346
Return a a status line named EVENTCOUNTER with the current values
347
of all event counters. The values are decimal numbers in the range
348
0 to UINT_MAX and wrapping around to 0. The actual values should
349
not be relied upon, they shall only be used to detect a change.
351
The currently defined counters are:
353
ANY - Incremented with any change of any of the other counters.
354
KEY - Incremented for added or removed private keys.
355
CARD - Incremented for changes of the card readers stati.
344
static const char hlp_geteventcounter[] =
347
"Return a a status line named EVENTCOUNTER with the current values\n"
348
"of all event counters. The values are decimal numbers in the range\n"
349
"0 to UINT_MAX and wrapping around to 0. The actual values should\n"
350
"not be relied upon, they shall only be used to detect a change.\n"
352
"The currently defined counters are:\n"
354
"ANY - Incremented with any change of any of the other counters.\n"
355
"KEY - Incremented for added or removed private keys.\n"
356
"CARD - Incremented for changes of the card readers stati.";
358
358
cmd_geteventcounter (assuan_context_t ctx, char *line)
360
360
ctrl_t ctrl = assuan_get_pointer (ctx);
539
/* SETKEYDESC plus_percent_escaped_string
541
Set a description to be used for the next PKSIGN or PKDECRYPT
542
operation if this operation requires the entry of a passphrase. If
543
this command is not used a default text will be used. Note, that
544
this description implictly selects the label used for the entry
545
box; if the string contains the string PIN (which in general will
546
not be translated), "PIN" is used, otherwise the translation of
547
"passphrase" is used. The description string should not contain
548
blanks unless they are percent or '+' escaped.
550
The description is only valid for the next PKSIGN or PKDECRYPT
545
static const char hlp_setkeydesc[] =
546
"SETKEYDESC plus_percent_escaped_string\n"
548
"Set a description to be used for the next PKSIGN or PKDECRYPT\n"
549
"operation if this operation requires the entry of a passphrase. If\n"
550
"this command is not used a default text will be used. Note, that\n"
551
"this description implictly selects the label used for the entry\n"
552
"box; if the string contains the string PIN (which in general will\n"
553
"not be translated), \"PIN\" is used, otherwise the translation of\n"
554
"\"passphrase\" is used. The description string should not contain\n"
555
"blanks unless they are percent or '+' escaped.\n"
557
"The description is only valid for the next PKSIGN or PKDECRYPT\n"
554
560
cmd_setkeydesc (assuan_context_t ctx, char *line)
556
562
ctrl_t ctrl = assuan_get_pointer (ctx);
822
/* KEYINFO [--list] <keygrip>
824
Return information about the key specified by the KEYGRIP. If the
825
key is not available GPG_ERR_NOT_FOUND is returned. If the option
826
--list is given the keygrip is ignored and information about all
827
available keys are returned. The information is returned as a
828
status line with this format:
830
KEYINFO <keygrip> <type> <serialno> <idstr>
832
KEYGRIP is the keygrip.
834
TYPE is describes the type of the key:
835
'D' - Regular key stored on disk,
836
'T' - Key is stored on a smartcard (token).
839
SERIALNO is an ASCII string with the serial number of the
840
smartcard. If the serial number is not known a single
841
dash '-' is used instead.
843
IDSTR is the IDSTR used to distinguish keys on a smartcard. If it
844
is not known a dash is used instead.
846
More information may be added in the future.
834
static const char hlp_keyinfo[] =
835
"KEYINFO [--list] <keygrip>\n"
837
"Return information about the key specified by the KEYGRIP. If the\n"
838
"key is not available GPG_ERR_NOT_FOUND is returned. If the option\n"
839
"--list is given the keygrip is ignored and information about all\n"
840
"available keys are returned. The information is returned as a\n"
841
"status line with this format:\n"
843
" KEYINFO <keygrip> <type> <serialno> <idstr>\n"
845
"KEYGRIP is the keygrip.\n"
847
"TYPE is describes the type of the key:\n"
848
" 'D' - Regular key stored on disk,\n"
849
" 'T' - Key is stored on a smartcard (token).\n"
850
" '-' - Unknown type.\n"
852
"SERIALNO is an ASCII string with the serial number of the\n"
853
" smartcard. If the serial number is not known a single\n"
854
" dash '-' is used instead.\n"
856
"IDSTR is the IDSTR used to distinguish keys on a smartcard. If it\n"
857
" is not known a dash is used instead.\n"
859
"More information may be added in the future.";
848
860
static gpg_error_t
849
861
do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip)
989
/* GET_PASSPHRASE [--data] [--check] [--no-ask] [--repeat[=N]]
990
[--qualitybar] <cache_id>
991
[<error_message> <prompt> <description>]
993
This function is usually used to ask for a passphrase to be used
994
for conventional encryption, but may also be used by programs which
995
need specal handling of passphrases. This command uses a syntax
996
which helps clients to use the agent with minimum effort. The
997
agent either returns with an error or with a OK followed by the hex
998
encoded passphrase. Note that the length of the strings is
999
implicitly limited by the maximum length of a command.
1001
If the option "--data" is used the passphrase is returned by usual
1002
data lines and not on the okay line.
1004
If the option "--check" is used the passphrase constraints checks as
1005
implemented by gpg-agent are applied. A check is not done if the
1006
passphrase has been found in the cache.
1008
If the option "--no-ask" is used and the passphrase is not in the
1009
cache the user will not be asked to enter a passphrase but the error
1010
code GPG_ERR_NO_DATA is returned.
1012
If the option "--qualitybar" is used a visual indication of the
1013
entered passphrase quality is shown. (Unless no minimum passphrase
1014
length has been configured.)
1001
static const char hlp_get_passphrase[] =
1002
"GET_PASSPHRASE [--data] [--check] [--no-ask] [--repeat[=N]]\n"
1003
" [--qualitybar] <cache_id>\n"
1004
" [<error_message> <prompt> <description>]\n"
1006
"This function is usually used to ask for a passphrase to be used\n"
1007
"for conventional encryption, but may also be used by programs which\n"
1008
"need specal handling of passphrases. This command uses a syntax\n"
1009
"which helps clients to use the agent with minimum effort. The\n"
1010
"agent either returns with an error or with a OK followed by the hex\n"
1011
"encoded passphrase. Note that the length of the strings is\n"
1012
"implicitly limited by the maximum length of a command.\n"
1014
"If the option \"--data\" is used the passphrase is returned by usual\n"
1015
"data lines and not on the okay line.\n"
1017
"If the option \"--check\" is used the passphrase constraints checks as\n"
1018
"implemented by gpg-agent are applied. A check is not done if the\n"
1019
"passphrase has been found in the cache.\n"
1021
"If the option \"--no-ask\" is used and the passphrase is not in the\n"
1022
"cache the user will not be asked to enter a passphrase but the error\n"
1023
"code GPG_ERR_NO_DATA is returned. \n"
1025
"If the option \"--qualitybar\" is used a visual indication of the\n"
1026
"entered passphrase quality is shown. (Unless no minimum passphrase\n"
1027
"length has been configured.)";
1018
1029
cmd_get_passphrase (assuan_context_t ctx, char *line)
1020
1031
ctrl_t ctrl = assuan_get_pointer (ctx);
1191
/* GET_CONFIRMATION <description>
1193
This command may be used to ask for a simple confirmation.
1194
DESCRIPTION is displayed along with a Okay and Cancel button. This
1195
command uses a syntax which helps clients to use the agent with
1196
minimum effort. The agent either returns with an error or with a
1197
OK. Note, that the length of DESCRIPTION is implicitly limited by
1198
the maximum length of a command. DESCRIPTION should not contain
1199
any spaces, those must be encoded either percent escaped or simply
1201
static const char hlp_get_confirmation[] =
1202
"GET_CONFIRMATION <description>\n"
1204
"This command may be used to ask for a simple confirmation.\n"
1205
"DESCRIPTION is displayed along with a Okay and Cancel button. This\n"
1206
"command uses a syntax which helps clients to use the agent with\n"
1207
"minimum effort. The agent either returns with an error or with a\n"
1208
"OK. Note, that the length of DESCRIPTION is implicitly limited by\n"
1209
"the maximum length of a command. DESCRIPTION should not contain\n"
1210
"any spaces, those must be encoded either percent escaped or simply\n"
1204
1213
cmd_get_confirmation (assuan_context_t ctx, char *line)
1206
1215
ctrl_t ctrl = assuan_get_pointer (ctx);
1427
/* PUTVAL <key> [<percent_escaped_value>]
1429
The gpg-agent maintains a kind of environment which may be used to
1430
store key/value pairs in it, so that they can be retrieved later.
1431
This may be used by helper daemons to daemonize themself on
1432
invocation and register them with gpg-agent. Callers of the
1433
daemon's service may now first try connect to get the information
1434
for that service from gpg-agent through the GETVAL command and then
1435
try to connect to that daemon. Only if that fails they may start
1436
an own instance of the service daemon.
1438
KEY is an an arbitrary symbol with the same syntax rules as keys
1439
for shell environment variables. PERCENT_ESCAPED_VALUE is the
1440
corresponsing value; they should be similar to the values of
1441
envronment variables but gpg-agent does not enforce any
1442
restrictions. If that value is not given any value under that KEY
1443
is removed from this special environment.
1443
static const char hlp_putval[] =
1444
"PUTVAL <key> [<percent_escaped_value>]\n"
1446
"The gpg-agent maintains a kind of environment which may be used to\n"
1447
"store key/value pairs in it, so that they can be retrieved later.\n"
1448
"This may be used by helper daemons to daemonize themself on\n"
1449
"invocation and register them with gpg-agent. Callers of the\n"
1450
"daemon's service may now first try connect to get the information\n"
1451
"for that service from gpg-agent through the GETVAL command and then\n"
1452
"try to connect to that daemon. Only if that fails they may start\n"
1453
"an own instance of the service daemon. \n"
1455
"KEY is an an arbitrary symbol with the same syntax rules as keys\n"
1456
"for shell environment variables. PERCENT_ESCAPED_VALUE is the\n"
1457
"corresponsing value; they should be similar to the values of\n"
1458
"envronment variables but gpg-agent does not enforce any\n"
1459
"restrictions. If that value is not given any value under that KEY\n"
1460
"is removed from this special environment.";
1446
1462
cmd_putval (assuan_context_t ctx, char *line)
1600
1622
agent_sighup_action ();
1603
#endif /*HAVE_W32_SYSTEM*/
1609
Multipurpose function to return a variety of information.
1610
Supported values for WHAT are:
1612
version - Return the version of the program.
1613
pid - Return the process id of the server.
1614
socket_name - Return the name of the socket.
1615
ssh_socket_name - Return the name of the ssh socket.
1616
scd_running - Return OK if the SCdaemon is already running.
1617
s2k_count - Return the calibrated S2K count.
1618
cmd_has_option CMD OPT
1619
- Returns OK if the command CMD implements the option OPT.
1628
static const char hlp_getinfo[] =
1631
"Multipurpose function to return a variety of information.\n"
1632
"Supported values for WHAT are:\n"
1634
" version - Return the version of the program.\n"
1635
" pid - Return the process id of the server.\n"
1636
" socket_name - Return the name of the socket.\n"
1637
" ssh_socket_name - Return the name of the ssh socket.\n"
1638
" scd_running - Return OK if the SCdaemon is already running.\n"
1639
" std_session_env - List the standard session environment.\n"
1640
" std_startup_env - List the standard startup environment.\n"
1642
" - Returns OK if the command CMD implements the option OPT.";
1622
1644
cmd_getinfo (assuan_context_t ctx, char *line)
1646
ctrl_t ctrl = assuan_get_pointer (ctx);
1626
1649
if (!strcmp (line, "version"))
1664
1687
snprintf (numbuf, sizeof numbuf, "%lu", get_standard_s2k_count ());
1665
1688
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
1690
else if (!strcmp (line, "std_session_env")
1691
|| !strcmp (line, "std_startup_env"))
1694
const char *name, *value;
1698
while ((name = session_env_list_stdenvnames (&iterator, NULL)))
1700
value = session_env_getenv_or_default
1701
(line[5] == 't'? opt.startup_env:ctrl->session_env, name, NULL);
1704
string = xtryasprintf ("%s=%s", name, value);
1706
rc = gpg_error_from_syserror ();
1709
rc = assuan_send_data (ctx, string, strlen (string)+1);
1711
rc = assuan_send_data (ctx, NULL, 0);
1667
1718
else if (!strncmp (line, "cmd_has_option", 14)
1668
1719
&& (line[14] == ' ' || line[14] == '\t' || !line[14]))
1830
1883
static struct {
1831
1884
const char *name;
1832
int (*handler)(assuan_context_t, char *line);
1885
assuan_handler_t handler;
1886
const char * const help;
1834
{ "GETEVENTCOUNTER",cmd_geteventcounter },
1835
{ "ISTRUSTED", cmd_istrusted },
1836
{ "HAVEKEY", cmd_havekey },
1837
{ "KEYINFO", cmd_keyinfo },
1838
{ "SIGKEY", cmd_sigkey },
1839
{ "SETKEY", cmd_sigkey },
1840
{ "SETKEYDESC", cmd_setkeydesc },
1841
{ "SETHASH", cmd_sethash },
1842
{ "PKSIGN", cmd_pksign },
1843
{ "PKDECRYPT", cmd_pkdecrypt },
1844
{ "GENKEY", cmd_genkey },
1845
{ "READKEY", cmd_readkey },
1846
{ "GET_PASSPHRASE", cmd_get_passphrase },
1847
{ "PRESET_PASSPHRASE", cmd_preset_passphrase },
1848
{ "CLEAR_PASSPHRASE", cmd_clear_passphrase },
1849
{ "GET_CONFIRMATION", cmd_get_confirmation },
1850
{ "LISTTRUSTED", cmd_listtrusted },
1851
{ "MARKTRUSTED", cmd_marktrusted },
1852
{ "LEARN", cmd_learn },
1853
{ "PASSWD", cmd_passwd },
1888
{ "GETEVENTCOUNTER",cmd_geteventcounter, hlp_geteventcounter },
1889
{ "ISTRUSTED", cmd_istrusted, hlp_istrusted },
1890
{ "HAVEKEY", cmd_havekey, hlp_havekey },
1891
{ "KEYINFO", cmd_keyinfo, hlp_keyinfo },
1892
{ "SIGKEY", cmd_sigkey, hlp_sigkey },
1893
{ "SETKEY", cmd_sigkey, hlp_sigkey },
1894
{ "SETKEYDESC", cmd_setkeydesc,hlp_setkeydesc },
1895
{ "SETHASH", cmd_sethash, hlp_sethash },
1896
{ "PKSIGN", cmd_pksign, hlp_pksign },
1897
{ "PKDECRYPT", cmd_pkdecrypt, hlp_pkdecrypt },
1898
{ "GENKEY", cmd_genkey, hlp_genkey },
1899
{ "READKEY", cmd_readkey, hlp_readkey },
1900
{ "GET_PASSPHRASE", cmd_get_passphrase, hlp_get_passphrase },
1901
{ "PRESET_PASSPHRASE", cmd_preset_passphrase, hlp_preset_passphrase },
1902
{ "CLEAR_PASSPHRASE", cmd_clear_passphrase, hlp_clear_passphrase },
1903
{ "GET_CONFIRMATION", cmd_get_confirmation, hlp_get_confirmation },
1904
{ "LISTTRUSTED", cmd_listtrusted, hlp_listtrusted },
1905
{ "MARKTRUSTED", cmd_marktrusted, hlp_martrusted },
1906
{ "LEARN", cmd_learn, hlp_learn },
1907
{ "PASSWD", cmd_passwd, hlp_passwd },
1854
1908
{ "INPUT", NULL },
1855
1909
{ "OUTPUT", NULL },
1857
{ "GETVAL", cmd_getval },
1858
{ "PUTVAL", cmd_putval },
1859
{ "UPDATESTARTUPTTY", cmd_updatestartuptty },
1860
#ifdef HAVE_W32_SYSTEM
1861
{ "KILLAGENT", cmd_killagent },
1862
{ "RELOADAGENT", cmd_reloadagent },
1864
{ "GETINFO", cmd_getinfo },
1910
{ "SCD", cmd_scd, hlp_scd },
1911
{ "GETVAL", cmd_getval, hlp_getval },
1912
{ "PUTVAL", cmd_putval, hlp_putval },
1913
{ "UPDATESTARTUPTTY", cmd_updatestartuptty, hlp_updatestartuptty },
1914
{ "KILLAGENT", cmd_killagent, hlp_killagent },
1915
{ "RELOADAGENT", cmd_reloadagent,hlp_reloadagent },
1916
{ "GETINFO", cmd_getinfo, hlp_getinfo },
1869
1921
for (i=0; table[i].name; i++)
1871
rc = assuan_register_command (ctx, table[i].name, table[i].handler);
1923
rc = assuan_register_command (ctx, table[i].name, table[i].handler,
1875
#ifdef HAVE_ASSUAN_SET_IO_MONITOR
1876
1928
assuan_register_post_cmd_notify (ctx, post_cmd_notify);
1878
1929
assuan_register_reset_notify (ctx, reset_notify);
1879
1930
assuan_register_option_handler (ctx, option_handler);
1889
1940
start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
1892
assuan_context_t ctx;
1943
assuan_context_t ctx = NULL;
1945
rc = assuan_new (&ctx);
1948
log_error ("failed to allocate assuan context: %s\n", gpg_strerror (rc));
1894
1952
if (listen_fd == GNUPG_INVALID_FD && fd == GNUPG_INVALID_FD)
1954
assuan_fd_t filedes[2];
1900
rc = assuan_init_pipe_server (&ctx, filedes);
1956
filedes[0] = assuan_fdopen (0);
1957
filedes[1] = assuan_fdopen (1);
1958
rc = assuan_init_pipe_server (ctx, filedes);
1902
1960
else if (listen_fd != GNUPG_INVALID_FD)
1904
rc = assuan_init_socket_server_ext (&ctx, listen_fd, 0);
1962
rc = assuan_init_socket_server (ctx, listen_fd, 0);
1905
1963
/* FIXME: Need to call assuan_sock_set_nonce for Windows. But
1906
1964
this branch is currently not used. */
1910
rc = assuan_init_socket_server_ext (&ctx, fd, 2);
1968
rc = assuan_init_socket_server (ctx, fd, ASSUAN_SOCKET_SERVER_ACCEPTED);