security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

Fix keygrip computation for TCOS 3 cards.

Browse Source 
Emit PROGRESS status lines during --learn-card.
This commit is contained in:
Werner Koch 2009-03-20 19:04:47 +00:00
parent 593c1d5480
commit 36d681d98e
9 changed files with 115 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
agent/ChangeLog
View File

@ -1,3 +1,12 @@
2009-03-20 Werner Koch <wk@g10code.com>
* learncard.c (struct kpinfo_cp_parm_s): Add field CTRL.
(struct certinfo_cb_parm_s): Ditto.
(agent_handle_learn): Set CTRL field.
(kpinfo_cb, certinfo_cb): Send progress status.
* agent.h (agent_write_status): Flag with GNUPG_GCC_A_SENTINEL.
2009-03-19 Werner Koch <wk@g10code.com> 2009-03-19 Werner Koch <wk@g10code.com>
* trustlist.c (struct trustitem_s): Add field DISABLED. * trustlist.c (struct trustitem_s): Add field DISABLED.

3
agent/agent.h
View File

@ -212,7 +212,8 @@ void agent_sighup_action (void);
/*-- command.c --*/ /*-- command.c --*/
gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid); gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid);
gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...); gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...)
GNUPG_GCC_A_SENTINEL(0);
void bump_key_eventcounter (void); void bump_key_eventcounter (void);
void bump_card_eventcounter (void); void bump_card_eventcounter (void);
void start_command_handler (ctrl_t, gnupg_fd_t, gnupg_fd_t); void start_command_handler (ctrl_t, gnupg_fd_t, gnupg_fd_t);

25
agent/learncard.c
View File

@ -1,5 +1,5 @@
/* learncard.c - Handle the LEARN command /* learncard.c - Handle the LEARN command
* Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc. * Copyright (C) 2002, 2003, 2004, 2009 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -32,7 +32,8 @@
/* Structures used by the callback mechanism to convey information /* Structures used by the callback mechanism to convey information
pertaining to key pairs. */ pertaining to key pairs. */
struct keypair_info_s { struct keypair_info_s
{
struct keypair_info_s *next; struct keypair_info_s *next;
int no_cert; int no_cert;
char *id; /* points into grip */ char *id; /* points into grip */
@ -43,13 +44,14 @@ struct keypair_info_s {
}; };
typedef struct keypair_info_s *KEYPAIR_INFO; typedef struct keypair_info_s *KEYPAIR_INFO;
struct kpinfo_cb_parm_s { struct kpinfo_cb_parm_s
{
ctrl_t ctrl;
int error; int error;
KEYPAIR_INFO info; KEYPAIR_INFO info;
}; };
/* Structures used by the callback mechanism to convey information /* Structures used by the callback mechanism to convey information
pertaining to certificates. */ pertaining to certificates. */
struct certinfo_s { struct certinfo_s {
@ -60,7 +62,9 @@ struct certinfo_s {
}; };
typedef struct certinfo_s *CERTINFO; typedef struct certinfo_s *CERTINFO;
struct certinfo_cb_parm_s { struct certinfo_cb_parm_s
{
ctrl_t ctrl;
int error; int error;
CERTINFO info; CERTINFO info;
}; };
@ -130,6 +134,11 @@ kpinfo_cb (void *opaque, const char *line)
if (parm->error) if (parm->error)
return; /* no need to gather data after an error coccured */ return; /* no need to gather data after an error coccured */
if ((parm->error = agent_write_status (parm->ctrl, "PROGRESS",
"learncard", "k", "0", "0", NULL)))
return;
item = xtrycalloc (1, sizeof *item + strlen (line)); item = xtrycalloc (1, sizeof *item + strlen (line));
if (!item) if (!item)
{ {
@ -183,6 +192,10 @@ certinfo_cb (void *opaque, const char *line)
if (parm->error) if (parm->error)
return; /* no need to gather data after an error coccured */ return; /* no need to gather data after an error coccured */
if ((parm->error = agent_write_status (parm->ctrl, "PROGRESS",
"learncard", "c", "0", "0", NULL)))
return;
type = strtol (line, &p, 10); type = strtol (line, &p, 10);
while (spacep (p)) while (spacep (p))
p++; p++;
@ -296,6 +309,8 @@ agent_handle_learn (ctrl_t ctrl, void *assuan_context)
memset (&parm, 0, sizeof parm); memset (&parm, 0, sizeof parm);
memset (&cparm, 0, sizeof cparm); memset (&cparm, 0, sizeof cparm);
memset (&sparm, 0, sizeof sparm); memset (&sparm, 0, sizeof sparm);
parm.ctrl = ctrl;
cparm.ctrl = ctrl;
/* Check whether a card is present and get the serial number */ /* Check whether a card is present and get the serial number */
rc = agent_card_serialno (ctrl, &serialno); rc = agent_card_serialno (ctrl, &serialno);

3
doc/DETAILS
View File

@ -518,7 +518,8 @@ more arguments in future versions.
still working. still working.
"starting_agent" - A gpg-agent was started because it is not "starting_agent" - A gpg-agent was started because it is not
running as a daemon. running as a daemon.
"learncard" Send by the agent and gpgsm while learing
the data of a smartcard.
SIG_CREATED <type> <pubkey algo> <hash algo> <class> <timestamp> <key fpr> SIG_CREATED <type> <pubkey algo> <hash algo> <class> <timestamp> <key fpr>
A signature has been created using these parameters. A signature has been created using these parameters.

4
scd/ChangeLog
View File

@ -1,3 +1,7 @@
2009-03-20 Werner Koch <wk@g10code.com>
* app-nks.c (keygripstr_from_pk_file): Fix for TCOS 3 cards.
2009-03-18 Werner Koch <wk@g10code.com> 2009-03-18 Werner Koch <wk@g10code.com>
* apdu.c (open_pcsc_reader_wrapped): Use close_all_fds. * apdu.c (open_pcsc_reader_wrapped): Use close_all_fds.

50
scd/app-nks.c
View File

@ -124,7 +124,8 @@ keygripstr_from_pk_file (app_t app, int fid, char *r_gripstr)
size_t buflen[2]; size_t buflen[2];
gcry_sexp_t sexp; gcry_sexp_t sexp;
int i; int i;
int offset[2] = { 0, 0 };
err = iso7816_select_file (app->slot, fid, 0, NULL, NULL); err = iso7816_select_file (app->slot, fid, 0, NULL, NULL);
if (err) if (err)
return err; return err;
@ -137,7 +138,7 @@ keygripstr_from_pk_file (app_t app, int fid, char *r_gripstr)
xfree (buffer[0]); xfree (buffer[0]);
return err; return err;
} }
if (app->app_local->nks_version < 3) if (app->app_local->nks_version < 3)
{ {
/* Old versions of NKS store the values in a TLV encoded format. /* Old versions of NKS store the values in a TLV encoded format.
@ -152,14 +153,55 @@ keygripstr_from_pk_file (app_t app, int fid, char *r_gripstr)
err = gpg_error (GPG_ERR_TOO_SHORT); err = gpg_error (GPG_ERR_TOO_SHORT);
else if (buffer[i][1] != buflen[i]-2 ) else if (buffer[i][1] != buflen[i]-2 )
err = gpg_error (GPG_ERR_INV_OBJ); err = gpg_error (GPG_ERR_INV_OBJ);
else
offset[i] = 2;
}
}
else
{
/* Remove leading zeroes to get a correct keygrip. Take care of
negative numbers. We should also fix it the same way in
libgcrypt but we can't yet rely on it yet. */
for (i=0; i < 2; i++)
{
while (buflen[i]-offset[i] > 1
&& !buffer[i][offset[i]]
&& !(buffer[i][offset[i]+1] & 0x80))
offset[i]++;
}
}
/* Check whether negative values are not prefixed with a zero and
fix that. */
for (i=0; i < 2; i++)
{
if ((buflen[i]-offset[i]) && (buffer[i][offset[i]] & 0x80))
{
unsigned char *newbuf;
size_t newlen;
newlen = 1 + buflen[i] - offset[i];
newbuf = xtrymalloc (newlen);
if (!newlen)
{
xfree (buffer[0]);
xfree (buffer[1]);
return gpg_error_from_syserror ();
}
newbuf[0] = 0;
memcpy (newbuf+1, buffer[i]+offset[i], buflen[i] - offset[i]);
xfree (buffer[i]);
buffer[i] = newbuf;
buflen[i] = newlen;
offset[i] = 0;
} }
} }
if (!err) if (!err)
err = gcry_sexp_build (&sexp, NULL, err = gcry_sexp_build (&sexp, NULL,
"(public-key (rsa (n %b) (e %b)))", "(public-key (rsa (n %b) (e %b)))",
(int)buflen[0]-2, buffer[0]+2, (int)buflen[0]-offset[0], buffer[0]+offset[0],
(int)buflen[1]-2, buffer[1]+2); (int)buflen[1]-offset[1], buffer[1]+offset[1]);
xfree (buffer[0]); xfree (buffer[0]);
xfree (buffer[1]); xfree (buffer[1]);

8
sm/ChangeLog
View File

@ -1,3 +1,11 @@
2009-03-20 Werner Koch <wk@g10code.com>
* keylist.c (list_internal_keys): Set released cert to NULL.
* call-agent.c (learn_status_cb): New.
(gpgsm_agent_learn): Use it.
(learn_cb): Send a progress for every certificate.
2009-03-18 Werner Koch <wk@g10code.com> 2009-03-18 Werner Koch <wk@g10code.com>
* gpgsm.h (struct opt): Move field WITH_EPHEMERAL_KEYS to struct * gpgsm.h (struct opt): Move field WITH_EPHEMERAL_KEYS to struct

24
sm/call-agent.c
View File

@ -667,6 +667,25 @@ gpgsm_agent_havekey (ctrl_t ctrl, const char *hexkeygrip)
} }
static int
learn_status_cb (void *opaque, const char *line)
{
struct learn_parm_s *parm = opaque;
/* Pass progress data to the caller. */
if (!strncmp (line, "PROGRESS", 8) && (line[8]==' ' || !line[8]))
{
if (parm->ctrl)
{
for (line += 8; *line == ' '; line++)
;
if (gpgsm_status (parm->ctrl, STATUS_PROGRESS, line))
return gpg_error (GPG_ERR_ASS_CANCELED);
}
}
return 0;
}
static int static int
learn_cb (void *opaque, const void *buffer, size_t length) learn_cb (void *opaque, const void *buffer, size_t length)
{ {
@ -692,6 +711,8 @@ learn_cb (void *opaque, const void *buffer, size_t length)
return 0; return 0;
} }
if (gpgsm_status (parm->ctrl, STATUS_PROGRESS, "learncard C 0 0"))
return gpg_error (GPG_ERR_ASS_CANCELED);
/* FIXME: this should go into import.c */ /* FIXME: this should go into import.c */
rc = ksba_cert_new (&cert); rc = ksba_cert_new (&cert);
@ -755,7 +776,8 @@ gpgsm_agent_learn (ctrl_t ctrl)
learn_parm.data = &data; learn_parm.data = &data;
rc = assuan_transact (agent_ctx, "LEARN --send", rc = assuan_transact (agent_ctx, "LEARN --send",
learn_cb, &learn_parm, learn_cb, &learn_parm,
NULL, NULL, NULL, NULL); NULL, NULL,
learn_status_cb, &learn_parm);
xfree (get_membuf (&data, &len)); xfree (get_membuf (&data, &len));
if (rc) if (rc)
return rc; return rc;

1
sm/keylist.c
View File

@ -1391,6 +1391,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
if (gpgsm_certs_identical_p (cert, lastcert)) if (gpgsm_certs_identical_p (cert, lastcert))
{ {
ksba_cert_release (cert); ksba_cert_release (cert);
cert = NULL;
continue; continue;
} }