From 5c9b0b59175c55bb05e4f70aa7380d64ae5e41d2 Mon Sep 17 00:00:00 2001 From: raghu-dev Date: Mon, 24 Nov 2008 18:40:03 +0000 Subject: [PATCH] added files gpgauthmgr.cc and gpgauthmgr.h this provides the new GPG implementation added API to store all GPG keys in a map added APIs to get GPG certificate IDs added APIs to get Details from the Certificates git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@839 b45a01b8-16f6-495d-af2f-9b41ad6348cc --- libretroshare/src/pqi/gpgauthmgr.cc | 312 ++++++++++++++++++++++++++++ libretroshare/src/pqi/gpgauthmgr.h | 189 +++++++++++++++++ 2 files changed, 501 insertions(+) create mode 100644 libretroshare/src/pqi/gpgauthmgr.cc create mode 100644 libretroshare/src/pqi/gpgauthmgr.h diff --git a/libretroshare/src/pqi/gpgauthmgr.cc b/libretroshare/src/pqi/gpgauthmgr.cc new file mode 100644 index 000000000..428d3879e --- /dev/null +++ b/libretroshare/src/pqi/gpgauthmgr.cc @@ -0,0 +1,312 @@ +/* + * libretroshare/src gpgauthmgr.cc + * + * GPG interface for RetroShare. + * + * Copyright 2008-2009 by Raghu Dev R + * + * This library is free software; you can redistribute it and/or + * modify it under the termsf the GNU Library General Public + * License Version 2 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA. + * + * Please report all bugs and problems to "retroshare@lunamutt.com". + * o + */ +#include +#include "gpgauthmgr.h" + + +GPGAuthMgr::GPGAuthMgr() + :gpgmeInit(false) +{ + + setlocale(LC_ALL, ""); + gpgme_check_version(NULL); + gpgme_set_locale(NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); + + #ifndef HAVE_W32_SYSTEM + gpgme_set_locale(NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL)); + #endif + + if (GPG_ERR_NO_ERROR != gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP)) + { + std::cerr << "Error check engine version"; + std::cerr << std::endl; + return; + } + + if (GPG_ERR_NO_ERROR != gpgme_get_engine_info(&INFO)) + { + std::cerr << "Error getting engine info"; + std::cerr << std::endl; + return; + } + + /* Create New Contexts */ + if (GPG_ERR_NO_ERROR != gpgme_new(&CTX)) + { + std::cerr << "Error creating GPGME Context"; + std::cerr << std::endl; + return; + } + + /* setup the protocol */ + if (GPG_ERR_NO_ERROR != gpgme_set_protocol(CTX, GPGME_PROTOCOL_OpenPGP)) + { + std::cerr << "Error creating Setting Protocol"; + std::cerr << std::endl; + return; + } + + /* if we get to here -> we have inited okay */ + gpgmeInit = true; + +// return storeAllKeys(); +} + + GPGAuthMgr::~GPGAuthMgr() +{ +} + +// store all keys in map mKeyList to avoid callin gpgme exe repeatedly +bool GPGAuthMgr::storeAllKeys() +{ + gpg_error_t ERR; + if (!gpgmeInit) + { + std::cerr << "Error since GPG is not initialised"; + std::cerr << std::endl; + return false; + } + + /* store keys */ + gpgme_key_t KEY = NULL; + + /* Initiates a key listing */ + if (GPG_ERR_NO_ERROR != gpgme_op_keylist_start (CTX, "", 1)) + { + std::cerr << "Error iterating through KeyList"; + std::cerr << std::endl; + return false; + } + + /* Loop until end of key */ + for(int i = 0;(GPG_ERR_NO_ERROR == (ERR = gpgme_op_keylist_next (CTX, &KEY))); i++) + { + /* store in pqiAuthDetails */ + pqiAuthDetails entryDetails; + entryDetails.id = (KEY->subkeys) ? KEY->subkeys->keyid : NULL; + entryDetails.fpr= (KEY->subkeys) ? KEY->subkeys->fpr : NULL; + entryDetails.name = (KEY->uids) ? KEY->uids->name : NULL; + entryDetails.email = (KEY->uids) ? KEY->uids->email : NULL; + // entryDetails.location = "here"; + // entryDetails.org = "me.com"; + + entryDetails.trustLvl = KEY->owner_trust; + entryDetails.ownsign = KEY->can_sign; + entryDetails.trusted = KEY->can_certify; + + /* store in map */ + mKeyList.insert(std::make_pair(entryDetails.id,entryDetails)); + + /* release key */ + gpgme_key_release (KEY); + } + return true; + +} + + +bool GPGAuthMgr:: active() +{ + return gpgmeInit; +} + +int GPGAuthMgr::InitAuth(const char *srvr_cert, const char *priv_key, + const char *passwd) +{ + return 1; +} + +bool GPGAuthMgr::CloseAuth() +{ + return true; +} + +int GPGAuthMgr::setConfigDirectories(std::string confFile, std::string neighDir) +{ + return 1; +} + +std::string GPGAuthMgr::OwnId() +{ + return mOwnId; +} + +bool GPGAuthMgr::getAllList(std::list &ids) +{ + std::map::iterator it; + for(it = mKeyList.begin(); it != mKeyList.end(); it++) + { + ids.push_back(it->first); + } + return true; +} + +bool GPGAuthMgr::getAuthenticatedList(std::list &ids) +{ + std::map::iterator it; + for(it = mKeyList.begin(); it != mKeyList.end(); it++) + { + if (it->second.trustLvl > 3) + { + ids.push_back(it->first); + } + } + return true; +} + +bool GPGAuthMgr::getUnknownList(std::list &ids) +{ + std::map::iterator it; + for(it = mKeyList.begin(); it != mKeyList.end(); it++) + { + if (it->second.trustLvl <= 3) + { + ids.push_back(it->first); + } + } + return true; +} + +bool GPGAuthMgr::isValid(std::string id) +{ + std::map::iterator it; + return (mKeyList.end() != mKeyList.find(id)); +} + + +bool GPGAuthMgr::isAuthenticated(std::string id) +{ + std::map::iterator it; + if (mKeyList.end() != (it = mKeyList.find(id))) + { + return (it->second.trustLvl > 3); + } + return false; +} + +std::string GPGAuthMgr::getName(std::string id) +{ + std::map::iterator it; + if (mKeyList.end() != (it = mKeyList.find(id))) + { + return it->second.name; + } + std::string empty(""); + return empty; +} + +bool GPGAuthMgr::getDetails(std::string id, pqiAuthDetails &details) +{ + std::map::iterator it; + if (mKeyList.end() != (it = mKeyList.find(id))) + { + details = it->second; + return true; + } + return false; +} + +bool GPGAuthMgr::FinalSaveCertificates() +{ + return false; +} + +bool GPGAuthMgr::CheckSaveCertificates() +{ + return false; +} + +bool GPGAuthMgr::saveCertificates() +{ + return false; +} + +bool GPGAuthMgr::loadCertificates() +{ + return false; +} + +bool GPGAuthMgr::LoadCertificateFromString(std::string pem, std::string &id) +{ + return false; +} + +std::string GPGAuthMgr::SaveCertificateToString(std::string id) +{ + std::string dummy("CERT STRING"); + return dummy; +} + +bool GPGAuthMgr::LoadCertificateFromFile(std::string filename, std::string &id) +{ + return false; +} + +bool GPGAuthMgr::SaveCertificateToFile(std::string id, std::string filename) +{ + return false; +} +bool GPGAuthMgr::LoadCertificateFromBinary(const uint8_t *ptr, uint32_t len, std::string &id) +{ + return false; +} + +bool GPGAuthMgr::SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *len) +{ + return false; +} + + /* Signatures */ +bool GPGAuthMgr::AuthCertificate(std::string id) +{ + return false; +} + +bool GPGAuthMgr::SignCertificate(std::string id) +{ + return false; +} + +bool GPGAuthMgr::RevokeCertificate(std::string id) +{ + return false; +} + +bool GPGAuthMgr::TrustCertificate(std::string id, bool trust) +{ + return false; +} + +bool GPGAuthMgr::SignData(std::string input, std::string &sign) +{ + return false; +} + +bool GPGAuthMgr::SignData(const void *data, const uint32_t len, std::string &sign) +{ + return false; +} + + diff --git a/libretroshare/src/pqi/gpgauthmgr.h b/libretroshare/src/pqi/gpgauthmgr.h new file mode 100644 index 000000000..48f328613 --- /dev/null +++ b/libretroshare/src/pqi/gpgauthmgr.h @@ -0,0 +1,189 @@ +/* + * libretroshare/src/ : gpgauthmgr.h + * + * GPG interface for RetroShare. + * + * Copyright 2008-2009 by Raghu Dev R. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License Version 2 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA. + * + * Please report all bugs and problems to "retroshare@lunamutt.com". + * + */ + +#ifndef RS_GPG_AUTH_HEADER +#define RS_GPG_AUTH_HEADER + +#include "p3authmgr.h" +#include + +class GPGAuthMgr: public p3AuthMgr +{ + public: + + GPGAuthMgr(); + ~GPGAuthMgr(); + +/*********************************************************************************/ +/************************* STAGE 1 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 1: Initialisation.... As we are switching to OpenPGP the init functions + * will be different. Just move the initialisation functions over.... + * + * As GPGMe requires external calls to the GPG executable, which could potentially + * be expensive, We'll want to cache the GPG keys in this class. + * This should be done at initialisation, and saved in a map. + * (see storage at the end of the class) + * + ****/ + + /* initialisation -> done by derived classes */ + bool active(); + int InitAuth(const char *srvr_cert, const char *priv_key, + const char *passwd); + bool CloseAuth(); + int setConfigDirectories(std::string confFile, std::string neighDir); + +// store all keys in map mKeyList to avoid calling gpgme exe repeatedly + bool storeAllKeys(); + +/*********************************************************************************/ +/************************* STAGE 2 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 2: These are some of the most commonly used functions in Retroshare. + * + * provide access to the cache list that was created in stage 1. + * + ****/ + + /* get Certificate Ids */ + + std::string OwnId(); + bool getAllList(std::list &ids); + bool getAuthenticatedList(std::list &ids); + bool getUnknownList(std::list &ids); + +/*********************************************************************************/ +/************************* STAGE 3 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 3: These are some of the most commonly used functions in Retroshare. + * + * More commonly used functions. + * + * provide access to details in cache list. + * + ****/ + + /* get Details from the Certificates */ + + bool isValid(std::string id); + bool isAuthenticated(std::string id); + std::string getName(std::string id); + bool getDetails(std::string id, pqiAuthDetails &details); + + +/*********************************************************************************/ +/************************* STAGE 4 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 4: Loading and Saving Certificates. (Strings and Files) + * + ****/ + + + /* Load/Save certificates */ + bool LoadCertificateFromString(std::string pem, std::string &id); + std::string SaveCertificateToString(std::string id); + bool LoadCertificateFromFile(std::string filename, std::string &id); + bool SaveCertificateToFile(std::string id, std::string filename); + +/*********************************************************************************/ +/************************* STAGE 5 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 5: Loading and Saving Certificates (Binary) + * + * The existing function arguments are based on OpenSSL functions. + * Feel free to change this format if required. + * + ****/ + + + bool LoadCertificateFromBinary(const uint8_t *ptr, uint32_t len, std::string &id); + bool SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *len); + +/*********************************************************************************/ +/************************* STAGE 6 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 6: Authentication, Trust and Signing. + * + * This is some of the harder functions, but they should have been + * done in gpgroot already. + * + ****/ + + /* Signatures */ + bool AuthCertificate(std::string uid); + bool SignCertificate(std::string id); + bool RevokeCertificate(std::string id); /* Particularly hard - leave for later */ + bool TrustCertificate(std::string id, bool trust); + +/*********************************************************************************/ +/************************* STAGE 7 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 7: Signing Data. + * + * There should also be Encryption Functions... (do later). + * + ****/ + + bool SignData(std::string input, std::string &sign); + bool SignData(const void *data, const uint32_t len, std::string &sign); + +/*********************************************************************************/ +/************************* OTHER FUNCTIONS ***************************************/ +/*********************************************************************************/ +/***** + * We don't need these functions - as GPG stores the keys for us. + ****/ + + /* High Level Load/Save Configuration */ + bool FinalSaveCertificates(); + bool CheckSaveCertificates(); + bool saveCertificates(); + bool loadCertificates(); + + private: + + /* Example Storage - Change as needed */ + + std::string mOwnId; + std::map mKeyList; + + bool gpgmeInit; + gpgme_engine_info_t INFO; + gpgme_ctx_t CTX; +}; + +#endif + + + +