00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013 #ifdef HAVE_CONFIG_H
00014 # include <config.h>
00015 #endif
00016
00017
00018 #include "ctfile_p.h"
00019 #include "i18n_l.h"
00020 #include <gwenhywfar/ctf_context_be.h>
00021 #include <gwenhywfar/misc.h>
00022 #include <gwenhywfar/debug.h>
00023 #include <gwenhywfar/padd.h>
00024 #include <gwenhywfar/cryptkeyrsa.h>
00025 #include <gwenhywfar/text.h>
00026
00027 #include <sys/types.h>
00028 #include <sys/stat.h>
00029 #include <fcntl.h>
00030 #include <string.h>
00031 #include <errno.h>
00032 #include <stdlib.h>
00033 #include <unistd.h>
00034
00035
00036
00037 GWEN_INHERIT(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE)
00038
00039
00040
00041
00042
00043 int GWEN_Crypt_TokenFile__OpenFile(GWEN_CRYPT_TOKEN *ct, int wr, uint32_t gid){
00044 int fd;
00045 GWEN_CRYPT_TOKEN_FILE *lct;
00046 GWEN_FSLOCK_RESULT lres;
00047
00048 assert(ct);
00049 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00050 assert(lct);
00051
00052 lct->lock=GWEN_FSLock_new(GWEN_Crypt_Token_GetTokenName(ct),
00053 GWEN_FSLock_TypeFile);
00054 lres=GWEN_FSLock_Lock(lct->lock, 10000, gid);
00055 if (lres!=GWEN_FSLock_ResultOk) {
00056 GWEN_FSLock_free(lct->lock);
00057 lct->lock=0;
00058 DBG_ERROR(GWEN_LOGDOMAIN, "Could not lock file");
00059 if (lres==GWEN_FSLock_ResultUserAbort)
00060 return GWEN_ERROR_USER_ABORTED;
00061 else
00062 return GWEN_ERROR_IO;
00063 }
00064 else {
00065 DBG_INFO(GWEN_LOGDOMAIN,
00066 "Keyfile [%s] locked.",
00067 GWEN_Crypt_Token_GetTokenName(ct));
00068 }
00069
00070 if (wr) {
00071
00072 fd=open(GWEN_Crypt_Token_GetTokenName(ct),
00073 O_RDWR|O_CREAT
00074 #ifdef OS_WIN32
00075 | O_BINARY
00076 #endif
00077 ,
00078 S_IRUSR|S_IWUSR | lct->keyfile_mode);
00079 }
00080 else {
00081
00082 struct stat statbuffer;
00083 if (!stat(GWEN_Crypt_Token_GetTokenName(ct), &statbuffer)) {
00084
00085
00086 lct->keyfile_mode =
00087 statbuffer.st_mode & (S_IRWXU
00088 #ifndef OS_WIN32
00089 | S_IRWXG | S_IRWXO
00090 #endif
00091 );
00092 }
00093 else {
00094 DBG_ERROR(GWEN_LOGDOMAIN,
00095 "stat(%s): %s",
00096 GWEN_Crypt_Token_GetTokenName(ct),
00097 strerror(errno));
00098
00099 GWEN_FSLock_Unlock(lct->lock);
00100 GWEN_FSLock_free(lct->lock);
00101 lct->lock=0;
00102 DBG_INFO(GWEN_LOGDOMAIN,
00103 "Keyfile [%s] unlocked.",
00104 GWEN_Crypt_Token_GetTokenName(ct));
00105 return GWEN_ERROR_IO;
00106 }
00107
00108
00109 fd=open(GWEN_Crypt_Token_GetTokenName(ct),
00110 O_RDONLY
00111 #ifdef OS_WIN32
00112 | O_BINARY
00113 #endif
00114 );
00115 }
00116
00117 if (fd==-1) {
00118 DBG_ERROR(GWEN_LOGDOMAIN,
00119 "open(%s): %s",
00120 GWEN_Crypt_Token_GetTokenName(ct),
00121 strerror(errno));
00122 GWEN_FSLock_Unlock(lct->lock);
00123 GWEN_FSLock_free(lct->lock);
00124 lct->lock=0;
00125 DBG_INFO(GWEN_LOGDOMAIN,
00126 "Keyfile [%s] unlocked.",
00127 GWEN_Crypt_Token_GetTokenName(ct));
00128 return GWEN_ERROR_IO;
00129 }
00130
00131 lct->fd=fd;
00132
00133 return 0;
00134 }
00135
00136
00137
00138 int GWEN_Crypt_TokenFile__CloseFile(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00139 GWEN_CRYPT_TOKEN_FILE *lct;
00140 GWEN_FSLOCK_RESULT lres;
00141 struct stat st;
00142
00143 assert(ct);
00144 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00145 assert(lct);
00146
00147 if (lct->fd==-1) {
00148 DBG_ERROR(GWEN_LOGDOMAIN, "Keyfile \"%s\"not open",
00149 GWEN_Crypt_Token_GetTokenName(ct));
00150 return GWEN_ERROR_INTERNAL;
00151 }
00152
00153 if (close(lct->fd)) {
00154 DBG_ERROR(GWEN_LOGDOMAIN, "close(%s): %s",
00155 GWEN_Crypt_Token_GetTokenName(ct), strerror(errno));
00156 lct->fd=-1;
00157 GWEN_FSLock_Unlock(lct->lock);
00158 GWEN_FSLock_free(lct->lock);
00159 lct->lock=0;
00160 DBG_INFO(GWEN_LOGDOMAIN,
00161 "Keyfile [%s] unlocked.",
00162 GWEN_Crypt_Token_GetTokenName(ct));
00163 return GWEN_ERROR_IO;
00164 }
00165 lct->fd=-1;
00166
00167 lres=GWEN_FSLock_Unlock(lct->lock);
00168 if (lres!=GWEN_FSLock_ResultOk) {
00169 DBG_WARN(GWEN_LOGDOMAIN, "Error removing lock from \"%s\": %d",
00170 GWEN_Crypt_Token_GetTokenName(ct), lres);
00171 }
00172 GWEN_FSLock_free(lct->lock);
00173 lct->lock=0;
00174 DBG_INFO(GWEN_LOGDOMAIN,
00175 "Keyfile [%s] unlocked.",
00176 GWEN_Crypt_Token_GetTokenName(ct));
00177
00178
00179 if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
00180 DBG_ERROR(GWEN_LOGDOMAIN,
00181 "stat(%s): %s",
00182 GWEN_Crypt_Token_GetTokenName(ct),
00183 strerror(errno));
00184 return GWEN_ERROR_IO;
00185 }
00186
00187 #ifndef OS_WIN32
00188 if (st.st_mode & 0007) {
00189 DBG_WARN(GWEN_LOGDOMAIN,
00190 "WARNING: Your keyfile \"%s\" is world accessible!\n"
00191 "Nobody but you should have access to the file. You \n"
00192 "should probably change this with \"chmod 600 %s\"",
00193 GWEN_Crypt_Token_GetTokenName(ct),
00194 GWEN_Crypt_Token_GetTokenName(ct));
00195 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Warning,
00196 "WARNING: Your keyfile is world accessible!\n"
00197 "Nobody but you should have access to the file.");
00198 }
00199 #endif
00200 lct->mtime=st.st_mtime;
00201 lct->ctime=st.st_ctime;
00202
00203 return 0;
00204 }
00205
00206
00207
00208 int GWEN_Crypt_TokenFile__Read(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00209 GWEN_CRYPT_TOKEN_FILE *lct;
00210
00211 assert(ct);
00212 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00213 assert(lct);
00214
00215 assert(lct->readFn);
00216 if (lseek(lct->fd, 0, SEEK_SET)==-1) {
00217 DBG_ERROR(GWEN_LOGDOMAIN, "lseek(%s): %s",
00218 GWEN_Crypt_Token_GetTokenName(ct),
00219 strerror(errno));
00220 return GWEN_ERROR_IO;
00221 }
00222 return lct->readFn(ct, lct->fd, gid);
00223 }
00224
00225
00226
00227 int GWEN_Crypt_TokenFile__Write(GWEN_CRYPT_TOKEN *ct, int cr, uint32_t gid){
00228 GWEN_CRYPT_TOKEN_FILE *lct;
00229
00230 assert(ct);
00231 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00232 assert(lct);
00233
00234 if (lct->writeFn==0) {
00235 DBG_WARN(GWEN_LOGDOMAIN,
00236 "No write function in crypt token type \"%s\"",
00237 GWEN_Crypt_Token_GetTypeName(ct));
00238 return GWEN_ERROR_NOT_SUPPORTED;
00239 }
00240
00241 if (lseek(lct->fd, 0, SEEK_SET)==-1) {
00242 DBG_ERROR(GWEN_LOGDOMAIN, "lseek(%s): %s",
00243 GWEN_Crypt_Token_GetTokenName(ct),
00244 strerror(errno));
00245 return GWEN_ERROR_IO;
00246 }
00247 return lct->writeFn(ct, lct->fd, cr, gid);
00248 }
00249
00250
00251
00252 int GWEN_Crypt_TokenFile__ReadFile(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00253 GWEN_CRYPT_TOKEN_FILE *lct;
00254 int rv;
00255
00256 assert(ct);
00257 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00258 assert(lct);
00259
00260
00261 GWEN_Crypt_Token_Context_List_Clear(lct->contextList);
00262
00263
00264 rv=GWEN_Crypt_TokenFile__OpenFile(ct, 0, gid);
00265 if (rv) {
00266 DBG_INFO(GWEN_LOGDOMAIN,
00267 "Could not open keyfile for reading (%d)", rv);
00268 return rv;
00269 }
00270
00271
00272 rv=GWEN_Crypt_TokenFile__Read(ct, gid);
00273 if (rv) {
00274 DBG_INFO(GWEN_LOGDOMAIN, "Error reading keyfile");
00275 GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00276 return rv;
00277 }
00278
00279
00280 rv=GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00281 if (rv) {
00282 DBG_INFO(GWEN_LOGDOMAIN, "Could not close keyfile");
00283 return rv;
00284 }
00285
00286 return 0;
00287 }
00288
00289
00290
00291 int GWEN_Crypt_TokenFile__WriteFile(GWEN_CRYPT_TOKEN *ct, int cr, uint32_t gid){
00292 GWEN_CRYPT_TOKEN_FILE *lct;
00293 int rv;
00294
00295 assert(ct);
00296 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00297 assert(lct);
00298
00299
00300 rv=GWEN_Crypt_TokenFile__OpenFile(ct, 1, gid);
00301 if (rv) {
00302 DBG_INFO(GWEN_LOGDOMAIN,
00303 "Could not open keyfile for writing (%d)", rv);
00304 return rv;
00305 }
00306
00307
00308 rv=GWEN_Crypt_TokenFile__Write(ct, cr, gid);
00309 if (rv) {
00310 DBG_INFO(GWEN_LOGDOMAIN, "Error writing keyfile");
00311 GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00312 return rv;
00313 }
00314
00315
00316 rv=GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00317 if (rv) {
00318 DBG_INFO(GWEN_LOGDOMAIN, "Could not close keyfile");
00319 return rv;
00320 }
00321
00322 return 0;
00323 }
00324
00325
00326
00327 int GWEN_Crypt_TokenFile__ReloadIfNeeded(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00328 GWEN_CRYPT_TOKEN_FILE *lct;
00329 struct stat st;
00330
00331 assert(ct);
00332 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00333 assert(lct);
00334
00335 if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
00336 DBG_ERROR(GWEN_LOGDOMAIN,
00337 "stat(%s): %s",
00338 GWEN_Crypt_Token_GetTokenName(ct),
00339 strerror(errno));
00340 return -1;
00341 }
00342 if (lct->mtime!=st.st_mtime ||
00343 lct->ctime!=st.st_ctime) {
00344 int rv;
00345
00346
00347 DBG_NOTICE(GWEN_LOGDOMAIN,
00348 "Keyfile changed externally, reloading it");
00349
00350 rv=GWEN_Crypt_TokenFile__ReadFile(ct, gid);
00351 if (rv) {
00352 DBG_WARN(GWEN_LOGDOMAIN, "Error reloading keyfile");
00353 return rv;
00354 }
00355 }
00356 else {
00357 DBG_NOTICE(GWEN_LOGDOMAIN, "Keyfile unchanged, not reloading");
00358 }
00359 return 0;
00360 }
00361
00362
00363
00364 void GWEN_Crypt_TokenFile_AddContext(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CONTEXT *ctx) {
00365 GWEN_CRYPT_TOKEN_FILE *lct;
00366
00367 assert(ct);
00368 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00369 assert(lct);
00370
00371
00372 assert(GWEN_CTF_Context_IsOfThisType(ctx));
00373 GWEN_Crypt_Token_Context_List_Add(ctx, lct->contextList);
00374 }
00375
00376
00377
00378 GWEN_CRYPT_TOKEN_CONTEXT *GWEN_Crypt_TokenFile_GetContext(GWEN_CRYPT_TOKEN *ct, int idx) {
00379 GWEN_CRYPT_TOKEN_FILE *lct;
00380 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00381
00382 assert(ct);
00383 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00384 assert(lct);
00385
00386 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00387 while(ctx) {
00388 if (idx==0)
00389 return ctx;
00390 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00391 idx--;
00392 }
00393
00394 return NULL;
00395 }
00396
00397
00398
00399 GWEN_CRYPT_TOKEN_FILE_READ_FN GWEN_Crypt_TokenFile_SetReadFn(GWEN_CRYPT_TOKEN *ct,
00400 GWEN_CRYPT_TOKEN_FILE_READ_FN f) {
00401 GWEN_CRYPT_TOKEN_FILE *lct;
00402 GWEN_CRYPT_TOKEN_FILE_READ_FN of;
00403
00404 assert(ct);
00405 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00406 assert(lct);
00407
00408 of=lct->readFn;
00409 lct->readFn=f;
00410
00411 return of;
00412 }
00413
00414
00415
00416 GWEN_CRYPT_TOKEN_FILE_WRITE_FN GWEN_Crypt_TokenFile_SetWriteFn(GWEN_CRYPT_TOKEN *ct,
00417 GWEN_CRYPT_TOKEN_FILE_WRITE_FN f) {
00418 GWEN_CRYPT_TOKEN_FILE *lct;
00419 GWEN_CRYPT_TOKEN_FILE_WRITE_FN of;
00420
00421 assert(ct);
00422 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00423 assert(lct);
00424
00425 of=lct->writeFn;
00426 lct->writeFn=f;
00427
00428 return of;
00429 }
00430
00431
00432
00433 int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Create(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00434 GWEN_CRYPT_TOKEN_FILE *lct;
00435 struct stat st;
00436 int fd;
00437 int rv;
00438
00439 assert(ct);
00440 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00441 assert(lct);
00442
00443 if (!GWEN_Crypt_Token_GetTokenName(ct)) {
00444 DBG_ERROR(GWEN_LOGDOMAIN, "No medium name given");
00445 return GWEN_ERROR_INVALID;
00446 }
00447
00448 if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
00449 if (errno!=ENOENT) {
00450 DBG_ERROR(GWEN_LOGDOMAIN,
00451 "stat(%s): %s",
00452 GWEN_Crypt_Token_GetTokenName(ct),
00453 strerror(errno));
00454 return GWEN_ERROR_IO;
00455 }
00456 }
00457 else {
00458 DBG_ERROR(GWEN_LOGDOMAIN,
00459 "Keyfile \"%s\" already exists, will not create it",
00460 GWEN_Crypt_Token_GetTokenName(ct));
00461 return GWEN_ERROR_INVALID;
00462 }
00463
00464
00465
00466 fd=open(GWEN_Crypt_Token_GetTokenName(ct),
00467 O_RDWR | O_CREAT | O_EXCL
00468 #ifdef OS_WIN32
00469 | O_BINARY
00470 #endif
00471 ,
00472 S_IRUSR|S_IWUSR);
00473
00474
00475 if (fd==-1) {
00476 DBG_ERROR(GWEN_LOGDOMAIN,
00477 "open(%s): %s",
00478 GWEN_Crypt_Token_GetTokenName(ct),
00479 strerror(errno));
00480 return GWEN_ERROR_IO;
00481 }
00482
00483 close(fd);
00484
00485 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 1, gid);
00486 if (rv) {
00487 DBG_INFO(GWEN_LOGDOMAIN, "here");
00488 return rv;
00489 }
00490
00491 return 0;
00492 }
00493
00494
00495
00496 int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Open(GWEN_CRYPT_TOKEN *ct, int admin, uint32_t gid){
00497 GWEN_CRYPT_TOKEN_FILE *lct;
00498 int rv;
00499
00500 assert(ct);
00501 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00502 assert(lct);
00503
00504 rv=GWEN_Crypt_TokenFile__ReadFile(ct, gid);
00505 if (rv) {
00506 DBG_INFO(GWEN_LOGDOMAIN, "here");
00507 return rv;
00508 }
00509
00510 return 0;
00511 }
00512
00513
00514
00515 int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Close(GWEN_CRYPT_TOKEN *ct, int abandon, uint32_t gid){
00516 GWEN_CRYPT_TOKEN_FILE *lct;
00517 int rv;
00518
00519 assert(ct);
00520 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00521 assert(lct);
00522
00523 if (!abandon)
00524 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
00525 else
00526 rv=0;
00527
00528
00529 GWEN_Crypt_Token_Context_List_Clear(lct->contextList);
00530 lct->mtime=0;
00531 lct->ctime=0;
00532
00533 return rv;
00534 }
00535
00536
00537
00538
00539 int GWENHYWFAR_CB GWEN_Crypt_TokenFile__GetKeyIdList(GWEN_CRYPT_TOKEN *ct,
00540 uint32_t *pIdList,
00541 uint32_t *pCount,
00542 uint32_t gid) {
00543 GWEN_CRYPT_TOKEN_FILE *lct;
00544 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00545 int i;
00546 int rv;
00547
00548 assert(ct);
00549 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00550 assert(lct);
00551
00552
00553 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00554 if (rv) {
00555 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00556 return rv;
00557 }
00558
00559
00560 i=0;
00561 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00562 while(ctx) {
00563 i+=GWEN_CRYPT_TOKEN_CONTEXT_KEYS;
00564 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00565 }
00566
00567
00568 if (pIdList==NULL) {
00569 *pCount=i;
00570 return 0;
00571 }
00572
00573 if (*pCount<i) {
00574 DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small");
00575 return GWEN_ERROR_BUFFER_OVERFLOW;
00576 }
00577
00578 *pCount=i;
00579 i=0;
00580 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00581 while(ctx) {
00582 int j;
00583
00584 for (j=1; j<=GWEN_CRYPT_TOKEN_CONTEXT_KEYS; j++)
00585 *(pIdList++)=(i<<16)+j;
00586
00587 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00588 i++;
00589 }
00590
00591 return 0;
00592 }
00593
00594
00595
00596 const GWEN_CRYPT_TOKEN_KEYINFO* GWENHYWFAR_CB
00597 GWEN_Crypt_TokenFile__GetKeyInfo(GWEN_CRYPT_TOKEN *ct,
00598 uint32_t id,
00599 uint32_t flags,
00600 uint32_t gid) {
00601 GWEN_CRYPT_TOKEN_FILE *lct;
00602 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00603 GWEN_CRYPT_TOKEN_KEYINFO *ki;
00604 int i;
00605 int rv;
00606
00607 assert(ct);
00608 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00609 assert(lct);
00610
00611
00612 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00613 if (rv) {
00614 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00615 return NULL;
00616 }
00617
00618 i=id>>16;
00619 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00620 while(ctx) {
00621 if (i==0)
00622 break;
00623 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00624 i--;
00625 }
00626
00627 if (ctx==NULL) {
00628 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
00629 return NULL;
00630 }
00631
00632 switch(id & 0xffff) {
00633 case 1: ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx); break;
00634 case 2: ki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx); break;
00635 case 3: ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx); break;
00636 case 4: ki=GWEN_CTF_Context_GetRemoteCryptKeyInfo(ctx); break;
00637 case 5: ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx); break;
00638 case 6: ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx); break;
00639 default:
00640 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
00641 return NULL;
00642 }
00643
00644 if (ki==NULL) {
00645 DBG_INFO(GWEN_LOGDOMAIN, "No key info stored for key %d", id);
00646 return NULL;
00647 }
00648
00649 return ki;
00650 }
00651
00652
00653
00654 #if 0
00655 int GWENHYWFAR_CB
00656 GWEN_Crypt_TokenFile__SetKeyInfo(GWEN_CRYPT_TOKEN *ct,
00657 uint32_t id,
00658 const GWEN_CRYPT_TOKEN_KEYINFO *ki,
00659 uint32_t gid) {
00660 GWEN_CRYPT_TOKEN_FILE *lct;
00661 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00662 int i;
00663 int rv;
00664 GWEN_CRYPT_TOKEN_KEYINFO *nki;
00665 GWEN_CRYPT_KEY *key;
00666 uint32_t flags;
00667
00668 assert(ct);
00669 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00670 assert(lct);
00671
00672 flags=GWEN_Crypt_Token_KeyInfo_GetFlags(ki);
00673
00674
00675 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00676 if (rv) {
00677 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00678 return rv;
00679 }
00680
00681 i=id>>16;
00682 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00683 while(ctx) {
00684 if (i==0)
00685 break;
00686 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00687 i--;
00688 }
00689
00690 if (ctx==NULL) {
00691 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
00692 return GWEN_ERROR_NOT_FOUND;
00693 }
00694
00695 nki=GWEN_Crypt_Token_KeyInfo_dup(ki);
00696 assert(nki);
00697 switch(id & 0xffff) {
00698 case 1:
00699 GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, nki);
00700 key=GWEN_CTF_Context_GetLocalSignKey(ctx);
00701 break;
00702 case 2:
00703 GWEN_CTF_Context_SetLocalCryptKeyInfo(ctx, nki);
00704 key=GWEN_CTF_Context_GetLocalCryptKey(ctx);
00705 break;
00706 case 3:
00707 GWEN_CTF_Context_SetRemoteSignKeyInfo(ctx, nki);
00708 key=GWEN_CTF_Context_GetRemoteSignKey(ctx);
00709 break;
00710 case 4:
00711 GWEN_CTF_Context_SetRemoteCryptKeyInfo(ctx, nki);
00712 key=GWEN_CTF_Context_GetRemoteCryptKey(ctx);
00713 break;
00714 case 5:
00715 GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, nki);
00716 key=GWEN_CTF_Context_GetLocalAuthKey(ctx);
00717 break;
00718 case 6:
00719 GWEN_CTF_Context_SetRemoteAuthKeyInfo(ctx, nki);
00720 key=GWEN_CTF_Context_GetRemoteAuthKey(ctx);
00721 break;
00722 default:
00723 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
00724 GWEN_Crypt_Token_KeyInfo_free(nki);
00725 return GWEN_ERROR_NOT_FOUND;
00726 }
00727
00728
00729 if ((flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS) &&
00730 (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT) &&
00731 id!=1 &&
00732 id!=2 &&
00733 id!=5) {
00734 GWEN_CRYPT_KEY *nkey;
00735
00736 nkey=GWEN_Crypt_KeyRsa_fromModExp(GWEN_Crypt_Token_KeyInfo_GetKeySize(ki),
00737 GWEN_Crypt_Token_KeyInfo_GetModulusData(ki),
00738 GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki),
00739 GWEN_Crypt_Token_KeyInfo_GetExponentData(ki),
00740 GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki));
00741 assert(nkey);
00742
00743 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00744 GWEN_Crypt_Key_SetKeyNumber(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00745 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00746 GWEN_Crypt_Key_SetKeyVersion(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00747
00748
00749 switch(id & 0xffff) {
00750 case 3:
00751 GWEN_CTF_Context_SetRemoteSignKey(ctx, nkey);
00752 break;
00753 case 4:
00754 GWEN_CTF_Context_SetRemoteCryptKey(ctx, nkey);
00755 break;
00756 case 6:
00757 GWEN_CTF_Context_SetRemoteAuthKey(ctx, nkey);
00758 break;
00759 default:
00760 DBG_ERROR(GWEN_LOGDOMAIN,
00761 "Can't set modulus and exponent for private key");
00762 GWEN_Crypt_Key_free(nkey);
00763 return GWEN_ERROR_INVALID;
00764 }
00765 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00766 I18N("Public key replaced"));
00767 }
00768 else {
00769 if (key) {
00770 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00771 GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00772 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00773 GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00774 }
00775 }
00776
00777 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
00778 if (rv) {
00779 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
00780 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
00781 I18N("Unable to write key file"));
00782 return rv;
00783 }
00784
00785 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00786 I18N("Key file saved"));
00787
00788 return 0;
00789 }
00790 #endif
00791
00792
00793 int GWENHYWFAR_CB
00794 GWEN_Crypt_TokenFile__SetKeyInfo(GWEN_CRYPT_TOKEN *ct,
00795 uint32_t id,
00796 const GWEN_CRYPT_TOKEN_KEYINFO *ski,
00797 uint32_t gid) {
00798 GWEN_CRYPT_TOKEN_FILE *lct;
00799 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00800 int i;
00801 int rv;
00802 GWEN_CRYPT_TOKEN_KEYINFO *ki;
00803 GWEN_CRYPT_KEY *key;
00804 uint32_t flags;
00805 uint32_t nflags;
00806
00807 assert(ct);
00808 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00809 assert(lct);
00810
00811 flags=GWEN_Crypt_Token_KeyInfo_GetFlags(ski);
00812
00813
00814 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00815 if (rv) {
00816 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00817 return rv;
00818 }
00819
00820 i=id>>16;
00821 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00822 while(ctx) {
00823 if (i==0)
00824 break;
00825 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00826 i--;
00827 }
00828
00829 if (ctx==NULL) {
00830 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
00831 return GWEN_ERROR_NOT_FOUND;
00832 }
00833
00834 switch(id & 0xffff) {
00835 case 1:
00836 ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
00837 key=GWEN_CTF_Context_GetLocalSignKey(ctx);
00838 break;
00839 case 2:
00840 ki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
00841 key=GWEN_CTF_Context_GetLocalCryptKey(ctx);
00842 break;
00843 case 3:
00844 ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
00845 key=GWEN_CTF_Context_GetRemoteSignKey(ctx);
00846 break;
00847 case 4:
00848 ki=GWEN_CTF_Context_GetRemoteCryptKeyInfo(ctx);
00849 key=GWEN_CTF_Context_GetRemoteCryptKey(ctx);
00850 break;
00851 case 5:
00852 ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
00853 key=GWEN_CTF_Context_GetLocalAuthKey(ctx);
00854 break;
00855 case 6:
00856 ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
00857 key=GWEN_CTF_Context_GetRemoteAuthKey(ctx);
00858 break;
00859 default:
00860 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
00861 return GWEN_ERROR_NOT_FOUND;
00862 }
00863 assert(ki);
00864
00865 nflags=GWEN_Crypt_Token_KeyInfo_GetFlags(ki);
00866
00867 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSTATUS) {
00868
00869 }
00870
00871 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS) {
00872 nflags&=~GWEN_CRYPT_TOKEN_KEYFLAGS_ACTIONMASK;
00873 nflags|=(flags & GWEN_CRYPT_TOKEN_KEYFLAGS_ACTIONMASK);
00874 }
00875
00876 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION) {
00877 uint32_t i=GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ski);
00878 GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, i);
00879 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION;
00880 if (key)
00881 GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ski));
00882 DBG_INFO(GWEN_LOGDOMAIN, "Setting key version");
00883 }
00884
00885 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER) {
00886 uint32_t i=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ski);
00887 GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, i);
00888 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER;
00889 DBG_INFO(GWEN_LOGDOMAIN, "Setting signature counter");
00890 }
00891
00892 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER) {
00893 uint32_t i=GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ski);
00894 GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, i);
00895 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER;
00896 if (key)
00897 GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ski));
00898 DBG_INFO(GWEN_LOGDOMAIN, "Setting key number");
00899 }
00900
00901
00902 if ((flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS) &&
00903 (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT) &&
00904 id!=1 &&
00905 id!=2 &&
00906 id!=5) {
00907 GWEN_CRYPT_KEY *nkey;
00908
00909 GWEN_Crypt_Token_KeyInfo_SetKeySize(ki, GWEN_Crypt_Token_KeyInfo_GetKeySize(ski));
00910 GWEN_Crypt_Token_KeyInfo_SetModulus(ki,
00911 GWEN_Crypt_Token_KeyInfo_GetModulusData(ski),
00912 GWEN_Crypt_Token_KeyInfo_GetModulusLen(ski));
00913 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS;
00914 GWEN_Crypt_Token_KeyInfo_SetExponent(ki,
00915 GWEN_Crypt_Token_KeyInfo_GetExponentData(ski),
00916 GWEN_Crypt_Token_KeyInfo_GetExponentLen(ski));
00917 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT;
00918 nkey=GWEN_Crypt_KeyRsa_fromModExp(GWEN_Crypt_Token_KeyInfo_GetKeySize(ski),
00919 GWEN_Crypt_Token_KeyInfo_GetModulusData(ski),
00920 GWEN_Crypt_Token_KeyInfo_GetModulusLen(ski),
00921 GWEN_Crypt_Token_KeyInfo_GetExponentData(ski),
00922 GWEN_Crypt_Token_KeyInfo_GetExponentLen(ski));
00923 assert(nkey);
00924
00925 if (nflags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00926 GWEN_Crypt_Key_SetKeyNumber(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00927 if (nflags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00928 GWEN_Crypt_Key_SetKeyVersion(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00929
00930
00931 switch(id & 0xffff) {
00932 case 3:
00933 GWEN_CTF_Context_SetRemoteSignKey(ctx, nkey);
00934 break;
00935 case 4:
00936 GWEN_CTF_Context_SetRemoteCryptKey(ctx, nkey);
00937 break;
00938 case 6:
00939 GWEN_CTF_Context_SetRemoteAuthKey(ctx, nkey);
00940 break;
00941 default:
00942 DBG_ERROR(GWEN_LOGDOMAIN,
00943 "Can't set modulus and exponent for private key");
00944 GWEN_Crypt_Key_free(nkey);
00945 return GWEN_ERROR_INVALID;
00946 }
00947 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00948 I18N("Public key replaced"));
00949 }
00950 else {
00951 if (key) {
00952 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00953 GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00954 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00955 GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00956 }
00957 }
00958
00959 GWEN_Crypt_Token_KeyInfo_SetFlags(ki, nflags);
00960
00961 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
00962 if (rv) {
00963 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
00964 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
00965 I18N("Unable to write key file"));
00966 return rv;
00967 }
00968
00969 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00970 I18N("Key file saved"));
00971
00972 return 0;
00973 }
00974
00975
00976
00977 int GWENHYWFAR_CB
00978 GWEN_Crypt_TokenFile__GetContextIdList(GWEN_CRYPT_TOKEN *ct,
00979 uint32_t *pIdList,
00980 uint32_t *pCount,
00981 uint32_t gid) {
00982 GWEN_CRYPT_TOKEN_FILE *lct;
00983 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00984 int i;
00985 int rv;
00986
00987 assert(ct);
00988 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00989 assert(lct);
00990
00991
00992 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00993 if (rv) {
00994 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00995 return rv;
00996 }
00997
00998
00999 i=0;
01000 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01001 while(ctx) {
01002 i++;
01003 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01004 }
01005
01006
01007 *pCount=i;
01008
01009
01010 if (pIdList==NULL)
01011 return 0;
01012
01013 if (*pCount<i) {
01014 DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small");
01015 return GWEN_ERROR_BUFFER_OVERFLOW;
01016 }
01017
01018 i=1;
01019 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01020 while(ctx) {
01021 *(pIdList++)=i;
01022 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01023 i++;
01024 }
01025
01026 return 0;
01027 }
01028
01029
01030
01031 const GWEN_CRYPT_TOKEN_CONTEXT* GWENHYWFAR_CB
01032 GWEN_Crypt_TokenFile__GetContext(GWEN_CRYPT_TOKEN *ct,
01033 uint32_t id,
01034 uint32_t gid) {
01035 GWEN_CRYPT_TOKEN_FILE *lct;
01036 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01037 int rv;
01038
01039 assert(ct);
01040 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01041 assert(lct);
01042
01043
01044 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01045 if (rv) {
01046 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01047 return NULL;
01048 }
01049
01050 if (id==0) {
01051 DBG_INFO(GWEN_LOGDOMAIN, "Invalid context id 0");
01052 return NULL;
01053 }
01054
01055 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01056 while(ctx) {
01057 if (GWEN_Crypt_Token_Context_GetId(ctx)==id)
01058 break;
01059 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01060 }
01061
01062 if (ctx==NULL) {
01063 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", id);
01064 return NULL;
01065 }
01066
01067 return ctx;
01068 }
01069
01070
01071
01072 int GWENHYWFAR_CB
01073 GWEN_Crypt_TokenFile__SetContext(GWEN_CRYPT_TOKEN *ct,
01074 uint32_t id,
01075 const GWEN_CRYPT_TOKEN_CONTEXT *nctx,
01076 uint32_t gid) {
01077 GWEN_CRYPT_TOKEN_FILE *lct;
01078 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01079 int rv;
01080 const char *s;
01081
01082 assert(ct);
01083 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01084 assert(lct);
01085
01086 if (id==0) {
01087 DBG_INFO(GWEN_LOGDOMAIN, "Invalid context id 0");
01088 return GWEN_ERROR_INVALID;
01089 }
01090
01091
01092 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01093 if (rv) {
01094 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01095 return rv;
01096 }
01097
01098 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01099 while(ctx) {
01100 if (GWEN_Crypt_Token_Context_GetId(ctx)==id)
01101 break;
01102 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01103 }
01104
01105 if (ctx==NULL) {
01106 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", id);
01107 return GWEN_ERROR_NOT_FOUND;
01108 }
01109
01110
01111 s=GWEN_Crypt_Token_Context_GetServiceId(nctx);
01112 GWEN_Crypt_Token_Context_SetServiceId(ctx, s);
01113 s=GWEN_Crypt_Token_Context_GetUserId(nctx);
01114 GWEN_Crypt_Token_Context_SetUserId(ctx, s);
01115 s=GWEN_Crypt_Token_Context_GetUserName(nctx);
01116 GWEN_Crypt_Token_Context_SetUserName(ctx, s);
01117 s=GWEN_Crypt_Token_Context_GetPeerId(nctx);
01118 GWEN_Crypt_Token_Context_SetPeerId(ctx, s);
01119 s=GWEN_Crypt_Token_Context_GetAddress(nctx);
01120 GWEN_Crypt_Token_Context_SetAddress(ctx, s);
01121 GWEN_Crypt_Token_Context_SetPort(ctx, GWEN_Crypt_Token_Context_GetPort(nctx));
01122 s=GWEN_Crypt_Token_Context_GetSystemId(nctx);
01123 GWEN_Crypt_Token_Context_SetSystemId(ctx, s);
01124
01125 return 0;
01126 }
01127
01128
01129
01130 GWEN_CRYPT_KEY *GWEN_Crypt_TokenFile__GetKey(GWEN_CRYPT_TOKEN *ct, uint32_t id, uint32_t gid) {
01131 GWEN_CRYPT_TOKEN_FILE *lct;
01132 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01133 int i;
01134 int rv;
01135
01136 assert(ct);
01137 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01138 assert(lct);
01139
01140
01141 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01142 if (rv) {
01143 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01144 return NULL;
01145 }
01146
01147 i=id>>16;
01148 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01149 while(ctx) {
01150 if (i==0)
01151 break;
01152 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01153 i--;
01154 }
01155
01156 if (ctx==NULL) {
01157 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
01158 return NULL;
01159 }
01160
01161 switch(id & 0xffff) {
01162 case 1: return GWEN_CTF_Context_GetLocalSignKey(ctx);
01163 case 2: return GWEN_CTF_Context_GetLocalCryptKey(ctx);
01164 case 3: return GWEN_CTF_Context_GetRemoteSignKey(ctx);
01165 case 4: return GWEN_CTF_Context_GetRemoteCryptKey(ctx);
01166 case 5: return GWEN_CTF_Context_GetLocalAuthKey(ctx);
01167 case 6: return GWEN_CTF_Context_GetRemoteAuthKey(ctx);
01168 default:
01169 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
01170 return NULL;
01171 }
01172 }
01173
01174
01175
01176 int GWENHYWFAR_CB
01177 GWEN_Crypt_TokenFile__Sign(GWEN_CRYPT_TOKEN *ct,
01178 uint32_t keyId,
01179 GWEN_CRYPT_PADDALGO *a,
01180 const uint8_t *pInData,
01181 uint32_t inLen,
01182 uint8_t *pSignatureData,
01183 uint32_t *pSignatureLen,
01184 uint32_t *pSeqCounter,
01185 uint32_t gid) {
01186 GWEN_CRYPT_TOKEN_FILE *lct;
01187 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01188 GWEN_CRYPT_KEY *k;
01189 int keyNum;
01190 GWEN_BUFFER *srcBuf;
01191 int i;
01192 int rv;
01193
01194 assert(ct);
01195 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01196 assert(lct);
01197
01198 DBG_INFO(GWEN_LOGDOMAIN, "Signing with key %d", keyId);
01199
01200
01201 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01202 if (rv) {
01203 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01204 return rv;
01205 }
01206
01207
01208 i=(keyId>>16);
01209 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01210 if (ctx==NULL) {
01211 DBG_ERROR(GWEN_LOGDOMAIN, "Token has no context");
01212 return GWEN_ERROR_NOT_FOUND;
01213 }
01214 while(ctx) {
01215 if (i==0)
01216 break;
01217 DBG_ERROR(GWEN_LOGDOMAIN, "Checking token %d (i==%d)",
01218 GWEN_Crypt_Token_Context_GetId(ctx), i);
01219 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01220 i--;
01221 }
01222
01223 if (ctx==NULL) {
01224 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01225 return GWEN_ERROR_NOT_FOUND;
01226 }
01227
01228
01229 keyNum=keyId & 0xffff;
01230 if (keyNum!=1 && keyNum!=5) {
01231
01232 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for signing (%x)", keyId);
01233 return GWEN_ERROR_INVALID;
01234 }
01235
01236 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01237 if (k==NULL) {
01238 DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
01239 return GWEN_ERROR_NOT_FOUND;
01240 }
01241
01242
01243 srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
01244 GWEN_Buffer_AppendBytes(srcBuf, (const char*)pInData, inLen);
01245
01246
01247 rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
01248 if (rv) {
01249 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01250 GWEN_Buffer_free(srcBuf);
01251 return rv;
01252 }
01253
01254
01255 rv=GWEN_Crypt_Key_Sign(k,
01256 (const uint8_t*)GWEN_Buffer_GetStart(srcBuf),
01257 GWEN_Buffer_GetUsedBytes(srcBuf),
01258 pSignatureData,
01259 pSignatureLen);
01260 GWEN_Buffer_free(srcBuf);
01261 if (rv) {
01262 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01263 return rv;
01264 }
01265
01266 if (pSeqCounter) {
01267 GWEN_CRYPT_TOKEN_KEYINFO *ki;
01268
01269
01270 switch(keyId & 0xffff) {
01271 case 1: ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx); break;
01272 case 5: ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx); break;
01273 default: ki=NULL;
01274 }
01275 if (ki &&
01276 (GWEN_Crypt_Token_KeyInfo_GetFlags(ki) & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER)) {
01277 unsigned int seq;
01278
01279 seq=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki);
01280 *pSeqCounter=seq;
01281 GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, ++seq);
01282
01283 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
01284 if (rv) {
01285 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
01286 return rv;
01287 }
01288 }
01289 else {
01290 DBG_WARN(GWEN_LOGDOMAIN, "No sign counter for key %04x", keyId);
01291 *pSeqCounter=0;
01292 }
01293 }
01294
01295 return 0;
01296 }
01297
01298
01299
01300 int GWENHYWFAR_CB
01301 GWEN_Crypt_TokenFile__Verify(GWEN_CRYPT_TOKEN *ct,
01302 uint32_t keyId,
01303 GWEN_CRYPT_PADDALGO *a,
01304 const uint8_t *pInData,
01305 uint32_t inLen,
01306 const uint8_t *pSignatureData,
01307 uint32_t signatureLen,
01308 uint32_t seqCounter,
01309 uint32_t gid) {
01310 GWEN_CRYPT_TOKEN_FILE *lct;
01311 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01312 GWEN_CRYPT_KEY *k;
01313 int keyNum;
01314 int i;
01315 int rv;
01316 GWEN_CRYPT_PADDALGOID aid;
01317
01318 assert(ct);
01319 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01320 assert(lct);
01321
01322 DBG_INFO(GWEN_LOGDOMAIN, "Verifying with key %d", keyId);
01323
01324 aid=GWEN_Crypt_PaddAlgo_GetId(a);
01325
01326
01327 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01328 if (rv) {
01329 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01330 return rv;
01331 }
01332
01333
01334 i=(keyId>>16);
01335 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01336 while(ctx) {
01337 if (i==0)
01338 break;
01339 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01340 i--;
01341 }
01342
01343 if (ctx==NULL) {
01344 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01345 return GWEN_ERROR_NOT_FOUND;
01346 }
01347
01348
01349 keyNum=keyId & 0xffff;
01350 if (keyNum!=1 && keyNum!=3 && keyNum!=6) {
01351
01352 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for verifying (%x)", keyId);
01353 return GWEN_ERROR_INVALID;
01354 }
01355
01356 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01357 if (k==NULL) {
01358 DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
01359 return GWEN_ERROR_NO_KEY;
01360 }
01361
01362 if (aid==GWEN_Crypt_PaddAlgoId_Iso9796_2 ||
01363 aid==GWEN_Crypt_PaddAlgoId_Pkcs1_2) {
01364 GWEN_BUFFER *tbuf;
01365 uint32_t l;
01366
01367
01368
01369 tbuf=GWEN_Buffer_new(0, inLen+16, 0, 0);
01370 l=GWEN_Buffer_GetMaxUnsegmentedWrite(tbuf);
01371 rv=GWEN_Crypt_Key_Encipher(k,
01372 pSignatureData, signatureLen,
01373 (uint8_t*)GWEN_Buffer_GetStart(tbuf),
01374 &l);
01375 if (rv<0) {
01376 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01377 GWEN_Buffer_free(tbuf);
01378 return rv;
01379 }
01380 GWEN_Buffer_IncrementPos(tbuf, l);
01381 GWEN_Buffer_AdjustUsedBytes(tbuf);
01382
01383 rv=GWEN_Padd_UnapplyPaddAlgo(a, tbuf);
01384 if (rv<0) {
01385 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01386 GWEN_Buffer_free(tbuf);
01387 return rv;
01388 }
01389 if (l!=inLen) {
01390 DBG_ERROR(GWEN_LOGDOMAIN, "Signature length doesn't match");
01391 GWEN_Buffer_free(tbuf);
01392 return GWEN_ERROR_VERIFY;
01393 }
01394 if (memcmp(pInData, GWEN_Buffer_GetStart(tbuf), l)!=0) {
01395 DBG_ERROR(GWEN_LOGDOMAIN, "Signature doesn't match:");
01396 GWEN_Buffer_free(tbuf);
01397 return GWEN_ERROR_VERIFY;
01398 }
01399 }
01400 else {
01401 GWEN_BUFFER *srcBuf;
01402
01403
01404 srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
01405 GWEN_Buffer_AppendBytes(srcBuf, (const char*)pInData, inLen);
01406
01407
01408 rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
01409 if (rv) {
01410 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01411 GWEN_Buffer_free(srcBuf);
01412 return rv;
01413 }
01414
01415
01416 rv=GWEN_Crypt_Key_Verify(k,
01417 (const uint8_t*)GWEN_Buffer_GetStart(srcBuf),
01418 GWEN_Buffer_GetUsedBytes(srcBuf),
01419 pSignatureData,
01420 signatureLen);
01421 GWEN_Buffer_free(srcBuf);
01422 if (rv) {
01423 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01424 return rv;
01425 }
01426 }
01427
01428 if (seqCounter) {
01429 GWEN_CRYPT_TOKEN_KEYINFO *ki;
01430
01431
01432 if (keyNum==3)
01433 ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
01434 else
01435 ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
01436 if (ki &&
01437 (GWEN_Crypt_Token_KeyInfo_GetFlags(ki) & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER)) {
01438 unsigned int seq;
01439
01440 seq=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki);
01441
01442 if (seq>=seqCounter) {
01443 DBG_WARN(GWEN_LOGDOMAIN, "Bad remote sequence counter (possibly replay attack!)");
01444 return GWEN_ERROR_VERIFY;
01445 }
01446 GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, seqCounter);
01447
01448
01449 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
01450 if (rv) {
01451 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
01452 return rv;
01453 }
01454 }
01455 else {
01456 DBG_WARN(GWEN_LOGDOMAIN, "No sign counter for key %04x", keyId);
01457 }
01458
01459 }
01460
01461 return 0;
01462 }
01463
01464
01465
01466 int GWENHYWFAR_CB
01467 GWEN_Crypt_TokenFile__Encipher(GWEN_CRYPT_TOKEN *ct,
01468 uint32_t keyId,
01469 GWEN_CRYPT_PADDALGO *a,
01470 const uint8_t *pInData,
01471 uint32_t inLen,
01472 uint8_t *pOutData,
01473 uint32_t *pOutLen,
01474 uint32_t gid) {
01475 GWEN_CRYPT_TOKEN_FILE *lct;
01476 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01477 GWEN_CRYPT_KEY *k;
01478 int keyNum;
01479 GWEN_BUFFER *srcBuf;
01480 int i;
01481 int rv;
01482
01483 assert(ct);
01484 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01485 assert(lct);
01486
01487 DBG_INFO(GWEN_LOGDOMAIN, "Enciphering with key %d", keyId);
01488
01489
01490 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01491 if (rv) {
01492 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01493 return rv;
01494 }
01495
01496
01497 i=(keyId>>16);
01498 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01499 while(ctx) {
01500 if (i==0)
01501 break;
01502 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01503 i--;
01504 }
01505
01506 if (ctx==NULL) {
01507 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01508 return GWEN_ERROR_NOT_FOUND;
01509 }
01510
01511
01512 keyNum=keyId & 0xffff;
01513 if (keyNum!=2 && keyNum!=4) {
01514
01515 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for encrypting (%x)", keyId);
01516 return GWEN_ERROR_INVALID;
01517 }
01518
01519 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01520 if (k==NULL) {
01521 DBG_INFO(GWEN_LOGDOMAIN, "Key %d not found", keyId);
01522 return GWEN_ERROR_NOT_FOUND;
01523 }
01524
01525
01526 srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
01527 GWEN_Buffer_AppendBytes(srcBuf, (const char*)pInData, inLen);
01528 GWEN_Buffer_Rewind(srcBuf);
01529
01530
01531 rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
01532 if (rv) {
01533 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01534 GWEN_Buffer_free(srcBuf);
01535 return rv;
01536 }
01537
01538
01539 rv=GWEN_Crypt_Key_Encipher(k,
01540 (const uint8_t*)GWEN_Buffer_GetStart(srcBuf),
01541 GWEN_Buffer_GetUsedBytes(srcBuf),
01542 pOutData,
01543 pOutLen);
01544 GWEN_Buffer_free(srcBuf);
01545 if (rv) {
01546 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01547 return rv;
01548 }
01549
01550 return 0;
01551 }
01552
01553
01554
01555 int GWENHYWFAR_CB
01556 GWEN_Crypt_TokenFile__Decipher(GWEN_CRYPT_TOKEN *ct,
01557 uint32_t keyId,
01558 GWEN_CRYPT_PADDALGO *a,
01559 const uint8_t *pInData,
01560 uint32_t inLen,
01561 uint8_t *pOutData,
01562 uint32_t *pOutLen,
01563 uint32_t gid) {
01564 GWEN_CRYPT_TOKEN_FILE *lct;
01565 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01566 GWEN_CRYPT_KEY *k;
01567 int keyNum;
01568 GWEN_BUFFER *tbuf;
01569 int i;
01570 int rv;
01571 uint32_t l;
01572
01573 assert(ct);
01574 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01575 assert(lct);
01576
01577 DBG_INFO(GWEN_LOGDOMAIN, "Deciphering with key %d", keyId);
01578
01579
01580 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01581 if (rv) {
01582 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01583 return rv;
01584 }
01585
01586
01587 i=(keyId>>16);
01588 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01589 while(ctx) {
01590 if (i==0)
01591 break;
01592 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01593 i--;
01594 }
01595
01596 if (ctx==NULL) {
01597 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01598 return GWEN_ERROR_NOT_FOUND;
01599 }
01600
01601
01602 keyNum=keyId & 0xffff;
01603 if (keyNum!=2 && keyNum!=4) {
01604
01605 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for decrypting (%x)", keyId);
01606 return GWEN_ERROR_INVALID;
01607 }
01608
01609 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01610 if (k==NULL) {
01611 DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
01612 return GWEN_ERROR_NOT_FOUND;
01613 }
01614
01615
01616 tbuf=GWEN_Buffer_new(0, inLen+16, 0, 1);
01617 l=GWEN_Buffer_GetMaxUnsegmentedWrite(tbuf);
01618 rv=GWEN_Crypt_Key_Decipher(k,
01619 pInData, inLen,
01620 (uint8_t*)GWEN_Buffer_GetStart(tbuf), &l);
01621 if (rv<0) {
01622 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01623 GWEN_Buffer_free(tbuf);
01624 return rv;
01625 }
01626 GWEN_Buffer_IncrementPos(tbuf, l);
01627 GWEN_Buffer_AdjustUsedBytes(tbuf);
01628
01629
01630 rv=GWEN_Padd_UnapplyPaddAlgo(a, tbuf);
01631 if (rv) {
01632 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01633 GWEN_Buffer_free(tbuf);
01634 return rv;
01635 }
01636
01637
01638 l=GWEN_Buffer_GetUsedBytes(tbuf);
01639 if (l>*pOutLen) {
01640 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01641 GWEN_Buffer_free(tbuf);
01642 return GWEN_ERROR_BUFFER_OVERFLOW;
01643 }
01644 memmove(pOutData, GWEN_Buffer_GetStart(tbuf), l);
01645 *pOutLen=l;
01646 GWEN_Buffer_free(tbuf);
01647
01648 return 0;
01649 }
01650
01651
01652
01653 int GWENHYWFAR_CB
01654 GWEN_Crypt_TokenFile__GenerateKey(GWEN_CRYPT_TOKEN *ct,
01655 uint32_t keyId,
01656 const GWEN_CRYPT_CRYPTALGO *a,
01657 uint32_t gid) {
01658 GWEN_CRYPT_TOKEN_FILE *lct;
01659 GWEN_CRYPT_KEY *pubKey;
01660 GWEN_CRYPT_KEY *secKey;
01661 int rv;
01662 uint32_t keyNum;
01663 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01664 int i;
01665 uint8_t kbuf[256];
01666 uint32_t klen;
01667 GWEN_CRYPT_TOKEN_KEYINFO *cki;
01668 GWEN_CRYPT_TOKEN_KEYINFO *ki;
01669
01670 assert(ct);
01671 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01672 assert(lct);
01673
01674
01675 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01676 if (rv) {
01677 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01678 return rv;
01679 }
01680
01681 keyNum=keyId & 0xffff;
01682
01683
01684 if (keyNum!=1 && keyNum!=2 && keyNum!=5) {
01685 DBG_INFO(GWEN_LOGDOMAIN, "Can only generate local keys.");
01686 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01687 I18N("Can only generate local keys."));
01688 return GWEN_ERROR_NOT_SUPPORTED;
01689 }
01690
01691
01692 if (GWEN_Crypt_CryptAlgo_GetId(a)!=GWEN_Crypt_CryptAlgoId_Rsa) {
01693 DBG_INFO(GWEN_LOGDOMAIN, "Only RSA keys supported.");
01694 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01695 I18N("Only RSA keys supported."));
01696 return GWEN_ERROR_NOT_SUPPORTED;
01697 }
01698
01699
01700 i=(keyId>>16);
01701 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01702 while(ctx) {
01703 if (i==0)
01704 break;
01705 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01706 i--;
01707 }
01708
01709
01710 rv=GWEN_Crypt_KeyRsa_GeneratePair(GWEN_Crypt_CryptAlgo_GetChunkSize(a),
01711 (GWEN_Crypt_Token_GetModes(ct) &
01712 GWEN_CRYPT_TOKEN_MODE_EXP_65537)?1:0,
01713 &pubKey,
01714 &secKey);
01715 if (rv) {
01716 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01717 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01718 I18N("Could not generate key"));
01719 return rv;
01720 }
01721
01722 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
01723 I18N("Key generated"));
01724
01725
01726 if (keyNum==1)
01727 cki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
01728 else if (keyNum==3)
01729 cki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
01730 else
01731 cki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
01732 if (cki==NULL) {
01733 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01734 I18N("No key info found"));
01735 return GWEN_ERROR_NO_DATA;
01736 }
01737
01738
01739 ki=GWEN_Crypt_Token_KeyInfo_dup(cki);
01740 assert(ki);
01741
01742
01743 klen=sizeof(kbuf);
01744 rv=GWEN_Crypt_KeyRsa_GetModulus(pubKey, kbuf, &klen);
01745 if (rv) {
01746 DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
01747 GWEN_Crypt_Token_KeyInfo_free(ki);
01748 GWEN_Crypt_Key_free(pubKey);
01749 return rv;
01750 }
01751 GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
01752
01753
01754 klen=sizeof(kbuf);
01755 rv=GWEN_Crypt_KeyRsa_GetExponent(pubKey, kbuf, &klen);
01756 if (rv) {
01757 DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
01758 GWEN_Crypt_Token_KeyInfo_free(ki);
01759 GWEN_Crypt_Key_free(pubKey);
01760 return rv;
01761 }
01762 GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
01763 GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(pubKey));
01764 GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(pubKey));
01765
01766 if (keyNum==1) {
01767 if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
01768 DBG_ERROR(0, "Adding mode \"direct sign\" to key");
01769 GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
01770 }
01771 GWEN_CTF_Context_SetLocalSignKey(ctx, secKey);
01772 GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, ki);
01773 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
01774 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
01775 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
01776 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
01777 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
01778 GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
01779 GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
01780 GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
01781 GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
01782 }
01783 else if (keyNum==2) {
01784 GWEN_CTF_Context_SetLocalCryptKey(ctx, secKey);
01785 GWEN_CTF_Context_SetLocalCryptKeyInfo(ctx, ki);
01786 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
01787 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
01788 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
01789 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
01790 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
01791 GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
01792 GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
01793 GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
01794 GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER);
01795 }
01796 else {
01797 if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
01798 DBG_ERROR(0, "Adding mode \"direct sign\" to key");
01799 GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
01800 }
01801 GWEN_CTF_Context_SetLocalAuthKey(ctx, secKey);
01802 GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, ki);
01803 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
01804 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
01805 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
01806 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
01807 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
01808 GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
01809 GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
01810 GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
01811 GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
01812 }
01813
01814
01815 GWEN_Crypt_Key_free(pubKey);
01816
01817 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
01818 if (rv) {
01819 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
01820 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01821 I18N("Unable to write key file"));
01822 return rv;
01823 }
01824
01825 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
01826 I18N("Key generated and set"));
01827
01828 return 0;
01829 }
01830
01831
01832
01833
01834
01835
01836 GWENHYWFAR_CB
01837 void GWEN_Crypt_TokenFile_freeData(void *bp, void *p) {
01838 GWEN_CRYPT_TOKEN_FILE *lct;
01839
01840 lct=(GWEN_CRYPT_TOKEN_FILE*) p;
01841 GWEN_Crypt_Token_Context_List_free(lct->contextList);
01842
01843 GWEN_FREE_OBJECT(lct);
01844 }
01845
01846
01847
01848 GWEN_CRYPT_TOKEN *GWEN_Crypt_TokenFile_new(const char *typeName,
01849 const char *tokenName) {
01850 GWEN_CRYPT_TOKEN *ct;
01851 GWEN_CRYPT_TOKEN_FILE *lct;
01852
01853 ct=GWEN_Crypt_Token_new(GWEN_Crypt_Token_Device_File, typeName, tokenName);
01854 assert(ct);
01855
01856 GWEN_NEW_OBJECT(GWEN_CRYPT_TOKEN_FILE, lct);
01857 lct->contextList=GWEN_Crypt_Token_Context_List_new();
01858 GWEN_INHERIT_SETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct, lct,
01859 GWEN_Crypt_TokenFile_freeData);
01860 GWEN_Crypt_Token_SetOpenFn(ct, GWEN_Crypt_TokenFile_Open);
01861 GWEN_Crypt_Token_SetCreateFn(ct, GWEN_Crypt_TokenFile_Create);
01862 GWEN_Crypt_Token_SetCloseFn(ct, GWEN_Crypt_TokenFile_Close);
01863 GWEN_Crypt_Token_SetGetKeyIdListFn(ct, GWEN_Crypt_TokenFile__GetKeyIdList);
01864 GWEN_Crypt_Token_SetGetKeyInfoFn(ct, GWEN_Crypt_TokenFile__GetKeyInfo);
01865 GWEN_Crypt_Token_SetSetKeyInfoFn(ct, GWEN_Crypt_TokenFile__SetKeyInfo);
01866 GWEN_Crypt_Token_SetGetContextIdListFn(ct, GWEN_Crypt_TokenFile__GetContextIdList);
01867 GWEN_Crypt_Token_SetGetContextFn(ct, GWEN_Crypt_TokenFile__GetContext);
01868 GWEN_Crypt_Token_SetSetContextFn(ct, GWEN_Crypt_TokenFile__SetContext);
01869 GWEN_Crypt_Token_SetSignFn(ct, GWEN_Crypt_TokenFile__Sign);
01870 GWEN_Crypt_Token_SetVerifyFn(ct, GWEN_Crypt_TokenFile__Verify);
01871 GWEN_Crypt_Token_SetEncipherFn(ct, GWEN_Crypt_TokenFile__Encipher);
01872 GWEN_Crypt_Token_SetDecipherFn(ct, GWEN_Crypt_TokenFile__Decipher);
01873 GWEN_Crypt_Token_SetGenerateKeyFn(ct, GWEN_Crypt_TokenFile__GenerateKey);
01874
01875 return ct;
01876 }
01877
01878
01879
01880
01881