scd:openpgp: Allow reading and writing user certs for keys 1 and 2

* scd/iso7816.c (CMD_SELECT_DATA): New. (iso7816_select_data): New. * scd/app-openpgp.c (do_readcert): Allow OpenPGP.1 and OPENPGP.2 (do_writecert): Ditto. (do_setattr): Add CERT-1 and CERT-2. -- This has been tested with a Zeitcontrol 3.4 card. A test with a Yubikey 5 (firmware 5.2.6) claiming to support 3.4 failed. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 37b1c5c200)
2025-07-03 22:56:33 +02:00 · 2021-03-19 18:26:03 +01:00 · 2021-03-19 18:26:03 +01:00 · 57bfad2c39
commit 57bfad2c39
parent b2363c1dd9
3 changed files with 127 additions and 22 deletions
--- a/scd/iso7816.c
+++ b/scd/iso7816.c
@ -43,6 +43,7 @@


 #define CMD_SELECT_FILE 0xA4
+#define CMD_SELECT_DATA 0xA5
 #define CMD_VERIFY                ISO7816_VERIFY
 #define CMD_CHANGE_REFERENCE_DATA ISO7816_CHANGE_REFERENCE_DATA
 #define CMD_RESET_RETRY_COUNTER   ISO7816_RESET_RETRY_COUNTER
@ -445,6 +446,44 @@ iso7816_reset_retry_counter (int slot, int chvno,
 }


+/* Perform a SELECT DATA command to OCCURANCE of TAG.  */
+gpg_error_t
+iso7816_select_data (int slot, int occurrence, int tag)
+{
+  int sw;
+  int datalen;
+  unsigned char data[7];
+
+  data[0] = 0x60;
+  data[2] = 0x5c;
+  if (tag <= 0xff)
+    {
+      data[3] = 1;
+      data[4] = tag;
+      datalen = 5;
+    }
+  else if (tag <= 0xffff)
+    {
+      data[3] = 2;
+      data[4] = (tag >> 8);
+      data[5] = tag;
+      datalen = 6;
+    }
+  else
+    {
+      data[3] = 3;
+      data[4] = (tag >> 16);
+      data[5] = (tag >> 8);
+      data[6] = tag;
+      datalen = 7;
+    }
+  data[1] = datalen - 2;
+
+  sw = apdu_send_le (slot, 0, 0x00, CMD_SELECT_DATA,
+                     occurrence, 0x04, datalen, data, 0, NULL, NULL);
+  return map_sw (sw);
+}
+

 /* Perform a GET DATA command requesting TAG and storing the result in
   a newly allocated buffer at the address passed by RESULT.  Return