1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00

g10,scd: Support UIF changing command.

* g10/card-util.c (uif, cmdUIF): New.
(card_edit): Add call to uif by cmdUIF.
* scd/app-openpgp.c (do_getattr): Support UIF-1, UIF-2, and UIF-3.
(do_setattr): Likewise.
(do_learn_status): Learn UIF-1, UIF-2, and UIF-3.

--

GnuPG-bug-id: 4158
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2018-09-27 16:45:27 +09:00
parent fe8b633954
commit 0cb65564e0
2 changed files with 48 additions and 5 deletions

View File

@ -2109,6 +2109,28 @@ kdf_setup (const char *args)
leave: leave:
agent_release_card_info (&info); agent_release_card_info (&info);
} }
static void
uif (int arg_number, const char *arg_rest)
{
gpg_error_t err;
char name[100];
unsigned char data[2];
snprintf (name, sizeof name, "UIF-%d", arg_number);
if ( !strcmp (arg_rest, "off") )
data[0] = 0x00;
else if ( !strcmp (arg_rest, "on") )
data[0] = 0x01;
else if ( !strcmp (arg_rest, "permanent") )
data[0] = 0x02;
data[1] = 0x20;
err = agent_scd_setattr (name, data, 2, NULL);
if (err)
log_error (_("error for setup UIF: %s\n"), gpg_strerror (err));
}
/* Data used by the command parser. This needs to be outside of the /* Data used by the command parser. This needs to be outside of the
function scope to allow readline based command completion. */ function scope to allow readline based command completion. */
@ -2119,7 +2141,7 @@ enum cmdids
cmdNAME, cmdURL, cmdFETCH, cmdLOGIN, cmdLANG, cmdSEX, cmdCAFPR, cmdNAME, cmdURL, cmdFETCH, cmdLOGIN, cmdLANG, cmdSEX, cmdCAFPR,
cmdFORCESIG, cmdGENERATE, cmdPASSWD, cmdPRIVATEDO, cmdWRITECERT, cmdFORCESIG, cmdGENERATE, cmdPASSWD, cmdPRIVATEDO, cmdWRITECERT,
cmdREADCERT, cmdUNBLOCK, cmdFACTORYRESET, cmdKDFSETUP, cmdREADCERT, cmdUNBLOCK, cmdFACTORYRESET, cmdKDFSETUP,
cmdKEYATTR, cmdKEYATTR, cmdUIF,
cmdINVCMD cmdINVCMD
}; };
@ -2151,10 +2173,11 @@ static struct
{ "generate", cmdGENERATE, 1, N_("generate new keys")}, { "generate", cmdGENERATE, 1, N_("generate new keys")},
{ "passwd" , cmdPASSWD, 0, N_("menu to change or unblock the PIN")}, { "passwd" , cmdPASSWD, 0, N_("menu to change or unblock the PIN")},
{ "verify" , cmdVERIFY, 0, N_("verify the PIN and list all data")}, { "verify" , cmdVERIFY, 0, N_("verify the PIN and list all data")},
{ "unblock" , cmdUNBLOCK,0, N_("unblock the PIN using a Reset Code") }, { "unblock" , cmdUNBLOCK,0, N_("unblock the PIN using a Reset Code")},
{ "factory-reset", cmdFACTORYRESET, 1, N_("destroy all keys and data")}, { "factory-reset", cmdFACTORYRESET, 1, N_("destroy all keys and data")},
{ "kdf-setup", cmdKDFSETUP, 1, N_("setup KDF for PIN authentication")}, { "kdf-setup", cmdKDFSETUP, 1, N_("setup KDF for PIN authentication")},
{ "key-attr", cmdKEYATTR, 1, N_("change the key attribute")}, { "key-attr", cmdKEYATTR, 1, N_("change the key attribute")},
{ "uif", cmdUIF, 1, N_("change the User Interaction Flag")},
/* Note, that we do not announce these command yet. */ /* Note, that we do not announce these command yet. */
{ "privatedo", cmdPRIVATEDO, 0, NULL }, { "privatedo", cmdPRIVATEDO, 0, NULL },
{ "readcert", cmdREADCERT, 0, NULL }, { "readcert", cmdREADCERT, 0, NULL },
@ -2446,6 +2469,14 @@ card_edit (ctrl_t ctrl, strlist_t commands)
key_attr (); key_attr ();
break; break;
case cmdUIF:
if ( arg_number < 1 || arg_number > 3 )
tty_printf ("usage: uif N [on|off|permanent]\n"
" 1 <= N <= 3\n");
else
uif (arg_number, arg_rest);
break;
case cmdQUIT: case cmdQUIT:
goto leave; goto leave;

View File

@ -119,8 +119,11 @@ static struct {
{ 0x0104, 0, 0, 0, 0, 0, 0, 2, "Private DO 4"}, { 0x0104, 0, 0, 0, 0, 0, 0, 2, "Private DO 4"},
{ 0x7F21, 1, 0, 1, 0, 0, 0, 1, "Cardholder certificate"}, { 0x7F21, 1, 0, 1, 0, 0, 0, 1, "Cardholder certificate"},
/* V3.0 */ /* V3.0 */
{ 0x7F74, 0, 0, 1, 0, 0, 0, 0, "General Feature Management"}, { 0x7F74, 0, 0x6E, 1, 0, 0, 0, 0, "General Feature Management"},
{ 0x00D5, 0, 0, 1, 0, 0, 0, 0, "AES key data"}, { 0x00D5, 0, 0, 1, 0, 0, 0, 0, "AES key data"},
{ 0x00D6, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for Signature"},
{ 0x00D7, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for decryption"},
{ 0x00D8, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for authentication"},
{ 0x00F9, 0, 0, 1, 0, 0, 0, 0, "KDF data object"}, { 0x00F9, 0, 0, 1, 0, 0, 0, 0, "KDF data object"},
{ 0 } { 0 }
}; };
@ -985,6 +988,9 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
{ "PRIVATE-DO-4", 0x0104 }, { "PRIVATE-DO-4", 0x0104 },
{ "$AUTHKEYID", 0x0000, -3 }, { "$AUTHKEYID", 0x0000, -3 },
{ "$DISPSERIALNO",0x0000, -4 }, { "$DISPSERIALNO",0x0000, -4 },
{ "UIF-1", 0x00D6, 0 },
{ "UIF-2", 0x00D7, 0 },
{ "UIF-3", 0x00D8, 0 },
{ "KDF", 0x00F9 }, { "KDF", 0x00F9 },
{ NULL, 0 } { NULL, 0 }
}; };
@ -1827,6 +1833,9 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
do_getattr (app, ctrl, "CA-FPR"); do_getattr (app, ctrl, "CA-FPR");
do_getattr (app, ctrl, "CHV-STATUS"); do_getattr (app, ctrl, "CHV-STATUS");
do_getattr (app, ctrl, "SIG-COUNTER"); do_getattr (app, ctrl, "SIG-COUNTER");
do_getattr (app, ctrl, "UIF-1");
do_getattr (app, ctrl, "UIF-2");
do_getattr (app, ctrl, "UIF-3");
if (app->app_local->extcap.private_dos) if (app->app_local->extcap.private_dos)
{ {
do_getattr (app, ctrl, "PRIVATE-DO-1"); do_getattr (app, ctrl, "PRIVATE-DO-1");
@ -2459,6 +2468,9 @@ do_setattr (app_t app, const char *name,
{ "SM-KEY-MAC", 0x00D2, 3, 0, 1 }, { "SM-KEY-MAC", 0x00D2, 3, 0, 1 },
{ "KEY-ATTR", 0, 0, 3, 1 }, { "KEY-ATTR", 0, 0, 3, 1 },
{ "AESKEY", 0x00D5, 3, 0, 1 }, { "AESKEY", 0x00D5, 3, 0, 1 },
{ "UIF-1", 0x00D6, 3, 0, 1 },
{ "UIF-2", 0x00D7, 3, 0, 1 },
{ "UIF-3", 0x00D8, 3, 0, 1 },
{ "KDF", 0x00F9, 3, 4, 1 }, { "KDF", 0x00F9, 3, 4, 1 },
{ NULL, 0 } { NULL, 0 }
}; };