static gboolean
decode_acl (EggBuffer *buffer, gsize offset, gsize *offset_out, GList **out)
{
GList *acl;
guint32 num_acs;
guint32 x, y;
int i;
GkmSecretAccess *ac;
char *name, *path, *reserved;
acl = NULL;
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &num_acs))
return FALSE;
for (i = 0; i < num_acs; i++) {
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &x)) {
goto bail;
}
if (!buffer_get_utf8_string (buffer, offset, &offset, &name)) {
goto bail;
}
if (!buffer_get_utf8_string (buffer, offset, &offset, &path)) {
g_free (name);
goto bail;
}
reserved = NULL;
if (!buffer_get_utf8_string (buffer, offset, &offset, &reserved)) {
g_free (name);
g_free (path);
goto bail;
}
g_free (reserved);
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &y)) {
g_free (name);
g_free (path);
goto bail;
}
ac = g_new0 (GkmSecretAccess, 1);
ac->display_name = name;
ac->pathname = path;
ac->types_allowed = x;
acl = g_list_prepend (acl, ac);
}
*offset_out = offset;
*out = g_list_reverse (acl);
return TRUE;
bail:
gkm_secret_compat_acl_free (acl);
return FALSE;
}
static gboolean
buffer_get_time (EggBuffer *buffer, gsize offset, gsize *next_offset, time_t *time)
{
guint32 a, b;
guint64 val;
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &a) ||
!egg_buffer_get_uint32 (buffer, offset, &offset, &b))
return FALSE;
val = ((guint64)a) << 32 | b;
*next_offset = offset;
*time = (time_t) val;
return TRUE;
}
static gboolean
read_hashed_item_info (EggBuffer *buffer, gsize *offset, ItemInfo *items, guint n_items)
{
gint i;
g_assert (buffer);
g_assert (offset);
g_assert (items);
for (i = 0; i < n_items; i++) {
if (!egg_buffer_get_uint32 (buffer, *offset, offset, &items[i].id) ||
!egg_buffer_get_uint32 (buffer, *offset, offset, &items[i].type) ||
!buffer_get_attributes (buffer, *offset, offset, &items[i].attributes, TRUE))
return FALSE;
items[i].identifier = g_strdup_printf ("%u", items[i].id);
}
return TRUE;
}
int
gkm_rpc_message_parse (GkmRpcMessage *msg, GkmRpcMessageType type)
{
const unsigned char *val;
size_t len;
uint32_t call_id;
msg->parsed = 0;
/* Pull out the call identifier */
if (!egg_buffer_get_uint32 (&msg->buffer, msg->parsed, &(msg->parsed), &call_id)) {
gkm_rpc_warn ("invalid message: couldn't read call identifier");
return 0;
}
msg->signature = msg->sigverify = NULL;
/* If it's an error code then no more processing */
if (call_id == GKM_RPC_CALL_ERROR) {
if (type == GKM_RPC_REQUEST) {
gkm_rpc_warn ("invalid message: error code in request");
return 0;
}
return 1;
}
/* The call id and signature */
if (call_id <= 0 || call_id >= GKM_RPC_CALL_MAX) {
gkm_rpc_warn ("invalid message: bad call id: %d", call_id);
return 0;
}
if (type == GKM_RPC_REQUEST)
msg->signature = gkm_rpc_calls[call_id].request;
else if (type == GKM_RPC_RESPONSE)
msg->signature = gkm_rpc_calls[call_id].response;
else
assert (0 && "invalid message type");
msg->call_id = call_id;
msg->call_type = type;
msg->sigverify = msg->signature;
/* Verify the incoming signature */
if (!egg_buffer_get_byte_array (&msg->buffer, msg->parsed, &(msg->parsed), &val, &len)) {
gkm_rpc_warn ("invalid message: couldn't read signature");
return 0;
}
if ((strlen (msg->signature) != len) || (memcmp (val, msg->signature, len) != 0)) {
gkm_rpc_warn ("invalid message: signature doesn't match");
return 0;
}
return 1;
}
static gboolean
read_full_item_info (EggBuffer *buffer, gsize *offset, ItemInfo *items, guint n_items)
{
gchar *reserved;
guint32 tmp;
gint i, j;
g_assert (buffer);
g_assert (offset);
g_assert (items);
for (i = 0; i < n_items; i++) {
/* The display name */
if (!buffer_get_utf8_string (buffer, *offset, offset,
&items[i].display_name))
return FALSE;
/* The secret */
if (!egg_buffer_get_byte_array (buffer, *offset, offset,
&items[i].ptr_secret, &items[i].n_secret))
return FALSE;
/* The item times */
if (!buffer_get_time (buffer, *offset, offset, &items[i].ctime) ||
!buffer_get_time (buffer, *offset, offset, &items[i].mtime))
return FALSE;
/* Reserved data */
reserved = NULL;
if (!buffer_get_utf8_string (buffer, *offset, offset, &reserved))
return FALSE;
g_free (reserved);
for (j = 0; j < 4; j++) {
if (!egg_buffer_get_uint32 (buffer, *offset, offset, &tmp))
return FALSE;
}
/* The attributes */
if (items[i].attributes)
g_hash_table_unref (items[i].attributes);
if (!buffer_get_attributes (buffer, *offset, offset, &items[i].attributes, FALSE))
return FALSE;
/* The ACLs */
if (!decode_acl (buffer, *offset, offset, &items[i].acl))
return FALSE;
}
return TRUE;
}
gboolean
gkd_ssh_agent_proto_read_public_v1 (EggBuffer *req, gsize *offset, GckAttributes *attrs)
{
guint32 bits;
g_assert (req);
g_assert (offset);
g_assert (attrs);
if (!egg_buffer_get_uint32 (req, *offset, offset, &bits))
return FALSE;
if (!gkd_ssh_agent_proto_read_mpi_v1 (req, offset, attrs, CKA_PUBLIC_EXPONENT) ||
!gkd_ssh_agent_proto_read_mpi_v1 (req, offset, attrs, CKA_MODULUS))
return FALSE;
/* Add in your basic other required attributes */
gck_attributes_add_ulong (attrs, CKA_CLASS, CKO_PUBLIC_KEY);
gck_attributes_add_ulong (attrs, CKA_KEY_TYPE, CKK_RSA);
return TRUE;
}
static gboolean
read_packet_with_size (GkdSshAgentCall *call)
{
int fd;
guint32 packet_size;
fd = call->sock;
egg_buffer_resize (call->req, 4);
if (!read_all (fd, call->req->buf, 4))
return FALSE;
if (!egg_buffer_get_uint32 (call->req, 0, NULL, &packet_size) ||
packet_size < 1) {
g_warning ("invalid packet size from client");
return FALSE;
}
egg_buffer_resize (call->req, packet_size + 4);
if (!read_all (fd, call->req->buf + 4, packet_size))
return FALSE;
return TRUE;
}
GkmDataResult
gkm_secret_binary_read (GkmSecretCollection *collection, GkmSecretData *sdata,
gconstpointer data, gsize n_data)
{
gsize offset;
guchar major, minor, crypto, hash;
guint32 flags;
guint32 lock_timeout;
time_t mtime, ctime;
char *display_name;
guint32 tmp;
guint32 num_items;
guint32 crypto_size;
guint32 hash_iterations;
guchar salt[8];
ItemInfo *items;
GkmSecret* master;
GkmSecretObject *obj;
EggBuffer to_decrypt = EGG_BUFFER_EMPTY;
GkmDataResult res = GKM_DATA_FAILURE;
GHashTable *checks = NULL;
GkmSecretItem *item;
EggBuffer buffer;
GList *l, *iteml;
int i;
display_name = NULL;
items = 0;
obj = GKM_SECRET_OBJECT (collection);
/* The buffer we read from */
egg_buffer_init_static (&buffer, data, n_data);
if (buffer.len < KEYRING_FILE_HEADER_LEN ||
memcmp (buffer.buf, KEYRING_FILE_HEADER, KEYRING_FILE_HEADER_LEN) != 0) {
egg_buffer_uninit (&buffer);
return GKM_DATA_UNRECOGNIZED;
}
offset = KEYRING_FILE_HEADER_LEN;
major = buffer.buf[offset++];
minor = buffer.buf[offset++];
crypto = buffer.buf[offset++];
hash = buffer.buf[offset++];
if (major != 0 || minor != 0 || crypto != 0 || hash != 0) {
egg_buffer_uninit (&buffer);
return GKM_DATA_UNRECOGNIZED;
}
if (!buffer_get_utf8_string (&buffer, offset, &offset, &display_name) ||
!buffer_get_time (&buffer, offset, &offset, &ctime) ||
!buffer_get_time (&buffer, offset, &offset, &mtime) ||
!egg_buffer_get_uint32 (&buffer, offset, &offset, &flags) ||
!egg_buffer_get_uint32 (&buffer, offset, &offset, &lock_timeout) ||
!egg_buffer_get_uint32 (&buffer, offset, &offset, &hash_iterations) ||
!buffer_get_bytes (&buffer, offset, &offset, salt, 8))
goto bail;
for (i = 0; i < 4; i++) {
if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &tmp))
goto bail;
}
if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &num_items))
goto bail;
items = g_new0 (ItemInfo, num_items + 1);
/* Hashed data, without secrets */
if (!read_hashed_item_info (&buffer, &offset, items, num_items))
goto bail;
if (!egg_buffer_get_uint32 (&buffer, offset, &offset, &crypto_size))
goto bail;
/* Make the crypted part is the right size */
if (crypto_size % 16 != 0)
goto bail;
/* Ensure the file is large enough to hold all the data (in case it got truncated) */
if (buffer.len < offset + crypto_size)
goto bail;
/* Copy the data into to_decrypt into non-pageable memory */
egg_buffer_set_allocator (&to_decrypt, egg_secure_realloc);
egg_buffer_reserve (&to_decrypt, crypto_size);
memcpy (to_decrypt.buf, buffer.buf + offset, crypto_size);
to_decrypt.len = crypto_size;
if (sdata != NULL) {
master = gkm_secret_data_get_master (sdata);
if (!decrypt_buffer (&to_decrypt, master, salt, hash_iterations))
goto bail;
if (!verify_decrypted_buffer (&to_decrypt)) {
res = GKM_DATA_LOCKED;
goto bail;
} else {
offset = 16; /* Skip hash */
if (!read_full_item_info (&to_decrypt, &offset, items, num_items))
goto bail;
}
}
/* Correctly read all data, possibly including the decrypted data.
* Now update the keyring and items: */
gkm_secret_object_set_label (obj, display_name);
gkm_secret_object_set_modified (obj, mtime);
gkm_secret_object_set_created (obj, ctime);
if (flags & LOCK_ON_IDLE_FLAG)
gkm_secret_collection_set_lock_idle (collection, lock_timeout);
else if (flags & LOCK_AFTER_FLAG)
gkm_secret_collection_set_lock_after (collection, lock_timeout);
/* Build a Hash table where we can track ids we haven't yet seen */
checks = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
iteml = gkm_secret_collection_get_items (collection);
for (l = iteml; l; l = g_list_next (l))
g_hash_table_insert (checks, g_strdup (gkm_secret_object_get_identifier (l->data)), "unused");
g_list_free (iteml);
for (i = 0; i < num_items; i++) {
/* We've seen this id */
g_hash_table_remove (checks, items[i].identifier);
item = gkm_secret_collection_get_item (collection, items[i].identifier);
if (item == NULL)
item = gkm_secret_collection_new_item (collection, items[i].identifier);
setup_item_from_info (item, sdata, &items[i]);
}
g_hash_table_foreach (checks, remove_unavailable_item, collection);
res = GKM_DATA_SUCCESS;
bail:
egg_buffer_uninit (&to_decrypt);
if (checks)
g_hash_table_destroy (checks);
g_free (display_name);
for (i = 0; items && i < num_items; i++)
free_item_info (&items[i]);
g_free (items);
return res;
}
static gboolean
buffer_get_attributes (EggBuffer *buffer, gsize offset, gsize *next_offset,
GHashTable **attributes_out, gboolean hashed)
{
guint32 list_size;
GHashTable *attributes;
char *name;
guint32 type;
char *str;
guint32 val;
int i;
attributes = NULL;
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &list_size))
goto bail;
attributes = gkm_secret_fields_new ();
for (i = 0; i < list_size; i++) {
if (!buffer_get_utf8_string (buffer, offset, &offset, &name))
goto bail;
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &type)) {
g_free (name);
goto bail;
}
switch (type) {
case 0: /* A string */
if (!buffer_get_utf8_string (buffer, offset, &offset, &str)) {
g_free (name);
goto bail;
}
if (hashed) {
gkm_secret_fields_add_compat_hashed_string (attributes, name, str);
g_free (name);
g_free (str);
} else {
gkm_secret_fields_take (attributes, name, str);
}
break;
case 1: /* A uint32 */
if (!egg_buffer_get_uint32 (buffer, offset, &offset, &val)) {
g_free (name);
goto bail;
}
if (hashed)
gkm_secret_fields_add_compat_hashed_uint32 (attributes, name, val);
else
gkm_secret_fields_add_compat_uint32 (attributes, name, val);
g_free (name);
break;
default:
g_free (name);
goto bail;
}
}
*attributes_out = attributes;
*next_offset = offset;
return TRUE;
bail:
g_hash_table_unref (attributes);
return FALSE;
}
