gwenhywfar 5.10.1
gui_passwd.c
Go to the documentation of this file.
1/***************************************************************************
2 begin : Fri Feb 07 2003
3 copyright : (C) 2021 by Martin Preuss
4 email : martin@libchipcard.de
5
6 ***************************************************************************
7 * *
8 * This library is free software; you can redistribute it and/or *
9 * modify it under the terms of the GNU Lesser General Public *
10 * License as published by the Free Software Foundation; either *
11 * version 2.1 of the License, or (at your option) any later version. *
12 * *
13 * This library is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
16 * Lesser General Public License for more details. *
17 * *
18 * You should have received a copy of the GNU Lesser General Public *
19 * License along with this library; if not, write to the Free Software *
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, *
21 * MA 02111-1307 USA *
22 * *
23 ***************************************************************************/
24
25/* included from gui.c */
26
27
28
29static int GWEN_Gui__HashPair(const char *token, const char *pin, GWEN_BUFFER *buf)
30{
31 GWEN_MDIGEST *md;
32 int rv;
33
34 /* hash token and pin */
35 md=GWEN_MDigest_Md5_new();
36 rv=GWEN_MDigest_Begin(md);
37 if (rv==0)
38 rv=GWEN_MDigest_Update(md, (const uint8_t *)token, strlen(token));
39 if (rv==0)
40 rv=GWEN_MDigest_Update(md, (const uint8_t *)pin, strlen(pin));
41 if (rv==0)
42 rv=GWEN_MDigest_End(md);
43 if (rv<0) {
44 DBG_ERROR(GWEN_LOGDOMAIN, "Hash error (%d)", rv);
45 GWEN_MDigest_free(md);
46 return rv;
47 }
48
49 GWEN_Text_ToHexBuffer((const char *)GWEN_MDigest_GetDigestPtr(md),
50 GWEN_MDigest_GetDigestSize(md),
51 buf,
52 0, 0, 0);
53 GWEN_MDigest_free(md);
54 return 0;
55}
56
57
58
59
60static int GWENHYWFAR_CB GWEN_Gui_Internal_GetPassword(GWEN_GUI *gui,
61 uint32_t flags,
62 const char *token,
63 const char *title,
64 const char *text,
65 char *buffer,
66 int minLen,
67 int maxLen,
68 GWEN_UNUSED GWEN_GUI_PASSWORD_METHOD methodId,
69 GWEN_UNUSED GWEN_DB_NODE *methodParams,
70 uint32_t guiid)
71{
72 if ((flags & GWEN_GUI_INPUT_FLAGS_TAN) ||
73 (flags & GWEN_GUI_INPUT_FLAGS_DIRECT) ||
74 (gui->dbPasswords==NULL)
75 ) {
76 return GWEN_Gui_InputBox(flags,
77 title,
78 text,
79 buffer,
80 minLen,
81 maxLen,
82 guiid);
83 }
84 else {
85 GWEN_BUFFER *buf;
86 int rv;
87 const char *s;
88
89 buf=GWEN_Buffer_new(0, 256, 0, 1);
90 GWEN_Text_EscapeToBufferTolerant(token, buf);
91
92 if (!(flags & GWEN_GUI_INPUT_FLAGS_CONFIRM)) {
93 s=GWEN_DB_GetCharValue(gui->dbPasswords,
94 GWEN_Buffer_GetStart(buf),
95 0, NULL);
96 if (s) {
97 int i;
98
99 i=strlen(s);
100 if (i>=minLen && i < maxLen) {
101 memmove(buffer, s, i+1);
102 GWEN_Buffer_free(buf);
103 return 0;
104 }
105 else {
106 DBG_ERROR(GWEN_LOGDOMAIN, "Stored password [%s] is not within size limits (%d), rejecting.",
107 GWEN_Buffer_GetStart(buf), i);
108 }
109 }
110 }
111
112 /* passwd not in password cache, look for it in password storage */
113 if (gui->passwdStore) {
114 rv=GWEN_PasswordStore_GetPassword(gui->passwdStore, token, buffer, minLen, maxLen);
115 if (rv<0) {
116 if (rv==GWEN_ERROR_NOT_FOUND || rv==GWEN_ERROR_NO_DATA) {
117 DBG_INFO(GWEN_LOGDOMAIN, "Password not found in PasswordStore");
118 }
119 else {
120 DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
121 GWEN_Buffer_free(buf);
122 return rv;
123 }
124 }
125 else {
126 /* got password */
127 return 0;
128 }
129 }
130
131 if (gui->flags & GWEN_GUI_FLAGS_NONINTERACTIVE) {
132 DBG_ERROR(GWEN_LOGDOMAIN,
133 "Password for [%s] missing in noninteractive mode, "
134 "aborting", GWEN_Buffer_GetStart(buf));
135 GWEN_Buffer_free(buf);
136 return GWEN_ERROR_USER_ABORTED;
137 }
138
139 for (;;) {
140 int rv2;
141
142 rv=GWEN_Gui_InputBox(flags,
143 title,
144 text,
145 buffer,
146 minLen,
147 maxLen,
148 guiid);
149 if (rv<0) {
150 GWEN_Buffer_free(buf);
151 return rv;
152 }
153 else {
154 GWEN_BUFFER *hbuf;
155 int isBad=0;
156
157 hbuf=GWEN_Buffer_new(0, 64, 0, 1);
158 GWEN_Gui__HashPair(token, buffer, hbuf);
159 isBad=GWEN_StringList_HasString(gui->badPasswords,
160 GWEN_Buffer_GetStart(hbuf));
161 if (!isBad) {
162 GWEN_Buffer_free(hbuf);
163 break;
164 }
165 rv2=GWEN_Gui_MessageBox(GWEN_GUI_MSG_FLAGS_TYPE_ERROR |
166 GWEN_GUI_MSG_FLAGS_CONFIRM_B1 |
167 GWEN_GUI_MSG_FLAGS_SEVERITY_DANGEROUS,
168 I18N("Enforce PIN"),
169 I18N(
170 "You entered the same PIN twice.\n"
171 "The PIN is marked as bad, do you want\n"
172 "to use it anyway?"
173 "<html>"
174 "<p>"
175 "You entered the same PIN twice."
176 "</p>"
177 "<p>"
178 "The PIN is marked as <b>bad</b>, "
179 "do you want to use it anyway?"
180 "</p>"
181 "</html>"),
182 I18N("Yes, use anyway"),
183 I18N("Re-enter"),
184 0,
185 guiid);
186 if (rv2==1) {
187 /* accept this input */
188 GWEN_StringList_RemoveString(gui->badPasswords,
189 GWEN_Buffer_GetStart(hbuf));
190 GWEN_Buffer_free(hbuf);
191 break;
192 }
193 GWEN_Buffer_free(hbuf);
194 }
195 } /* for */
196
197 /* store in temporary cache */
198 GWEN_DB_SetCharValue(gui->dbPasswords, GWEN_DB_FLAGS_OVERWRITE_VARS,
199 GWEN_Buffer_GetStart(buf), buffer);
200
201 /* only store passwd in storage if allowed by the user */
202 if (rv==1 && gui->passwdStore) {
203 rv=GWEN_PasswordStore_SetPassword(gui->passwdStore, token, buffer);
204 if (rv<0) {
205 DBG_WARN(GWEN_LOGDOMAIN, "Could not store password (%d)", rv);
206 }
207 }
208
209 GWEN_Buffer_free(buf);
210 return 0;
211 }
212}
213
214
215
216static int GWENHYWFAR_CB GWEN_Gui_Internal_SetPasswordStatus(GWEN_GUI *gui,
217 const char *token,
218 const char *pin,
219 GWEN_GUI_PASSWORD_STATUS status,
220 GWEN_UNUSED uint32_t guiid)
221{
222 if (token==NULL && pin==NULL && status==GWEN_Gui_PasswordStatus_Remove) {
223 /* complete cleaning is requested */
224 if (gui->passwdStore)
225 GWEN_PasswordStore_ClearStoragePasswd(gui->passwdStore);
226 if (gui->persistentPasswords==0)
227 GWEN_DB_ClearGroup(gui->dbPasswords, NULL);
228 }
229 else {
230 GWEN_BUFFER *hbuf;
231
232 /* setting ststus of a specific password/pin */
233 hbuf=GWEN_Buffer_new(0, 64, 0, 1);
234 GWEN_Gui__HashPair(token, pin, hbuf);
235 if (status==GWEN_Gui_PasswordStatus_Bad) {
236 GWEN_StringList_AppendString(gui->badPasswords,
237 GWEN_Buffer_GetStart(hbuf),
238 0, 1);
239 /* remove from permanent passwd storage */
240 if (gui->passwdStore) {
241 int rv;
242
243 rv=GWEN_PasswordStore_SetPassword(gui->passwdStore, token, NULL);
244 if (rv<0) {
245 DBG_WARN(GWEN_LOGDOMAIN, "Could not remove password from storage (%d)", rv);
246 }
247 }
248
249 if (gui->dbPasswords) {
250 GWEN_BUFFER *buf;
251
252 buf=GWEN_Buffer_new(0, 256, 0, 1);
253 GWEN_Text_EscapeToBufferTolerant(token, buf);
254
255 GWEN_DB_DeleteVar(gui->dbPasswords, GWEN_Buffer_GetStart(buf));
256 }
257 }
258 else if (status==GWEN_Gui_PasswordStatus_Ok ||
259 status==GWEN_Gui_PasswordStatus_Remove) {
260 if (gui->persistentPasswords==0)
261 GWEN_StringList_RemoveString(gui->badPasswords, GWEN_Buffer_GetStart(hbuf));
262 }
263 GWEN_Buffer_free(hbuf);
264 }
265
266 return 0;
267}
268
269
270
271int GWEN_Gui_GetPassword(uint32_t flags,
272 const char *token,
273 const char *title,
274 const char *text,
275 char *buffer,
276 int minLen,
277 int maxLen,
278 GWEN_GUI_PASSWORD_METHOD methodId,
279 GWEN_DB_NODE *methodParams,
280 uint32_t guiid)
281{
282 GWEN_GUI *gui;
283
284 gui=GWEN_Gui_GetGui();
285 if (gui) {
286 if (gui->getPasswordFn)
287 return gui->getPasswordFn(gui, flags, token, title, text, buffer, minLen, maxLen, methodId, methodParams, guiid);
288 else if (gui->inputBoxFn)
289 return gui->inputBoxFn(gui, flags, title, text, buffer, minLen, maxLen, guiid);
290 }
291 return GWEN_ERROR_NOT_IMPLEMENTED;
292}
293
294
295
296int GWEN_Gui_SetPasswordStatus(const char *token,
297 const char *pin,
298 GWEN_GUI_PASSWORD_STATUS status,
299 uint32_t guiid)
300{
301 GWEN_GUI *gui;
302
303 gui=GWEN_Gui_GetGui();
304 if (gui && gui->setPasswordStatusFn)
305 return gui->setPasswordStatusFn(gui, token, pin, status, guiid);
306 return GWEN_ERROR_NOT_IMPLEMENTED;
307}
308
309
310
311
NULL
#define NULL
Definition: binreloc.c:300
GWEN_Buffer_new
GWEN_BUFFER * GWEN_Buffer_new(char *buffer, uint32_t size, uint32_t used, int take)
Definition: buffer.c:42
GWEN_Buffer_free
void GWEN_Buffer_free(GWEN_BUFFER *bf)
Definition: buffer.c:89
GWEN_Buffer_GetStart
char * GWEN_Buffer_GetStart(const GWEN_BUFFER *bf)
Definition: buffer.c:235
GWEN_DB_GetCharValue
const char * GWEN_DB_GetCharValue(GWEN_DB_NODE *n, const char *path, int idx, const char *defVal)
Definition: db.c:971
GWEN_DB_ClearGroup
int GWEN_DB_ClearGroup(GWEN_DB_NODE *n, const char *path)
Definition: db.c:944
GWEN_DB_DeleteVar
int GWEN_DB_DeleteVar(GWEN_DB_NODE *n, const char *path)
Definition: db.c:899
GWEN_DB_SetCharValue
int GWEN_DB_SetCharValue(GWEN_DB_NODE *n, uint32_t flags, const char *path, const char *val)
Definition: db.c:997
GWEN_DB_FLAGS_OVERWRITE_VARS
#define GWEN_DB_FLAGS_OVERWRITE_VARS
Definition: db.h:121
GWEN_DB_NODE
struct GWEN_DB_NODE GWEN_DB_NODE
Definition: db.h:228
DBG_WARN
#define DBG_WARN(dbg_logger, format, args...)
Definition: debug.h:125
DBG_INFO
#define DBG_INFO(dbg_logger, format, args...)
Definition: debug.h:181
DBG_ERROR
#define DBG_ERROR(dbg_logger, format, args...)
Definition: debug.h:97
I18N
#define I18N(m)
Definition: error.c:42
GWEN_ERROR_NOT_IMPLEMENTED
#define GWEN_ERROR_NOT_IMPLEMENTED
Definition: error.h:108
GWEN_ERROR_USER_ABORTED
#define GWEN_ERROR_USER_ABORTED
Definition: error.h:65
GWEN_ERROR_NOT_FOUND
#define GWEN_ERROR_NOT_FOUND
Definition: error.h:89
GWEN_ERROR_NO_DATA
#define GWEN_ERROR_NO_DATA
Definition: error.h:94
GWEN_BUFFER
struct GWEN_BUFFER GWEN_BUFFER
A dynamically resizeable text buffer.
Definition: buffer.h:38
GWEN_Gui_GetGui
GWEN_GUI * GWEN_Gui_GetGui(void)
Definition: gui.c:160
GWEN_Gui_InputBox
GWENHYWFAR_API int GWEN_Gui_InputBox(uint32_t flags, const char *title, const char *text, char *buffer, int minLen, int maxLen, uint32_t guiid)
Definition: gui_virtual.c:360
GWEN_GUI_PASSWORD_METHOD
GWEN_GUI_PASSWORD_METHOD
Definition: gui.h:163
GWEN_Gui_MessageBox
GWENHYWFAR_API int GWEN_Gui_MessageBox(uint32_t flags, const char *title, const char *text, const char *b1, const char *b2, const char *b3, uint32_t guiid)
Definition: gui_virtual.c:342
GWEN_GUI_MSG_FLAGS_CONFIRM_B1
#define GWEN_GUI_MSG_FLAGS_CONFIRM_B1
Definition: gui.h:299
GWEN_GUI_MSG_FLAGS_TYPE_ERROR
#define GWEN_GUI_MSG_FLAGS_TYPE_ERROR
Definition: gui.h:293
GWEN_GUI_INPUT_FLAGS_DIRECT
#define GWEN_GUI_INPUT_FLAGS_DIRECT
Definition: gui.h:226
GWEN_GUI_FLAGS_NONINTERACTIVE
#define GWEN_GUI_FLAGS_NONINTERACTIVE
Definition: gui.h:992
GWEN_GUI_MSG_FLAGS_SEVERITY_DANGEROUS
#define GWEN_GUI_MSG_FLAGS_SEVERITY_DANGEROUS
Definition: gui.h:337
GWEN_GUI_INPUT_FLAGS_TAN
#define GWEN_GUI_INPUT_FLAGS_TAN
Definition: gui.h:222
GWEN_GUI_PASSWORD_STATUS
GWEN_GUI_PASSWORD_STATUS
Definition: gui.h:386
GWEN_Gui_PasswordStatus_Bad
@ GWEN_Gui_PasswordStatus_Bad
Definition: gui.h:387
GWEN_Gui_PasswordStatus_Ok
@ GWEN_Gui_PasswordStatus_Ok
Definition: gui.h:389
GWEN_Gui_PasswordStatus_Remove
@ GWEN_Gui_PasswordStatus_Remove
Definition: gui.h:392
GWEN_GUI_INPUT_FLAGS_CONFIRM
#define GWEN_GUI_INPUT_FLAGS_CONFIRM
Definition: gui.h:211
GWEN_GUI
struct GWEN_GUI GWEN_GUI
Definition: gui.h:176
GWEN_Gui__HashPair
static int GWEN_Gui__HashPair(const char *token, const char *pin, GWEN_BUFFER *buf)
Definition: gui_passwd.c:29
GWEN_Gui_SetPasswordStatus
int GWEN_Gui_SetPasswordStatus(const char *token, const char *pin, GWEN_GUI_PASSWORD_STATUS status, uint32_t guiid)
Definition: gui_passwd.c:296
GWEN_Gui_GetPassword
int GWEN_Gui_GetPassword(uint32_t flags, const char *token, const char *title, const char *text, char *buffer, int minLen, int maxLen, GWEN_GUI_PASSWORD_METHOD methodId, GWEN_DB_NODE *methodParams, uint32_t guiid)
Definition: gui_passwd.c:271
GWEN_Gui_Internal_SetPasswordStatus
static int GWENHYWFAR_CB GWEN_Gui_Internal_SetPasswordStatus(GWEN_GUI *gui, const char *token, const char *pin, GWEN_GUI_PASSWORD_STATUS status, GWEN_UNUSED uint32_t guiid)
Definition: gui_passwd.c:216
GWEN_Gui_Internal_GetPassword
static int GWENHYWFAR_CB GWEN_Gui_Internal_GetPassword(GWEN_GUI *gui, uint32_t flags, const char *token, const char *title, const char *text, char *buffer, int minLen, int maxLen, GWEN_UNUSED GWEN_GUI_PASSWORD_METHOD methodId, GWEN_UNUSED GWEN_DB_NODE *methodParams, uint32_t guiid)
Definition: gui_passwd.c:60
GWEN_UNUSED
#define GWEN_UNUSED
Definition: gwenhywfarapi.h:150
GWENHYWFAR_CB
#define GWENHYWFAR_CB
Definition: gwenhywfarapi.h:89
GWEN_LOGDOMAIN
#define GWEN_LOGDOMAIN
Definition: logger.h:35
GWEN_MDigest_Begin
int GWEN_MDigest_Begin(GWEN_MDIGEST *md)
Definition: mdigest.c:129
GWEN_MDigest_End
int GWEN_MDigest_End(GWEN_MDIGEST *md)
Definition: mdigest.c:141
GWEN_MDigest_GetDigestSize
unsigned int GWEN_MDigest_GetDigestSize(GWEN_MDIGEST *md)
Definition: mdigest.c:90
GWEN_MDigest_GetDigestPtr
uint8_t * GWEN_MDigest_GetDigestPtr(GWEN_MDIGEST *md)
Definition: mdigest.c:81
GWEN_MDigest_free
void GWEN_MDigest_free(GWEN_MDIGEST *md)
Definition: mdigest.c:54
GWEN_MDigest_Update
int GWEN_MDigest_Update(GWEN_MDIGEST *md, const uint8_t *buf, unsigned int l)
Definition: mdigest.c:153
GWEN_MDigest_Md5_new
GWENHYWFAR_API GWEN_MDIGEST * GWEN_MDigest_Md5_new(void)
Definition: mdigestgc.c:140
GWEN_MDIGEST
struct GWEN_MDIGEST GWEN_MDIGEST
Definition: mdigest.h:25
GWEN_PasswordStore_GetPassword
int GWEN_PasswordStore_GetPassword(GWEN_PASSWD_STORE *sto, const char *token, char *buffer, int minLen, int maxLen)
Definition: passwdstore.c:695
GWEN_PasswordStore_ClearStoragePasswd
void GWEN_PasswordStore_ClearStoragePasswd(GWEN_PASSWD_STORE *sto)
Definition: passwdstore.c:76
GWEN_PasswordStore_SetPassword
int GWEN_PasswordStore_SetPassword(GWEN_PASSWD_STORE *sto, const char *token, const char *secret)
Definition: passwdstore.c:624
GWEN_StringList_AppendString
int GWEN_StringList_AppendString(GWEN_STRINGLIST *sl, const char *s, int take, int checkDouble)
Definition: stringlist.c:245
GWEN_StringList_HasString
int GWEN_StringList_HasString(const GWEN_STRINGLIST *sl, const char *s)
Definition: stringlist.c:435
GWEN_StringList_RemoveString
int GWEN_StringList_RemoveString(GWEN_STRINGLIST *sl, const char *s)
Definition: stringlist.c:326
GWEN_Text_ToHexBuffer
int GWEN_Text_ToHexBuffer(const char *src, unsigned l, GWEN_BUFFER *buf, unsigned int groupsize, char delimiter, int skipLeadingZeroes)
Definition: text.c:777
GWEN_Text_EscapeToBufferTolerant
int GWEN_Text_EscapeToBufferTolerant(const char *src, GWEN_BUFFER *buf)
Definition: text.c:1471
Generated by doxygen 1.9.5