1 /* call-scd.c - fork of the scdaemon to do SC operations
2 * Copyright (C) 2001, 2002, 2005, 2007, 2010,
3 * 2011 Free Software Foundation, Inc.
4 * Copyright (C) 2013 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
34 #include <sys/types.h>
35 #ifndef HAVE_W32_SYSTEM
43 #ifdef _POSIX_OPEN_MAX
44 #define MAX_OPEN_FDS _POSIX_OPEN_MAX
46 #define MAX_OPEN_FDS 20
49 /* Definition of module local data of the CTRL structure. */
52 /* We keep a list of all allocated context with a an achnor at
53 SCD_LOCAL_LIST (see below). */
54 struct scd_local_s *next_local;
56 /* We need to get back to the ctrl object actually referencing this
57 structure. This is really an awkward way of enumerint the lcoal
58 contects. A much cleaner way would be to keep a global list of
59 ctrl objects to enumerate them. */
62 assuan_context_t ctx; /* NULL or session context for the SCdaemon
63 used with this connection. */
64 int locked; /* This flag is used to assert proper use of
65 start_scd and unlock_scd. */
70 /* Callback parameter for learn card */
73 void (*kpinfo_cb)(void*, const char *);
75 void (*certinfo_cb)(void*, const char *);
76 void *certinfo_cb_arg;
77 void (*sinfo_cb)(void*, const char *, size_t, const char *);
84 int (*getpin_cb)(void *, const char *, char*, size_t);
86 assuan_context_t passthru; /* If not NULL, pass unknown inquiries
92 /* To keep track of all active SCD contexts, we keep a linked list
93 anchored at this variable. */
94 static struct scd_local_s *scd_local_list;
96 /* A Mutex used inside the start_scd function. */
97 static npth_mutex_t start_scd_lock;
99 /* A malloced string with the name of the socket to be used for
100 additional connections. May be NULL if not provided by
102 static char *socket_name;
104 /* The context of the primary connection. This is also used as a flag
105 to indicate whether the scdaemon has been started. */
106 static assuan_context_t primary_scd_ctx;
108 /* To allow reuse of the primary connection, the following flag is set
109 to true if the primary context has been reset and is not in use by
111 static int primary_scd_ctx_reusable;
115 /* Local prototypes. */
120 /* This function must be called once to initialize this module. This
121 has to be done before a second thread is spawned. We can't do the
122 static initialization because NPth emulation code might not be able
123 to do a static init; in particular, it is not possible for W32. */
125 initialize_module_call_scd (void)
127 static int initialized;
132 err = npth_mutex_init (&start_scd_lock, NULL);
134 log_fatal ("error initializing mutex: %s\n", strerror (err));
140 /* This function may be called to print infromation pertaining to the
141 current state of this module to the log. */
143 agent_scd_dump_state (void)
145 log_info ("agent_scd_dump_state: primary_scd_ctx=%p pid=%ld reusable=%d\n",
147 (long)assuan_get_pid (primary_scd_ctx),
148 primary_scd_ctx_reusable);
150 log_info ("agent_scd_dump_state: socket='%s'\n", socket_name);
154 /* The unlock_scd function shall be called after having accessed the
155 SCD. It is currently not very useful but gives an opportunity to
156 keep track of connections currently calling SCD. Note that the
157 "lock" operation is done by the start_scd() function which must be
158 called and error checked before any SCD operation. CTRL is the
159 usual connection context and RC the error code to be passed trhough
162 unlock_scd (ctrl_t ctrl, int rc)
164 if (ctrl->scd_local->locked != 1)
166 log_error ("unlock_scd: invalid lock count (%d)\n",
167 ctrl->scd_local->locked);
169 rc = gpg_error (GPG_ERR_INTERNAL);
171 ctrl->scd_local->locked = 0;
175 /* To make sure we leave no secrets in our image after forking of the
176 scdaemon, we use this callback. */
178 atfork_cb (void *opaque, int where)
183 gcry_control (GCRYCTL_TERM_SECMEM);
187 /* Fork off the SCdaemon if this has not already been done. Lock the
188 daemon and make sure that a proper context has been setup in CTRL.
189 This function might also lock the daemon, which means that the
190 caller must call unlock_scd after this function has returned
191 success and the actual Assuan transaction been done. */
193 start_scd (ctrl_t ctrl)
197 assuan_context_t ctx = NULL;
199 assuan_fd_t no_close_list[3];
202 char *abs_homedir = NULL;
204 if (opt.disable_scdaemon)
205 return gpg_error (GPG_ERR_NOT_SUPPORTED);
207 /* If this is the first call for this session, setup the local data
209 if (!ctrl->scd_local)
211 ctrl->scd_local = xtrycalloc (1, sizeof *ctrl->scd_local);
212 if (!ctrl->scd_local)
213 return gpg_error_from_syserror ();
214 ctrl->scd_local->ctrl_backlink = ctrl;
215 ctrl->scd_local->next_local = scd_local_list;
216 scd_local_list = ctrl->scd_local;
220 /* Assert that the lock count is as expected. */
221 if (ctrl->scd_local->locked)
223 log_error ("start_scd: invalid lock count (%d)\n",
224 ctrl->scd_local->locked);
225 return gpg_error (GPG_ERR_INTERNAL);
227 ctrl->scd_local->locked++;
229 if (ctrl->scd_local->ctx)
230 return 0; /* Okay, the context is fine. We used to test for an
231 alive context here and do an disconnect. Now that we
232 have a ticker function to check for it, it is easier
233 not to check here but to let the connection run on an
237 /* We need to protect the following code. */
238 rc = npth_mutex_lock (&start_scd_lock);
241 log_error ("failed to acquire the start_scd lock: %s\n",
243 return gpg_error (GPG_ERR_INTERNAL);
246 /* Check whether the pipe server has already been started and in
247 this case either reuse a lingering pipe connection or establish a
248 new socket based one. */
249 if (primary_scd_ctx && primary_scd_ctx_reusable)
251 ctx = primary_scd_ctx;
252 primary_scd_ctx_reusable = 0;
254 log_info ("new connection to SCdaemon established (reusing)\n");
258 rc = assuan_new (&ctx);
261 log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc));
268 rc = assuan_socket_connect (ctx, socket_name, 0, 0);
271 log_error ("can't connect to socket '%s': %s\n",
272 socket_name, gpg_strerror (rc));
273 err = gpg_error (GPG_ERR_NO_SCDAEMON);
278 log_info ("new connection to SCdaemon established\n");
284 log_info ("SCdaemon is running but won't accept further connections\n");
285 err = gpg_error (GPG_ERR_NO_SCDAEMON);
289 /* Nope, it has not been started. Fire it up now. */
291 log_info ("no running SCdaemon - starting it\n");
295 #ifndef HAVE_W32_SYSTEM
296 err = gpg_error_from_syserror ();
298 log_error ("error flushing pending output: %s\n", strerror (errno));
299 /* At least Windows XP fails here with EBADF. According to docs
300 and Wine an fflush(NULL) is the same as _flushall. However
301 the Wime implementaion does not flush stdin,stdout and stderr
302 - see above. Lets try to ignore the error. */
303 #ifndef HAVE_W32_SYSTEM
308 if (!opt.scdaemon_program || !*opt.scdaemon_program)
309 opt.scdaemon_program = gnupg_module_name (GNUPG_MODULE_NAME_SCDAEMON);
310 if ( !(pgmname = strrchr (opt.scdaemon_program, '/')))
311 pgmname = opt.scdaemon_program;
316 argv[1] = "--multi-server";
317 if (gnupg_default_homedir_p ())
321 abs_homedir = make_absfilename_try (gnupg_homedir (), NULL);
324 log_error ("error building filename: %s\n",
325 gpg_strerror (gpg_error_from_syserror ()));
329 argv[2] = "--homedir";
330 argv[3] = abs_homedir;
335 if (!opt.running_detached)
337 if (log_get_fd () != -1)
338 no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ());
339 no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr));
341 no_close_list[i] = ASSUAN_INVALID_FD;
343 /* Connect to the scdaemon and perform initial handshaking. Use
344 detached flag so that under Windows SCDAEMON does not show up a
346 rc = assuan_pipe_connect (ctx, opt.scdaemon_program, argv,
347 no_close_list, atfork_cb, NULL,
348 ASSUAN_PIPE_CONNECT_DETACHED);
351 log_error ("can't connect to the SCdaemon: %s\n",
353 err = gpg_error (GPG_ERR_NO_SCDAEMON);
358 log_debug ("first connection to SCdaemon established\n");
361 /* Get the name of the additional socket opened by scdaemon. */
364 unsigned char *databuf;
369 init_membuf (&data, 256);
370 assuan_transact (ctx, "GETINFO socket_name",
371 put_membuf_cb, &data, NULL, NULL, NULL, NULL);
373 databuf = get_membuf (&data, &datalen);
374 if (databuf && datalen)
376 socket_name = xtrymalloc (datalen + 1);
378 log_error ("warning: can't store socket name: %s\n",
382 memcpy (socket_name, databuf, datalen);
383 socket_name[datalen] = 0;
385 log_debug ("additional connections at '%s'\n", socket_name);
391 /* Tell the scdaemon we want him to send us an event signal. We
392 don't support this for W32CE. */
393 #ifndef HAVE_W32CE_SYSTEM
394 if (opt.sigusr2_enabled)
398 #ifdef HAVE_W32_SYSTEM
399 snprintf (buf, sizeof buf, "OPTION event-signal=%lx",
400 (unsigned long)get_agent_scd_notify_event ());
402 snprintf (buf, sizeof buf, "OPTION event-signal=%d", SIGUSR2);
404 assuan_transact (ctx, buf, NULL, NULL, NULL, NULL, NULL, NULL);
406 #endif /*HAVE_W32CE_SYSTEM*/
408 primary_scd_ctx = ctx;
409 primary_scd_ctx_reusable = 0;
410 /* notify the main loop that something has changed */
411 interrupt_main_thread_loop ();
417 unlock_scd (ctrl, err);
419 assuan_release (ctx);
423 ctrl->scd_local->ctx = ctx;
425 rc = npth_mutex_unlock (&start_scd_lock);
427 log_error ("failed to release the start_scd lock: %s\n", strerror (rc));
432 /* Check whether the SCdaemon is active. This is a fast check without
433 any locking and might give a wrong result if another thread is about
434 to start the daemon or the daemon is about to be stopped.. */
436 agent_scd_check_running (void)
438 return !!primary_scd_ctx;
442 /* Check whether the Scdaemon is still alive and clean it up if not. */
444 agent_scd_check_aliveness (void)
447 #ifdef HAVE_W32_SYSTEM
452 struct timespec abstime;
455 if (!primary_scd_ctx)
456 return; /* No scdaemon running. */
458 /* This is not a critical function so we use a short timeout while
459 acquiring the lock. */
460 npth_clock_gettime (&abstime);
462 err = npth_mutex_timedlock (&start_scd_lock, &abstime);
465 if (err == ETIMEDOUT)
468 log_info ("failed to acquire the start_scd lock while"
469 " doing an aliveness check: %s\n", strerror (err));
472 log_error ("failed to acquire the start_scd lock while"
473 " doing an aliveness check: %s\n", strerror (err));
479 pid = assuan_get_pid (primary_scd_ctx);
480 #ifdef HAVE_W32_SYSTEM
481 /* If we have a PID we disconnect if either GetExitProcessCode
482 fails or if ir returns the exit code of the scdaemon. 259 is
483 the error code for STILL_ALIVE. */
484 if (pid != (pid_t)(void*)(-1) && pid
485 && (!GetExitCodeProcess ((HANDLE)pid, &rc) || rc != 259))
487 if (pid != (pid_t)(-1) && pid
488 && ((rc=waitpid (pid, NULL, WNOHANG))==-1 || (rc == pid)) )
491 /* Okay, scdaemon died. Disconnect the primary connection
492 now but take care that it won't do another wait. Also
493 cleanup all other connections and release their
494 resources. The next use will start a new daemon then.
495 Due to the use of the START_SCD_LOCAL we are sure that
496 none of these context are actually in use. */
497 struct scd_local_s *sl;
499 assuan_set_flag (primary_scd_ctx, ASSUAN_NO_WAITPID, 1);
500 assuan_release (primary_scd_ctx);
502 for (sl=scd_local_list; sl; sl = sl->next_local)
506 if (sl->ctx != primary_scd_ctx)
507 assuan_release (sl->ctx);
512 primary_scd_ctx = NULL;
513 primary_scd_ctx_reusable = 0;
520 err = npth_mutex_unlock (&start_scd_lock);
522 log_error ("failed to release the start_scd lock while"
523 " doing the aliveness check: %s\n", strerror (err));
528 /* Reset the SCD if it has been used. Actually it is not a reset but
529 a cleanup of resources used by the current connection. */
531 agent_reset_scd (ctrl_t ctrl)
535 if (ctrl->scd_local->ctx)
537 /* We can't disconnect the primary context because libassuan
538 does a waitpid on it and thus the system would hang.
539 Instead we send a reset and keep that connection for
541 if (ctrl->scd_local->ctx == primary_scd_ctx)
543 /* Send a RESTART to the SCD. This is required for the
544 primary connection as a kind of virtual EOF; we don't
545 have another way to tell it that the next command
546 should be viewed as if a new connection has been
547 made. For the non-primary connections this is not
548 needed as we simply close the socket. We don't check
549 for an error here because the RESTART may fail for
550 example if the scdaemon has already been terminated.
551 Anyway, we need to set the reusable flag to make sure
552 that the aliveness check can clean it up. */
553 assuan_transact (primary_scd_ctx, "RESTART",
554 NULL, NULL, NULL, NULL, NULL, NULL);
555 primary_scd_ctx_reusable = 1;
558 assuan_release (ctrl->scd_local->ctx);
559 ctrl->scd_local->ctx = NULL;
562 /* Remove the local context from our list and release it. */
565 else if (scd_local_list == ctrl->scd_local)
566 scd_local_list = ctrl->scd_local->next_local;
569 struct scd_local_s *sl;
571 for (sl=scd_local_list; sl->next_local; sl = sl->next_local)
572 if (sl->next_local == ctrl->scd_local)
576 sl->next_local = ctrl->scd_local->next_local;
578 xfree (ctrl->scd_local);
579 ctrl->scd_local = NULL;
588 learn_status_cb (void *opaque, const char *line)
590 struct learn_parm_s *parm = opaque;
591 const char *keyword = line;
594 for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
596 while (spacep (line))
598 if (keywordlen == 8 && !memcmp (keyword, "CERTINFO", keywordlen))
600 parm->certinfo_cb (parm->certinfo_cb_arg, line);
602 else if (keywordlen == 11 && !memcmp (keyword, "KEYPAIRINFO", keywordlen))
604 parm->kpinfo_cb (parm->kpinfo_cb_arg, line);
606 else if (keywordlen && *line)
608 parm->sinfo_cb (parm->sinfo_cb_arg, keyword, keywordlen, line);
614 /* Perform the LEARN command and return a list of all private keys
615 stored on the card. */
617 agent_card_learn (ctrl_t ctrl,
618 void (*kpinfo_cb)(void*, const char *),
620 void (*certinfo_cb)(void*, const char *),
621 void *certinfo_cb_arg,
622 void (*sinfo_cb)(void*, const char *, size_t, const char *),
626 struct learn_parm_s parm;
628 rc = start_scd (ctrl);
632 memset (&parm, 0, sizeof parm);
633 parm.kpinfo_cb = kpinfo_cb;
634 parm.kpinfo_cb_arg = kpinfo_cb_arg;
635 parm.certinfo_cb = certinfo_cb;
636 parm.certinfo_cb_arg = certinfo_cb_arg;
637 parm.sinfo_cb = sinfo_cb;
638 parm.sinfo_cb_arg = sinfo_cb_arg;
639 rc = assuan_transact (ctrl->scd_local->ctx, "LEARN --force",
640 NULL, NULL, NULL, NULL,
641 learn_status_cb, &parm);
643 return unlock_scd (ctrl, rc);
645 return unlock_scd (ctrl, 0);
651 get_serialno_cb (void *opaque, const char *line)
653 char **serialno = opaque;
654 const char *keyword = line;
658 for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
660 while (spacep (line))
663 if (keywordlen == 8 && !memcmp (keyword, "SERIALNO", keywordlen))
666 return gpg_error (GPG_ERR_CONFLICT); /* Unexpected status line. */
667 for (n=0,s=line; hexdigitp (s); s++, n++)
669 if (!n || (n&1)|| !(spacep (s) || !*s) )
670 return gpg_error (GPG_ERR_ASS_PARAMETER);
671 *serialno = xtrymalloc (n+1);
673 return out_of_core ();
674 memcpy (*serialno, line, n);
681 /* Return the serial number of the card or an appropriate error. The
682 serial number is returned as a hexstring. */
684 agent_card_serialno (ctrl_t ctrl, char **r_serialno, const char *demand)
687 char *serialno = NULL;
688 char line[ASSUAN_LINELENGTH];
690 rc = start_scd (ctrl);
695 strcpy (line, "SERIALNO");
697 snprintf (line, DIM(line), "SERIALNO --demand=%s", demand);
699 rc = assuan_transact (ctrl->scd_local->ctx, line,
700 NULL, NULL, NULL, NULL,
701 get_serialno_cb, &serialno);
705 return unlock_scd (ctrl, rc);
707 *r_serialno = serialno;
708 return unlock_scd (ctrl, 0);
714 /* Handle the NEEDPIN inquiry. */
716 inq_needpin (void *opaque, const char *line)
718 struct inq_needpin_s *parm = opaque;
724 parm->any_inq_seen = 1;
725 if ((s = has_leading_keyword (line, "NEEDPIN")))
729 pin = gcry_malloc_secure (pinlen);
731 return out_of_core ();
733 rc = parm->getpin_cb (parm->getpin_cb_arg, line, pin, pinlen);
735 rc = assuan_send_data (parm->ctx, pin, pinlen);
738 else if ((s = has_leading_keyword (line, "POPUPPINPADPROMPT")))
740 rc = parm->getpin_cb (parm->getpin_cb_arg, s, NULL, 1);
742 else if ((s = has_leading_keyword (line, "DISMISSPINPADPROMPT")))
744 rc = parm->getpin_cb (parm->getpin_cb_arg, "", NULL, 0);
746 else if (parm->passthru)
748 unsigned char *value;
751 int needrest = !strncmp (line, "KEYDATA", 8);
753 /* Pass the inquiry up to our caller. We limit the maximum
754 amount to an arbitrary value. As we know that the KEYDATA
755 enquiry is pretty sensitive we disable logging then */
756 if ((rest = (needrest
757 && !assuan_get_flag (parm->passthru, ASSUAN_CONFIDENTIAL))))
758 assuan_begin_confidential (parm->passthru);
759 rc = assuan_inquire (parm->passthru, line, &value, &valuelen, 8096);
761 assuan_end_confidential (parm->passthru);
764 if ((rest = (needrest
765 && !assuan_get_flag (parm->ctx, ASSUAN_CONFIDENTIAL))))
766 assuan_begin_confidential (parm->ctx);
767 rc = assuan_send_data (parm->ctx, value, valuelen);
769 assuan_end_confidential (parm->ctx);
773 log_error ("error forwarding inquiry '%s': %s\n",
774 line, gpg_strerror (rc));
778 log_error ("unsupported inquiry '%s'\n", line);
779 rc = gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE);
786 /* Helper returning a command option to describe the used hash
787 algorithm. See scd/command.c:cmd_pksign. */
789 hash_algo_option (int algo)
793 case GCRY_MD_MD5 : return "--hash=md5";
794 case GCRY_MD_RMD160: return "--hash=rmd160";
795 case GCRY_MD_SHA1 : return "--hash=sha1";
796 case GCRY_MD_SHA224: return "--hash=sha224";
797 case GCRY_MD_SHA256: return "--hash=sha256";
798 case GCRY_MD_SHA384: return "--hash=sha384";
799 case GCRY_MD_SHA512: return "--hash=sha512";
806 cancel_inquire (ctrl_t ctrl, gpg_error_t rc)
808 gpg_error_t oldrc = rc;
810 /* The inquire callback was called and transact returned a
811 cancel error. We assume that the inquired process sent a
812 CANCEL. The passthrough code is not able to pass on the
813 CANCEL and thus scdaemon would stuck on this. As a
814 workaround we send a CANCEL now. */
815 rc = assuan_write_line (ctrl->scd_local->ctx, "CAN");
820 rc = assuan_read_line (ctrl->scd_local->ctx, &line, &len);
828 /* Create a signature using the current card. MDALGO is either 0 or
829 gives the digest algorithm. */
831 agent_card_pksign (ctrl_t ctrl,
833 int (*getpin_cb)(void *, const char *, char*, size_t),
836 const unsigned char *indata, size_t indatalen,
837 unsigned char **r_buf, size_t *r_buflen)
840 char line[ASSUAN_LINELENGTH];
842 struct inq_needpin_s inqparm;
845 rc = start_scd (ctrl);
849 if (indatalen*2 + 50 > DIM(line))
850 return unlock_scd (ctrl, gpg_error (GPG_ERR_GENERAL));
852 bin2hex (indata, indatalen, stpcpy (line, "SETDATA "));
854 rc = assuan_transact (ctrl->scd_local->ctx, line,
855 NULL, NULL, NULL, NULL, NULL, NULL);
857 return unlock_scd (ctrl, rc);
859 init_membuf (&data, 1024);
860 inqparm.ctx = ctrl->scd_local->ctx;
861 inqparm.getpin_cb = getpin_cb;
862 inqparm.getpin_cb_arg = getpin_cb_arg;
863 inqparm.passthru = 0;
864 inqparm.any_inq_seen = 0;
865 if (ctrl->use_auth_call)
866 snprintf (line, sizeof line, "PKAUTH %s", keyid);
868 snprintf (line, sizeof line, "PKSIGN %s %s",
869 hash_algo_option (mdalgo), keyid);
870 rc = assuan_transact (ctrl->scd_local->ctx, line,
871 put_membuf_cb, &data,
872 inq_needpin, &inqparm,
874 if (inqparm.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
875 gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
876 rc = cancel_inquire (ctrl, rc);
882 xfree (get_membuf (&data, &len));
883 return unlock_scd (ctrl, rc);
886 *r_buf = get_membuf (&data, r_buflen);
887 return unlock_scd (ctrl, 0);
893 /* Check whether there is any padding info from scdaemon. */
895 padding_info_cb (void *opaque, const char *line)
897 int *r_padding = opaque;
900 if ((s=has_leading_keyword (line, "PADDING")))
902 *r_padding = atoi (s);
909 /* Decipher INDATA using the current card. Note that the returned
910 value is not an s-expression but the raw data as returned by
911 scdaemon. The padding information is stored at R_PADDING with -1
914 agent_card_pkdecrypt (ctrl_t ctrl,
916 int (*getpin_cb)(void *, const char *, char*, size_t),
918 const unsigned char *indata, size_t indatalen,
919 char **r_buf, size_t *r_buflen, int *r_padding)
922 char *p, line[ASSUAN_LINELENGTH];
924 struct inq_needpin_s inqparm;
928 *r_padding = -1; /* Unknown. */
929 rc = start_scd (ctrl);
933 /* FIXME: use secure memory where appropriate */
935 for (len = 0; len < indatalen;)
937 p = stpcpy (line, "SETDATA ");
939 p = stpcpy (p, "--append ");
940 for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++)
942 sprintf (p, "%02X", indata[len]);
945 rc = assuan_transact (ctrl->scd_local->ctx, line,
946 NULL, NULL, NULL, NULL, NULL, NULL);
948 return unlock_scd (ctrl, rc);
951 init_membuf (&data, 1024);
952 inqparm.ctx = ctrl->scd_local->ctx;
953 inqparm.getpin_cb = getpin_cb;
954 inqparm.getpin_cb_arg = getpin_cb_arg;
955 inqparm.passthru = 0;
956 inqparm.any_inq_seen = 0;
957 snprintf (line, DIM(line), "PKDECRYPT %s", keyid);
958 rc = assuan_transact (ctrl->scd_local->ctx, line,
959 put_membuf_cb, &data,
960 inq_needpin, &inqparm,
961 padding_info_cb, r_padding);
962 if (inqparm.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
963 gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
964 rc = cancel_inquire (ctrl, rc);
968 xfree (get_membuf (&data, &len));
969 return unlock_scd (ctrl, rc);
971 *r_buf = get_membuf (&data, r_buflen);
973 return unlock_scd (ctrl, gpg_error (GPG_ERR_ENOMEM));
975 return unlock_scd (ctrl, 0);
980 /* Read a certificate with ID into R_BUF and R_BUFLEN. */
982 agent_card_readcert (ctrl_t ctrl,
983 const char *id, char **r_buf, size_t *r_buflen)
986 char line[ASSUAN_LINELENGTH];
991 rc = start_scd (ctrl);
995 init_membuf (&data, 1024);
996 snprintf (line, DIM(line), "READCERT %s", id);
997 rc = assuan_transact (ctrl->scd_local->ctx, line,
998 put_membuf_cb, &data,
1003 xfree (get_membuf (&data, &len));
1004 return unlock_scd (ctrl, rc);
1006 *r_buf = get_membuf (&data, r_buflen);
1008 return unlock_scd (ctrl, gpg_error (GPG_ERR_ENOMEM));
1010 return unlock_scd (ctrl, 0);
1015 /* Read a key with ID and return it in an allocate buffer pointed to
1016 by r_BUF as a valid S-expression. */
1018 agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf)
1021 char line[ASSUAN_LINELENGTH];
1026 rc = start_scd (ctrl);
1030 init_membuf (&data, 1024);
1031 snprintf (line, DIM(line), "READKEY %s", id);
1032 rc = assuan_transact (ctrl->scd_local->ctx, line,
1033 put_membuf_cb, &data,
1038 xfree (get_membuf (&data, &len));
1039 return unlock_scd (ctrl, rc);
1041 *r_buf = get_membuf (&data, &buflen);
1043 return unlock_scd (ctrl, gpg_error (GPG_ERR_ENOMEM));
1045 if (!gcry_sexp_canon_len (*r_buf, buflen, NULL, NULL))
1047 xfree (*r_buf); *r_buf = NULL;
1048 return unlock_scd (ctrl, gpg_error (GPG_ERR_INV_VALUE));
1051 return unlock_scd (ctrl, 0);
1055 struct writekey_parm_s
1057 assuan_context_t ctx;
1058 int (*getpin_cb)(void *, const char *, char*, size_t);
1059 void *getpin_cb_arg;
1060 assuan_context_t passthru;
1063 const unsigned char *keydata;
1067 /* Handle a KEYDATA inquiry. Note, we only send the data,
1068 assuan_transact takes care of flushing and writing the end */
1070 inq_writekey_parms (void *opaque, const char *line)
1072 struct writekey_parm_s *parm = opaque;
1074 if (has_leading_keyword (line, "KEYDATA"))
1075 return assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen);
1077 return inq_needpin (opaque, line);
1082 agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
1083 const char *id, const char *keydata, size_t keydatalen,
1084 int (*getpin_cb)(void *, const char *, char*, size_t),
1085 void *getpin_cb_arg)
1088 char line[ASSUAN_LINELENGTH];
1089 struct writekey_parm_s parms;
1092 rc = start_scd (ctrl);
1096 snprintf (line, DIM(line), "WRITEKEY %s%s", force ? "--force " : "", id);
1097 parms.ctx = ctrl->scd_local->ctx;
1098 parms.getpin_cb = getpin_cb;
1099 parms.getpin_cb_arg = getpin_cb_arg;
1101 parms.any_inq_seen = 0;
1102 parms.keydata = keydata;
1103 parms.keydatalen = keydatalen;
1105 rc = assuan_transact (ctrl->scd_local->ctx, line, NULL, NULL,
1106 inq_writekey_parms, &parms, NULL, NULL);
1107 if (parms.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
1108 gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
1109 rc = cancel_inquire (ctrl, rc);
1110 return unlock_scd (ctrl, rc);
1113 /* Type used with the card_getattr_cb. */
1114 struct card_getattr_parm_s {
1115 const char *keyword; /* Keyword to look for. */
1116 size_t keywordlen; /* strlen of KEYWORD. */
1117 char *data; /* Malloced and unescaped data. */
1118 int error; /* ERRNO value or 0 on success. */
1121 /* Callback function for agent_card_getattr. */
1123 card_getattr_cb (void *opaque, const char *line)
1125 struct card_getattr_parm_s *parm = opaque;
1126 const char *keyword = line;
1130 return 0; /* We want only the first occurrence. */
1132 for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
1134 while (spacep (line))
1137 if (keywordlen == parm->keywordlen
1138 && !memcmp (keyword, parm->keyword, keywordlen))
1140 parm->data = percent_plus_unescape ((const unsigned char*)line, 0xff);
1142 parm->error = errno;
1149 /* Call the agent to retrieve a single line data object. On success
1150 the object is malloced and stored at RESULT; it is guaranteed that
1151 NULL is never stored in this case. On error an error code is
1152 returned and NULL stored at RESULT. */
1154 agent_card_getattr (ctrl_t ctrl, const char *name, char **result)
1157 struct card_getattr_parm_s parm;
1158 char line[ASSUAN_LINELENGTH];
1163 return gpg_error (GPG_ERR_INV_VALUE);
1165 memset (&parm, 0, sizeof parm);
1166 parm.keyword = name;
1167 parm.keywordlen = strlen (name);
1169 /* We assume that NAME does not need escaping. */
1170 if (8 + strlen (name) > DIM(line)-1)
1171 return gpg_error (GPG_ERR_TOO_LARGE);
1172 stpcpy (stpcpy (line, "GETATTR "), name);
1174 err = start_scd (ctrl);
1178 err = assuan_transact (ctrl->scd_local->ctx, line,
1179 NULL, NULL, NULL, NULL,
1180 card_getattr_cb, &parm);
1181 if (!err && parm.error)
1182 err = gpg_error_from_errno (parm.error);
1184 if (!err && !parm.data)
1185 err = gpg_error (GPG_ERR_NO_DATA);
1188 *result = parm.data;
1192 return unlock_scd (ctrl, err);
1199 pass_status_thru (void *opaque, const char *line)
1201 assuan_context_t ctx = opaque;
1205 if (line[0] == '#' && (!line[1] || spacep (line+1)))
1207 /* We are called in convey comments mode. Now, if we see a
1208 comment marker as keyword we forward the line verbatim to the
1209 the caller. This way the comment lines from scdaemon won't
1210 appear as status lines with keyword '#'. */
1211 assuan_write_line (ctx, line);
1215 for (i=0; *line && !spacep (line) && i < DIM(keyword)-1; line++, i++)
1219 /* Truncate any remaining keyword stuff. */
1220 for (; *line && !spacep (line); line++)
1222 while (spacep (line))
1225 assuan_write_status (ctx, keyword, line);
1231 pass_data_thru (void *opaque, const void *buffer, size_t length)
1233 assuan_context_t ctx = opaque;
1235 assuan_send_data (ctx, buffer, length);
1240 /* Send the line CMDLINE with command for the SCDdaemon to it and send
1241 all status messages back. This command is used as a general quoting
1242 mechanism to pass everything verbatim to SCDAEMON. The PIN
1243 inquiry is handled inside gpg-agent. */
1245 agent_card_scd (ctrl_t ctrl, const char *cmdline,
1246 int (*getpin_cb)(void *, const char *, char*, size_t),
1247 void *getpin_cb_arg, void *assuan_context)
1250 struct inq_needpin_s inqparm;
1253 rc = start_scd (ctrl);
1257 inqparm.ctx = ctrl->scd_local->ctx;
1258 inqparm.getpin_cb = getpin_cb;
1259 inqparm.getpin_cb_arg = getpin_cb_arg;
1260 inqparm.passthru = assuan_context;
1261 inqparm.any_inq_seen = 0;
1262 saveflag = assuan_get_flag (ctrl->scd_local->ctx, ASSUAN_CONVEY_COMMENTS);
1263 assuan_set_flag (ctrl->scd_local->ctx, ASSUAN_CONVEY_COMMENTS, 1);
1264 rc = assuan_transact (ctrl->scd_local->ctx, cmdline,
1265 pass_data_thru, assuan_context,
1266 inq_needpin, &inqparm,
1267 pass_status_thru, assuan_context);
1268 if (inqparm.any_inq_seen && gpg_err_code(rc) == GPG_ERR_ASS_CANCELED)
1269 rc = cancel_inquire (ctrl, rc);
1271 assuan_set_flag (ctrl->scd_local->ctx, ASSUAN_CONVEY_COMMENTS, saveflag);
1274 return unlock_scd (ctrl, rc);
1277 return unlock_scd (ctrl, 0);