security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

card: Support factory reset for Yubikey PIV application.

Browse source 
* scd/app-common.h (struct app_ctx_s): Add field cardtype.
* scd/app.c (app_new_register): Set cardtype for yubikey.
(app_getattr): Add CARDTYPE.
(app_write_learn_status): Emit new attribute.
* scd/app-piv.c (do_getattr): Add CHV-USAGE.
(do_learn_status): Emit it.
* tools/card-tool.h (struct card_info_s): Add field cardtype.
* tools/card-call-scd.c (learn_status_cb): Parse "CARDTYPE".

* tools/gpg-card-tool.c (list_piv): Print PIN usage policy.
(list_card): Print card type.
(cmd_factoryreset): Implement for Yubikey with PIV.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2019-01-29 13:28:10 +01:00
parent 9325c92284
commit 79bed504e5
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
6 changed files with 190 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

20
scd/app-piv.c
View file

@ -469,13 +469,16 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
{ "SERIALNO", 0x0000, -1 },
{ "$AUTHKEYID", 0x0000, -2 }, /* Default key for ssh. */
{ "$DISPSERIALNO",0x0000, -3 },
{ "CHV-STATUS", 0x0000, -4 }
{ "CHV-STATUS", 0x0000, -4 },
{ "CHV-USAGE", 0x007E, -5 }
};
gpg_error_t err = 0;
int idx;
void *relptr;
unsigned char *value;
size_t valuelen;
const unsigned char *s;
size_t n;
for (idx=0; (idx < DIM (table)
&& ascii_strcasecmp (table[idx].name, name)); idx++)
@ -521,6 +524,20 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
err = send_status_printf (ctrl, table[idx].name, "%d %d %d",
tmp[0], tmp[1], tmp[2]);
}
else if (table[idx].special == -5) /* CHV-USAGE (aka PIN Usage Policy) */
{
/* We return 2 hex bytes or nothing in case the discovery object
* is not supported. */
relptr = get_one_do (app, table[idx].tag, &value, &valuelen, &err);
if (relptr)
{
s = find_tlv (value, valuelen, 0x7E, &n);
if (s && n && (s = find_tlv (s, n, 0x5F2F, &n)) && n >=2 )
err = send_status_printf (ctrl, table[idx].name, "%02X %02X",
s[0], s[1]);
xfree (relptr);
}
}
else
{
relptr = get_one_do (app, table[idx].tag, &value, &valuelen, &err);
@ -577,6 +594,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
(void)flags;
do_getattr (app, ctrl, "CHV-USAGE");
do_getattr (app, ctrl, "CHV-STATUS");
for (i=0; data_objects[i].tag; i++)