-
Notifications
You must be signed in to change notification settings - Fork 27
/
ebox-cmd.h
171 lines (137 loc) · 4.09 KB
/
ebox-cmd.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* Copyright (c) 2019, Joyent Inc
* Author: Alex Wilson <[email protected]>
*/
/*
* Shared utility functions for cmdline tools that use eboxes (pivy-box,
* pivy-zfs, pivy-luks)
*/
#if !defined(_EBOX_CMD_H)
#define _EBOX_CMD_H
#include <sys/types.h>
#include "errf.h"
#include "piv.h"
#include "ebox.h"
#include "utils.h"
#include "openssh/config.h"
#include "openssh/digest.h"
#if defined(__APPLE__)
#include <PCSC/wintypes.h>
#include <PCSC/winscard.h>
#else
#include <wintypes.h>
#include <winscard.h>
#endif
#if defined(__sun)
#include <libtecla.h>
#elif defined(__OpenBSD__)
#include <readline/readline.h>
#else
#include <editline/readline.h>
#endif
extern char *ebox_pin;
extern uint ebox_min_retries;
extern boolean_t ebox_batch;
extern struct piv_ctx *ebox_ctx;
extern const char *wordlist[];
enum ebox_exit_status {
EXIT_OK = 0,
EXIT_USAGE = 1,
EXIT_ERROR = 2,
EXIT_INTERACTIVE = 3,
EXIT_PIN = 4,
EXIT_PIN_LOCKED = 5,
EXIT_ALREADY_UNLOCKED = 6,
};
enum ebox_tpl_path_seg_type {
PATH_SEG_FIXED,
PATH_SEG_ENV,
PATH_SEG_TPL
};
struct ebox_tpl_path_seg {
struct ebox_tpl_path_seg *tps_next;
enum ebox_tpl_path_seg_type tps_type;
union {
char *tps_fixed;
char *tps_env;
};
};
struct ebox_tpl_path_ent {
struct ebox_tpl_path_ent *tpe_next;
char *tpe_path_tpl;
struct ebox_tpl_path_seg *tpe_segs;
};
extern struct ebox_tpl_path_ent *ebox_tpl_path;
#define TPL_MAX_SIZE 4096
#define EBOX_MAX_SIZE 16384
#define BASE64_LINE_LEN 65
char *compose_path(const struct ebox_tpl_path_seg *segs, const char *tpl);
FILE *open_tpl_file(const char *tpl, const char *mode);
char *access_tpl_file(const char *tpl, int amode);
void parse_tpl_path_env(void);
void release_context(void);
char *piv_token_shortid(struct piv_token *pk);
const char *pin_type_to_name(enum piv_pin type);
void assert_pin(struct piv_token *pk, struct piv_slot *slot,
const char *partname, boolean_t prompt);
errf_t *read_tpl_file_err(const char *tpl, struct ebox_tpl **ptpl);
struct ebox_tpl *read_tpl_file(const char *tpl);
errf_t *interactive_select_tpl(struct ebox_tpl **ptpl);
boolean_t can_local_unlock(struct piv_ecdh_box *box);
errf_t *local_unlock_agent(struct piv_ecdh_box *box);
errf_t *local_unlock(struct piv_ecdh_box *box, struct sshkey *cak,
const char *name);
errf_t *interactive_recovery(struct ebox_config *config, const char *what);
errf_t *interactive_unlock_ebox(struct ebox *ebox, const char *fn);
void interactive_select_local_token(struct ebox_tpl_part **ppart);
#define Q_MAX_LEN 2048
#define ANS_MAX_LEN 512
struct question {
struct answer *q_ans;
struct answer *q_lastans;
struct answer *q_coms;
struct answer *q_lastcom;
void *q_priv;
size_t q_used;
char q_prompt[Q_MAX_LEN];
};
struct answer {
struct answer *a_next;
struct answer *a_prev;
char a_key;
void *a_priv;
size_t a_used;
char a_text[ANS_MAX_LEN];
};
void add_answer(struct question *q, struct answer *a);
void add_spacer(struct question *q);
void remove_answer(struct question *q, struct answer *a);
void remove_command(struct question *q, struct answer *a);
void answer_printf(struct answer *ans, const char *fmt, ...);
struct answer *make_answer(char key, const char *fmt, ...);
void add_command(struct question *q, struct answer *a);
void question_printf(struct question *q, const char *fmt, ...);
void question_free(struct question *q);
void question_prompt(struct question *q, struct answer **ansp);
void qa_term_setup(void);
void make_answer_text_for_part(struct ebox_tpl_part *part, struct answer *a);
void make_answer_text_for_config(struct ebox_tpl_config *config,
struct answer *a);
void printwrap(FILE *stream, const char *data, size_t col);
#ifndef LINT
#define pcscerrf(call, rv) \
errf("PCSCError", NULL, call " failed: %d (%s)", \
rv, pcsc_stringify_error(rv))
#endif
#if defined(__sun)
char *readline(const char *prompt);
#endif
struct ans_config {
struct ebox_config *ac_config;
struct answer *ac_ans;
};
#endif