mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
scd: Use app_get_slot at more places.
-- This is helpful for backporting other changes.
This commit is contained in:
parent
ea222a0d9c
commit
19791a1d4c
@ -100,7 +100,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
|
|||||||
|
|
||||||
/* Return the certificate of the card holder. */
|
/* Return the certificate of the card holder. */
|
||||||
fid = 0xC000;
|
fid = 0xC000;
|
||||||
len = app_help_read_length_of_cert (app->slot, fid, &certoff);
|
len = app_help_read_length_of_cert (app_get_slot (app), fid, &certoff);
|
||||||
if (!len)
|
if (!len)
|
||||||
return 0; /* Card has not been personalized. */
|
return 0; /* Card has not been personalized. */
|
||||||
|
|
||||||
@ -113,7 +113,8 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
|
|||||||
|
|
||||||
/* Now we need to read the certificate, so that we can get the
|
/* Now we need to read the certificate, so that we can get the
|
||||||
public key out of it. */
|
public key out of it. */
|
||||||
err = iso7816_read_binary (app->slot, certoff, len-certoff, &der, &derlen);
|
err = iso7816_read_binary (app_get_slot (app), certoff, len-certoff,
|
||||||
|
&der, &derlen);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_info ("error reading entire certificate from FID 0x%04X: %s\n",
|
log_info ("error reading entire certificate from FID 0x%04X: %s\n",
|
||||||
@ -192,14 +193,14 @@ do_readcert (app_t app, const char *certid,
|
|||||||
/* Read the entire file. fixme: This could be optimized by first
|
/* Read the entire file. fixme: This could be optimized by first
|
||||||
reading the header to figure out how long the certificate
|
reading the header to figure out how long the certificate
|
||||||
actually is. */
|
actually is. */
|
||||||
err = iso7816_select_file (app->slot, fid, 0);
|
err = iso7816_select_file (app_get_slot (app), fid, 0);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("error selecting FID 0x%04X: %s\n", fid, gpg_strerror (err));
|
log_error ("error selecting FID 0x%04X: %s\n", fid, gpg_strerror (err));
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = iso7816_read_binary (app->slot, 0, 0, &buffer, &buflen);
|
err = iso7816_read_binary (app_get_slot (app), 0, 0, &buffer, &buflen);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("error reading certificate from FID 0x%04X: %s\n",
|
log_error ("error reading certificate from FID 0x%04X: %s\n",
|
||||||
@ -292,7 +293,7 @@ verify_pin (app_t app,
|
|||||||
pininfo.maxlen = 8;
|
pininfo.maxlen = 8;
|
||||||
|
|
||||||
if (!opt.disable_pinpad
|
if (!opt.disable_pinpad
|
||||||
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo) )
|
&& !iso7816_check_pinpad (app_get_slot (app), ISO7816_VERIFY, &pininfo) )
|
||||||
{
|
{
|
||||||
rc = pincb (pincb_arg,
|
rc = pincb (pincb_arg,
|
||||||
_("||Please enter your PIN at the reader's pinpad"),
|
_("||Please enter your PIN at the reader's pinpad"),
|
||||||
@ -303,7 +304,7 @@ verify_pin (app_t app,
|
|||||||
gpg_strerror (rc));
|
gpg_strerror (rc));
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
rc = iso7816_verify_kp (app->slot, 0x81, &pininfo);
|
rc = iso7816_verify_kp (app_get_slot (app), 0x81, &pininfo);
|
||||||
/* Dismiss the prompt. */
|
/* Dismiss the prompt. */
|
||||||
pincb (pincb_arg, NULL, NULL);
|
pincb (pincb_arg, NULL, NULL);
|
||||||
}
|
}
|
||||||
@ -344,7 +345,8 @@ verify_pin (app_t app,
|
|||||||
return gpg_error (GPG_ERR_BAD_PIN);
|
return gpg_error (GPG_ERR_BAD_PIN);
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
|
rc = iso7816_verify (app_get_slot (app), 0x81,
|
||||||
|
pinvalue, strlen (pinvalue));
|
||||||
if (gpg_err_code (rc) == GPG_ERR_INV_VALUE)
|
if (gpg_err_code (rc) == GPG_ERR_INV_VALUE)
|
||||||
{
|
{
|
||||||
/* We assume that ISO 9564-1 encoding is used and we failed
|
/* We assume that ISO 9564-1 encoding is used and we failed
|
||||||
@ -365,7 +367,8 @@ verify_pin (app_t app,
|
|||||||
paddedpin[i++] = (((*s - '0') << 4) | 0x0f);
|
paddedpin[i++] = (((*s - '0') << 4) | 0x0f);
|
||||||
while (i < sizeof paddedpin)
|
while (i < sizeof paddedpin)
|
||||||
paddedpin[i++] = 0xff;
|
paddedpin[i++] = 0xff;
|
||||||
rc = iso7816_verify (app->slot, 0x81, paddedpin, sizeof paddedpin);
|
rc = iso7816_verify (app_get_slot (app), 0x81,
|
||||||
|
paddedpin, sizeof paddedpin);
|
||||||
}
|
}
|
||||||
xfree (pinvalue);
|
xfree (pinvalue);
|
||||||
}
|
}
|
||||||
@ -483,7 +486,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
|||||||
|
|
||||||
rc = verify_pin (app, pincb, pincb_arg);
|
rc = verify_pin (app, pincb, pincb_arg);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_compute_ds (app->slot, 0, data, datalen, 0,
|
rc = iso7816_compute_ds (app_get_slot (app), 0, data, datalen, 0,
|
||||||
outdata, outdatalen);
|
outdata, outdatalen);
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
@ -533,7 +536,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = iso7816_change_reference_data (app->slot, 0x81,
|
err = iso7816_change_reference_data (app_get_slot (app), 0x81,
|
||||||
oldpin, oldpinlen,
|
oldpin, oldpinlen,
|
||||||
pinvalue, strlen (pinvalue));
|
pinvalue, strlen (pinvalue));
|
||||||
xfree (pinvalue);
|
xfree (pinvalue);
|
||||||
@ -548,7 +551,7 @@ gpg_error_t
|
|||||||
app_select_dinsig (app_t app)
|
app_select_dinsig (app_t app)
|
||||||
{
|
{
|
||||||
static char const aid[] = { 0xD2, 0x76, 0x00, 0x00, 0x66, 0x01 };
|
static char const aid[] = { 0xD2, 0x76, 0x00, 0x00, 0x66, 0x01 };
|
||||||
int slot = app->slot;
|
int slot = app_get_slot (app);
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
rc = iso7816_select_application (slot, aid, sizeof aid, 0);
|
rc = iso7816_select_application (slot, aid, sizeof aid, 0);
|
||||||
|
@ -870,7 +870,7 @@ do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags,
|
|||||||
{
|
{
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|
||||||
len = app_help_read_length_of_cert (app->slot,
|
len = app_help_read_length_of_cert (app_get_slot (app),
|
||||||
filelist[i].fid, NULL);
|
filelist[i].fid, NULL);
|
||||||
if (len)
|
if (len)
|
||||||
{
|
{
|
||||||
@ -962,7 +962,7 @@ readcert_from_ef (app_t app, int fid, unsigned char **cert, size_t *certlen)
|
|||||||
/* Read the entire file. fixme: This could be optimized by first
|
/* Read the entire file. fixme: This could be optimized by first
|
||||||
reading the header to figure out how long the certificate
|
reading the header to figure out how long the certificate
|
||||||
actually is. */
|
actually is. */
|
||||||
err = iso7816_select_file (app->slot, fid, 0);
|
err = iso7816_select_file (app_get_slot (app), fid, 0);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("nks: error selecting FID 0x%04X: %s\n",
|
log_error ("nks: error selecting FID 0x%04X: %s\n",
|
||||||
@ -970,7 +970,7 @@ readcert_from_ef (app_t app, int fid, unsigned char **cert, size_t *certlen)
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = iso7816_read_binary (app->slot, 0, 0, &buffer, &buflen);
|
err = iso7816_read_binary (app_get_slot (app), 0, 0, &buffer, &buflen);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("nks: error reading certificate from FID 0x%04X: %s\n",
|
log_error ("nks: error reading certificate from FID 0x%04X: %s\n",
|
||||||
@ -1515,7 +1515,7 @@ do_writekey (app_t app, ctrl_t ctrl,
|
|||||||
/* mse[10] = 0x82; /\* RSA public exponent of up to 4 bytes. *\/ */
|
/* mse[10] = 0x82; /\* RSA public exponent of up to 4 bytes. *\/ */
|
||||||
/* mse[12] = rsa_e_len; */
|
/* mse[12] = rsa_e_len; */
|
||||||
/* memcpy (mse+12, rsa_e, rsa_e_len); */
|
/* memcpy (mse+12, rsa_e, rsa_e_len); */
|
||||||
/* err = iso7816_manage_security_env (app->slot, 0x81, 0xB6, */
|
/* err = iso7816_manage_security_env (app_get_slot (app), 0x81, 0xB6, */
|
||||||
/* mse, sizeof mse); */
|
/* mse, sizeof mse); */
|
||||||
|
|
||||||
leave:
|
leave:
|
||||||
@ -1659,7 +1659,7 @@ verify_pin (app_t app, int pwid, const char *desc,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!opt.disable_pinpad
|
if (!opt.disable_pinpad
|
||||||
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo) )
|
&& !iso7816_check_pinpad (app_get_slot (app), ISO7816_VERIFY, &pininfo) )
|
||||||
{
|
{
|
||||||
prompt = make_prompt (app, remaining, desc, extrapromptline);
|
prompt = make_prompt (app, remaining, desc, extrapromptline);
|
||||||
rc = pincb (pincb_arg, prompt, NULL);
|
rc = pincb (pincb_arg, prompt, NULL);
|
||||||
@ -1671,7 +1671,7 @@ verify_pin (app_t app, int pwid, const char *desc,
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = iso7816_verify_kp (app->slot, pwid, &pininfo);
|
rc = iso7816_verify_kp (app_get_slot (app), pwid, &pininfo);
|
||||||
pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
|
pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -1694,7 +1694,8 @@ verify_pin (app_t app, int pwid, const char *desc,
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = iso7816_verify (app->slot, pwid, pinvalue, strlen (pinvalue));
|
rc = iso7816_verify (app_get_slot (app), pwid,
|
||||||
|
pinvalue, strlen (pinvalue));
|
||||||
xfree (pinvalue);
|
xfree (pinvalue);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -384,7 +384,7 @@ get_cached_data (app_t app, int tag,
|
|||||||
else
|
else
|
||||||
exmode = 0;
|
exmode = 0;
|
||||||
|
|
||||||
err = iso7816_get_data (app->slot, exmode, tag, &p, &len);
|
err = iso7816_get_data (app_get_slot (app), exmode, tag, &p, &len);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
if (len)
|
if (len)
|
||||||
@ -515,7 +515,7 @@ get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes,
|
|||||||
if (app->appversion > 0x0100 && data_objects[i].get_immediate_in_v11)
|
if (app->appversion > 0x0100 && data_objects[i].get_immediate_in_v11)
|
||||||
{
|
{
|
||||||
exmode = 0;
|
exmode = 0;
|
||||||
rc = iso7816_get_data (app->slot, exmode, tag, &buffer, &buflen);
|
rc = iso7816_get_data (app_get_slot (app), exmode, tag, &buffer, &buflen);
|
||||||
if (rc)
|
if (rc)
|
||||||
{
|
{
|
||||||
*r_rc = rc;
|
*r_rc = rc;
|
||||||
@ -857,7 +857,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, unsigned char *fpr,
|
|||||||
tag2 = 0xCE + keynumber;
|
tag2 = 0xCE + keynumber;
|
||||||
flush_cache_item (app, 0xCD);
|
flush_cache_item (app, 0xCD);
|
||||||
|
|
||||||
rc = iso7816_put_data (app->slot, 0, tag, fpr, 20);
|
rc = iso7816_put_data (app_get_slot (app), 0, tag, fpr, 20);
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error (_("failed to store the fingerprint: %s\n"),gpg_strerror (rc));
|
log_error (_("failed to store the fingerprint: %s\n"),gpg_strerror (rc));
|
||||||
|
|
||||||
@ -870,7 +870,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, unsigned char *fpr,
|
|||||||
buf[2] = timestamp >> 8;
|
buf[2] = timestamp >> 8;
|
||||||
buf[3] = timestamp;
|
buf[3] = timestamp;
|
||||||
|
|
||||||
rc = iso7816_put_data (app->slot, 0, tag2, buf, 4);
|
rc = iso7816_put_data (app_get_slot (app), 0, tag2, buf, 4);
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error (_("failed to store the creation date: %s\n"),
|
log_error (_("failed to store the creation date: %s\n"),
|
||||||
gpg_strerror (rc));
|
gpg_strerror (rc));
|
||||||
@ -1756,7 +1756,7 @@ get_public_key (app_t app, int keyno)
|
|||||||
le_value = 256; /* Use legacy value. */
|
le_value = 256; /* Use legacy value. */
|
||||||
}
|
}
|
||||||
|
|
||||||
err = iso7816_read_public_key (app->slot, exmode,
|
err = iso7816_read_public_key (app_get_slot (app), exmode,
|
||||||
(keyno == 0? "\xB6" :
|
(keyno == 0? "\xB6" :
|
||||||
keyno == 1? "\xB8" : "\xA4"),
|
keyno == 1? "\xB8" : "\xA4"),
|
||||||
2, le_value, &buffer, &buflen);
|
2, le_value, &buffer, &buflen);
|
||||||
@ -2279,7 +2279,7 @@ verify_a_chv (app_t app,
|
|||||||
/* Special case for def_chv2 mechanism. */
|
/* Special case for def_chv2 mechanism. */
|
||||||
if (opt.verbose)
|
if (opt.verbose)
|
||||||
log_info (_("using default PIN as %s\n"), "CHV2");
|
log_info (_("using default PIN as %s\n"), "CHV2");
|
||||||
rc = iso7816_verify (app->slot, 0x82, "123456", 6);
|
rc = iso7816_verify (app_get_slot (app), 0x82, "123456", 6);
|
||||||
if (rc)
|
if (rc)
|
||||||
{
|
{
|
||||||
/* Verification of CHV2 with the default PIN failed,
|
/* Verification of CHV2 with the default PIN failed,
|
||||||
@ -2312,7 +2312,7 @@ verify_a_chv (app_t app,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!opt.disable_pinpad
|
if (!opt.disable_pinpad
|
||||||
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo)
|
&& !iso7816_check_pinpad (app_get_slot (app), ISO7816_VERIFY, &pininfo)
|
||||||
&& !check_pinpad_request (app, &pininfo, 0))
|
&& !check_pinpad_request (app, &pininfo, 0))
|
||||||
{
|
{
|
||||||
/* The reader supports the verify command through the pinpad.
|
/* The reader supports the verify command through the pinpad.
|
||||||
@ -2328,7 +2328,7 @@ verify_a_chv (app_t app,
|
|||||||
gpg_strerror (rc));
|
gpg_strerror (rc));
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
rc = iso7816_verify_kp (app->slot, 0x80+chvno, &pininfo);
|
rc = iso7816_verify_kp (app_get_slot (app), 0x80+chvno, &pininfo);
|
||||||
/* Dismiss the prompt. */
|
/* Dismiss the prompt. */
|
||||||
pincb (pincb_arg, NULL, NULL);
|
pincb (pincb_arg, NULL, NULL);
|
||||||
|
|
||||||
@ -2359,7 +2359,8 @@ verify_a_chv (app_t app,
|
|||||||
|
|
||||||
rc = pin2hash_if_kdf (app, chvno, *pinvalue, pinlen);
|
rc = pin2hash_if_kdf (app, chvno, *pinvalue, pinlen);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_verify (app->slot, 0x80+chvno, *pinvalue, *pinlen);
|
rc = iso7816_verify (app_get_slot (app),
|
||||||
|
0x80 + chvno, *pinvalue, *pinlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rc)
|
if (rc)
|
||||||
@ -2501,7 +2502,8 @@ verify_chv3 (app_t app,
|
|||||||
return rc;
|
return rc;
|
||||||
|
|
||||||
if (!opt.disable_pinpad
|
if (!opt.disable_pinpad
|
||||||
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo)
|
&& !iso7816_check_pinpad (app_get_slot (app),
|
||||||
|
ISO7816_VERIFY, &pininfo)
|
||||||
&& !check_pinpad_request (app, &pininfo, 1))
|
&& !check_pinpad_request (app, &pininfo, 1))
|
||||||
{
|
{
|
||||||
/* The reader supports the verify command through the pinpad. */
|
/* The reader supports the verify command through the pinpad. */
|
||||||
@ -2514,7 +2516,7 @@ verify_chv3 (app_t app,
|
|||||||
gpg_strerror (rc));
|
gpg_strerror (rc));
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
rc = iso7816_verify_kp (app->slot, 0x83, &pininfo);
|
rc = iso7816_verify_kp (app_get_slot (app), 0x83, &pininfo);
|
||||||
/* Dismiss the prompt. */
|
/* Dismiss the prompt. */
|
||||||
pincb (pincb_arg, NULL, NULL);
|
pincb (pincb_arg, NULL, NULL);
|
||||||
}
|
}
|
||||||
@ -2543,7 +2545,7 @@ verify_chv3 (app_t app,
|
|||||||
|
|
||||||
rc = pin2hash_if_kdf (app, 3, pinvalue, &pinlen);
|
rc = pin2hash_if_kdf (app, 3, pinvalue, &pinlen);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_verify (app->slot, 0x83, pinvalue, pinlen);
|
rc = iso7816_verify (app_get_slot (app), 0x83, pinvalue, pinlen);
|
||||||
xfree (pinvalue);
|
xfree (pinvalue);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2638,7 +2640,8 @@ do_setattr (app_t app, ctrl_t ctrl, const char *name,
|
|||||||
exmode = -254; /* Command chaining with max. 254 bytes. */
|
exmode = -254; /* Command chaining with max. 254 bytes. */
|
||||||
else
|
else
|
||||||
exmode = 0;
|
exmode = 0;
|
||||||
rc = iso7816_put_data (app->slot, exmode, table[idx].tag, value, valuelen);
|
rc = iso7816_put_data (app_get_slot (app),
|
||||||
|
exmode, table[idx].tag, value, valuelen);
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error ("failed to set '%s': %s\n", table[idx].name, gpg_strerror (rc));
|
log_error ("failed to set '%s': %s\n", table[idx].name, gpg_strerror (rc));
|
||||||
|
|
||||||
@ -2787,7 +2790,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
/* Version 2 cards. */
|
/* Version 2 cards. */
|
||||||
|
|
||||||
if (!opt.disable_pinpad
|
if (!opt.disable_pinpad
|
||||||
&& !iso7816_check_pinpad (app->slot,
|
&& !iso7816_check_pinpad (app_get_slot (app),
|
||||||
ISO7816_CHANGE_REFERENCE_DATA, &pininfo)
|
ISO7816_CHANGE_REFERENCE_DATA, &pininfo)
|
||||||
&& !check_pinpad_request (app, &pininfo, chvno == 3))
|
&& !check_pinpad_request (app, &pininfo, chvno == 3))
|
||||||
use_pinpad = 1;
|
use_pinpad = 1;
|
||||||
@ -2930,7 +2933,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
rc = pin2hash_if_kdf (app, 1, buffer+pinlen0, &pinlen);
|
rc = pin2hash_if_kdf (app, 1, buffer+pinlen0, &pinlen);
|
||||||
}
|
}
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_reset_retry_counter_with_rc (app->slot, 0x81,
|
rc = iso7816_reset_retry_counter_with_rc (app_get_slot (app), 0x81,
|
||||||
buffer, pinlen0+pinlen);
|
buffer, pinlen0+pinlen);
|
||||||
wipememory (buffer, pinlen0 + pinlen);
|
wipememory (buffer, pinlen0 + pinlen);
|
||||||
xfree (buffer);
|
xfree (buffer);
|
||||||
@ -2947,31 +2950,37 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
{
|
{
|
||||||
rc = pin2hash_if_kdf (app, 0, pinvalue, &pinlen);
|
rc = pin2hash_if_kdf (app, 0, pinvalue, &pinlen);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_put_data (app->slot, 0, 0xD3, pinvalue, pinlen);
|
rc = iso7816_put_data (app_get_slot (app),
|
||||||
|
0, 0xD3, pinvalue, pinlen);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if (reset_mode)
|
else if (reset_mode)
|
||||||
{
|
{
|
||||||
rc = pin2hash_if_kdf (app, 1, pinvalue, &pinlen);
|
rc = pin2hash_if_kdf (app, 1, pinvalue, &pinlen);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_reset_retry_counter (app->slot, 0x81, pinvalue, pinlen);
|
rc = iso7816_reset_retry_counter (app_get_slot (app),
|
||||||
|
0x81, pinvalue, pinlen);
|
||||||
if (!rc && !app->app_local->extcap.is_v2)
|
if (!rc && !app->app_local->extcap.is_v2)
|
||||||
rc = iso7816_reset_retry_counter (app->slot, 0x82, pinvalue, pinlen);
|
rc = iso7816_reset_retry_counter (app_get_slot (app),
|
||||||
|
0x82, pinvalue, pinlen);
|
||||||
}
|
}
|
||||||
else if (!app->app_local->extcap.is_v2)
|
else if (!app->app_local->extcap.is_v2)
|
||||||
{
|
{
|
||||||
/* Version 1 cards. */
|
/* Version 1 cards. */
|
||||||
if (chvno == 1 || chvno == 2)
|
if (chvno == 1 || chvno == 2)
|
||||||
{
|
{
|
||||||
rc = iso7816_change_reference_data (app->slot, 0x81, NULL, 0,
|
rc = iso7816_change_reference_data (app_get_slot (app),
|
||||||
|
0x81, NULL, 0,
|
||||||
pinvalue, strlen (pinvalue));
|
pinvalue, strlen (pinvalue));
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_change_reference_data (app->slot, 0x82, NULL, 0,
|
rc = iso7816_change_reference_data (app_get_slot (app),
|
||||||
|
0x82, NULL, 0,
|
||||||
pinvalue, strlen (pinvalue));
|
pinvalue, strlen (pinvalue));
|
||||||
}
|
}
|
||||||
else /* CHVNO == 3 */
|
else /* CHVNO == 3 */
|
||||||
{
|
{
|
||||||
rc = iso7816_change_reference_data (app->slot, 0x80 + chvno, NULL, 0,
|
rc = iso7816_change_reference_data (app_get_slot (app),
|
||||||
|
0x80 + chvno, NULL, 0,
|
||||||
pinvalue, strlen (pinvalue));
|
pinvalue, strlen (pinvalue));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -3045,7 +3054,7 @@ does_key_exist (app_t app, int keyidx, int generating, int force)
|
|||||||
|
|
||||||
assert (keyidx >=0 && keyidx <= 2);
|
assert (keyidx >=0 && keyidx <= 2);
|
||||||
|
|
||||||
if (iso7816_get_data (app->slot, 0, 0x006E, &buffer, &buflen))
|
if (iso7816_get_data (app_get_slot (app), 0, 0x006E, &buffer, &buflen))
|
||||||
{
|
{
|
||||||
log_error (_("error reading application data\n"));
|
log_error (_("error reading application data\n"));
|
||||||
return gpg_error (GPG_ERR_GENERAL);
|
return gpg_error (GPG_ERR_GENERAL);
|
||||||
@ -3378,7 +3387,7 @@ change_keyattr (app_t app, int keyno, const unsigned char *buf, size_t buflen,
|
|||||||
return err;
|
return err;
|
||||||
|
|
||||||
/* Change the attribute. */
|
/* Change the attribute. */
|
||||||
err = iso7816_put_data (app->slot, 0, 0xC1+keyno, buf, buflen);
|
err = iso7816_put_data (app_get_slot (app), 0, 0xC1+keyno, buf, buflen);
|
||||||
if (err)
|
if (err)
|
||||||
log_error ("error changing key attribute (key=%d)\n", keyno+1);
|
log_error ("error changing key attribute (key=%d)\n", keyno+1);
|
||||||
else
|
else
|
||||||
@ -3770,7 +3779,7 @@ rsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
exmode = -254;
|
exmode = -254;
|
||||||
else
|
else
|
||||||
exmode = 0;
|
exmode = 0;
|
||||||
err = iso7816_put_data_odd (app->slot, exmode, 0x3fff,
|
err = iso7816_put_data_odd (app_get_slot (app), exmode, 0x3fff,
|
||||||
template, template_len);
|
template, template_len);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -3820,7 +3829,7 @@ rsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
/* Store the key. */
|
/* Store the key. */
|
||||||
err = iso7816_put_data (app->slot, 0,
|
err = iso7816_put_data (app_get_slot (app), 0,
|
||||||
(app->appversion > 0x0007? 0xE0:0xE9)+keyno,
|
(app->appversion > 0x0007? 0xE0:0xE9)+keyno,
|
||||||
template, template_len);
|
template, template_len);
|
||||||
}
|
}
|
||||||
@ -4094,7 +4103,7 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
exmode = -254;
|
exmode = -254;
|
||||||
else
|
else
|
||||||
exmode = 0;
|
exmode = 0;
|
||||||
err = iso7816_put_data_odd (app->slot, exmode, 0x3fff,
|
err = iso7816_put_data_odd (app_get_slot (app), exmode, 0x3fff,
|
||||||
template, template_len);
|
template, template_len);
|
||||||
xfree (template);
|
xfree (template);
|
||||||
}
|
}
|
||||||
@ -4262,7 +4271,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, const char *keytype,
|
|||||||
|
|
||||||
log_info (_("please wait while key is being generated ...\n"));
|
log_info (_("please wait while key is being generated ...\n"));
|
||||||
start_at = time (NULL);
|
start_at = time (NULL);
|
||||||
err = iso7816_generate_keypair (app->slot, exmode, 0x80, 0,
|
err = iso7816_generate_keypair (app_get_slot (app), exmode, 0x80, 0,
|
||||||
(keyno == 0? "\xB6" :
|
(keyno == 0? "\xB6" :
|
||||||
keyno == 1? "\xB8" : "\xA4"),
|
keyno == 1? "\xB8" : "\xA4"),
|
||||||
2, le_value, &buffer, &buflen);
|
2, le_value, &buffer, &buflen);
|
||||||
@ -4623,7 +4632,8 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
|||||||
char *pinvalue;
|
char *pinvalue;
|
||||||
int pinlen;
|
int pinlen;
|
||||||
|
|
||||||
rc = verify_a_chv (app, pincb, pincb_arg, 1, sigcount, &pinvalue, &pinlen);
|
rc = verify_a_chv (app, pincb, pincb_arg, 1, sigcount,
|
||||||
|
&pinvalue, &pinlen);
|
||||||
if (rc)
|
if (rc)
|
||||||
return rc;
|
return rc;
|
||||||
|
|
||||||
@ -4636,7 +4646,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
|||||||
pinpad has been used. */
|
pinpad has been used. */
|
||||||
if (!app->did_chv2 && pinvalue && !app->app_local->extcap.is_v2)
|
if (!app->did_chv2 && pinvalue && !app->app_local->extcap.is_v2)
|
||||||
{
|
{
|
||||||
rc = iso7816_verify (app->slot, 0x82, pinvalue, pinlen);
|
rc = iso7816_verify (app_get_slot (app), 0x82, pinvalue, pinlen);
|
||||||
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
|
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
|
||||||
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
|
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
|
||||||
if (rc)
|
if (rc)
|
||||||
@ -4664,7 +4674,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
|||||||
exmode = 0;
|
exmode = 0;
|
||||||
le_value = 0;
|
le_value = 0;
|
||||||
}
|
}
|
||||||
rc = iso7816_compute_ds (app->slot, exmode, data, datalen, le_value,
|
rc = iso7816_compute_ds (app_get_slot (app), exmode, data, datalen, le_value,
|
||||||
outdata, outdatalen);
|
outdata, outdatalen);
|
||||||
if (!rc && app->force_chv1)
|
if (!rc && app->force_chv1)
|
||||||
app->did_chv1 = 0;
|
app->did_chv1 = 0;
|
||||||
@ -4756,7 +4766,7 @@ do_auth (app_t app, ctrl_t ctrl, const char *keyidstr,
|
|||||||
exmode = 0;
|
exmode = 0;
|
||||||
le_value = 0;
|
le_value = 0;
|
||||||
}
|
}
|
||||||
rc = iso7816_internal_authenticate (app->slot, exmode,
|
rc = iso7816_internal_authenticate (app_get_slot (app), exmode,
|
||||||
indata, indatalen, le_value,
|
indata, indatalen, le_value,
|
||||||
outdata, outdatalen);
|
outdata, outdatalen);
|
||||||
}
|
}
|
||||||
@ -4951,7 +4961,7 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
|
|||||||
else
|
else
|
||||||
exmode = le_value = 0;
|
exmode = le_value = 0;
|
||||||
|
|
||||||
rc = iso7816_decipher (app->slot, exmode,
|
rc = iso7816_decipher (app_get_slot (app), exmode,
|
||||||
indata, indatalen, le_value, padind,
|
indata, indatalen, le_value, padind,
|
||||||
outdata, outdatalen);
|
outdata, outdatalen);
|
||||||
xfree (fixbuf);
|
xfree (fixbuf);
|
||||||
@ -5309,7 +5319,7 @@ gpg_error_t
|
|||||||
app_select_openpgp (app_t app)
|
app_select_openpgp (app_t app)
|
||||||
{
|
{
|
||||||
static char const aid[] = { 0xD2, 0x76, 0x00, 0x01, 0x24, 0x01 };
|
static char const aid[] = { 0xD2, 0x76, 0x00, 0x01, 0x24, 0x01 };
|
||||||
int slot = app->slot;
|
int slot = app_get_slot (app);
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
unsigned char *buffer;
|
unsigned char *buffer;
|
||||||
size_t buflen;
|
size_t buflen;
|
||||||
|
@ -483,7 +483,8 @@ read_ef_prkd (app_t app, unsigned short fid, prkdf_object_t *prkdresult,
|
|||||||
if (!fid)
|
if (!fid)
|
||||||
return gpg_error (GPG_ERR_NO_DATA); /* No private keys. */
|
return gpg_error (GPG_ERR_NO_DATA); /* No private keys. */
|
||||||
|
|
||||||
err = select_and_read_binary (app->slot, fid, "PrKDF", &buffer, &buflen, 255);
|
err = select_and_read_binary (app_get_slot (app),
|
||||||
|
fid, "PrKDF", &buffer, &buflen, 255);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
@ -831,7 +832,7 @@ read_ef_prkd (app_t app, unsigned short fid, prkdf_object_t *prkdresult,
|
|||||||
xfree (buffer);
|
xfree (buffer);
|
||||||
buffer = NULL;
|
buffer = NULL;
|
||||||
buflen = 0;
|
buflen = 0;
|
||||||
err = select_and_read_binary (app->slot,
|
err = select_and_read_binary (app_get_slot (app),
|
||||||
((SC_HSM_EE_PREFIX << 8) | (fid & 0xFF)),
|
((SC_HSM_EE_PREFIX << 8) | (fid & 0xFF)),
|
||||||
"CertEF", &buffer, &buflen, 1);
|
"CertEF", &buffer, &buflen, 1);
|
||||||
if (!err && buffer[0] == 0x30)
|
if (!err && buffer[0] == 0x30)
|
||||||
@ -952,7 +953,8 @@ read_ef_cd (app_t app, unsigned short fid, cdf_object_t *result)
|
|||||||
if (!fid)
|
if (!fid)
|
||||||
return gpg_error (GPG_ERR_NO_DATA); /* No certificates. */
|
return gpg_error (GPG_ERR_NO_DATA); /* No certificates. */
|
||||||
|
|
||||||
err = select_and_read_binary (app->slot, fid, "CDF", &buffer, &buflen, 255);
|
err = select_and_read_binary (app_get_slot (app), fid, "CDF",
|
||||||
|
&buffer, &buflen, 255);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
@ -1201,7 +1203,7 @@ read_serialno(app_t app)
|
|||||||
size_t n, objlen, hdrlen, chrlen;
|
size_t n, objlen, hdrlen, chrlen;
|
||||||
int class, tag, constructed, ndef;
|
int class, tag, constructed, ndef;
|
||||||
|
|
||||||
err = select_and_read_binary (app->slot, 0x2F02, "EF.C_DevAut",
|
err = select_and_read_binary (app_get_slot (app), 0x2F02, "EF.C_DevAut",
|
||||||
&buffer, &buflen, 512);
|
&buffer, &buflen, 512);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
@ -1259,7 +1261,7 @@ read_meta (app_t app)
|
|||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
err = list_ef (app->slot, &eflist, &eflistlen);
|
err = list_ef (app_get_slot (app), &eflist, &eflistlen);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
@ -1453,7 +1455,7 @@ readcert_by_cdf (app_t app, cdf_object_t cdf,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = select_and_read_binary (app->slot, cdf->fid, "CD",
|
err = select_and_read_binary (app_get_slot (app), cdf->fid, "CD",
|
||||||
&buffer, &buflen, 4096);
|
&buffer, &buflen, 4096);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
@ -1692,8 +1694,8 @@ verify_pin (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
char *prompt;
|
char *prompt;
|
||||||
int sw;
|
int sw;
|
||||||
|
|
||||||
sw = apdu_send_simple (app->slot, 0, 0x00, ISO7816_VERIFY, 0x00, 0x81,
|
sw = apdu_send_simple (app_get_slot (app),
|
||||||
-1, NULL);
|
0, 0x00, ISO7816_VERIFY, 0x00, 0x81, -1, NULL);
|
||||||
|
|
||||||
if (sw == SW_SUCCESS)
|
if (sw == SW_SUCCESS)
|
||||||
return 0; /* PIN already verified */
|
return 0; /* PIN already verified */
|
||||||
@ -1718,7 +1720,7 @@ verify_pin (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
prompt = "||Please enter the PIN";
|
prompt = "||Please enter the PIN";
|
||||||
|
|
||||||
if (!opt.disable_pinpad
|
if (!opt.disable_pinpad
|
||||||
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo) )
|
&& !iso7816_check_pinpad (app_get_slot (app), ISO7816_VERIFY, &pininfo) )
|
||||||
{
|
{
|
||||||
err = pincb (pincb_arg, prompt, NULL);
|
err = pincb (pincb_arg, prompt, NULL);
|
||||||
if (err)
|
if (err)
|
||||||
@ -1727,7 +1729,7 @@ verify_pin (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = iso7816_verify_kp (app->slot, 0x81, &pininfo);
|
err = iso7816_verify_kp (app_get_slot (app), 0x81, &pininfo);
|
||||||
pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
|
pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -1739,7 +1741,8 @@ verify_pin (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = iso7816_verify (app->slot, 0x81, pinvalue, strlen(pinvalue));
|
err = iso7816_verify (app_get_slot (app),
|
||||||
|
0x81, pinvalue, strlen(pinvalue));
|
||||||
xfree (pinvalue);
|
xfree (pinvalue);
|
||||||
}
|
}
|
||||||
if (err)
|
if (err)
|
||||||
@ -1884,7 +1887,8 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
|||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
sw = apdu_send_le (app->slot, 1, 0x80, 0x68, prkdf->key_reference, algoid,
|
sw = apdu_send_le (app_get_slot (app),
|
||||||
|
1, 0x80, 0x68, prkdf->key_reference, algoid,
|
||||||
cdsblklen, cdsblk, 0, outdata, outdatalen);
|
cdsblklen, cdsblk, 0, outdata, outdatalen);
|
||||||
return iso7816_map_sw (sw);
|
return iso7816_map_sw (sw);
|
||||||
}
|
}
|
||||||
@ -2021,7 +2025,8 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
|
|||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
sw = apdu_send_le (app->slot, 1, 0x80, 0x62, prkdf->key_reference, 0x21,
|
sw = apdu_send_le (app_get_slot (app),
|
||||||
|
1, 0x80, 0x62, prkdf->key_reference, 0x21,
|
||||||
p1blklen, p1blk, 0, &rspdata, &rspdatalen);
|
p1blklen, p1blk, 0, &rspdata, &rspdatalen);
|
||||||
err = iso7816_map_sw (sw);
|
err = iso7816_map_sw (sw);
|
||||||
if (err)
|
if (err)
|
||||||
@ -2047,7 +2052,7 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
|
|||||||
gpg_error_t
|
gpg_error_t
|
||||||
app_select_sc_hsm (app_t app)
|
app_select_sc_hsm (app_t app)
|
||||||
{
|
{
|
||||||
int slot = app->slot;
|
int slot = app_get_slot (app);
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
rc = iso7816_select_application (slot, sc_hsm_aid, sizeof sc_hsm_aid, 0);
|
rc = iso7816_select_application (slot, sc_hsm_aid, sizeof sc_hsm_aid, 0);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user