent_put_cache (c->keyid, c->pwd, reg_prefs.cache_time); |
| 209 |
|
} |
| 210 |
} |
} |
| 211 |
c->cancel = 0; |
c->cancel = 0; |
| 212 |
EndDialog (dlg, TRUE); |
EndDialog (dlg, TRUE); |
| 250 |
a input message for the user in @desc. */ |
a input message for the user in @desc. */ |
| 251 |
static int |
static int |
| 252 |
parse_gpg_description (const char *uid_hint, const char *pass_info, |
parse_gpg_description (const char *uid_hint, const char *pass_info, |
| 253 |
char *desc, int size) |
char *desc, size_t desc_size) |
| 254 |
{ |
{ |
| 255 |
gpgme_pubkey_algo_t algo; |
gpgme_pubkey_algo_t algo; |
| 256 |
char usedkey[16+1]; |
char usedkey[16 + 1]; |
| 257 |
char mainkey[16+1]; |
char mainkey[16 + 1]; |
| 258 |
char *p, *uid; |
char *p; |
|
int n=0; |
|
| 259 |
|
|
| 260 |
algo = (gpgme_pubkey_algo_t)0; |
algo = (gpgme_pubkey_algo_t)0; |
| 261 |
/* Each uid_hint contains a long key-ID so it is at least 16 bytes. */ |
/* Each uid_hint contains a long key-ID so it is at least 16 bytes. */ |
| 265 |
return -1; |
return -1; |
| 266 |
} |
} |
| 267 |
|
|
| 268 |
while (p = strsep ((char**)&pass_info, " ")) { |
int n = 0; |
| 269 |
|
while ((p = strsep ((char**)&pass_info, " "))) { |
| 270 |
switch (n++) { |
switch (n++) { |
| 271 |
case 0: strncpy (mainkey, p, 16); mainkey[16] = 0; break; |
case 0: |
| 272 |
case 1: strncpy (usedkey, p, 16); usedkey[16] = 0; break; |
strncpy (mainkey, p, 16); |
| 273 |
case 2: algo = (gpgme_pubkey_algo_t)atol (p); break; |
mainkey[16] = 0; |
| 274 |
|
break; |
| 275 |
|
|
| 276 |
|
case 1: |
| 277 |
|
strncpy (usedkey, p, 16); |
| 278 |
|
usedkey[16] = 0; |
| 279 |
|
break; |
| 280 |
|
|
| 281 |
|
case 2: |
| 282 |
|
algo = (gpgme_pubkey_algo_t)atol (p); |
| 283 |
|
break; |
| 284 |
} |
} |
| 285 |
} |
} |
| 286 |
uid_hint += 16; /* skip keyid */ |
uid_hint += 16; /* skip keyid */ |
| 287 |
uid_hint += 1; /* space */ |
uid_hint += 1; /* space */ |
| 288 |
|
|
| 289 |
uid = utf8_to_native (uid_hint); |
struct winpt_key_s skey; |
| 290 |
|
gpgme_subkey_t sk; |
| 291 |
|
if (winpt_get_seckey (mainkey, &skey)) |
| 292 |
|
BUG (0); |
| 293 |
|
for (sk = skey.ctx->subkeys; sk; sk = sk->next) { |
| 294 |
|
if (memcmp (sk->keyid, usedkey, 8) == 0) |
| 295 |
|
break; |
| 296 |
|
} |
| 297 |
|
char *uid = utf8_to_native (uid_hint); |
| 298 |
if (strcmp (usedkey, mainkey)) |
if (strcmp (usedkey, mainkey)) |
| 299 |
_snprintf (desc, size-1, |
_snprintf (desc, desc_size-1, |
| 300 |
_("You need a passphrase to unlock the secret key for user:\n" |
_("You need a passphrase to unlock the secret key for user:\n" |
| 301 |
"\"%s\"\n" |
"\"%s\"\n" |
| 302 |
"%s key, ID 0x%s (main key ID 0x%s)\n"), |
"%d-bit %s key, ID 0x%s, created %s (main key ID 0x%s)\n"), |
| 303 |
uid, get_key_pubalgo (algo), usedkey+8, mainkey+8); |
uid, sk->length, get_key_pubalgo (algo), |
| 304 |
|
usedkey+8, get_key_created (sk->timestamp), mainkey+8); |
| 305 |
else if (!strcmp (usedkey, mainkey)) |
else if (!strcmp (usedkey, mainkey)) |
| 306 |
_snprintf (desc, size-1, |
_snprintf (desc, desc_size-1, |
| 307 |
_("You need a passphrase to unlock the secret key for user:\n" |
_("You need a passphrase to unlock the secret key for user:\n" |
| 308 |
"\"%s\"\n" |
"\"%s\"\n" |
| 309 |
"%s key, ID 0x%s\n"), |
"%d-bit %s key, created %s, ID 0x%s\n"), |
| 310 |
uid, get_key_pubalgo (algo), usedkey+8); |
uid, sk->length, get_key_pubalgo (algo), |
| 311 |
|
get_key_created (sk->timestamp), usedkey+8); |
| 312 |
safe_free (uid); |
safe_free (uid); |
| 313 |
return 0; |
return 0; |
| 314 |
} |
} |
| 343 |
void *item; |
void *item; |
| 344 |
const char *keyid=NULL, *pass; |
const char *keyid=NULL, *pass; |
| 345 |
DWORD n; |
DWORD n; |
|
int rc = 0; |
|
| 346 |
|
|
| 347 |
if (!c) { |
if (!c) { |
| 348 |
log_debug ("passphrase_cb: error no valid callback\r\n"); |
log_debug ("passphrase_cb: error no valid callback\r\n"); |
| 349 |
return gpg_error (GPG_ERR_INV_ARG); |
return gpg_error (GPG_ERR_INV_ARG); |
| 350 |
} |
} |
| 351 |
|
|
| 352 |
|
/* If the last entered passphrase was wrong, we delete a |
| 353 |
|
possible cached entry, we reset the passphrase buffer |
| 354 |
|
and switch to the initial state. */ |
| 355 |
c->bad_pwd = prev_was_bad? 1 : 0; |
c->bad_pwd = prev_was_bad? 1 : 0; |
| 356 |
if (prev_was_bad && !c->cancel) { |
if (prev_was_bad && !c->cancel) { |
| 357 |
if (c->pwd) |
if (c->pwd) |
| 364 |
if (strlen (passphrase_info) < 16 && |
if (strlen (passphrase_info) < 16 && |
| 365 |
!strstr (passphrase_info, "OPENPGP")) { |
!strstr (passphrase_info, "OPENPGP")) { |
| 366 |
/* assume symetric encryption. */ |
/* assume symetric encryption. */ |
| 367 |
int pos=2; |
int pos = 2; |
| 368 |
c->sym.sym_algo = atoi (passphrase_info); |
c->sym.sym_algo = atoi (passphrase_info); |
| 369 |
if (c->sym.sym_algo > 9) |
if (c->sym.sym_algo > 9) |
| 370 |
pos++; |
pos++; |
|
/* XXX: be more strict. */ |
|
| 371 |
c->sym.s2k_mode = atoi (passphrase_info+pos); |
c->sym.s2k_mode = atoi (passphrase_info+pos); |
| 372 |
c->sym.s2k_hash = atoi (passphrase_info+pos+2); |
c->sym.s2k_hash = atoi (passphrase_info+pos+2); |
| 373 |
} |
} |
| 402 |
} |
} |
| 403 |
else if (uid_hint) |
else if (uid_hint) |
| 404 |
parse_gpg_description (uid_hint, passphrase_info, |
parse_gpg_description (uid_hint, passphrase_info, |
| 405 |
c->info, sizeof (c->info) - 1); |
c->info, DIM (c->info) - 1); |
| 406 |
|
int rc = 0; |
| 407 |
if (c->gpg_cmd == GPG_CMD_DECRYPT) { |
if (c->gpg_cmd == GPG_CMD_DECRYPT) { |
| 408 |
rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT, |
rc = DialogBoxParam (glob_hinst, (LPCSTR)IDD_WINPT_DECRYPT, |
| 409 |
(HWND)c->hwnd, passphrase_callback_proc, |
(HWND)c->hwnd, passphrase_callback_proc, |
| 442 |
void |
void |
| 443 |
set_gpg_passphrase_cb (passphrase_cb_s *cb, gpgme_ctx_t ctx, |
set_gpg_passphrase_cb (passphrase_cb_s *cb, gpgme_ctx_t ctx, |
| 444 |
int cmd, HWND hwnd, const char *title) |
int cmd, HWND hwnd, const char *title) |
| 445 |
{ |
{ |
| 446 |
memset (cb, 0, sizeof *cb); |
memset (cb, 0, sizeof *cb); |
| 447 |
cb->gpg_cmd = cmd; |
cb->gpg_cmd = cmd; |
| 448 |
cb->bad_pwd = 0; |
cb->bad_pwd = 0; |
| 450 |
cb->cancel = 0; |
cb->cancel = 0; |
| 451 |
cb->hwnd = hwnd; |
cb->hwnd = hwnd; |
| 452 |
cb->pwd_init = 1; |
cb->pwd_init = 1; |
|
free_if_alloc (cb->title); |
|
| 453 |
cb->title = m_strdup (title); |
cb->title = m_strdup (title); |
| 454 |
gpgme_set_passphrase_cb (ctx, passphrase_cb, cb); |
gpgme_set_passphrase_cb (ctx, passphrase_cb, cb); |
| 455 |
cb->gpg = ctx; |
cb->gpg = ctx; |
| 456 |
} |
} |
| 457 |
|
|
| 458 |
|
void |
| 459 |
|
set_gpg_auto_passphrase_cb (passphrase_cb_s *cb, const char *title) |
| 460 |
|
{ |
| 461 |
|
memset (cb, 0, sizeof *cb); |
| 462 |
|
cb->gpg_cmd = GPG_CMD_SIGN; |
| 463 |
|
cb->bad_pwd = 0; |
| 464 |
|
cb->is_card = 0; |
| 465 |
|
cb->cancel = 0; |
| 466 |
|
cb->hwnd = GetActiveWindow (); |
| 467 |
|
cb->pwd_init = 1; |
| 468 |
|
cb->title = m_strdup (title); |
| 469 |
|
} |
| 470 |
|
|
| 471 |
|
|
| 472 |
|
/* Release a passphrase callback @ctx. */ |
| 473 |
|
void |
| 474 |
|
release_gpg_passphrase_cb (passphrase_cb_s *ctx) |
| 475 |
|
{ |
| 476 |
|
if (!ctx) |
| 477 |
|
return; |
| 478 |
|
sfree_if_alloc (ctx->pwd); |
| 479 |
|
free_if_alloc (ctx->title); |
| 480 |
|
release_gpg_recipients (&ctx->recipients); |
| 481 |
|
} |
| 482 |
|
|
| 483 |
|
|
| 484 |
/* Release the gpg recipient list. */ |
/* Release the gpg recipient list. */ |
| 485 |
void |
void |
| 498 |
} |
} |
| 499 |
|
|
| 500 |
|
|
|
|
|
|
/* Release a passphrase callback @ctx. */ |
|
|
void |
|
|
release_gpg_passphrase_cb (passphrase_cb_s *ctx) |
|
|
{ |
|
|
if (!ctx) |
|
|
return; |
|
|
sfree_if_alloc (ctx->pwd); |
|
|
free_if_alloc (ctx->title); |
|
|
release_gpg_recipients (&ctx->recipients); |
|
|
} |
|
|
|
|
|
|
|
| 501 |
/* _Simple_ check to measure passphrase (@pass) quality. |
/* _Simple_ check to measure passphrase (@pass) quality. |
| 502 |
Return value: 0 on success. */ |
Return value: 0 on success. */ |
| 503 |
int |
int |
| 504 |
check_passwd_quality (const char *pass, int strict) |
check_passwd_quality (const char *pass, int strict) |
| 505 |
{ |
{ |
| 506 |
int i, nd=0, nc=0, n; |
size_t i, nd = 0, nc = 0, na = 0, n; |
| 507 |
|
|
| 508 |
/* A good passphrase should be at least 8 characters. */ |
/* A good passphrase should be at least 8 characters. */ |
| 509 |
n = strlen (pass); |
n = strlen (pass); |
| 510 |
if (n < 8) |
if (n < 8) |
| 511 |
return -1; |
return -1; |
| 512 |
|
|
| 513 |
for (i=0; i < n; i++) { |
for (i = 0; i < n; i++) { |
| 514 |
if (isdigit (pass[i])) |
if (isdigit (pass[i])) |
| 515 |
nd++; |
nd++; |
| 516 |
if (isalpha (pass[i])) |
if (isalpha (pass[i])) |
| 517 |
nc++; |
nc++; |
| 518 |
|
else |
| 519 |
|
na++; |
| 520 |
} |
} |
| 521 |
|
|
| 522 |
/* Check that the passphrase contains letters and numbers. */ |
/* Check that the passphrase contains letters and numbers. */ |
| 523 |
if (nd == n || nc == n) |
if (nd == n || nc == n || na == n) |
| 524 |
return -1; |
return -1; |
| 525 |
|
|
| 526 |
return 0; |
return 0; |
Parent Directory
| 
Revision Log
| 
Patch