mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
scd: Make app_genkey and supporting ISO function more flexible.
* scd/app.c (app_genkey): Add arg keytype. * scd/app-common.h (struct app_ctx_s): Fitto for the genkey member. * scd/command.c (cmd_genkey): Adjust for change. * scd/iso7816.c (do_generate_keypair): Replace arg read_only by new args p1 and p2. (iso7816_read_public_key): Adjust for this. (iso7816_generate_keypair): Add new args p1 and p2. * scd/app-openpgp.c (do_genkey): Adjust for changes. -- The OpenPGP card creates keys according to parameters read from a data object. Other cards we are about to implement require a direct specification of the requested keytype. This patch implements the required changes. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 9a9cb0257aebb1480b999fdf9d90904083eb8e3c)
This commit is contained in:
parent
c075274aac
commit
14816c7980
@ -105,8 +105,8 @@ struct app_ctx_s {
|
|||||||
void *pincb_arg,
|
void *pincb_arg,
|
||||||
const unsigned char *pk, size_t pklen);
|
const unsigned char *pk, size_t pklen);
|
||||||
gpg_error_t (*genkey) (app_t app, ctrl_t ctrl,
|
gpg_error_t (*genkey) (app_t app, ctrl_t ctrl,
|
||||||
const char *keynostr, unsigned int flags,
|
const char *keyref, const char *keytype,
|
||||||
time_t createtime,
|
unsigned int flags, time_t createtime,
|
||||||
gpg_error_t (*pincb)(void*, const char *, char **),
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
||||||
void *pincb_arg);
|
void *pincb_arg);
|
||||||
gpg_error_t (*change_pin) (app_t app, ctrl_t ctrl,
|
gpg_error_t (*change_pin) (app_t app, ctrl_t ctrl,
|
||||||
@ -177,8 +177,8 @@ gpg_error_t app_writekey (app_t app, ctrl_t ctrl,
|
|||||||
void *pincb_arg,
|
void *pincb_arg,
|
||||||
const unsigned char *keydata, size_t keydatalen);
|
const unsigned char *keydata, size_t keydatalen);
|
||||||
gpg_error_t app_genkey (app_t app, ctrl_t ctrl,
|
gpg_error_t app_genkey (app_t app, ctrl_t ctrl,
|
||||||
const char *keynostr, unsigned int flags,
|
const char *keynostr, const char *keytype,
|
||||||
time_t createtime,
|
unsigned int flags, time_t createtime,
|
||||||
gpg_error_t (*pincb)(void*, const char *, char **),
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
||||||
void *pincb_arg);
|
void *pincb_arg);
|
||||||
gpg_error_t app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes,
|
gpg_error_t app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes,
|
||||||
|
@ -4035,8 +4035,8 @@ do_writekey (app_t app, ctrl_t ctrl,
|
|||||||
|
|
||||||
/* Handle the GENKEY command. */
|
/* Handle the GENKEY command. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
|
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, const char *keytype,
|
||||||
time_t createtime,
|
unsigned int flags, time_t createtime,
|
||||||
gpg_error_t (*pincb)(void*, const char *, char **),
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
||||||
void *pincb_arg)
|
void *pincb_arg)
|
||||||
{
|
{
|
||||||
@ -4052,6 +4052,8 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
|
|||||||
int exmode = 0;
|
int exmode = 0;
|
||||||
int le_value = 256; /* Use legacy value. */
|
int le_value = 256; /* Use legacy value. */
|
||||||
|
|
||||||
|
(void)keytype; /* Ignored for OpenPGP cards. */
|
||||||
|
|
||||||
if (keyno < 0 || keyno > 2)
|
if (keyno < 0 || keyno > 2)
|
||||||
return gpg_error (GPG_ERR_INV_ID);
|
return gpg_error (GPG_ERR_INV_ID);
|
||||||
|
|
||||||
@ -4100,7 +4102,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
|
|||||||
|
|
||||||
log_info (_("please wait while key is being generated ...\n"));
|
log_info (_("please wait while key is being generated ...\n"));
|
||||||
start_at = time (NULL);
|
start_at = time (NULL);
|
||||||
err = iso7816_generate_keypair (app->slot, exmode,
|
err = iso7816_generate_keypair (app->slot, exmode, 0x80, 0,
|
||||||
(keyno == 0? "\xB6" :
|
(keyno == 0? "\xB6" :
|
||||||
keyno == 1? "\xB8" : "\xA4"),
|
keyno == 1? "\xB8" : "\xA4"),
|
||||||
2, le_value, &buffer, &buflen);
|
2, le_value, &buffer, &buflen);
|
||||||
|
@ -865,8 +865,8 @@ app_writekey (app_t app, ctrl_t ctrl,
|
|||||||
|
|
||||||
/* Perform a SETATTR operation. */
|
/* Perform a SETATTR operation. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
|
app_genkey (app_t app, ctrl_t ctrl, const char *keynostr,
|
||||||
time_t createtime,
|
const char *keytype, unsigned int flags, time_t createtime,
|
||||||
gpg_error_t (*pincb)(void*, const char *, char **),
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
||||||
void *pincb_arg)
|
void *pincb_arg)
|
||||||
{
|
{
|
||||||
@ -881,7 +881,7 @@ app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
|
|||||||
err = lock_app (app, ctrl);
|
err = lock_app (app, ctrl);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
err = app->fnc.genkey (app, ctrl, keynostr, flags,
|
err = app->fnc.genkey (app, ctrl, keynostr, keytype, flags,
|
||||||
createtime, pincb, pincb_arg);
|
createtime, pincb, pincb_arg);
|
||||||
unlock_app (app);
|
unlock_app (app);
|
||||||
if (opt.verbose)
|
if (opt.verbose)
|
||||||
|
@ -1138,7 +1138,8 @@ cmd_genkey (assuan_context_t ctx, char *line)
|
|||||||
keyno = xtrystrdup (keyno);
|
keyno = xtrystrdup (keyno);
|
||||||
if (!keyno)
|
if (!keyno)
|
||||||
return out_of_core ();
|
return out_of_core ();
|
||||||
rc = app_genkey (ctrl->app_ctx, ctrl, keyno, force? 1:0,
|
rc = app_genkey (ctrl->app_ctx, ctrl, keyno, NULL,
|
||||||
|
force? APP_GENKEY_FLAG_FORCE : 0,
|
||||||
timestamp, pin_cb, ctx);
|
timestamp, pin_cb, ctx);
|
||||||
xfree (keyno);
|
xfree (keyno);
|
||||||
|
|
||||||
|
@ -629,7 +629,7 @@ iso7816_general_authenticate (int slot, int extended_mode,
|
|||||||
returned. In that case a value of -1 uses a large default
|
returned. In that case a value of -1 uses a large default
|
||||||
(e.g. 4096 bytes), a value larger 256 used that value. */
|
(e.g. 4096 bytes), a value larger 256 used that value. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
do_generate_keypair (int slot, int extended_mode, int read_only,
|
do_generate_keypair (int slot, int extended_mode, int p1, int p2,
|
||||||
const char *data, size_t datalen, int le,
|
const char *data, size_t datalen, int le,
|
||||||
unsigned char **result, size_t *resultlen)
|
unsigned char **result, size_t *resultlen)
|
||||||
{
|
{
|
||||||
@ -641,7 +641,7 @@ do_generate_keypair (int slot, int extended_mode, int read_only,
|
|||||||
*resultlen = 0;
|
*resultlen = 0;
|
||||||
|
|
||||||
sw = apdu_send_le (slot, extended_mode,
|
sw = apdu_send_le (slot, extended_mode,
|
||||||
0x00, CMD_GENERATE_KEYPAIR, read_only? 0x81:0x80, 0,
|
0x00, CMD_GENERATE_KEYPAIR, p1, p2,
|
||||||
datalen, data,
|
datalen, data,
|
||||||
le >= 0 && le < 256? 256:le,
|
le >= 0 && le < 256? 256:le,
|
||||||
result, resultlen);
|
result, resultlen);
|
||||||
@ -659,12 +659,12 @@ do_generate_keypair (int slot, int extended_mode, int read_only,
|
|||||||
|
|
||||||
|
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
iso7816_generate_keypair (int slot, int extended_mode,
|
iso7816_generate_keypair (int slot, int extended_mode, int p1, int p2,
|
||||||
const char *data, size_t datalen,
|
const char *data, size_t datalen,
|
||||||
int le,
|
int le,
|
||||||
unsigned char **result, size_t *resultlen)
|
unsigned char **result, size_t *resultlen)
|
||||||
{
|
{
|
||||||
return do_generate_keypair (slot, extended_mode, 0,
|
return do_generate_keypair (slot, extended_mode, p1, p2,
|
||||||
data, datalen, le, result, resultlen);
|
data, datalen, le, result, resultlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -675,7 +675,7 @@ iso7816_read_public_key (int slot, int extended_mode,
|
|||||||
int le,
|
int le,
|
||||||
unsigned char **result, size_t *resultlen)
|
unsigned char **result, size_t *resultlen)
|
||||||
{
|
{
|
||||||
return do_generate_keypair (slot, extended_mode, 1,
|
return do_generate_keypair (slot, extended_mode, 0x81, 0,
|
||||||
data, datalen, le, result, resultlen);
|
data, datalen, le, result, resultlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -105,9 +105,11 @@ gpg_error_t iso7816_general_authenticate (int slot, int extended_mode,
|
|||||||
unsigned char **result,
|
unsigned char **result,
|
||||||
size_t *resultlen);
|
size_t *resultlen);
|
||||||
gpg_error_t iso7816_generate_keypair (int slot, int extended_mode,
|
gpg_error_t iso7816_generate_keypair (int slot, int extended_mode,
|
||||||
const char *data, size_t datalen,
|
int p1, int p2,
|
||||||
int le,
|
const char *data, size_t datalen,
|
||||||
unsigned char **result, size_t *resultlen);
|
int le,
|
||||||
|
unsigned char **result,
|
||||||
|
size_t *resultlen);
|
||||||
gpg_error_t iso7816_read_public_key (int slot, int extended_mode,
|
gpg_error_t iso7816_read_public_key (int slot, int extended_mode,
|
||||||
const char *data, size_t datalen,
|
const char *data, size_t datalen,
|
||||||
int le,
|
int le,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user