1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

scd: Make app_genkey and supporting ISO function more flexible.

* scd/app.c (app_genkey): Add arg keytype.
* scd/app-common.h (struct app_ctx_s): Fitto for the genkey member.
* scd/command.c (cmd_genkey): Adjust for change.
* scd/iso7816.c (do_generate_keypair): Replace arg read_only by new
args p1 and p2.
(iso7816_read_public_key): Adjust for this.
(iso7816_generate_keypair): Add new args p1 and p2.
* scd/app-openpgp.c (do_genkey): Adjust for changes.
--

The OpenPGP card creates keys according to parameters read from a data
object.  Other cards we are about to implement require a direct
specification of the requested keytype.  This patch implements the
required changes.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9a9cb0257aebb1480b999fdf9d90904083eb8e3c)
This commit is contained in:
Werner Koch 2019-02-06 14:07:42 +01:00
parent c075274aac
commit 14816c7980
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
6 changed files with 24 additions and 19 deletions

View File

@ -105,8 +105,8 @@ struct app_ctx_s {
void *pincb_arg, void *pincb_arg,
const unsigned char *pk, size_t pklen); const unsigned char *pk, size_t pklen);
gpg_error_t (*genkey) (app_t app, ctrl_t ctrl, gpg_error_t (*genkey) (app_t app, ctrl_t ctrl,
const char *keynostr, unsigned int flags, const char *keyref, const char *keytype,
time_t createtime, unsigned int flags, time_t createtime,
gpg_error_t (*pincb)(void*, const char *, char **), gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg); void *pincb_arg);
gpg_error_t (*change_pin) (app_t app, ctrl_t ctrl, gpg_error_t (*change_pin) (app_t app, ctrl_t ctrl,
@ -177,8 +177,8 @@ gpg_error_t app_writekey (app_t app, ctrl_t ctrl,
void *pincb_arg, void *pincb_arg,
const unsigned char *keydata, size_t keydatalen); const unsigned char *keydata, size_t keydatalen);
gpg_error_t app_genkey (app_t app, ctrl_t ctrl, gpg_error_t app_genkey (app_t app, ctrl_t ctrl,
const char *keynostr, unsigned int flags, const char *keynostr, const char *keytype,
time_t createtime, unsigned int flags, time_t createtime,
gpg_error_t (*pincb)(void*, const char *, char **), gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg); void *pincb_arg);
gpg_error_t app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes, gpg_error_t app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes,

View File

@ -4035,8 +4035,8 @@ do_writekey (app_t app, ctrl_t ctrl,
/* Handle the GENKEY command. */ /* Handle the GENKEY command. */
static gpg_error_t static gpg_error_t
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, const char *keytype,
time_t createtime, unsigned int flags, time_t createtime,
gpg_error_t (*pincb)(void*, const char *, char **), gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg) void *pincb_arg)
{ {
@ -4052,6 +4052,8 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
int exmode = 0; int exmode = 0;
int le_value = 256; /* Use legacy value. */ int le_value = 256; /* Use legacy value. */
(void)keytype; /* Ignored for OpenPGP cards. */
if (keyno < 0 || keyno > 2) if (keyno < 0 || keyno > 2)
return gpg_error (GPG_ERR_INV_ID); return gpg_error (GPG_ERR_INV_ID);
@ -4100,7 +4102,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
log_info (_("please wait while key is being generated ...\n")); log_info (_("please wait while key is being generated ...\n"));
start_at = time (NULL); start_at = time (NULL);
err = iso7816_generate_keypair (app->slot, exmode, err = iso7816_generate_keypair (app->slot, exmode, 0x80, 0,
(keyno == 0? "\xB6" : (keyno == 0? "\xB6" :
keyno == 1? "\xB8" : "\xA4"), keyno == 1? "\xB8" : "\xA4"),
2, le_value, &buffer, &buflen); 2, le_value, &buffer, &buflen);

View File

@ -865,8 +865,8 @@ app_writekey (app_t app, ctrl_t ctrl,
/* Perform a SETATTR operation. */ /* Perform a SETATTR operation. */
gpg_error_t gpg_error_t
app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, app_genkey (app_t app, ctrl_t ctrl, const char *keynostr,
time_t createtime, const char *keytype, unsigned int flags, time_t createtime,
gpg_error_t (*pincb)(void*, const char *, char **), gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg) void *pincb_arg)
{ {
@ -881,7 +881,7 @@ app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
err = lock_app (app, ctrl); err = lock_app (app, ctrl);
if (err) if (err)
return err; return err;
err = app->fnc.genkey (app, ctrl, keynostr, flags, err = app->fnc.genkey (app, ctrl, keynostr, keytype, flags,
createtime, pincb, pincb_arg); createtime, pincb, pincb_arg);
unlock_app (app); unlock_app (app);
if (opt.verbose) if (opt.verbose)

View File

@ -1138,7 +1138,8 @@ cmd_genkey (assuan_context_t ctx, char *line)
keyno = xtrystrdup (keyno); keyno = xtrystrdup (keyno);
if (!keyno) if (!keyno)
return out_of_core (); return out_of_core ();
rc = app_genkey (ctrl->app_ctx, ctrl, keyno, force? 1:0, rc = app_genkey (ctrl->app_ctx, ctrl, keyno, NULL,
force? APP_GENKEY_FLAG_FORCE : 0,
timestamp, pin_cb, ctx); timestamp, pin_cb, ctx);
xfree (keyno); xfree (keyno);

View File

@ -629,7 +629,7 @@ iso7816_general_authenticate (int slot, int extended_mode,
returned. In that case a value of -1 uses a large default returned. In that case a value of -1 uses a large default
(e.g. 4096 bytes), a value larger 256 used that value. */ (e.g. 4096 bytes), a value larger 256 used that value. */
static gpg_error_t static gpg_error_t
do_generate_keypair (int slot, int extended_mode, int read_only, do_generate_keypair (int slot, int extended_mode, int p1, int p2,
const char *data, size_t datalen, int le, const char *data, size_t datalen, int le,
unsigned char **result, size_t *resultlen) unsigned char **result, size_t *resultlen)
{ {
@ -641,7 +641,7 @@ do_generate_keypair (int slot, int extended_mode, int read_only,
*resultlen = 0; *resultlen = 0;
sw = apdu_send_le (slot, extended_mode, sw = apdu_send_le (slot, extended_mode,
0x00, CMD_GENERATE_KEYPAIR, read_only? 0x81:0x80, 0, 0x00, CMD_GENERATE_KEYPAIR, p1, p2,
datalen, data, datalen, data,
le >= 0 && le < 256? 256:le, le >= 0 && le < 256? 256:le,
result, resultlen); result, resultlen);
@ -659,12 +659,12 @@ do_generate_keypair (int slot, int extended_mode, int read_only,
gpg_error_t gpg_error_t
iso7816_generate_keypair (int slot, int extended_mode, iso7816_generate_keypair (int slot, int extended_mode, int p1, int p2,
const char *data, size_t datalen, const char *data, size_t datalen,
int le, int le,
unsigned char **result, size_t *resultlen) unsigned char **result, size_t *resultlen)
{ {
return do_generate_keypair (slot, extended_mode, 0, return do_generate_keypair (slot, extended_mode, p1, p2,
data, datalen, le, result, resultlen); data, datalen, le, result, resultlen);
} }
@ -675,7 +675,7 @@ iso7816_read_public_key (int slot, int extended_mode,
int le, int le,
unsigned char **result, size_t *resultlen) unsigned char **result, size_t *resultlen)
{ {
return do_generate_keypair (slot, extended_mode, 1, return do_generate_keypair (slot, extended_mode, 0x81, 0,
data, datalen, le, result, resultlen); data, datalen, le, result, resultlen);
} }

View File

@ -105,9 +105,11 @@ gpg_error_t iso7816_general_authenticate (int slot, int extended_mode,
unsigned char **result, unsigned char **result,
size_t *resultlen); size_t *resultlen);
gpg_error_t iso7816_generate_keypair (int slot, int extended_mode, gpg_error_t iso7816_generate_keypair (int slot, int extended_mode,
const char *data, size_t datalen, int p1, int p2,
int le, const char *data, size_t datalen,
unsigned char **result, size_t *resultlen); int le,
unsigned char **result,
size_t *resultlen);
gpg_error_t iso7816_read_public_key (int slot, int extended_mode, gpg_error_t iso7816_read_public_key (int slot, int extended_mode,
const char *data, size_t datalen, const char *data, size_t datalen,
int le, int le,