00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013 #ifdef HAVE_CONFIG_H
00014 # include <config.h>
00015 #endif
00016
00017
00018 #include "ctfile_p.h"
00019 #include "i18n_l.h"
00020 #include <gwenhywfar/ctf_context_be.h>
00021 #include <gwenhywfar/misc.h>
00022 #include <gwenhywfar/debug.h>
00023 #include <gwenhywfar/padd.h>
00024 #include <gwenhywfar/cryptkeyrsa.h>
00025 #include <gwenhywfar/text.h>
00026
00027 #include <sys/types.h>
00028 #include <sys/stat.h>
00029 #include <fcntl.h>
00030 #include <string.h>
00031 #include <errno.h>
00032 #include <stdlib.h>
00033 #include <unistd.h>
00034
00035
00036
00037 GWEN_INHERIT(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE)
00038
00039
00040
00041
00042
00043 int GWEN_Crypt_TokenFile__OpenFile(GWEN_CRYPT_TOKEN *ct, int wr, uint32_t gid){
00044 int fd;
00045 GWEN_CRYPT_TOKEN_FILE *lct;
00046 GWEN_FSLOCK_RESULT lres;
00047
00048 assert(ct);
00049 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00050 assert(lct);
00051
00052 lct->lock=GWEN_FSLock_new(GWEN_Crypt_Token_GetTokenName(ct),
00053 GWEN_FSLock_TypeFile);
00054 lres=GWEN_FSLock_Lock(lct->lock, 10000, gid);
00055 if (lres!=GWEN_FSLock_ResultOk) {
00056 GWEN_FSLock_free(lct->lock);
00057 lct->lock=0;
00058 DBG_ERROR(GWEN_LOGDOMAIN, "Could not lock file");
00059 if (lres==GWEN_FSLock_ResultUserAbort)
00060 return GWEN_ERROR_USER_ABORTED;
00061 else
00062 return GWEN_ERROR_IO;
00063 }
00064 else {
00065 DBG_INFO(GWEN_LOGDOMAIN,
00066 "Keyfile [%s] locked.",
00067 GWEN_Crypt_Token_GetTokenName(ct));
00068 }
00069
00070 if (wr) {
00071
00072 fd=open(GWEN_Crypt_Token_GetTokenName(ct),
00073 O_RDWR|O_CREAT
00074 #ifdef OS_WIN32
00075 | O_BINARY
00076 #endif
00077 ,
00078 S_IRUSR|S_IWUSR | lct->keyfile_mode);
00079 }
00080 else {
00081
00082 struct stat statbuffer;
00083 if (!stat(GWEN_Crypt_Token_GetTokenName(ct), &statbuffer)) {
00084
00085
00086 lct->keyfile_mode =
00087 statbuffer.st_mode & (S_IRWXU
00088 #ifndef OS_WIN32
00089 | S_IRWXG | S_IRWXO
00090 #endif
00091 );
00092 }
00093 else {
00094 DBG_ERROR(GWEN_LOGDOMAIN,
00095 "stat(%s): %s",
00096 GWEN_Crypt_Token_GetTokenName(ct),
00097 strerror(errno));
00098
00099 GWEN_FSLock_Unlock(lct->lock);
00100 GWEN_FSLock_free(lct->lock);
00101 lct->lock=0;
00102 DBG_INFO(GWEN_LOGDOMAIN,
00103 "Keyfile [%s] unlocked.",
00104 GWEN_Crypt_Token_GetTokenName(ct));
00105 return GWEN_ERROR_IO;
00106 }
00107
00108
00109 fd=open(GWEN_Crypt_Token_GetTokenName(ct),
00110 O_RDONLY
00111 #ifdef OS_WIN32
00112 | O_BINARY
00113 #endif
00114 );
00115 }
00116
00117 if (fd==-1) {
00118 DBG_ERROR(GWEN_LOGDOMAIN,
00119 "open(%s): %s",
00120 GWEN_Crypt_Token_GetTokenName(ct),
00121 strerror(errno));
00122 GWEN_FSLock_Unlock(lct->lock);
00123 GWEN_FSLock_free(lct->lock);
00124 lct->lock=0;
00125 DBG_INFO(GWEN_LOGDOMAIN,
00126 "Keyfile [%s] unlocked.",
00127 GWEN_Crypt_Token_GetTokenName(ct));
00128 return GWEN_ERROR_IO;
00129 }
00130
00131 lct->fd=fd;
00132
00133 return 0;
00134 }
00135
00136
00137
00138 int GWEN_Crypt_TokenFile__CloseFile(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00139 GWEN_CRYPT_TOKEN_FILE *lct;
00140 GWEN_FSLOCK_RESULT lres;
00141 struct stat st;
00142
00143 assert(ct);
00144 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00145 assert(lct);
00146
00147 if (lct->fd==-1) {
00148 DBG_ERROR(GWEN_LOGDOMAIN, "Keyfile \"%s\"not open",
00149 GWEN_Crypt_Token_GetTokenName(ct));
00150 return GWEN_ERROR_INTERNAL;
00151 }
00152
00153 if (close(lct->fd)) {
00154 DBG_ERROR(GWEN_LOGDOMAIN, "close(%s): %s",
00155 GWEN_Crypt_Token_GetTokenName(ct), strerror(errno));
00156 lct->fd=-1;
00157 GWEN_FSLock_Unlock(lct->lock);
00158 GWEN_FSLock_free(lct->lock);
00159 lct->lock=0;
00160 DBG_INFO(GWEN_LOGDOMAIN,
00161 "Keyfile [%s] unlocked.",
00162 GWEN_Crypt_Token_GetTokenName(ct));
00163 return GWEN_ERROR_IO;
00164 }
00165 lct->fd=-1;
00166
00167 lres=GWEN_FSLock_Unlock(lct->lock);
00168 if (lres!=GWEN_FSLock_ResultOk) {
00169 DBG_WARN(GWEN_LOGDOMAIN, "Error removing lock from \"%s\": %d",
00170 GWEN_Crypt_Token_GetTokenName(ct), lres);
00171 }
00172 GWEN_FSLock_free(lct->lock);
00173 lct->lock=0;
00174 DBG_INFO(GWEN_LOGDOMAIN,
00175 "Keyfile [%s] unlocked.",
00176 GWEN_Crypt_Token_GetTokenName(ct));
00177
00178
00179 if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
00180 DBG_ERROR(GWEN_LOGDOMAIN,
00181 "stat(%s): %s",
00182 GWEN_Crypt_Token_GetTokenName(ct),
00183 strerror(errno));
00184 return GWEN_ERROR_IO;
00185 }
00186
00187 #ifndef OS_WIN32
00188 if (st.st_mode & 0007) {
00189 DBG_WARN(GWEN_LOGDOMAIN,
00190 "WARNING: Your keyfile \"%s\" is world accessible!\n"
00191 "Nobody but you should have access to the file. You \n"
00192 "should probably change this with \"chmod 600 %s\"",
00193 GWEN_Crypt_Token_GetTokenName(ct),
00194 GWEN_Crypt_Token_GetTokenName(ct));
00195 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Warning,
00196 "WARNING: Your keyfile is world accessible!\n"
00197 "Nobody but you should have access to the file.");
00198 }
00199 #endif
00200 lct->mtime=st.st_mtime;
00201 lct->ctime=st.st_ctime;
00202
00203 return 0;
00204 }
00205
00206
00207
00208 int GWEN_Crypt_TokenFile__Read(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00209 GWEN_CRYPT_TOKEN_FILE *lct;
00210
00211 assert(ct);
00212 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00213 assert(lct);
00214
00215 assert(lct->readFn);
00216 if (lseek(lct->fd, 0, SEEK_SET)==-1) {
00217 DBG_ERROR(GWEN_LOGDOMAIN, "lseek(%s): %s",
00218 GWEN_Crypt_Token_GetTokenName(ct),
00219 strerror(errno));
00220 return GWEN_ERROR_IO;
00221 }
00222 return lct->readFn(ct, lct->fd, gid);
00223 }
00224
00225
00226
00227 int GWEN_Crypt_TokenFile__Write(GWEN_CRYPT_TOKEN *ct, int cr, uint32_t gid){
00228 GWEN_CRYPT_TOKEN_FILE *lct;
00229
00230 assert(ct);
00231 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00232 assert(lct);
00233
00234 if (lct->writeFn==0) {
00235 DBG_WARN(GWEN_LOGDOMAIN,
00236 "No write function in crypt token type \"%s\"",
00237 GWEN_Crypt_Token_GetTypeName(ct));
00238 return GWEN_ERROR_NOT_SUPPORTED;
00239 }
00240
00241 if (lseek(lct->fd, 0, SEEK_SET)==-1) {
00242 DBG_ERROR(GWEN_LOGDOMAIN, "lseek(%s): %s",
00243 GWEN_Crypt_Token_GetTokenName(ct),
00244 strerror(errno));
00245 return GWEN_ERROR_IO;
00246 }
00247 return lct->writeFn(ct, lct->fd, cr, gid);
00248 }
00249
00250
00251
00252 int GWEN_Crypt_TokenFile__ReadFile(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00253 GWEN_CRYPT_TOKEN_FILE *lct;
00254 int rv;
00255
00256 assert(ct);
00257 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00258 assert(lct);
00259
00260
00261 GWEN_Crypt_Token_Context_List_Clear(lct->contextList);
00262
00263
00264 rv=GWEN_Crypt_TokenFile__OpenFile(ct, 0, gid);
00265 if (rv) {
00266 DBG_INFO(GWEN_LOGDOMAIN,
00267 "Could not open keyfile for reading (%d)", rv);
00268 return rv;
00269 }
00270
00271
00272 rv=GWEN_Crypt_TokenFile__Read(ct, gid);
00273 if (rv) {
00274 DBG_INFO(GWEN_LOGDOMAIN, "Error reading keyfile");
00275 GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00276 return rv;
00277 }
00278
00279
00280 rv=GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00281 if (rv) {
00282 DBG_INFO(GWEN_LOGDOMAIN, "Could not close keyfile");
00283 return rv;
00284 }
00285
00286 return 0;
00287 }
00288
00289
00290
00291 int GWEN_Crypt_TokenFile__WriteFile(GWEN_CRYPT_TOKEN *ct, int cr, uint32_t gid){
00292 GWEN_CRYPT_TOKEN_FILE *lct;
00293 int rv;
00294
00295 assert(ct);
00296 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00297 assert(lct);
00298
00299
00300 rv=GWEN_Crypt_TokenFile__OpenFile(ct, 1, gid);
00301 if (rv) {
00302 DBG_INFO(GWEN_LOGDOMAIN,
00303 "Could not open keyfile for writing (%d)", rv);
00304 return rv;
00305 }
00306
00307
00308 rv=GWEN_Crypt_TokenFile__Write(ct, cr, gid);
00309 if (rv) {
00310 DBG_INFO(GWEN_LOGDOMAIN, "Error writing keyfile");
00311 GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00312 return rv;
00313 }
00314
00315
00316 rv=GWEN_Crypt_TokenFile__CloseFile(ct, gid);
00317 if (rv) {
00318 DBG_INFO(GWEN_LOGDOMAIN, "Could not close keyfile");
00319 return rv;
00320 }
00321
00322 return 0;
00323 }
00324
00325
00326
00327 int GWEN_Crypt_TokenFile__ReloadIfNeeded(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00328 GWEN_CRYPT_TOKEN_FILE *lct;
00329 struct stat st;
00330
00331 assert(ct);
00332 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00333 assert(lct);
00334
00335 if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
00336 DBG_ERROR(GWEN_LOGDOMAIN,
00337 "stat(%s): %s",
00338 GWEN_Crypt_Token_GetTokenName(ct),
00339 strerror(errno));
00340 return -1;
00341 }
00342 if (lct->mtime!=st.st_mtime ||
00343 lct->ctime!=st.st_ctime) {
00344 int rv;
00345
00346
00347 DBG_NOTICE(GWEN_LOGDOMAIN,
00348 "Keyfile changed externally, reloading it");
00349
00350 rv=GWEN_Crypt_TokenFile__ReadFile(ct, gid);
00351 if (rv) {
00352 DBG_WARN(GWEN_LOGDOMAIN, "Error reloading keyfile");
00353 return rv;
00354 }
00355 }
00356 else {
00357 DBG_NOTICE(GWEN_LOGDOMAIN, "Keyfile unchanged, not reloading");
00358 }
00359 return 0;
00360 }
00361
00362
00363
00364 void GWEN_Crypt_TokenFile_AddContext(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CONTEXT *ctx) {
00365 GWEN_CRYPT_TOKEN_FILE *lct;
00366
00367 assert(ct);
00368 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00369 assert(lct);
00370
00371
00372 assert(GWEN_CTF_Context_IsOfThisType(ctx));
00373 GWEN_Crypt_Token_Context_List_Add(ctx, lct->contextList);
00374 }
00375
00376
00377
00378 GWEN_CRYPT_TOKEN_CONTEXT *GWEN_Crypt_TokenFile_GetContext(GWEN_CRYPT_TOKEN *ct, int idx) {
00379 GWEN_CRYPT_TOKEN_FILE *lct;
00380 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00381
00382 assert(ct);
00383 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00384 assert(lct);
00385
00386 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00387 while(ctx) {
00388 if (idx==0)
00389 return ctx;
00390 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00391 idx--;
00392 }
00393
00394 return NULL;
00395 }
00396
00397
00398
00399 GWEN_CRYPT_TOKEN_FILE_READ_FN GWEN_Crypt_TokenFile_SetReadFn(GWEN_CRYPT_TOKEN *ct,
00400 GWEN_CRYPT_TOKEN_FILE_READ_FN f) {
00401 GWEN_CRYPT_TOKEN_FILE *lct;
00402 GWEN_CRYPT_TOKEN_FILE_READ_FN of;
00403
00404 assert(ct);
00405 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00406 assert(lct);
00407
00408 of=lct->readFn;
00409 lct->readFn=f;
00410
00411 return of;
00412 }
00413
00414
00415
00416 GWEN_CRYPT_TOKEN_FILE_WRITE_FN GWEN_Crypt_TokenFile_SetWriteFn(GWEN_CRYPT_TOKEN *ct,
00417 GWEN_CRYPT_TOKEN_FILE_WRITE_FN f) {
00418 GWEN_CRYPT_TOKEN_FILE *lct;
00419 GWEN_CRYPT_TOKEN_FILE_WRITE_FN of;
00420
00421 assert(ct);
00422 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00423 assert(lct);
00424
00425 of=lct->writeFn;
00426 lct->writeFn=f;
00427
00428 return of;
00429 }
00430
00431
00432
00433 int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Create(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
00434 GWEN_CRYPT_TOKEN_FILE *lct;
00435 struct stat st;
00436 int fd;
00437 int rv;
00438
00439 assert(ct);
00440 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00441 assert(lct);
00442
00443 if (!GWEN_Crypt_Token_GetTokenName(ct)) {
00444 DBG_ERROR(GWEN_LOGDOMAIN, "No medium name given");
00445 return GWEN_ERROR_INVALID;
00446 }
00447
00448 if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
00449 if (errno!=ENOENT) {
00450 DBG_ERROR(GWEN_LOGDOMAIN,
00451 "stat(%s): %s",
00452 GWEN_Crypt_Token_GetTokenName(ct),
00453 strerror(errno));
00454 return GWEN_ERROR_IO;
00455 }
00456 }
00457 else {
00458 DBG_ERROR(GWEN_LOGDOMAIN,
00459 "Keyfile \"%s\" already exists, will not create it",
00460 GWEN_Crypt_Token_GetTokenName(ct));
00461 return GWEN_ERROR_INVALID;
00462 }
00463
00464
00465
00466 fd=open(GWEN_Crypt_Token_GetTokenName(ct),
00467 O_RDWR | O_CREAT | O_EXCL
00468 #ifdef OS_WIN32
00469 | O_BINARY
00470 #endif
00471 ,
00472 S_IRUSR|S_IWUSR);
00473
00474
00475 if (fd==-1) {
00476 DBG_ERROR(GWEN_LOGDOMAIN,
00477 "open(%s): %s",
00478 GWEN_Crypt_Token_GetTokenName(ct),
00479 strerror(errno));
00480 return GWEN_ERROR_IO;
00481 }
00482
00483 close(fd);
00484
00485 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 1, gid);
00486 if (rv) {
00487 DBG_INFO(GWEN_LOGDOMAIN, "here");
00488 return rv;
00489 }
00490
00491 return 0;
00492 }
00493
00494
00495
00496 int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Open(GWEN_CRYPT_TOKEN *ct, int admin, uint32_t gid){
00497 GWEN_CRYPT_TOKEN_FILE *lct;
00498 int rv;
00499
00500 assert(ct);
00501 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00502 assert(lct);
00503
00504 rv=GWEN_Crypt_TokenFile__ReadFile(ct, gid);
00505 if (rv) {
00506 DBG_INFO(GWEN_LOGDOMAIN, "here");
00507 return rv;
00508 }
00509
00510 return 0;
00511 }
00512
00513
00514
00515 int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Close(GWEN_CRYPT_TOKEN *ct, int abandon, uint32_t gid){
00516 GWEN_CRYPT_TOKEN_FILE *lct;
00517 int rv;
00518
00519 assert(ct);
00520 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00521 assert(lct);
00522
00523 if (!abandon)
00524 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
00525 else
00526 rv=0;
00527
00528
00529 GWEN_Crypt_Token_Context_List_Clear(lct->contextList);
00530 lct->mtime=0;
00531 lct->ctime=0;
00532
00533 return rv;
00534 }
00535
00536
00537
00538
00539 int GWENHYWFAR_CB GWEN_Crypt_TokenFile__GetKeyIdList(GWEN_CRYPT_TOKEN *ct,
00540 uint32_t *pIdList,
00541 uint32_t *pCount,
00542 uint32_t gid) {
00543 GWEN_CRYPT_TOKEN_FILE *lct;
00544 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00545 int i;
00546 int rv;
00547
00548 assert(ct);
00549 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00550 assert(lct);
00551
00552
00553 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00554 if (rv) {
00555 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00556 return rv;
00557 }
00558
00559
00560 i=0;
00561 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00562 while(ctx) {
00563 i+=GWEN_CRYPT_TOKEN_CONTEXT_KEYS;
00564 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00565 }
00566
00567
00568 if (pIdList==NULL) {
00569 *pCount=i;
00570 return 0;
00571 }
00572
00573 if (*pCount<i) {
00574 DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small");
00575 return GWEN_ERROR_BUFFER_OVERFLOW;
00576 }
00577
00578 *pCount=i;
00579 i=0;
00580 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00581 while(ctx) {
00582 int j;
00583
00584 for (j=1; j<=GWEN_CRYPT_TOKEN_CONTEXT_KEYS; j++)
00585 *(pIdList++)=(i<<16)+j;
00586
00587 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00588 i++;
00589 }
00590
00591 return 0;
00592 }
00593
00594
00595
00596 const GWEN_CRYPT_TOKEN_KEYINFO* GWENHYWFAR_CB
00597 GWEN_Crypt_TokenFile__GetKeyInfo(GWEN_CRYPT_TOKEN *ct,
00598 uint32_t id,
00599 uint32_t flags,
00600 uint32_t gid) {
00601 GWEN_CRYPT_TOKEN_FILE *lct;
00602 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00603 GWEN_CRYPT_TOKEN_KEYINFO *ki;
00604 int i;
00605 int rv;
00606
00607 assert(ct);
00608 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00609 assert(lct);
00610
00611
00612 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00613 if (rv) {
00614 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00615 return NULL;
00616 }
00617
00618 i=id>>16;
00619 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00620 while(ctx) {
00621 if (i==0)
00622 break;
00623 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00624 i--;
00625 }
00626
00627 if (ctx==NULL) {
00628 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
00629 return NULL;
00630 }
00631
00632 switch(id & 0xffff) {
00633 case 1: ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx); break;
00634 case 2: ki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx); break;
00635 case 3: ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx); break;
00636 case 4: ki=GWEN_CTF_Context_GetRemoteCryptKeyInfo(ctx); break;
00637 case 5: ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx); break;
00638 case 6: ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx); break;
00639 default:
00640 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
00641 return NULL;
00642 }
00643
00644 if (ki==NULL) {
00645 DBG_INFO(GWEN_LOGDOMAIN, "No key info stored for key %d", id);
00646 return NULL;
00647 }
00648
00649 return ki;
00650 }
00651
00652
00653
00654 #if 0
00655 int GWENHYWFAR_CB
00656 GWEN_Crypt_TokenFile__SetKeyInfo(GWEN_CRYPT_TOKEN *ct,
00657 uint32_t id,
00658 const GWEN_CRYPT_TOKEN_KEYINFO *ki,
00659 uint32_t gid) {
00660 GWEN_CRYPT_TOKEN_FILE *lct;
00661 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00662 int i;
00663 int rv;
00664 GWEN_CRYPT_TOKEN_KEYINFO *nki;
00665 GWEN_CRYPT_KEY *key;
00666 uint32_t flags;
00667
00668 assert(ct);
00669 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00670 assert(lct);
00671
00672 flags=GWEN_Crypt_Token_KeyInfo_GetFlags(ki);
00673
00674
00675 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00676 if (rv) {
00677 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00678 return rv;
00679 }
00680
00681 i=id>>16;
00682 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00683 while(ctx) {
00684 if (i==0)
00685 break;
00686 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00687 i--;
00688 }
00689
00690 if (ctx==NULL) {
00691 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
00692 return GWEN_ERROR_NOT_FOUND;
00693 }
00694
00695 nki=GWEN_Crypt_Token_KeyInfo_dup(ki);
00696 assert(nki);
00697 switch(id & 0xffff) {
00698 case 1:
00699 GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, nki);
00700 key=GWEN_CTF_Context_GetLocalSignKey(ctx);
00701 break;
00702 case 2:
00703 GWEN_CTF_Context_SetLocalCryptKeyInfo(ctx, nki);
00704 key=GWEN_CTF_Context_GetLocalCryptKey(ctx);
00705 break;
00706 case 3:
00707 GWEN_CTF_Context_SetRemoteSignKeyInfo(ctx, nki);
00708 key=GWEN_CTF_Context_GetRemoteSignKey(ctx);
00709 break;
00710 case 4:
00711 GWEN_CTF_Context_SetRemoteCryptKeyInfo(ctx, nki);
00712 key=GWEN_CTF_Context_GetRemoteCryptKey(ctx);
00713 break;
00714 case 5:
00715 GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, nki);
00716 key=GWEN_CTF_Context_GetLocalAuthKey(ctx);
00717 break;
00718 case 6:
00719 GWEN_CTF_Context_SetRemoteAuthKeyInfo(ctx, nki);
00720 key=GWEN_CTF_Context_GetRemoteAuthKey(ctx);
00721 break;
00722 default:
00723 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
00724 GWEN_Crypt_Token_KeyInfo_free(nki);
00725 return GWEN_ERROR_NOT_FOUND;
00726 }
00727
00728
00729 if ((flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS) &&
00730 (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT) &&
00731 id!=1 &&
00732 id!=2 &&
00733 id!=5) {
00734 GWEN_CRYPT_KEY *nkey;
00735
00736 nkey=GWEN_Crypt_KeyRsa_fromModExp(GWEN_Crypt_Token_KeyInfo_GetKeySize(ki),
00737 GWEN_Crypt_Token_KeyInfo_GetModulusData(ki),
00738 GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki),
00739 GWEN_Crypt_Token_KeyInfo_GetExponentData(ki),
00740 GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki));
00741 assert(nkey);
00742
00743 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00744 GWEN_Crypt_Key_SetKeyNumber(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00745 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00746 GWEN_Crypt_Key_SetKeyVersion(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00747
00748
00749 switch(id & 0xffff) {
00750 case 3:
00751 GWEN_CTF_Context_SetRemoteSignKey(ctx, nkey);
00752 break;
00753 case 4:
00754 GWEN_CTF_Context_SetRemoteCryptKey(ctx, nkey);
00755 break;
00756 case 6:
00757 GWEN_CTF_Context_SetRemoteAuthKey(ctx, nkey);
00758 break;
00759 default:
00760 DBG_ERROR(GWEN_LOGDOMAIN,
00761 "Can't set modulus and exponent for private key");
00762 GWEN_Crypt_Key_free(nkey);
00763 return GWEN_ERROR_INVALID;
00764 }
00765 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00766 I18N("Public key replaced"));
00767 }
00768 else {
00769 if (key) {
00770 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00771 GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00772 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00773 GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00774 }
00775 }
00776
00777 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
00778 if (rv) {
00779 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
00780 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
00781 I18N("Unable to write key file"));
00782 return rv;
00783 }
00784
00785 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00786 I18N("Key file saved"));
00787
00788 return 0;
00789 }
00790 #endif
00791
00792
00793 int GWENHYWFAR_CB
00794 GWEN_Crypt_TokenFile__SetKeyInfo(GWEN_CRYPT_TOKEN *ct,
00795 uint32_t id,
00796 const GWEN_CRYPT_TOKEN_KEYINFO *ski,
00797 uint32_t gid) {
00798 GWEN_CRYPT_TOKEN_FILE *lct;
00799 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00800 int i;
00801 int rv;
00802 GWEN_CRYPT_TOKEN_KEYINFO *ki;
00803 GWEN_CRYPT_KEY *key;
00804 uint32_t flags;
00805 uint32_t nflags;
00806
00807 assert(ct);
00808 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00809 assert(lct);
00810
00811 flags=GWEN_Crypt_Token_KeyInfo_GetFlags(ski);
00812
00813
00814 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00815 if (rv) {
00816 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00817 return rv;
00818 }
00819
00820 i=id>>16;
00821 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00822 while(ctx) {
00823 if (i==0)
00824 break;
00825 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00826 i--;
00827 }
00828
00829 if (ctx==NULL) {
00830 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
00831 return GWEN_ERROR_NOT_FOUND;
00832 }
00833
00834 switch(id & 0xffff) {
00835 case 1:
00836 ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
00837 key=GWEN_CTF_Context_GetLocalSignKey(ctx);
00838 break;
00839 case 2:
00840 ki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
00841 key=GWEN_CTF_Context_GetLocalCryptKey(ctx);
00842 break;
00843 case 3:
00844 ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
00845 key=GWEN_CTF_Context_GetRemoteSignKey(ctx);
00846 break;
00847 case 4:
00848 ki=GWEN_CTF_Context_GetRemoteCryptKeyInfo(ctx);
00849 key=GWEN_CTF_Context_GetRemoteCryptKey(ctx);
00850 break;
00851 case 5:
00852 ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
00853 key=GWEN_CTF_Context_GetLocalAuthKey(ctx);
00854 break;
00855 case 6:
00856 ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
00857 key=GWEN_CTF_Context_GetRemoteAuthKey(ctx);
00858 break;
00859 default:
00860 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
00861 return GWEN_ERROR_NOT_FOUND;
00862 }
00863 assert(ki);
00864
00865 nflags=GWEN_Crypt_Token_KeyInfo_GetFlags(ki);
00866
00867 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSTATUS) {
00868
00869 }
00870
00871 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS) {
00872 nflags&=~GWEN_CRYPT_TOKEN_KEYFLAGS_ACTIONMASK;
00873 nflags|=(flags & GWEN_CRYPT_TOKEN_KEYFLAGS_ACTIONMASK);
00874 }
00875
00876 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION) {
00877 uint32_t i=GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ski);
00878 GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, i);
00879 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION;
00880 }
00881
00882 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER) {
00883 uint32_t i=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ski);
00884 GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, i);
00885 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER;
00886 }
00887
00888 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER) {
00889 uint32_t i=GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ski);
00890 GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, i);
00891 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER;
00892 }
00893
00894
00895 if ((flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS) &&
00896 (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT) &&
00897 id!=1 &&
00898 id!=2 &&
00899 id!=5) {
00900 GWEN_CRYPT_KEY *nkey;
00901
00902 GWEN_Crypt_Token_KeyInfo_SetKeySize(ki, GWEN_Crypt_Token_KeyInfo_GetKeySize(ski));
00903 GWEN_Crypt_Token_KeyInfo_SetModulus(ki,
00904 GWEN_Crypt_Token_KeyInfo_GetModulusData(ski),
00905 GWEN_Crypt_Token_KeyInfo_GetModulusLen(ski));
00906 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS;
00907 GWEN_Crypt_Token_KeyInfo_SetExponent(ki,
00908 GWEN_Crypt_Token_KeyInfo_GetExponentData(ski),
00909 GWEN_Crypt_Token_KeyInfo_GetExponentLen(ski));
00910 nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT;
00911 nkey=GWEN_Crypt_KeyRsa_fromModExp(GWEN_Crypt_Token_KeyInfo_GetKeySize(ski),
00912 GWEN_Crypt_Token_KeyInfo_GetModulusData(ski),
00913 GWEN_Crypt_Token_KeyInfo_GetModulusLen(ski),
00914 GWEN_Crypt_Token_KeyInfo_GetExponentData(ski),
00915 GWEN_Crypt_Token_KeyInfo_GetExponentLen(ski));
00916 assert(nkey);
00917
00918 if (nflags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00919 GWEN_Crypt_Key_SetKeyNumber(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00920 if (nflags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00921 GWEN_Crypt_Key_SetKeyVersion(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00922
00923
00924 switch(id & 0xffff) {
00925 case 3:
00926 GWEN_CTF_Context_SetRemoteSignKey(ctx, nkey);
00927 break;
00928 case 4:
00929 GWEN_CTF_Context_SetRemoteCryptKey(ctx, nkey);
00930 break;
00931 case 6:
00932 GWEN_CTF_Context_SetRemoteAuthKey(ctx, nkey);
00933 break;
00934 default:
00935 DBG_ERROR(GWEN_LOGDOMAIN,
00936 "Can't set modulus and exponent for private key");
00937 GWEN_Crypt_Key_free(nkey);
00938 return GWEN_ERROR_INVALID;
00939 }
00940 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00941 I18N("Public key replaced"));
00942 }
00943 else {
00944 if (key) {
00945 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
00946 GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
00947 if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
00948 GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
00949 }
00950 }
00951
00952 GWEN_Crypt_Token_KeyInfo_SetFlags(ki, nflags);
00953
00954 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
00955 if (rv) {
00956 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
00957 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
00958 I18N("Unable to write key file"));
00959 return rv;
00960 }
00961
00962 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
00963 I18N("Key file saved"));
00964
00965 return 0;
00966 }
00967
00968
00969
00970 int GWENHYWFAR_CB
00971 GWEN_Crypt_TokenFile__GetContextIdList(GWEN_CRYPT_TOKEN *ct,
00972 uint32_t *pIdList,
00973 uint32_t *pCount,
00974 uint32_t gid) {
00975 GWEN_CRYPT_TOKEN_FILE *lct;
00976 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
00977 int i;
00978 int rv;
00979
00980 assert(ct);
00981 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
00982 assert(lct);
00983
00984
00985 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
00986 if (rv) {
00987 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
00988 return rv;
00989 }
00990
00991
00992 i=0;
00993 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
00994 while(ctx) {
00995 i++;
00996 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
00997 }
00998
00999
01000 *pCount=i;
01001
01002
01003 if (pIdList==NULL)
01004 return 0;
01005
01006 if (*pCount<i) {
01007 DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small");
01008 return GWEN_ERROR_BUFFER_OVERFLOW;
01009 }
01010
01011 i=1;
01012 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01013 while(ctx) {
01014 *(pIdList++)=i;
01015 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01016 i++;
01017 }
01018
01019 return 0;
01020 }
01021
01022
01023
01024 const GWEN_CRYPT_TOKEN_CONTEXT* GWENHYWFAR_CB
01025 GWEN_Crypt_TokenFile__GetContext(GWEN_CRYPT_TOKEN *ct,
01026 uint32_t id,
01027 uint32_t gid) {
01028 GWEN_CRYPT_TOKEN_FILE *lct;
01029 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01030 int rv;
01031
01032 assert(ct);
01033 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01034 assert(lct);
01035
01036
01037 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01038 if (rv) {
01039 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01040 return NULL;
01041 }
01042
01043 if (id==0) {
01044 DBG_INFO(GWEN_LOGDOMAIN, "Invalid context id 0");
01045 return NULL;
01046 }
01047
01048 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01049 while(ctx) {
01050 if (GWEN_Crypt_Token_Context_GetId(ctx)==id)
01051 break;
01052 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01053 }
01054
01055 if (ctx==NULL) {
01056 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", id);
01057 return NULL;
01058 }
01059
01060 return ctx;
01061 }
01062
01063
01064
01065 int GWENHYWFAR_CB
01066 GWEN_Crypt_TokenFile__SetContext(GWEN_CRYPT_TOKEN *ct,
01067 uint32_t id,
01068 const GWEN_CRYPT_TOKEN_CONTEXT *nctx,
01069 uint32_t gid) {
01070 GWEN_CRYPT_TOKEN_FILE *lct;
01071 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01072 int rv;
01073 const char *s;
01074
01075 assert(ct);
01076 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01077 assert(lct);
01078
01079 if (id==0) {
01080 DBG_INFO(GWEN_LOGDOMAIN, "Invalid context id 0");
01081 return GWEN_ERROR_INVALID;
01082 }
01083
01084
01085 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01086 if (rv) {
01087 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01088 return rv;
01089 }
01090
01091 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01092 while(ctx) {
01093 if (GWEN_Crypt_Token_Context_GetId(ctx)==id)
01094 break;
01095 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01096 }
01097
01098 if (ctx==NULL) {
01099 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", id);
01100 return GWEN_ERROR_NOT_FOUND;
01101 }
01102
01103
01104 s=GWEN_Crypt_Token_Context_GetServiceId(nctx);
01105 GWEN_Crypt_Token_Context_SetServiceId(ctx, s);
01106 s=GWEN_Crypt_Token_Context_GetUserId(nctx);
01107 GWEN_Crypt_Token_Context_SetUserId(ctx, s);
01108 s=GWEN_Crypt_Token_Context_GetUserName(nctx);
01109 GWEN_Crypt_Token_Context_SetUserName(ctx, s);
01110 s=GWEN_Crypt_Token_Context_GetPeerId(nctx);
01111 GWEN_Crypt_Token_Context_SetPeerId(ctx, s);
01112 s=GWEN_Crypt_Token_Context_GetAddress(nctx);
01113 GWEN_Crypt_Token_Context_SetAddress(ctx, s);
01114 GWEN_Crypt_Token_Context_SetPort(ctx, GWEN_Crypt_Token_Context_GetPort(nctx));
01115 s=GWEN_Crypt_Token_Context_GetSystemId(nctx);
01116 GWEN_Crypt_Token_Context_SetSystemId(ctx, s);
01117
01118 return 0;
01119 }
01120
01121
01122
01123 GWEN_CRYPT_KEY *GWEN_Crypt_TokenFile__GetKey(GWEN_CRYPT_TOKEN *ct, uint32_t id, uint32_t gid) {
01124 GWEN_CRYPT_TOKEN_FILE *lct;
01125 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01126 int i;
01127 int rv;
01128
01129 assert(ct);
01130 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01131 assert(lct);
01132
01133
01134 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01135 if (rv) {
01136 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01137 return NULL;
01138 }
01139
01140 i=id>>16;
01141 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01142 while(ctx) {
01143 if (i==0)
01144 break;
01145 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01146 i--;
01147 }
01148
01149 if (ctx==NULL) {
01150 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
01151 return NULL;
01152 }
01153
01154 switch(id & 0xffff) {
01155 case 1: return GWEN_CTF_Context_GetLocalSignKey(ctx);
01156 case 2: return GWEN_CTF_Context_GetLocalCryptKey(ctx);
01157 case 3: return GWEN_CTF_Context_GetRemoteSignKey(ctx);
01158 case 4: return GWEN_CTF_Context_GetRemoteCryptKey(ctx);
01159 case 5: return GWEN_CTF_Context_GetLocalAuthKey(ctx);
01160 case 6: return GWEN_CTF_Context_GetRemoteAuthKey(ctx);
01161 default:
01162 DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
01163 return NULL;
01164 }
01165 }
01166
01167
01168
01169 int GWENHYWFAR_CB
01170 GWEN_Crypt_TokenFile__Sign(GWEN_CRYPT_TOKEN *ct,
01171 uint32_t keyId,
01172 GWEN_CRYPT_PADDALGO *a,
01173 const uint8_t *pInData,
01174 uint32_t inLen,
01175 uint8_t *pSignatureData,
01176 uint32_t *pSignatureLen,
01177 uint32_t *pSeqCounter,
01178 uint32_t gid) {
01179 GWEN_CRYPT_TOKEN_FILE *lct;
01180 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01181 GWEN_CRYPT_KEY *k;
01182 int keyNum;
01183 GWEN_BUFFER *srcBuf;
01184 int i;
01185 int rv;
01186
01187 assert(ct);
01188 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01189 assert(lct);
01190
01191 DBG_INFO(GWEN_LOGDOMAIN, "Signing with key %d", keyId);
01192
01193
01194 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01195 if (rv) {
01196 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01197 return rv;
01198 }
01199
01200
01201 i=(keyId>>16);
01202 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01203 if (ctx==NULL) {
01204 DBG_ERROR(GWEN_LOGDOMAIN, "Token has no context");
01205 return GWEN_ERROR_NOT_FOUND;
01206 }
01207 while(ctx) {
01208 if (i==0)
01209 break;
01210 DBG_ERROR(GWEN_LOGDOMAIN, "Checking token %d (i==%d)",
01211 GWEN_Crypt_Token_Context_GetId(ctx), i);
01212 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01213 i--;
01214 }
01215
01216 if (ctx==NULL) {
01217 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01218 return GWEN_ERROR_NOT_FOUND;
01219 }
01220
01221
01222 keyNum=keyId & 0xffff;
01223 if (keyNum!=1 && keyNum!=5) {
01224
01225 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for signing (%x)", keyId);
01226 return GWEN_ERROR_INVALID;
01227 }
01228
01229 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01230 if (k==NULL) {
01231 DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
01232 return GWEN_ERROR_NOT_FOUND;
01233 }
01234
01235
01236 srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
01237 GWEN_Buffer_AppendBytes(srcBuf, (const char*)pInData, inLen);
01238
01239
01240 rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
01241 if (rv) {
01242 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01243 GWEN_Buffer_free(srcBuf);
01244 return rv;
01245 }
01246
01247
01248 rv=GWEN_Crypt_Key_Sign(k,
01249 (const uint8_t*)GWEN_Buffer_GetStart(srcBuf),
01250 GWEN_Buffer_GetUsedBytes(srcBuf),
01251 pSignatureData,
01252 pSignatureLen);
01253 GWEN_Buffer_free(srcBuf);
01254 if (rv) {
01255 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01256 return rv;
01257 }
01258
01259 if (pSeqCounter) {
01260 GWEN_CRYPT_TOKEN_KEYINFO *ki;
01261
01262
01263 switch(keyId & 0xffff) {
01264 case 1: ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx); break;
01265 case 5: ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx); break;
01266 default: ki=NULL;
01267 }
01268 if (ki &&
01269 (GWEN_Crypt_Token_KeyInfo_GetFlags(ki) & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER)) {
01270 unsigned int seq;
01271
01272 seq=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki);
01273 *pSeqCounter=seq;
01274 GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, ++seq);
01275
01276 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
01277 if (rv) {
01278 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
01279 return rv;
01280 }
01281 }
01282 else {
01283 DBG_WARN(GWEN_LOGDOMAIN, "No sign counter for key %04x", keyId);
01284 *pSeqCounter=0;
01285 }
01286 }
01287
01288 return 0;
01289 }
01290
01291
01292
01293 int GWENHYWFAR_CB
01294 GWEN_Crypt_TokenFile__Verify(GWEN_CRYPT_TOKEN *ct,
01295 uint32_t keyId,
01296 GWEN_CRYPT_PADDALGO *a,
01297 const uint8_t *pInData,
01298 uint32_t inLen,
01299 const uint8_t *pSignatureData,
01300 uint32_t signatureLen,
01301 uint32_t seqCounter,
01302 uint32_t gid) {
01303 GWEN_CRYPT_TOKEN_FILE *lct;
01304 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01305 GWEN_CRYPT_KEY *k;
01306 int keyNum;
01307 int i;
01308 int rv;
01309 GWEN_CRYPT_PADDALGOID aid;
01310
01311 assert(ct);
01312 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01313 assert(lct);
01314
01315 DBG_INFO(GWEN_LOGDOMAIN, "Verifying with key %d", keyId);
01316
01317 aid=GWEN_Crypt_PaddAlgo_GetId(a);
01318
01319
01320 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01321 if (rv) {
01322 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01323 return rv;
01324 }
01325
01326
01327 i=(keyId>>16);
01328 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01329 while(ctx) {
01330 if (i==0)
01331 break;
01332 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01333 i--;
01334 }
01335
01336 if (ctx==NULL) {
01337 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01338 return GWEN_ERROR_NOT_FOUND;
01339 }
01340
01341
01342 keyNum=keyId & 0xffff;
01343 if (keyNum!=1 && keyNum!=3 && keyNum!=6) {
01344
01345 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for verifying (%x)", keyId);
01346 return GWEN_ERROR_INVALID;
01347 }
01348
01349 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01350 if (k==NULL) {
01351 DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
01352 return GWEN_ERROR_NO_KEY;
01353 }
01354
01355 if (aid==GWEN_Crypt_PaddAlgoId_Iso9796_2 ||
01356 aid==GWEN_Crypt_PaddAlgoId_Pkcs1_2) {
01357 GWEN_BUFFER *tbuf;
01358 uint32_t l;
01359
01360
01361
01362 tbuf=GWEN_Buffer_new(0, inLen+16, 0, 0);
01363 l=GWEN_Buffer_GetMaxUnsegmentedWrite(tbuf);
01364 rv=GWEN_Crypt_Key_Encipher(k,
01365 pSignatureData, signatureLen,
01366 (uint8_t*)GWEN_Buffer_GetStart(tbuf),
01367 &l);
01368 if (rv<0) {
01369 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01370 GWEN_Buffer_free(tbuf);
01371 return rv;
01372 }
01373 GWEN_Buffer_IncrementPos(tbuf, l);
01374 GWEN_Buffer_AdjustUsedBytes(tbuf);
01375
01376 rv=GWEN_Padd_UnapplyPaddAlgo(a, tbuf);
01377 if (rv<0) {
01378 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01379 GWEN_Buffer_free(tbuf);
01380 return rv;
01381 }
01382 if (l!=inLen) {
01383 DBG_ERROR(GWEN_LOGDOMAIN, "Signature length doesn't match");
01384 GWEN_Buffer_free(tbuf);
01385 return GWEN_ERROR_VERIFY;
01386 }
01387 if (memcmp(pInData, GWEN_Buffer_GetStart(tbuf), l)!=0) {
01388 DBG_ERROR(GWEN_LOGDOMAIN, "Signature doesn't match:");
01389 GWEN_Buffer_free(tbuf);
01390 return GWEN_ERROR_VERIFY;
01391 }
01392 }
01393 else {
01394 GWEN_BUFFER *srcBuf;
01395
01396
01397 srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
01398 GWEN_Buffer_AppendBytes(srcBuf, (const char*)pInData, inLen);
01399
01400
01401 rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
01402 if (rv) {
01403 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01404 GWEN_Buffer_free(srcBuf);
01405 return rv;
01406 }
01407
01408
01409 rv=GWEN_Crypt_Key_Verify(k,
01410 (const uint8_t*)GWEN_Buffer_GetStart(srcBuf),
01411 GWEN_Buffer_GetUsedBytes(srcBuf),
01412 pSignatureData,
01413 signatureLen);
01414 GWEN_Buffer_free(srcBuf);
01415 if (rv) {
01416 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01417 return rv;
01418 }
01419 }
01420
01421 if (seqCounter) {
01422 GWEN_CRYPT_TOKEN_KEYINFO *ki;
01423
01424
01425 if (keyNum==3)
01426 ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
01427 else
01428 ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
01429 if (ki &&
01430 (GWEN_Crypt_Token_KeyInfo_GetFlags(ki) & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER)) {
01431 unsigned int seq;
01432
01433 seq=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki);
01434
01435 if (seq>=seqCounter) {
01436 DBG_WARN(GWEN_LOGDOMAIN, "Bad remote sequence counter (possibly replay attack!)");
01437 return GWEN_ERROR_VERIFY;
01438 }
01439 GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, seqCounter);
01440
01441
01442 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
01443 if (rv) {
01444 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
01445 return rv;
01446 }
01447 }
01448 else {
01449 DBG_WARN(GWEN_LOGDOMAIN, "No sign counter for key %04x", keyId);
01450 }
01451
01452 }
01453
01454 return 0;
01455 }
01456
01457
01458
01459 int GWENHYWFAR_CB
01460 GWEN_Crypt_TokenFile__Encipher(GWEN_CRYPT_TOKEN *ct,
01461 uint32_t keyId,
01462 GWEN_CRYPT_PADDALGO *a,
01463 const uint8_t *pInData,
01464 uint32_t inLen,
01465 uint8_t *pOutData,
01466 uint32_t *pOutLen,
01467 uint32_t gid) {
01468 GWEN_CRYPT_TOKEN_FILE *lct;
01469 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01470 GWEN_CRYPT_KEY *k;
01471 int keyNum;
01472 GWEN_BUFFER *srcBuf;
01473 int i;
01474 int rv;
01475
01476 assert(ct);
01477 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01478 assert(lct);
01479
01480 DBG_INFO(GWEN_LOGDOMAIN, "Enciphering with key %d", keyId);
01481
01482
01483 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01484 if (rv) {
01485 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01486 return rv;
01487 }
01488
01489
01490 i=(keyId>>16);
01491 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01492 while(ctx) {
01493 if (i==0)
01494 break;
01495 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01496 i--;
01497 }
01498
01499 if (ctx==NULL) {
01500 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01501 return GWEN_ERROR_NOT_FOUND;
01502 }
01503
01504
01505 keyNum=keyId & 0xffff;
01506 if (keyNum!=2 && keyNum!=4) {
01507
01508 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for encrypting (%x)", keyId);
01509 return GWEN_ERROR_INVALID;
01510 }
01511
01512 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01513 if (k==NULL) {
01514 DBG_INFO(GWEN_LOGDOMAIN, "Key %d not found", keyId);
01515 return GWEN_ERROR_NOT_FOUND;
01516 }
01517
01518
01519 srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
01520 GWEN_Buffer_AppendBytes(srcBuf, (const char*)pInData, inLen);
01521 GWEN_Buffer_Rewind(srcBuf);
01522
01523
01524 rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
01525 if (rv) {
01526 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01527 GWEN_Buffer_free(srcBuf);
01528 return rv;
01529 }
01530
01531
01532 rv=GWEN_Crypt_Key_Encipher(k,
01533 (const uint8_t*)GWEN_Buffer_GetStart(srcBuf),
01534 GWEN_Buffer_GetUsedBytes(srcBuf),
01535 pOutData,
01536 pOutLen);
01537 GWEN_Buffer_free(srcBuf);
01538 if (rv) {
01539 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01540 return rv;
01541 }
01542
01543 return 0;
01544 }
01545
01546
01547
01548 int GWENHYWFAR_CB
01549 GWEN_Crypt_TokenFile__Decipher(GWEN_CRYPT_TOKEN *ct,
01550 uint32_t keyId,
01551 GWEN_CRYPT_PADDALGO *a,
01552 const uint8_t *pInData,
01553 uint32_t inLen,
01554 uint8_t *pOutData,
01555 uint32_t *pOutLen,
01556 uint32_t gid) {
01557 GWEN_CRYPT_TOKEN_FILE *lct;
01558 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01559 GWEN_CRYPT_KEY *k;
01560 int keyNum;
01561 GWEN_BUFFER *tbuf;
01562 int i;
01563 int rv;
01564 uint32_t l;
01565
01566 assert(ct);
01567 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01568 assert(lct);
01569
01570 DBG_INFO(GWEN_LOGDOMAIN, "Deciphering with key %d", keyId);
01571
01572
01573 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01574 if (rv) {
01575 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01576 return rv;
01577 }
01578
01579
01580 i=(keyId>>16);
01581 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01582 while(ctx) {
01583 if (i==0)
01584 break;
01585 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01586 i--;
01587 }
01588
01589 if (ctx==NULL) {
01590 DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
01591 return GWEN_ERROR_NOT_FOUND;
01592 }
01593
01594
01595 keyNum=keyId & 0xffff;
01596 if (keyNum!=2 && keyNum!=4) {
01597
01598 DBG_INFO(GWEN_LOGDOMAIN, "Bad key for decrypting (%x)", keyId);
01599 return GWEN_ERROR_INVALID;
01600 }
01601
01602 k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
01603 if (k==NULL) {
01604 DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
01605 return GWEN_ERROR_NOT_FOUND;
01606 }
01607
01608
01609 tbuf=GWEN_Buffer_new(0, inLen+16, 0, 1);
01610 l=GWEN_Buffer_GetMaxUnsegmentedWrite(tbuf);
01611 rv=GWEN_Crypt_Key_Decipher(k,
01612 pInData, inLen,
01613 (uint8_t*)GWEN_Buffer_GetStart(tbuf), &l);
01614 if (rv<0) {
01615 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01616 GWEN_Buffer_free(tbuf);
01617 return rv;
01618 }
01619 GWEN_Buffer_IncrementPos(tbuf, l);
01620 GWEN_Buffer_AdjustUsedBytes(tbuf);
01621
01622
01623 rv=GWEN_Padd_UnapplyPaddAlgo(a, tbuf);
01624 if (rv) {
01625 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01626 GWEN_Buffer_free(tbuf);
01627 return rv;
01628 }
01629
01630
01631 l=GWEN_Buffer_GetUsedBytes(tbuf);
01632 if (l>*pOutLen) {
01633 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01634 GWEN_Buffer_free(tbuf);
01635 return GWEN_ERROR_BUFFER_OVERFLOW;
01636 }
01637 memmove(pOutData, GWEN_Buffer_GetStart(tbuf), l);
01638 *pOutLen=l;
01639 GWEN_Buffer_free(tbuf);
01640
01641 return 0;
01642 }
01643
01644
01645
01646 int GWENHYWFAR_CB
01647 GWEN_Crypt_TokenFile__GenerateKey(GWEN_CRYPT_TOKEN *ct,
01648 uint32_t keyId,
01649 const GWEN_CRYPT_CRYPTALGO *a,
01650 uint32_t gid) {
01651 GWEN_CRYPT_TOKEN_FILE *lct;
01652 GWEN_CRYPT_KEY *pubKey;
01653 GWEN_CRYPT_KEY *secKey;
01654 int rv;
01655 uint32_t keyNum;
01656 GWEN_CRYPT_TOKEN_CONTEXT *ctx;
01657 int i;
01658 uint8_t kbuf[256];
01659 uint32_t klen;
01660 GWEN_CRYPT_TOKEN_KEYINFO *cki;
01661 GWEN_CRYPT_TOKEN_KEYINFO *ki;
01662
01663 assert(ct);
01664 lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
01665 assert(lct);
01666
01667
01668 rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
01669 if (rv) {
01670 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01671 return rv;
01672 }
01673
01674 keyNum=keyId & 0xffff;
01675
01676
01677 if (keyNum!=1 && keyNum!=2 && keyNum!=5) {
01678 DBG_INFO(GWEN_LOGDOMAIN, "Can only generate local keys.");
01679 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01680 I18N("Can only generate local keys."));
01681 return GWEN_ERROR_NOT_SUPPORTED;
01682 }
01683
01684
01685 if (GWEN_Crypt_CryptAlgo_GetId(a)!=GWEN_Crypt_CryptAlgoId_Rsa) {
01686 DBG_INFO(GWEN_LOGDOMAIN, "Only RSA keys supported.");
01687 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01688 I18N("Only RSA keys supported."));
01689 return GWEN_ERROR_NOT_SUPPORTED;
01690 }
01691
01692
01693 i=(keyId>>16);
01694 ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
01695 while(ctx) {
01696 if (i==0)
01697 break;
01698 ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
01699 i--;
01700 }
01701
01702
01703 rv=GWEN_Crypt_KeyRsa_GeneratePair(GWEN_Crypt_CryptAlgo_GetChunkSize(a),
01704 (GWEN_Crypt_Token_GetModes(ct) &
01705 GWEN_CRYPT_TOKEN_MODE_EXP_65537)?1:0,
01706 &pubKey,
01707 &secKey);
01708 if (rv) {
01709 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
01710 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01711 I18N("Could not generate key"));
01712 return rv;
01713 }
01714
01715 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
01716 I18N("Key generated"));
01717
01718
01719 if (keyNum==1)
01720 cki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
01721 else if (keyNum==3)
01722 cki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
01723 else
01724 cki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
01725 if (cki==NULL) {
01726 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01727 I18N("No key info found"));
01728 return GWEN_ERROR_NO_DATA;
01729 }
01730
01731
01732 ki=GWEN_Crypt_Token_KeyInfo_dup(cki);
01733 assert(ki);
01734
01735
01736 klen=sizeof(kbuf);
01737 rv=GWEN_Crypt_KeyRsa_GetModulus(pubKey, kbuf, &klen);
01738 if (rv) {
01739 DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
01740 GWEN_Crypt_Token_KeyInfo_free(ki);
01741 GWEN_Crypt_Key_free(pubKey);
01742 return rv;
01743 }
01744 GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
01745
01746
01747 klen=sizeof(kbuf);
01748 rv=GWEN_Crypt_KeyRsa_GetExponent(pubKey, kbuf, &klen);
01749 if (rv) {
01750 DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
01751 GWEN_Crypt_Token_KeyInfo_free(ki);
01752 GWEN_Crypt_Key_free(pubKey);
01753 return rv;
01754 }
01755 GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
01756 GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(pubKey));
01757 GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(pubKey));
01758
01759 if (keyNum==1) {
01760 if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
01761 DBG_ERROR(0, "Adding mode \"direct sign\" to key");
01762 GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
01763 }
01764 GWEN_CTF_Context_SetLocalSignKey(ctx, secKey);
01765 GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, ki);
01766 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
01767 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
01768 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
01769 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
01770 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
01771 GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
01772 GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
01773 GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
01774 GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
01775 }
01776 else if (keyNum==2) {
01777 GWEN_CTF_Context_SetLocalCryptKey(ctx, secKey);
01778 GWEN_CTF_Context_SetLocalCryptKeyInfo(ctx, ki);
01779 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
01780 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
01781 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
01782 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
01783 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
01784 GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
01785 GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
01786 GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
01787 GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER);
01788 }
01789 else {
01790 if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
01791 DBG_ERROR(0, "Adding mode \"direct sign\" to key");
01792 GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
01793 }
01794 GWEN_CTF_Context_SetLocalAuthKey(ctx, secKey);
01795 GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, ki);
01796 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
01797 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
01798 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
01799 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
01800 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
01801 GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
01802 GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
01803 GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
01804 GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
01805 }
01806
01807
01808 GWEN_Crypt_Key_free(pubKey);
01809
01810 rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
01811 if (rv) {
01812 DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
01813 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
01814 I18N("Unable to write key file"));
01815 return rv;
01816 }
01817
01818 GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
01819 I18N("Key generated and set"));
01820
01821 return 0;
01822 }
01823
01824
01825
01826
01827
01828
01829 GWENHYWFAR_CB
01830 void GWEN_Crypt_TokenFile_freeData(void *bp, void *p) {
01831 GWEN_CRYPT_TOKEN_FILE *lct;
01832
01833 lct=(GWEN_CRYPT_TOKEN_FILE*) p;
01834 GWEN_Crypt_Token_Context_List_free(lct->contextList);
01835
01836 GWEN_FREE_OBJECT(lct);
01837 }
01838
01839
01840
01841 GWEN_CRYPT_TOKEN *GWEN_Crypt_TokenFile_new(const char *typeName,
01842 const char *tokenName) {
01843 GWEN_CRYPT_TOKEN *ct;
01844 GWEN_CRYPT_TOKEN_FILE *lct;
01845
01846 ct=GWEN_Crypt_Token_new(GWEN_Crypt_Token_Device_File, typeName, tokenName);
01847 assert(ct);
01848
01849 GWEN_NEW_OBJECT(GWEN_CRYPT_TOKEN_FILE, lct);
01850 lct->contextList=GWEN_Crypt_Token_Context_List_new();
01851 GWEN_INHERIT_SETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct, lct,
01852 GWEN_Crypt_TokenFile_freeData);
01853 GWEN_Crypt_Token_SetOpenFn(ct, GWEN_Crypt_TokenFile_Open);
01854 GWEN_Crypt_Token_SetCreateFn(ct, GWEN_Crypt_TokenFile_Create);
01855 GWEN_Crypt_Token_SetCloseFn(ct, GWEN_Crypt_TokenFile_Close);
01856 GWEN_Crypt_Token_SetGetKeyIdListFn(ct, GWEN_Crypt_TokenFile__GetKeyIdList);
01857 GWEN_Crypt_Token_SetGetKeyInfoFn(ct, GWEN_Crypt_TokenFile__GetKeyInfo);
01858 GWEN_Crypt_Token_SetSetKeyInfoFn(ct, GWEN_Crypt_TokenFile__SetKeyInfo);
01859 GWEN_Crypt_Token_SetGetContextIdListFn(ct, GWEN_Crypt_TokenFile__GetContextIdList);
01860 GWEN_Crypt_Token_SetGetContextFn(ct, GWEN_Crypt_TokenFile__GetContext);
01861 GWEN_Crypt_Token_SetSetContextFn(ct, GWEN_Crypt_TokenFile__SetContext);
01862 GWEN_Crypt_Token_SetSignFn(ct, GWEN_Crypt_TokenFile__Sign);
01863 GWEN_Crypt_Token_SetVerifyFn(ct, GWEN_Crypt_TokenFile__Verify);
01864 GWEN_Crypt_Token_SetEncipherFn(ct, GWEN_Crypt_TokenFile__Encipher);
01865 GWEN_Crypt_Token_SetDecipherFn(ct, GWEN_Crypt_TokenFile__Decipher);
01866 GWEN_Crypt_Token_SetGenerateKeyFn(ct, GWEN_Crypt_TokenFile__GenerateKey);
01867
01868 return ct;
01869 }
01870
01871
01872
01873
01874