scd: Allow standard keyref scheme for app-openpgp.

* scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with
"OPENPGP."
* tools/card-call-scd.c (scd_change_pin): Change API to use strings.
* tools/gpg-card-tool.c (cmd_passwd): Adjust for change.
(cmd_unblock): Ditto.
--

The generic keyref allows for better error detection in case a keyref
is send to a wrong card.

Signed-off-by: Werner Koch <wk@gnupg.org>

tools/card-call-scd.c

@@ -1368,28 +1368,23 @@ scd_cardlist (strlist_t *result)
  *     101: Set a new PIN and reset the retry counter
  *     102: For v1 cars: Same as 101.
  *          For v2 cards: Set a new Reset Code.
- * SERIALNO is not used.
  */
 gpg_error_t
-scd_change_pin (int chvno)
+scd_change_pin (const char *pinref, int reset_mode)
 {
   gpg_error_t err;
   char line[ASSUAN_LINELENGTH];
-  const char *reset = "";
   struct default_inq_parm_s dfltparm;
 
   memset (&dfltparm, 0, sizeof dfltparm);
 
-  if (chvno >= 100)
-    reset = "--reset";
-  chvno %= 100;
-
   err = start_agent (0);
   if (err)
     return err;
   dfltparm.ctx = agent_ctx;
 
-  snprintf (line, sizeof line, "SCD PASSWD %s %d", reset, chvno);
+  snprintf (line, sizeof line, "SCD PASSWD%s %s",
+            reset_mode? " --reset":"", pinref);
   err = assuan_transact (agent_ctx, line,
                          NULL, NULL,
                          default_inq_cb, &dfltparm,

tools/card-tool.h

@@ -212,7 +212,7 @@ gpg_error_t scd_serialno (char **r_serialno, const char *demand);
 gpg_error_t scd_readcert (const char *certidstr,
                           void **r_buf, size_t *r_buflen);
 gpg_error_t scd_cardlist (strlist_t *result);
-gpg_error_t scd_change_pin (int chvno);
+gpg_error_t scd_change_pin (const char *pinref, int reset_mode);
 gpg_error_t scd_checkpin (const char *serialno);
 
 unsigned long agent_get_s2k_count (void);

tools/gpg-card-tool.c

@@ -1865,7 +1865,7 @@ cmd_passwd (card_info_t info, int allow_admin)
 
   if (!allow_admin)
     {
-      err = scd_change_pin (1);
+      err = scd_change_pin ("OPENPGP.1", 0);
       if (err)
         goto leave;
       log_info ("PIN changed.\n");
@@ -1896,7 +1896,7 @@ cmd_passwd (card_info_t info, int allow_admin)
           if (*answer == '1')
             {
               /* Change PIN (same as the direct thing in non-admin mode).  */
-              err = scd_change_pin (1);
+              err = scd_change_pin ("OPENPGP.1", 0);
               if (err)
                 log_error ("Error changing the PIN: %s\n", gpg_strerror (err));
               else
@@ -1905,7 +1905,7 @@ cmd_passwd (card_info_t info, int allow_admin)
           else if (*answer == '2')
             {
               /* Unblock PIN by setting a new PIN.  */
-              err = scd_change_pin (101);
+              err = scd_change_pin ("OPENPGP.1", 1);
               if (err)
                 log_error ("Error unblocking the PIN: %s\n", gpg_strerror(err));
               else
@@ -1914,7 +1914,7 @@ cmd_passwd (card_info_t info, int allow_admin)
           else if (*answer == '3')
             {
               /* Change Admin PIN.  */
-              err = scd_change_pin (3);
+              err = scd_change_pin ("OPENPGP.3", 0);
               if (err)
                 log_error ("Error changing the PIN: %s\n", gpg_strerror (err));
               else
@@ -1923,7 +1923,7 @@ cmd_passwd (card_info_t info, int allow_admin)
           else if (*answer == '4')
             {
               /* Set a new Reset Code.  */
-              err = scd_change_pin (102);
+              err = scd_change_pin ("OPENPGP.2", 1);
               if (err)
                 log_error ("Error setting the Reset Code: %s\n",
                            gpg_strerror (err));
@@ -1969,7 +1969,7 @@ cmd_unblock (card_info_t info)
     log_error (_("Reset Code not or not anymore available\n"));
   else if (info->apptype == APP_TYPE_OPENPGP)
     {
-      err = scd_change_pin (2);
+      err = scd_change_pin ("OPENPGP.2", 0);
       if (!err)
         log_info ("PIN changed.\n");
     }