gwenhywfar  5.10.1
gui_passwd.c
Go to the documentation of this file.
1 /***************************************************************************
2  begin : Fri Feb 07 2003
3  copyright : (C) 2021 by Martin Preuss
4  email : martin@libchipcard.de
5 
6  ***************************************************************************
7  * *
8  * This library is free software; you can redistribute it and/or *
9  * modify it under the terms of the GNU Lesser General Public *
10  * License as published by the Free Software Foundation; either *
11  * version 2.1 of the License, or (at your option) any later version. *
12  * *
13  * This library is distributed in the hope that it will be useful, *
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
16  * Lesser General Public License for more details. *
17  * *
18  * You should have received a copy of the GNU Lesser General Public *
19  * License along with this library; if not, write to the Free Software *
20  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, *
21  * MA 02111-1307 USA *
22  * *
23  ***************************************************************************/
24 
25 /* included from gui.c */
26 
27 
28 
29 static int GWEN_Gui__HashPair(const char *token, const char *pin, GWEN_BUFFER *buf)
30 {
31  GWEN_MDIGEST *md;
32  int rv;
33 
34  /* hash token and pin */
35  md=GWEN_MDigest_Md5_new();
36  rv=GWEN_MDigest_Begin(md);
37  if (rv==0)
38  rv=GWEN_MDigest_Update(md, (const uint8_t *)token, strlen(token));
39  if (rv==0)
40  rv=GWEN_MDigest_Update(md, (const uint8_t *)pin, strlen(pin));
41  if (rv==0)
42  rv=GWEN_MDigest_End(md);
43  if (rv<0) {
44  DBG_ERROR(GWEN_LOGDOMAIN, "Hash error (%d)", rv);
45  GWEN_MDigest_free(md);
46  return rv;
47  }
48 
49  GWEN_Text_ToHexBuffer((const char *)GWEN_MDigest_GetDigestPtr(md),
50  GWEN_MDigest_GetDigestSize(md),
51  buf,
52  0, 0, 0);
53  GWEN_MDigest_free(md);
54  return 0;
55 }
56 
57 
58 
59 
60 static int GWENHYWFAR_CB GWEN_Gui_Internal_GetPassword(GWEN_GUI *gui,
61  uint32_t flags,
62  const char *token,
63  const char *title,
64  const char *text,
65  char *buffer,
66  int minLen,
67  int maxLen,
68  GWEN_UNUSED GWEN_GUI_PASSWORD_METHOD methodId,
69  GWEN_UNUSED GWEN_DB_NODE *methodParams,
70  uint32_t guiid)
71 {
72  if ((flags & GWEN_GUI_INPUT_FLAGS_TAN) ||
73  (flags & GWEN_GUI_INPUT_FLAGS_DIRECT) ||
74  (gui->dbPasswords==NULL)
75  ) {
76  return GWEN_Gui_InputBox(flags,
77  title,
78  text,
79  buffer,
80  minLen,
81  maxLen,
82  guiid);
83  }
84  else {
85  GWEN_BUFFER *buf;
86  int rv;
87  const char *s;
88 
89  buf=GWEN_Buffer_new(0, 256, 0, 1);
90  GWEN_Text_EscapeToBufferTolerant(token, buf);
91 
92  if (!(flags & GWEN_GUI_INPUT_FLAGS_CONFIRM)) {
93  s=GWEN_DB_GetCharValue(gui->dbPasswords,
94  GWEN_Buffer_GetStart(buf),
95  0, NULL);
96  if (s) {
97  int i;
98 
99  i=strlen(s);
100  if (i>=minLen && i < maxLen) {
101  memmove(buffer, s, i+1);
102  GWEN_Buffer_free(buf);
103  return 0;
104  }
105  else {
106  DBG_ERROR(GWEN_LOGDOMAIN, "Stored password [%s] is not within size limits (%d), rejecting.",
107  GWEN_Buffer_GetStart(buf), i);
108  }
109  }
110  }
111 
112  /* passwd not in password cache, look for it in password storage */
113  if (gui->passwdStore) {
114  rv=GWEN_PasswordStore_GetPassword(gui->passwdStore, token, buffer, minLen, maxLen);
115  if (rv<0) {
116  if (rv==GWEN_ERROR_NOT_FOUND || rv==GWEN_ERROR_NO_DATA) {
117  DBG_INFO(GWEN_LOGDOMAIN, "Password not found in PasswordStore");
118  }
119  else {
120  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
121  GWEN_Buffer_free(buf);
122  return rv;
123  }
124  }
125  else {
126  /* got password */
127  return 0;
128  }
129  }
130 
131  if (gui->flags & GWEN_GUI_FLAGS_NONINTERACTIVE) {
132  DBG_ERROR(GWEN_LOGDOMAIN,
133  "Password for [%s] missing in noninteractive mode, "
134  "aborting", GWEN_Buffer_GetStart(buf));
135  GWEN_Buffer_free(buf);
136  return GWEN_ERROR_USER_ABORTED;
137  }
138 
139  for (;;) {
140  int rv2;
141 
142  rv=GWEN_Gui_InputBox(flags,
143  title,
144  text,
145  buffer,
146  minLen,
147  maxLen,
148  guiid);
149  if (rv<0) {
150  GWEN_Buffer_free(buf);
151  return rv;
152  }
153  else {
154  GWEN_BUFFER *hbuf;
155  int isBad=0;
156 
157  hbuf=GWEN_Buffer_new(0, 64, 0, 1);
158  GWEN_Gui__HashPair(token, buffer, hbuf);
159  isBad=GWEN_StringList_HasString(gui->badPasswords,
160  GWEN_Buffer_GetStart(hbuf));
161  if (!isBad) {
162  GWEN_Buffer_free(hbuf);
163  break;
164  }
165  rv2=GWEN_Gui_MessageBox(GWEN_GUI_MSG_FLAGS_TYPE_ERROR |
166  GWEN_GUI_MSG_FLAGS_CONFIRM_B1 |
167  GWEN_GUI_MSG_FLAGS_SEVERITY_DANGEROUS,
168  I18N("Enforce PIN"),
169  I18N(
170  "You entered the same PIN twice.\n"
171  "The PIN is marked as bad, do you want\n"
172  "to use it anyway?"
173  "<html>"
174  "<p>"
175  "You entered the same PIN twice."
176  "</p>"
177  "<p>"
178  "The PIN is marked as <b>bad</b>, "
179  "do you want to use it anyway?"
180  "</p>"
181  "</html>"),
182  I18N("Yes, use anyway"),
183  I18N("Re-enter"),
184  0,
185  guiid);
186  if (rv2==1) {
187  /* accept this input */
188  GWEN_StringList_RemoveString(gui->badPasswords,
189  GWEN_Buffer_GetStart(hbuf));
190  GWEN_Buffer_free(hbuf);
191  break;
192  }
193  GWEN_Buffer_free(hbuf);
194  }
195  } /* for */
196 
197  /* store in temporary cache */
198  GWEN_DB_SetCharValue(gui->dbPasswords, GWEN_DB_FLAGS_OVERWRITE_VARS,
199  GWEN_Buffer_GetStart(buf), buffer);
200 
201  /* only store passwd in storage if allowed by the user */
202  if (rv==1 && gui->passwdStore) {
203  rv=GWEN_PasswordStore_SetPassword(gui->passwdStore, token, buffer);
204  if (rv<0) {
205  DBG_WARN(GWEN_LOGDOMAIN, "Could not store password (%d)", rv);
206  }
207  }
208 
209  GWEN_Buffer_free(buf);
210  return 0;
211  }
212 }
213 
214 
215 
216 static int GWENHYWFAR_CB GWEN_Gui_Internal_SetPasswordStatus(GWEN_GUI *gui,
217  const char *token,
218  const char *pin,
219  GWEN_GUI_PASSWORD_STATUS status,
220  GWEN_UNUSED uint32_t guiid)
221 {
222  if (token==NULL && pin==NULL && status==GWEN_Gui_PasswordStatus_Remove) {
223  /* complete cleaning is requested */
224  if (gui->passwdStore)
225  GWEN_PasswordStore_ClearStoragePasswd(gui->passwdStore);
226  if (gui->persistentPasswords==0)
227  GWEN_DB_ClearGroup(gui->dbPasswords, NULL);
228  }
229  else {
230  GWEN_BUFFER *hbuf;
231 
232  /* setting ststus of a specific password/pin */
233  hbuf=GWEN_Buffer_new(0, 64, 0, 1);
234  GWEN_Gui__HashPair(token, pin, hbuf);
235  if (status==GWEN_Gui_PasswordStatus_Bad) {
236  GWEN_StringList_AppendString(gui->badPasswords,
237  GWEN_Buffer_GetStart(hbuf),
238  0, 1);
239  /* remove from permanent passwd storage */
240  if (gui->passwdStore) {
241  int rv;
242 
243  rv=GWEN_PasswordStore_SetPassword(gui->passwdStore, token, NULL);
244  if (rv<0) {
245  DBG_WARN(GWEN_LOGDOMAIN, "Could not remove password from storage (%d)", rv);
246  }
247  }
248 
249  if (gui->dbPasswords) {
250  GWEN_BUFFER *buf;
251 
252  buf=GWEN_Buffer_new(0, 256, 0, 1);
253  GWEN_Text_EscapeToBufferTolerant(token, buf);
254 
255  GWEN_DB_DeleteVar(gui->dbPasswords, GWEN_Buffer_GetStart(buf));
256  }
257  }
258  else if (status==GWEN_Gui_PasswordStatus_Ok ||
259  status==GWEN_Gui_PasswordStatus_Remove) {
260  if (gui->persistentPasswords==0)
261  GWEN_StringList_RemoveString(gui->badPasswords, GWEN_Buffer_GetStart(hbuf));
262  }
263  GWEN_Buffer_free(hbuf);
264  }
265 
266  return 0;
267 }
268 
269 
270 
271 int GWEN_Gui_GetPassword(uint32_t flags,
272  const char *token,
273  const char *title,
274  const char *text,
275  char *buffer,
276  int minLen,
277  int maxLen,
278  GWEN_GUI_PASSWORD_METHOD methodId,
279  GWEN_DB_NODE *methodParams,
280  uint32_t guiid)
281 {
282  GWEN_GUI *gui;
283 
284  gui=GWEN_Gui_GetGui();
285  if (gui) {
286  if (gui->getPasswordFn)
287  return gui->getPasswordFn(gui, flags, token, title, text, buffer, minLen, maxLen, methodId, methodParams, guiid);
288  else if (gui->inputBoxFn)
289  return gui->inputBoxFn(gui, flags, title, text, buffer, minLen, maxLen, guiid);
290  }
291  return GWEN_ERROR_NOT_IMPLEMENTED;
292 }
293 
294 
295 
296 int GWEN_Gui_SetPasswordStatus(const char *token,
297  const char *pin,
298  GWEN_GUI_PASSWORD_STATUS status,
299  uint32_t guiid)
300 {
301  GWEN_GUI *gui;
302 
303  gui=GWEN_Gui_GetGui();
304  if (gui && gui->setPasswordStatusFn)
305  return gui->setPasswordStatusFn(gui, token, pin, status, guiid);
306  return GWEN_ERROR_NOT_IMPLEMENTED;
307 }
308 
309 
310 
311 
GWEN_Buffer_GetStart
char * GWEN_Buffer_GetStart(const GWEN_BUFFER *bf)
Definition: buffer.c:235
I18N
#define I18N(m)
Definition: error.c:42
GWEN_DB_FLAGS_OVERWRITE_VARS
#define GWEN_DB_FLAGS_OVERWRITE_VARS
Definition: db.h:121
GWEN_MDigest_free
void GWEN_MDigest_free(GWEN_MDIGEST *md)
Definition: mdigest.c:54
GWEN_DB_NODE
struct GWEN_DB_NODE GWEN_DB_NODE
Definition: db.h:228
GWEN_Gui_PasswordStatus_Bad
Definition: gui.h:387
GWEN_GUI_INPUT_FLAGS_CONFIRM
#define GWEN_GUI_INPUT_FLAGS_CONFIRM
Definition: gui.h:211
GWEN_GUI_FLAGS_NONINTERACTIVE
#define GWEN_GUI_FLAGS_NONINTERACTIVE
Definition: gui.h:992
GWEN_Gui_PasswordStatus_Ok
Definition: gui.h:389
NULL
#define NULL
Definition: binreloc.c:300
GWEN_Text_EscapeToBufferTolerant
int GWEN_Text_EscapeToBufferTolerant(const char *src, GWEN_BUFFER *buf)
Definition: text.c:1471
DBG_WARN
#define DBG_WARN(dbg_logger, format, args...)
Definition: debug.h:125
GWEN_LOGDOMAIN
#define GWEN_LOGDOMAIN
Definition: logger.h:35
GWEN_Gui_MessageBox
GWENHYWFAR_API int GWEN_Gui_MessageBox(uint32_t flags, const char *title, const char *text, const char *b1, const char *b2, const char *b3, uint32_t guiid)
Definition: gui_virtual.c:342
GWEN_MDigest_Update
int GWEN_MDigest_Update(GWEN_MDIGEST *md, const uint8_t *buf, unsigned int l)
Definition: mdigest.c:153
GWEN_PasswordStore_GetPassword
int GWEN_PasswordStore_GetPassword(GWEN_PASSWD_STORE *sto, const char *token, char *buffer, int minLen, int maxLen)
Definition: passwdstore.c:695
GWEN_GUI_INPUT_FLAGS_DIRECT
#define GWEN_GUI_INPUT_FLAGS_DIRECT
Definition: gui.h:226
GWEN_Buffer_new
GWEN_BUFFER * GWEN_Buffer_new(char *buffer, uint32_t size, uint32_t used, int take)
Definition: buffer.c:42
GWEN_PasswordStore_SetPassword
int GWEN_PasswordStore_SetPassword(GWEN_PASSWD_STORE *sto, const char *token, const char *secret)
Definition: passwdstore.c:624
GWEN_Gui__HashPair
static int GWEN_Gui__HashPair(const char *token, const char *pin, GWEN_BUFFER *buf)
Definition: gui_passwd.c:29
GWEN_MDigest_GetDigestPtr
uint8_t * GWEN_MDigest_GetDigestPtr(GWEN_MDIGEST *md)
Definition: mdigest.c:81
GWEN_MDigest_Begin
int GWEN_MDigest_Begin(GWEN_MDIGEST *md)
Definition: mdigest.c:129
GWEN_GUI_PASSWORD_STATUS
GWEN_GUI_PASSWORD_STATUS
Definition: gui.h:386
GWEN_Gui_Internal_SetPasswordStatus
static int GWENHYWFAR_CB GWEN_Gui_Internal_SetPasswordStatus(GWEN_GUI *gui, const char *token, const char *pin, GWEN_GUI_PASSWORD_STATUS status, GWEN_UNUSED uint32_t guiid)
Definition: gui_passwd.c:216
GWEN_Gui_InputBox
GWENHYWFAR_API int GWEN_Gui_InputBox(uint32_t flags, const char *title, const char *text, char *buffer, int minLen, int maxLen, uint32_t guiid)
Definition: gui_virtual.c:360
GWEN_StringList_AppendString
int GWEN_StringList_AppendString(GWEN_STRINGLIST *sl, const char *s, int take, int checkDouble)
Definition: stringlist.c:245
GWEN_GUI_MSG_FLAGS_SEVERITY_DANGEROUS
#define GWEN_GUI_MSG_FLAGS_SEVERITY_DANGEROUS
Definition: gui.h:337
GWENHYWFAR_CB
#define GWENHYWFAR_CB
Definition: gwenhywfarapi.h:89
GWEN_GUI_INPUT_FLAGS_TAN
#define GWEN_GUI_INPUT_FLAGS_TAN
Definition: gui.h:222
GWEN_Gui_GetGui
GWEN_GUI * GWEN_Gui_GetGui(void)
Definition: gui.c:160
GWEN_MDIGEST
struct GWEN_MDIGEST GWEN_MDIGEST
Definition: mdigest.h:25
GWEN_StringList_RemoveString
int GWEN_StringList_RemoveString(GWEN_STRINGLIST *sl, const char *s)
Definition: stringlist.c:326
GWEN_DB_GetCharValue
const char * GWEN_DB_GetCharValue(GWEN_DB_NODE *n, const char *path, int idx, const char *defVal)
Definition: db.c:971
GWEN_Buffer_free
void GWEN_Buffer_free(GWEN_BUFFER *bf)
Definition: buffer.c:89
GWEN_DB_DeleteVar
int GWEN_DB_DeleteVar(GWEN_DB_NODE *n, const char *path)
Definition: db.c:899
GWEN_BUFFER
struct GWEN_BUFFER GWEN_BUFFER
A dynamically resizeable text buffer.
Definition: buffer.h:38
GWEN_Gui_Internal_GetPassword
static int GWENHYWFAR_CB GWEN_Gui_Internal_GetPassword(GWEN_GUI *gui, uint32_t flags, const char *token, const char *title, const char *text, char *buffer, int minLen, int maxLen, GWEN_UNUSED GWEN_GUI_PASSWORD_METHOD methodId, GWEN_UNUSED GWEN_DB_NODE *methodParams, uint32_t guiid)
Definition: gui_passwd.c:60
GWEN_GUI_PASSWORD_METHOD
GWEN_GUI_PASSWORD_METHOD
Definition: gui.h:163
GWEN_GUI_MSG_FLAGS_TYPE_ERROR
#define GWEN_GUI_MSG_FLAGS_TYPE_ERROR
Definition: gui.h:293
GWEN_MDigest_End
int GWEN_MDigest_End(GWEN_MDIGEST *md)
Definition: mdigest.c:141
DBG_ERROR
#define DBG_ERROR(dbg_logger, format, args...)
Definition: debug.h:97
GWEN_MDigest_GetDigestSize
unsigned int GWEN_MDigest_GetDigestSize(GWEN_MDIGEST *md)
Definition: mdigest.c:90
GWEN_MDigest_Md5_new
GWENHYWFAR_API GWEN_MDIGEST * GWEN_MDigest_Md5_new(void)
Definition: mdigestgc.c:140
GWEN_StringList_HasString
int GWEN_StringList_HasString(const GWEN_STRINGLIST *sl, const char *s)
Definition: stringlist.c:435
GWEN_DB_SetCharValue
int GWEN_DB_SetCharValue(GWEN_DB_NODE *n, uint32_t flags, const char *path, const char *val)
Definition: db.c:997
GWEN_Gui_GetPassword
int GWEN_Gui_GetPassword(uint32_t flags, const char *token, const char *title, const char *text, char *buffer, int minLen, int maxLen, GWEN_GUI_PASSWORD_METHOD methodId, GWEN_DB_NODE *methodParams, uint32_t guiid)
Definition: gui_passwd.c:271
GWEN_GUI_MSG_FLAGS_CONFIRM_B1
#define GWEN_GUI_MSG_FLAGS_CONFIRM_B1
Definition: gui.h:299
GWEN_ERROR_NOT_FOUND
#define GWEN_ERROR_NOT_FOUND
Definition: error.h:89
DBG_INFO
#define DBG_INFO(dbg_logger, format, args...)
Definition: debug.h:181
GWEN_Gui_PasswordStatus_Remove
Definition: gui.h:392
GWEN_GUI
struct GWEN_GUI GWEN_GUI
Definition: gui.h:176
GWEN_PasswordStore_ClearStoragePasswd
void GWEN_PasswordStore_ClearStoragePasswd(GWEN_PASSWD_STORE *sto)
Definition: passwdstore.c:76
GWEN_Gui_SetPasswordStatus
int GWEN_Gui_SetPasswordStatus(const char *token, const char *pin, GWEN_GUI_PASSWORD_STATUS status, uint32_t guiid)
Definition: gui_passwd.c:296
GWEN_ERROR_USER_ABORTED
#define GWEN_ERROR_USER_ABORTED
Definition: error.h:65
GWEN_ERROR_NO_DATA
#define GWEN_ERROR_NO_DATA
Definition: error.h:94
GWEN_DB_ClearGroup
int GWEN_DB_ClearGroup(GWEN_DB_NODE *n, const char *path)
Definition: db.c:944
GWEN_Text_ToHexBuffer
int GWEN_Text_ToHexBuffer(const char *src, unsigned l, GWEN_BUFFER *buf, unsigned int groupsize, char delimiter, int skipLeadingZeroes)
Definition: text.c:777
GWEN_UNUSED
#define GWEN_UNUSED
Definition: gwenhywfarapi.h:150
GWEN_ERROR_NOT_IMPLEMENTED
#define GWEN_ERROR_NOT_IMPLEMENTED
Definition: error.h:108
Generated by   doxygen 1.8.14