From 0240345728a84d8f235ce05889e83963e52742eb Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 25 Oct 2018 16:20:20 +0900 Subject: [PATCH] g10,scd: Improve UIF support. * g10/call-agent.c (learn_status_cb): Parse "bt" flag. * g10/call-agent.h: New member field "bt". * g10/card-util.c (uif): Limit its access only when it is supported. * scd/app-openpgp.c (do_setattr): Allow access to UIF objects only when there is a button. Signed-off-by: NIIBE Yutaka --- g10/call-agent.c | 2 ++ g10/call-agent.h | 1 + g10/card-util.c | 21 +++++++++++++++++++++ scd/app-openpgp.c | 9 ++++++--- 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/g10/call-agent.c b/g10/call-agent.c index 755f2e30b..e9ea82e4f 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -609,6 +609,8 @@ learn_status_cb (void *opaque, const char *line) parm->extcap.ki = abool; else if (!strcmp (p, "aac")) parm->extcap.aac = abool; + else if (!strcmp (p, "bt")) + parm->extcap.bt = abool; else if (!strcmp (p, "kdf")) parm->extcap.kdf = abool; else if (!strcmp (p, "si")) diff --git a/g10/call-agent.h b/g10/call-agent.h index 59e4ff486..1055b5ef9 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -69,6 +69,7 @@ struct agent_card_info_s unsigned int ki:1; /* Key import available. */ unsigned int aac:1; /* Algorithm attributes are changeable. */ unsigned int kdf:1; /* KDF object to support PIN hashing available. */ + unsigned int bt:1; /* Button for confirmation available. */ } extcap; unsigned int status_indicator; }; diff --git a/g10/card-util.c b/g10/card-util.c index 234abcbab..5205798b6 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -2114,10 +2114,31 @@ kdf_setup (const char *args) static void uif (int arg_number, const char *arg_rest) { + struct agent_card_info_s info; + int feature_available; gpg_error_t err; char name[100]; unsigned char data[2]; + memset (&info, 0, sizeof info); + + err = agent_scd_getattr ("EXTCAP", &info); + if (err) + { + log_error (_("error getting card info: %s\n"), gpg_strerror (err)); + return; + } + + feature_available = info.extcap.bt; + agent_release_card_info (&info); + + if (!feature_available) + { + log_error (_("This command is not supported by this card\n")); + tty_printf ("\n"); + return; + } + snprintf (name, sizeof name, "UIF-%d", arg_number); if ( !strcmp (arg_rest, "off") ) data[0] = 0x00; diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 63265e48a..789b72f00 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -2468,9 +2468,9 @@ do_setattr (app_t app, const char *name, { "SM-KEY-MAC", 0x00D2, 3, 0, 1 }, { "KEY-ATTR", 0, 0, 3, 1 }, { "AESKEY", 0x00D5, 3, 0, 1 }, - { "UIF-1", 0x00D6, 3, 0, 1 }, - { "UIF-2", 0x00D7, 3, 0, 1 }, - { "UIF-3", 0x00D8, 3, 0, 1 }, + { "UIF-1", 0x00D6, 3, 5, 1 }, + { "UIF-2", 0x00D7, 3, 5, 1 }, + { "UIF-3", 0x00D8, 3, 5, 1 }, { "KDF", 0x00F9, 3, 4, 1 }, { NULL, 0 } }; @@ -2483,6 +2483,9 @@ do_setattr (app_t app, const char *name, if (table[idx].need_v2 && !app->app_local->extcap.is_v2) return gpg_error (GPG_ERR_NOT_SUPPORTED); /* Not yet supported. */ + if (table[idx].special == 5 && app->app_local->extcap.has_button == 0) + return gpg_error (GPG_ERR_INV_OBJ); + if (table[idx].special == 3) return change_keyattr_from_string (app, pincb, pincb_arg, value, valuelen);