initial commit

pinentry-dmenu/pinentry/password-cache.c

@@ -0,0 +1,163 @@
+/* password-cache.c - Password cache support.
+   Copyright (C) 2015 g10 Code GmbH
+
+   This file is part of PINENTRY.
+
+   PINENTRY is free software; you can redistribute it and/or modify it
+   under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+
+   PINENTRY is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#ifdef HAVE_LIBSECRET
+# include <libsecret/secret.h>
+#endif
+
+#include "password-cache.h"
+#include "memory.h"
+
+#ifdef HAVE_LIBSECRET
+static const SecretSchema *
+gpg_schema (void)
+{
+    static const SecretSchema the_schema = {
+        "org.gnupg.Passphrase", SECRET_SCHEMA_NONE,
+        {
+	  { "stored-by", SECRET_SCHEMA_ATTRIBUTE_STRING },
+	  { "keygrip", SECRET_SCHEMA_ATTRIBUTE_STRING },
+	  { "NULL", 0 },
+	}
+    };
+    return &the_schema;
+}
+
+static char *
+keygrip_to_label (const char *keygrip)
+{
+  char const prefix[] = "GnuPG: ";
+  char *label;
+
+  label = malloc (sizeof (prefix) + strlen (keygrip));
+  if (label)
+    {
+      memcpy (label, prefix, sizeof (prefix) - 1);
+      strcpy (&label[sizeof (prefix) - 1], keygrip);
+    }
+  return label;
+}
+#endif
+
+void
+password_cache_save (const char *keygrip, const char *password)
+{
+#ifdef HAVE_LIBSECRET
+  char *label;
+  GError *error = NULL;
+
+  if (! *keygrip)
+    return;
+
+  label = keygrip_to_label (keygrip);
+  if (! label)
+    return;
+
+  if (! secret_password_store_sync (gpg_schema (),
+				    SECRET_COLLECTION_DEFAULT,
+				    label, password, NULL, &error,
+				    "stored-by", "GnuPG Pinentry",
+				    "keygrip", keygrip, NULL))
+    {
+      printf("Failed to cache password for key %s with secret service: %s\n",
+	     keygrip, error->message);
+
+      g_error_free (error);
+    }
+
+  free (label);
+#else
+  return;
+#endif
+}
+
+char *
+password_cache_lookup (const char *keygrip)
+{
+#ifdef HAVE_LIBSECRET
+  GError *error = NULL;
+  char *password;
+  char *password2;
+
+  if (! *keygrip)
+    return NULL;
+
+  password = secret_password_lookup_nonpageable_sync
+    (gpg_schema (), NULL, &error,
+     "keygrip", keygrip, NULL);
+
+  if (error != NULL)
+    {
+      printf("Failed to lookup password for key %s with secret service: %s\n",
+	     keygrip, error->message);
+      g_error_free (error);
+      return NULL;
+    }
+  if (! password)
+    /* The password for this key is not cached.  Just return NULL.  */
+    return NULL;
+
+  /* The password needs to be returned in secmem allocated memory.  */
+  password2 = secmem_malloc (strlen (password) + 1);
+  if (password2)
+    strcpy(password2, password);
+  else
+    printf("secmem_malloc failed: can't copy password!\n");
+
+  secret_password_free (password);
+
+  return password2;
+#else
+  return NULL;
+#endif
+}
+
+/* Try and remove the cached password for key grip.  Returns -1 on
+   error, 0 if the key is not found and 1 if the password was
+   removed.  */
+int
+password_cache_clear (const char *keygrip)
+{
+#ifdef HAVE_LIBSECRET
+  GError *error = NULL;
+  int removed = secret_password_clear_sync (gpg_schema (), NULL, &error,
+					    "keygrip", keygrip, NULL);
+  if (error != NULL)
+    {
+      printf("Failed to clear password for key %s with secret service: %s\n",
+	     keygrip, error->message);
+      g_debug("%s", error->message);
+      g_error_free (error);
+      return -1;
+    }
+  if (removed)
+    return 1;
+  return 0;
+#else
+  return -1;
+#endif
+}