1 /* call-agent.h - Divert operations to the agent 2 * Copyright (C) 2003 Free Software Foundation, Inc. 3 * 4 * This file is part of GnuPG. 5 * 6 * GnuPG is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 3 of the License, or 9 * (at your option) any later version. 10 * 11 * GnuPG is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, see <https://www.gnu.org/licenses/>. 18 */ 19 #ifndef GNUPG_G10_CALL_AGENT_H 20 #define GNUPG_G10_CALL_AGENT_H 21 22 struct key_attr { 23 int algo; /* Algorithm identifier. */ 24 union { 25 unsigned int nbits; /* Supported keysize. */ 26 const char *curve; /* Name of curve. */ 27 }; 28 }; 29 30 struct agent_card_info_s 31 { 32 int error; /* private. */ 33 char *reader; /* Reader information. */ 34 char *apptype; /* Malloced application type string. */ 35 unsigned int manufacturer_id; 36 char *manufacturer_name; /* malloced. */ 37 char *serialno; /* malloced hex string. */ 38 char *disp_name; /* malloced. */ 39 char *disp_lang; /* malloced. */ 40 int disp_sex; /* 0 = unspecified, 1 = male, 2 = female */ 41 char *pubkey_url; /* malloced. */ 42 char *login_data; /* malloced. */ 43 char *private_do[4]; /* malloced. */ 44 char cafpr1len; /* Length of the CA-fingerprint or 0 if invalid. */ 45 char cafpr2len; 46 char cafpr3len; 47 char cafpr1[20]; 48 char cafpr2[20]; 49 char cafpr3[20]; 50 unsigned char fpr1len; /* Length of the fingerprint or 0 if invalid. */ 51 unsigned char fpr2len; 52 unsigned char fpr3len; 53 char fpr1[20]; 54 char fpr2[20]; 55 char fpr3[20]; 56 u32 fpr1time; 57 u32 fpr2time; 58 u32 fpr3time; 59 char grp1[20]; /* The keygrip for OPENPGP.1 */ 60 char grp2[20]; /* The keygrip for OPENPGP.2 */ 61 char grp3[20]; /* The keygrip for OPENPGP.3 */ 62 unsigned long sig_counter; 63 int chv1_cached; /* True if a PIN is not required for each 64 signing. Note that the gpg-agent might cache 65 it anyway. */ 66 int is_v2; /* True if this is a v2 card. */ 67 int chvmaxlen[3]; /* Maximum allowed length of a CHV. */ 68 int chvretry[3]; /* Allowed retries for the CHV; 0 = blocked. */ 69 struct key_attr key_attr[3]; 70 struct { 71 unsigned int ki:1; /* Key import available. */ 72 unsigned int aac:1; /* Algorithm attributes are changeable. */ 73 unsigned int kdf:1; /* KDF object to support PIN hashing available. */ 74 unsigned int bt:1; /* Button for confirmation available. */ 75 } extcap; 76 unsigned int status_indicator; 77 int kdf_do_enabled; /* Non-zero if card has a KDF object, 0 if not. */ 78 int uif[3]; /* True if User Interaction Flag is on. */ 79 strlist_t supported_keyalgo[3]; 80 }; 81 82 83 /* Object to store information from the KEYPAIRINFO or the KEYINFO 84 * status lines. */ 85 struct keypair_info_s 86 { 87 struct keypair_info_s *next; 88 char keygrip[2 * KEYGRIP_LEN + 1]; /* Stored in hex. */ 89 char *serialno; /* NULL or the malloced serialno. */ 90 char *idstr; /* Malloced keyref (e.g. "OPENPGP.1") */ 91 unsigned int usage; /* Key usage flags. */ 92 u32 keytime; /* Key creation time from the card's DO. */ 93 int algo; /* Helper to store the pubkey algo. */ 94 }; 95 typedef struct keypair_info_s *keypair_info_t; 96 97 /* Release the card info structure. */ 98 void agent_release_card_info (struct agent_card_info_s *info); 99 100 /* Return card info. */ 101 int agent_scd_learn (struct agent_card_info_s *info, int force); 102 103 /* Get the keypariinfo directly from scdaemon. */ 104 gpg_error_t agent_scd_keypairinfo (ctrl_t ctrl, const char *keyref, 105 keypair_info_t *r_list); 106 107 /* Return list of cards. */ 108 int agent_scd_cardlist (strlist_t *result); 109 110 /* Free a keypair info list. */ 111 void free_keypair_info (keypair_info_t l); 112 113 /* Return card key information. */ 114 gpg_error_t agent_scd_keyinfo (const char *keygrip, int cap, 115 keypair_info_t *result); 116 117 /* Return the serial number, possibly select by DEMAND. */ 118 int agent_scd_serialno (char **r_serialno, const char *demand); 119 120 /* Send an APDU to the card. */ 121 gpg_error_t agent_scd_apdu (const char *hexapdu, unsigned int *r_sw); 122 123 /* Get attribute NAME from the card and store at R_VALUE. */ 124 gpg_error_t agent_scd_getattr_one (const char *name, char **r_value); 125 126 /* Update INFO with the attribute NAME. */ 127 int agent_scd_getattr (const char *name, struct agent_card_info_s *info); 128 129 /* send the KEYTOTPM command */ 130 int agent_keytotpm (ctrl_t ctrl, const char *hexgrip); 131 132 /* Send the KEYTOCARD command. */ 133 int agent_keytocard (const char *hexgrip, int keyno, int force, 134 const char *serialno, const char *timestamp); 135 136 /* Send a SETATTR command to the SCdaemon. */ 137 gpg_error_t agent_scd_setattr (const char *name, 138 const void *value, size_t valuelen); 139 140 /* Send a WRITECERT command to the SCdaemon. */ 141 int agent_scd_writecert (const char *certidstr, 142 const unsigned char *certdata, size_t certdatalen); 143 144 /* Send a GENKEY command to the SCdaemon. */ 145 int agent_scd_genkey (int keyno, int force, u32 *createtime); 146 147 /* Send a READCERT command to the SCdaemon. */ 148 int agent_scd_readcert (const char *certidstr, 149 void **r_buf, size_t *r_buflen); 150 151 /* Send a READKEY command to the SCdaemon. */ 152 gpg_error_t agent_scd_readkey (ctrl_t ctrl, const char *keyrefstr, 153 gcry_sexp_t *r_result, u32 *r_keytime); 154 155 /* Change the PIN of an OpenPGP card or reset the retry counter. */ 156 int agent_scd_change_pin (int chvno, const char *serialno); 157 158 /* Send the CHECKPIN command to the SCdaemon. */ 159 int agent_scd_checkpin (const char *serialno); 160 161 /* Send the GET_PASSPHRASE command to the agent. */ 162 gpg_error_t agent_get_passphrase (const char *cache_id, 163 const char *err_msg, 164 const char *prompt, 165 const char *desc_msg, 166 int newsymkey, 167 int repeat, 168 int check, 169 char **r_passphrase); 170 171 /* Send the CLEAR_PASSPHRASE command to the agent. */ 172 gpg_error_t agent_clear_passphrase (const char *cache_id); 173 174 /* Present the prompt DESC and ask the user to confirm. */ 175 gpg_error_t gpg_agent_get_confirmation (const char *desc); 176 177 /* Return the S2K iteration count as computed by gpg-agent. */ 178 unsigned long agent_get_s2k_count (void); 179 180 /* Check whether a secret key for public key PK is available. Returns 181 0 if not available, positive value if the secret key is available. */ 182 int agent_probe_secret_key (ctrl_t ctrl, PKT_public_key *pk); 183 184 /* Ask the agent whether a secret key is available for any of the 185 keys (primary or sub) in KEYBLOCK. Returns 0 if available. */ 186 gpg_error_t agent_probe_any_secret_key (ctrl_t ctrl, kbnode_t keyblock); 187 188 189 /* Return infos about the secret key with HEXKEYGRIP. */ 190 gpg_error_t agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip, 191 char **r_serialno, int *r_cleartext); 192 193 /* Generate a new key. */ 194 gpg_error_t agent_genkey (ctrl_t ctrl, 195 char **cache_nonce_addr, char **passwd_nonce_addr, 196 const char *keyparms, int no_protection, 197 const char *passphrase, time_t timestamp, 198 gcry_sexp_t *r_pubkey); 199 200 /* Read a public key. FROMCARD may be 0, 1, or 2. */ 201 gpg_error_t agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip, 202 unsigned char **r_pubkey); 203 204 /* Create a signature. */ 205 gpg_error_t agent_pksign (ctrl_t ctrl, const char *cache_nonce, 206 const char *hexkeygrip, const char *desc, 207 u32 *keyid, u32 *mainkeyid, int pubkey_algo, 208 unsigned char *digest, size_t digestlen, 209 int digestalgo, 210 gcry_sexp_t *r_sigval); 211 212 /* Decrypt a ciphertext. */ 213 gpg_error_t agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, 214 u32 *keyid, u32 *mainkeyid, int pubkey_algo, 215 gcry_sexp_t s_ciphertext, 216 unsigned char **r_buf, size_t *r_buflen, 217 int *r_padding); 218 219 /* Retrieve a key encryption key. */ 220 gpg_error_t agent_keywrap_key (ctrl_t ctrl, int forexport, 221 void **r_kek, size_t *r_keklen); 222 223 /* Send a key to the agent. */ 224 gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc, 225 char **cache_nonce_addr, const void *key, 226 size_t keylen, int unattended, int force, 227 u32 *keyid, u32 *mainkeyid, int pubkey_algo, 228 u32 timestamp); 229 230 /* Receive a key from the agent. */ 231 gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip, 232 const char *desc, int openpgp_protected, 233 char **cache_nonce_addr, 234 unsigned char **r_result, size_t *r_resultlen, 235 u32 *keyid, u32 *mainkeyid, int pubkey_algo); 236 237 /* Delete a key from the agent. */ 238 gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip, 239 const char *desc, int force); 240 241 /* Change the passphrase of a key. */ 242 gpg_error_t agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc, 243 int verify, 244 char **cache_nonce_addr, char **passwd_nonce_addr); 245 /* Get the version reported by gpg-agent. */ 246 gpg_error_t agent_get_version (ctrl_t ctrl, char **r_version); 247 248 249 #endif /*GNUPG_G10_CALL_AGENT_H*/ 250