mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
* keylist.c (print_card_serialno): New.
(list_keyblock_print): Use it here. * card-util.c (toggle_forcesig): New. (card_edit): New command "forcesig". * card-util.c (print_name, print_isoname): Use 0 and not LF fro the max_n arg of tty_print_utf8_string2. * call-agent.c (agent_scd_getattr): New. (learn_status_cb): Release values before assignment so that it can be used by getattr to update the structure. * card-util.c (change_pin): Simplified. We now have only a PIN and an Admin PIN.
This commit is contained in:
parent
3af881581f
commit
316dc2fd60
@ -1,3 +1,21 @@
|
|||||||
|
2003-09-30 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* keylist.c (print_card_serialno): New.
|
||||||
|
(list_keyblock_print): Use it here.
|
||||||
|
|
||||||
|
* card-util.c (toggle_forcesig): New.
|
||||||
|
(card_edit): New command "forcesig".
|
||||||
|
|
||||||
|
* card-util.c (print_name, print_isoname): Use 0 and not LF fro
|
||||||
|
the max_n arg of tty_print_utf8_string2.
|
||||||
|
|
||||||
|
* call-agent.c (agent_scd_getattr): New.
|
||||||
|
(learn_status_cb): Release values before assignment so that it can
|
||||||
|
be used by getattr to update the structure.
|
||||||
|
|
||||||
|
* card-util.c (change_pin): Simplified. We now have only a PIN
|
||||||
|
and an Admin PIN.
|
||||||
|
|
||||||
2003-09-27 Werner Koch <wk@gnupg.org>
|
2003-09-27 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* sign.c (do_sign): Removed disabled testcode.
|
* sign.c (do_sign): Removed disabled testcode.
|
||||||
|
@ -479,14 +479,17 @@ learn_status_cb (void *opaque, const char *line)
|
|||||||
|
|
||||||
if (keywordlen == 8 && !memcmp (keyword, "SERIALNO", keywordlen))
|
if (keywordlen == 8 && !memcmp (keyword, "SERIALNO", keywordlen))
|
||||||
{
|
{
|
||||||
|
xfree (parm->serialno);
|
||||||
parm->serialno = store_serialno (line);
|
parm->serialno = store_serialno (line);
|
||||||
}
|
}
|
||||||
else if (keywordlen == 9 && !memcmp (keyword, "DISP-NAME", keywordlen))
|
else if (keywordlen == 9 && !memcmp (keyword, "DISP-NAME", keywordlen))
|
||||||
{
|
{
|
||||||
|
xfree (parm->disp_name);
|
||||||
parm->disp_name = unescape_status_string (line);
|
parm->disp_name = unescape_status_string (line);
|
||||||
}
|
}
|
||||||
else if (keywordlen == 9 && !memcmp (keyword, "DISP-LANG", keywordlen))
|
else if (keywordlen == 9 && !memcmp (keyword, "DISP-LANG", keywordlen))
|
||||||
{
|
{
|
||||||
|
xfree (parm->disp_lang);
|
||||||
parm->disp_lang = unescape_status_string (line);
|
parm->disp_lang = unescape_status_string (line);
|
||||||
}
|
}
|
||||||
else if (keywordlen == 8 && !memcmp (keyword, "DISP-SEX", keywordlen))
|
else if (keywordlen == 8 && !memcmp (keyword, "DISP-SEX", keywordlen))
|
||||||
@ -495,10 +498,12 @@ learn_status_cb (void *opaque, const char *line)
|
|||||||
}
|
}
|
||||||
else if (keywordlen == 10 && !memcmp (keyword, "PUBKEY-URL", keywordlen))
|
else if (keywordlen == 10 && !memcmp (keyword, "PUBKEY-URL", keywordlen))
|
||||||
{
|
{
|
||||||
|
xfree (parm->pubkey_url);
|
||||||
parm->pubkey_url = unescape_status_string (line);
|
parm->pubkey_url = unescape_status_string (line);
|
||||||
}
|
}
|
||||||
else if (keywordlen == 10 && !memcmp (keyword, "LOGIN-DATA", keywordlen))
|
else if (keywordlen == 10 && !memcmp (keyword, "LOGIN-DATA", keywordlen))
|
||||||
{
|
{
|
||||||
|
xfree (parm->login_data);
|
||||||
parm->login_data = unescape_status_string (line);
|
parm->login_data = unescape_status_string (line);
|
||||||
}
|
}
|
||||||
else if (keywordlen == 11 && !memcmp (keyword, "SIG-COUNTER", keywordlen))
|
else if (keywordlen == 11 && !memcmp (keyword, "SIG-COUNTER", keywordlen))
|
||||||
@ -574,6 +579,34 @@ agent_learn (struct agent_card_info_s *info)
|
|||||||
return map_assuan_err (rc);
|
return map_assuan_err (rc);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Call the agent to retrieve a data object. This function returns
|
||||||
|
the data in the same structure as used by the learn command. It is
|
||||||
|
allowed to update such a structure using this commmand. */
|
||||||
|
int
|
||||||
|
agent_scd_getattr (const char *name, struct agent_card_info_s *info)
|
||||||
|
{
|
||||||
|
int rc;
|
||||||
|
char line[ASSUAN_LINELENGTH];
|
||||||
|
|
||||||
|
if (!*name)
|
||||||
|
return gpg_error (GPG_ERR_INV_VALUE);
|
||||||
|
|
||||||
|
/* We assume that NAME does not need escaping. */
|
||||||
|
if (12 + strlen (name) > DIM(line)-1)
|
||||||
|
return gpg_error (GPG_ERR_TOO_LARGE);
|
||||||
|
stpcpy (stpcpy (line, "SCD GETATTR "), name);
|
||||||
|
|
||||||
|
rc = start_agent ();
|
||||||
|
if (rc)
|
||||||
|
return rc;
|
||||||
|
|
||||||
|
memset (info, 0, sizeof *info);
|
||||||
|
rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL,
|
||||||
|
learn_status_cb, info);
|
||||||
|
|
||||||
|
return map_assuan_err (rc);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Send an setattr command to the SCdaemon. */
|
/* Send an setattr command to the SCdaemon. */
|
||||||
int
|
int
|
||||||
@ -809,12 +842,11 @@ agent_scd_pkdecrypt (const char *serialno,
|
|||||||
|
|
||||||
|
|
||||||
/* Change the PIN of an OpenPGP card or reset the retry counter.
|
/* Change the PIN of an OpenPGP card or reset the retry counter.
|
||||||
CHVNO 1: Change the digital signature PIN
|
CHVNO 1: Change the PIN
|
||||||
2: Change the decryption and authentication PIN
|
2: Same as 1
|
||||||
3: Change the admin PIN
|
3: Change the admin PIN
|
||||||
101: Set a new digital signature PIN and reset the retry counter
|
101: Set a new PIN and reset the retry counter
|
||||||
102: Set a decryption and authentication PIN
|
102: Same as 101
|
||||||
and reset the retry counter
|
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
agent_scd_change_pin (int chvno)
|
agent_scd_change_pin (int chvno)
|
||||||
|
@ -58,6 +58,9 @@ void agent_release_card_info (struct agent_card_info_s *info);
|
|||||||
/* Return card info. */
|
/* Return card info. */
|
||||||
int agent_learn (struct agent_card_info_s *info);
|
int agent_learn (struct agent_card_info_s *info);
|
||||||
|
|
||||||
|
/* Update INFO with the attribute NAME. */
|
||||||
|
int agent_scd_getattr (const char *name, struct agent_card_info_s *info);
|
||||||
|
|
||||||
/* Check whether the secret key for the key identified by HEXKEYGRIP
|
/* Check whether the secret key for the key identified by HEXKEYGRIP
|
||||||
is available. Return 0 for yes or an error code. */
|
is available. Return 0 for yes or an error code. */
|
||||||
int agent_havekey (const char *hexkeygrip);
|
int agent_havekey (const char *hexkeygrip);
|
||||||
|
@ -44,7 +44,6 @@ change_pin (int chvno)
|
|||||||
{
|
{
|
||||||
struct agent_card_info_s info;
|
struct agent_card_info_s info;
|
||||||
int rc;
|
int rc;
|
||||||
int reset_mode = 0;
|
|
||||||
|
|
||||||
rc = agent_learn (&info);
|
rc = agent_learn (&info);
|
||||||
if (rc)
|
if (rc)
|
||||||
@ -70,17 +69,11 @@ change_pin (int chvno)
|
|||||||
char *answer;
|
char *answer;
|
||||||
|
|
||||||
tty_printf ("\n");
|
tty_printf ("\n");
|
||||||
tty_printf ("1 - change signature PIN\n"
|
tty_printf ("1 - change PIN\n"
|
||||||
"2 - change decryption and authentication PIN\n"
|
"2 - unblock PIN\n"
|
||||||
"3 - change Admin's PIN\n"
|
"3 - change Admin PIN\n"
|
||||||
"R - toggle reset retry counter mode\n"
|
|
||||||
"Q - quit\n");
|
"Q - quit\n");
|
||||||
tty_printf ("\n");
|
tty_printf ("\n");
|
||||||
if (reset_mode)
|
|
||||||
{
|
|
||||||
tty_printf ("Reset Retry Counter mode active\n");
|
|
||||||
tty_printf ("\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
answer = cpr_get("cardutil.change_pin.menu",_("Your selection? "));
|
answer = cpr_get("cardutil.change_pin.menu",_("Your selection? "));
|
||||||
cpr_kill_prompt();
|
cpr_kill_prompt();
|
||||||
@ -88,30 +81,35 @@ change_pin (int chvno)
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
rc = 0;
|
rc = 0;
|
||||||
if (reset_mode && *answer == '3')
|
if (*answer == '1')
|
||||||
{
|
{
|
||||||
tty_printf ("Sorry, reset of the Admin PIN's retry counter "
|
rc = agent_scd_change_pin (1);
|
||||||
"is not possible.\n");
|
|
||||||
}
|
|
||||||
else if (*answer == '1' || *answer == '2' || *answer == '3')
|
|
||||||
{
|
|
||||||
rc = agent_scd_change_pin (*answer - '0' + (reset_mode?100:0));
|
|
||||||
if (rc)
|
if (rc)
|
||||||
tty_printf ("Error changing/resetting the PIN: %s\n",
|
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
||||||
gpg_strerror (rc));
|
|
||||||
else
|
else
|
||||||
tty_printf ("New PIN successfully set.\n");
|
tty_printf ("PIN changed.\n");
|
||||||
}
|
}
|
||||||
else if (*answer == 'r' || *answer == 'R')
|
else if (*answer == '2')
|
||||||
{
|
{
|
||||||
reset_mode = !reset_mode;
|
rc = agent_scd_change_pin (101);
|
||||||
|
if (rc)
|
||||||
|
tty_printf ("Error unblocking the PIN: %s\n", gpg_strerror (rc));
|
||||||
|
else
|
||||||
|
tty_printf ("PIN unblocked and new PIN set.\n");
|
||||||
|
}
|
||||||
|
else if (*answer == '3')
|
||||||
|
{
|
||||||
|
rc = agent_scd_change_pin (3);
|
||||||
|
if (rc)
|
||||||
|
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
||||||
|
else
|
||||||
|
tty_printf ("PIN changed.\n");
|
||||||
}
|
}
|
||||||
else if (*answer == 'q' || *answer == 'Q')
|
else if (*answer == 'q' || *answer == 'Q')
|
||||||
{
|
{
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char *
|
static const char *
|
||||||
@ -175,7 +173,7 @@ print_name (FILE *fp, const char *text, const char *name)
|
|||||||
if (fp)
|
if (fp)
|
||||||
print_utf8_string2 (fp, name, strlen (name), '\n');
|
print_utf8_string2 (fp, name, strlen (name), '\n');
|
||||||
else
|
else
|
||||||
tty_print_utf8_string2 (name, strlen (name), '\n');
|
tty_print_utf8_string2 (name, strlen (name), 0);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
tty_fprintf (fp, _("[not set]"));
|
tty_fprintf (fp, _("[not set]"));
|
||||||
@ -207,7 +205,7 @@ print_isoname (FILE *fp, const char *text, const char *tag, const char *name)
|
|||||||
else if (fp)
|
else if (fp)
|
||||||
print_utf8_string2 (fp, given, strlen (given), '\n');
|
print_utf8_string2 (fp, given, strlen (given), '\n');
|
||||||
else
|
else
|
||||||
tty_print_utf8_string2 (given, strlen (given), '\n');
|
tty_print_utf8_string2 (given, strlen (given), 0);
|
||||||
|
|
||||||
if (opt.with_colons)
|
if (opt.with_colons)
|
||||||
putc (':', fp);
|
putc (':', fp);
|
||||||
@ -220,7 +218,7 @@ print_isoname (FILE *fp, const char *text, const char *tag, const char *name)
|
|||||||
else if (fp)
|
else if (fp)
|
||||||
print_utf8_string2 (fp, buf, strlen (buf), '\n');
|
print_utf8_string2 (fp, buf, strlen (buf), '\n');
|
||||||
else
|
else
|
||||||
tty_print_utf8_string2 (buf, strlen (buf), '\n');
|
tty_print_utf8_string2 (buf, strlen (buf), 0);
|
||||||
xfree (buf);
|
xfree (buf);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -339,7 +337,7 @@ card_status (FILE *fp)
|
|||||||
print_name (fp, "URL of public key : ", info.pubkey_url);
|
print_name (fp, "URL of public key : ", info.pubkey_url);
|
||||||
print_name (fp, "Login data .......: ", info.login_data);
|
print_name (fp, "Login data .......: ", info.login_data);
|
||||||
tty_fprintf (fp, "Signature PIN ....: %s\n",
|
tty_fprintf (fp, "Signature PIN ....: %s\n",
|
||||||
info.chv1_cached? _("cached"): _("not cached"));
|
info.chv1_cached? _("not forced"): _("forced"));
|
||||||
tty_fprintf (fp, "Max. PIN lengths .: %d %d %d\n",
|
tty_fprintf (fp, "Max. PIN lengths .: %d %d %d\n",
|
||||||
info.chvmaxlen[0], info.chvmaxlen[1], info.chvmaxlen[2]);
|
info.chvmaxlen[0], info.chvmaxlen[1], info.chvmaxlen[2]);
|
||||||
tty_fprintf (fp, "PIN retry counter : %d %d %d\n",
|
tty_fprintf (fp, "PIN retry counter : %d %d %d\n",
|
||||||
@ -542,6 +540,30 @@ change_sex (void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
toggle_forcesig (void)
|
||||||
|
{
|
||||||
|
struct agent_card_info_s info;
|
||||||
|
int rc;
|
||||||
|
int newstate;
|
||||||
|
|
||||||
|
memset (&info, 0, sizeof info);
|
||||||
|
rc = agent_scd_getattr ("CHV-STATUS", &info);
|
||||||
|
if (rc)
|
||||||
|
{
|
||||||
|
log_error ("error getting current status: %s\n", gpg_strerror (rc));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
newstate = !info.chv1_cached;
|
||||||
|
agent_release_card_info (&info);
|
||||||
|
|
||||||
|
rc = agent_scd_setattr ("CHV-STATUS-1", newstate? "\x01":"", 1);
|
||||||
|
if (rc)
|
||||||
|
log_error ("error toggling signature PIN flag: %s\n", gpg_strerror (rc));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Menu to edit all user changeable values on an OpenPGP card. Only
|
/* Menu to edit all user changeable values on an OpenPGP card. Only
|
||||||
Key creation is not handled here. */
|
Key creation is not handled here. */
|
||||||
void
|
void
|
||||||
@ -551,7 +573,7 @@ card_edit (STRLIST commands)
|
|||||||
cmdNOP = 0,
|
cmdNOP = 0,
|
||||||
cmdQUIT, cmdHELP, cmdLIST, cmdDEBUG,
|
cmdQUIT, cmdHELP, cmdLIST, cmdDEBUG,
|
||||||
cmdNAME, cmdURL, cmdLOGIN, cmdLANG, cmdSEX,
|
cmdNAME, cmdURL, cmdLOGIN, cmdLANG, cmdSEX,
|
||||||
|
cmdFORCESIG,
|
||||||
cmdINVCMD
|
cmdINVCMD
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -572,6 +594,7 @@ card_edit (STRLIST commands)
|
|||||||
{ N_("login") , cmdLOGIN , N_("change the login name") },
|
{ N_("login") , cmdLOGIN , N_("change the login name") },
|
||||||
{ N_("lang") , cmdLANG , N_("change the language preferences") },
|
{ N_("lang") , cmdLANG , N_("change the language preferences") },
|
||||||
{ N_("sex") , cmdSEX , N_("change card holder's sex") },
|
{ N_("sex") , cmdSEX , N_("change card holder's sex") },
|
||||||
|
{ N_("forcesig"), cmdFORCESIG, N_("toggle the signature force PIN flag") },
|
||||||
{ NULL, cmdINVCMD }
|
{ NULL, cmdINVCMD }
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -692,6 +715,10 @@ card_edit (STRLIST commands)
|
|||||||
change_sex ();
|
change_sex ();
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case cmdFORCESIG:
|
||||||
|
toggle_forcesig ();
|
||||||
|
break;
|
||||||
|
|
||||||
case cmdQUIT:
|
case cmdQUIT:
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
|
@ -41,6 +41,7 @@
|
|||||||
|
|
||||||
static void list_all(int);
|
static void list_all(int);
|
||||||
static void list_one( STRLIST names, int secret);
|
static void list_one( STRLIST names, int secret);
|
||||||
|
static void print_card_serialno (PKT_secret_key *sk);
|
||||||
|
|
||||||
struct sig_stats
|
struct sig_stats
|
||||||
{
|
{
|
||||||
@ -710,6 +711,7 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
|
|||||||
if( !any ) {
|
if( !any ) {
|
||||||
if( fpr )
|
if( fpr )
|
||||||
print_fingerprint( pk, sk, 0 );
|
print_fingerprint( pk, sk, 0 );
|
||||||
|
print_card_serialno (sk);
|
||||||
if( opt.with_key_data )
|
if( opt.with_key_data )
|
||||||
print_key_data( pk, keyid );
|
print_key_data( pk, keyid );
|
||||||
any = 1;
|
any = 1;
|
||||||
@ -755,6 +757,7 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
|
|||||||
putchar('\n');
|
putchar('\n');
|
||||||
if( fpr )
|
if( fpr )
|
||||||
print_fingerprint( pk, sk, 0 ); /* of the main key */
|
print_fingerprint( pk, sk, 0 ); /* of the main key */
|
||||||
|
print_card_serialno (sk);
|
||||||
any = 1;
|
any = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -770,7 +773,10 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
|
|||||||
printf(_(" [expires: %s]"), expirestr_from_sk( sk2 ) );
|
printf(_(" [expires: %s]"), expirestr_from_sk( sk2 ) );
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
if( fpr > 1 )
|
if( fpr > 1 )
|
||||||
|
{
|
||||||
print_fingerprint( NULL, sk2, 0 );
|
print_fingerprint( NULL, sk2, 0 );
|
||||||
|
print_card_serialno (sk);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
|
else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
|
||||||
PKT_signature *sig = node->pkt->pkt.signature;
|
PKT_signature *sig = node->pkt->pkt.signature;
|
||||||
@ -813,6 +819,7 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
|
|||||||
putchar('\n');
|
putchar('\n');
|
||||||
if( fpr )
|
if( fpr )
|
||||||
print_fingerprint( pk, sk, 0 );
|
print_fingerprint( pk, sk, 0 );
|
||||||
|
print_card_serialno (sk);
|
||||||
any=1;
|
any=1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1398,6 +1405,40 @@ print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode )
|
|||||||
tty_printf ("\n");
|
tty_printf ("\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Print the serial number of an OpenPGP card if available. */
|
||||||
|
static void
|
||||||
|
print_card_serialno (PKT_secret_key *sk)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (!sk)
|
||||||
|
return;
|
||||||
|
if (!sk->is_protected || sk->protect.s2k.mode != 1002)
|
||||||
|
return; /* Not a card. */
|
||||||
|
if (opt.with_colons)
|
||||||
|
return; /* Format not yet defined. */
|
||||||
|
|
||||||
|
fputs (_(" Card serial no. ="), stdout);
|
||||||
|
putchar (' ');
|
||||||
|
if (sk->protect.ivlen == 16
|
||||||
|
&& !memcmp (sk->protect.iv, "\xD2\x76\x00\x01\x24\x01", 6) )
|
||||||
|
{ /* This is an OpenPGP card. Just print the relevant part. */
|
||||||
|
for (i=8; i < 14; i++)
|
||||||
|
{
|
||||||
|
if (i == 10)
|
||||||
|
putchar (' ');
|
||||||
|
printf ("%02X", sk->protect.iv[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{ /* Something is wrong: Print all. */
|
||||||
|
for (i=0; i < sk->protect.ivlen; i++)
|
||||||
|
printf ("%02X", sk->protect.iv[i]);
|
||||||
|
}
|
||||||
|
putchar ('\n');
|
||||||
|
}
|
||||||
|
|
||||||
void set_attrib_fd(int fd)
|
void set_attrib_fd(int fd)
|
||||||
{
|
{
|
||||||
static int last_fd=-1;
|
static int last_fd=-1;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user