security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

scd: Clean up internal API for APP. 

* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.

--

APP is an abstraction of the "card application".  Most methods of APP
should have CTRL argument to report back progress to the session.  This
change fixes FIXMEs for missing CTRL.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2016-12-22 21:14:26 +09:00
parent 6e96cdd41a
commit 8431f5a7e8
3 changed files with 34 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
scd/app-common.h
View File

@ -152,26 +152,26 @@ gpg_error_t app_munge_serialno (app_t app);
gpg_error_t app_get_serial_and_stamp (app_t app, char **serial, time_t *stamp);
gpg_error_t app_write_learn_status (app_t app, ctrl_t ctrl,
unsigned int flags);
gpg_error_t app_readcert (app_t app, const char *certid,
gpg_error_t app_readcert (app_t app, ctrl_t ctrl, const char *certid,
unsigned char **cert, size_t *certlen);
gpg_error_t app_readkey (app_t app, int advanced, const char *keyid,
unsigned char **pk, size_t *pklen);
gpg_error_t app_readkey (app_t app, ctrl_t ctrl, int advanced,
const char *keyid, unsigned char **pk, size_t *pklen);
gpg_error_t app_getattr (app_t app, ctrl_t ctrl, const char *name);
gpg_error_t app_setattr (app_t app, const char *name,
gpg_error_t app_setattr (app_t app, ctrl_t ctrl, const char *name,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const unsigned char *value, size_t valuelen);
gpg_error_t app_sign (app_t app, const char *keyidstr, int hashalgo,
gpg_error_t app_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
unsigned char **outdata, size_t *outdatalen );
gpg_error_t app_auth (app_t app, const char *keyidstr,
gpg_error_t app_auth (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
unsigned char **outdata, size_t *outdatalen);
gpg_error_t app_decipher (app_t app, const char *keyidstr,
gpg_error_t app_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
@ -192,13 +192,13 @@ gpg_error_t app_genkey (app_t app, ctrl_t ctrl,
time_t createtime,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg);
gpg_error_t app_get_challenge (app_t app, size_t nbytes,
gpg_error_t app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes,
unsigned char *buffer);
gpg_error_t app_change_pin (app_t app, ctrl_t ctrl,
const char *chvnostr, int reset_mode,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg);
gpg_error_t app_check_pin (app_t app, const char *keyidstr,
gpg_error_t app_check_pin (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg);

32
scd/app.c
View File

@ -584,7 +584,7 @@ app_write_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
buffer put into CERT and the length of the certificate put into
CERTLEN. */
gpg_error_t
app_readcert (app_t app, const char *certid,
app_readcert (app_t app, ctrl_t ctrl, const char *certid,
unsigned char **cert, size_t *certlen)
{
gpg_error_t err;
@ -595,7 +595,7 @@ app_readcert (app_t app, const char *certid,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.readcert)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL/* FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = app->fnc.readcert (app, certid, cert, certlen);
@ -612,7 +612,7 @@ app_readcert (app_t app, const char *certid,
This function might not be supported by all applications. */
gpg_error_t
app_readkey (app_t app, int advanced, const char *keyid,
app_readkey (app_t app, ctrl_t ctrl, int advanced, const char *keyid,
unsigned char **pk, size_t *pklen)
{
gpg_error_t err;
@ -628,7 +628,7 @@ app_readkey (app_t app, int advanced, const char *keyid,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.readkey)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err= app->fnc.readkey (app, advanced, keyid, pk, pklen);
@ -680,7 +680,7 @@ app_getattr (app_t app, ctrl_t ctrl, const char *name)
/* Perform a SETATTR operation. */
gpg_error_t
app_setattr (app_t app, const char *name,
app_setattr (app_t app, ctrl_t ctrl, const char *name,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const unsigned char *value, size_t valuelen)
@ -693,7 +693,7 @@ app_setattr (app_t app, const char *name,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.setattr)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = app->fnc.setattr (app, name, pincb, pincb_arg, value, valuelen);
@ -705,7 +705,7 @@ app_setattr (app_t app, const char *name,
If a PIN is required the PINCB will be used to ask for the PIN; it
should return the PIN in an allocated buffer and put it into PIN. */
gpg_error_t
app_sign (app_t app, const char *keyidstr, int hashalgo,
app_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
@ -719,7 +719,7 @@ app_sign (app_t app, const char *keyidstr, int hashalgo,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.sign)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = app->fnc.sign (app, keyidstr, hashalgo,
@ -737,7 +737,7 @@ app_sign (app_t app, const char *keyidstr, int hashalgo,
PINCB will be used to ask for the PIN; it should return the PIN in
an allocated buffer and put it into PIN. */
gpg_error_t
app_auth (app_t app, const char *keyidstr,
app_auth (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
@ -751,7 +751,7 @@ app_auth (app_t app, const char *keyidstr,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.auth)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = app->fnc.auth (app, keyidstr,
@ -769,7 +769,7 @@ app_auth (app_t app, const char *keyidstr,
If a PIN is required the PINCB will be used to ask for the PIN; it
should return the PIN in an allocated buffer and put it into PIN. */
gpg_error_t
app_decipher (app_t app, const char *keyidstr,
app_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *indata, size_t indatalen,
@ -786,7 +786,7 @@ app_decipher (app_t app, const char *keyidstr,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.decipher)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = app->fnc.decipher (app, keyidstr,
@ -888,7 +888,7 @@ app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
directly accesses the card without any application specific
wrapper. */
gpg_error_t
app_get_challenge (app_t app, size_t nbytes, unsigned char *buffer)
app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes, unsigned char *buffer)
{
gpg_error_t err;
@ -896,7 +896,7 @@ app_get_challenge (app_t app, size_t nbytes, unsigned char *buffer)
return gpg_error (GPG_ERR_INV_VALUE);
if (!app->ref_count)
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = iso7816_get_challenge (app->slot, nbytes, buffer);
@ -936,7 +936,7 @@ app_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, int reset_mode,
be used to initialze a the PIN cache for long lasting other
operations. Its use is highly application dependent. */
gpg_error_t
app_check_pin (app_t app, const char *keyidstr,
app_check_pin (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg)
{
@ -948,7 +948,7 @@ app_check_pin (app_t app, const char *keyidstr,
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
if (!app->fnc.check_pin)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
err = lock_reader (app->slot, NULL /*FIXME*/);
err = lock_reader (app->slot, ctrl);
if (err)
return err;
err = app->fnc.check_pin (app, keyidstr, pincb, pincb_arg);

22
scd/command.c
View File

@ -710,7 +710,7 @@ cmd_readcert (assuan_context_t ctx, char *line)
return rc;
line = xstrdup (line); /* Need a copy of the line. */
rc = app_readcert (ctrl->app_ctx, line, &cert, &ncert);
rc = app_readcert (ctrl->app_ctx, ctrl, line, &cert, &ncert);
if (rc)
log_error ("app_readcert failed: %s\n", gpg_strerror (rc));
xfree (line);
@ -761,7 +761,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
/* If the application supports the READKEY function we use that.
Otherwise we use the old way by extracting it from the
certificate. */
rc = app_readkey (ctrl->app_ctx, advanced, line, &pk, &pklen);
rc = app_readkey (ctrl->app_ctx, ctrl, advanced, line, &pk, &pklen);
if (!rc)
{ /* Yeah, got that key - send it back. */
rc = assuan_send_data (ctx, pk, pklen);
@ -775,7 +775,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
log_error ("app_readkey failed: %s\n", gpg_strerror (rc));
else
{
rc = app_readcert (ctrl->app_ctx, line, &cert, &ncert);
rc = app_readcert (ctrl->app_ctx, ctrl, line, &cert, &ncert);
if (rc)
log_error ("app_readcert failed: %s\n", gpg_strerror (rc));
}
@ -985,7 +985,7 @@ cmd_pksign (assuan_context_t ctx, char *line)
if (!keyidstr)
return out_of_core ();
rc = app_sign (ctrl->app_ctx,
rc = app_sign (ctrl->app_ctx, ctrl,
keyidstr, hash_algo,
pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
@ -1036,9 +1036,7 @@ cmd_pkauth (assuan_context_t ctx, char *line)
if (!keyidstr)
return out_of_core ();
rc = app_auth (ctrl->app_ctx,
keyidstr,
pin_cb, ctx,
rc = app_auth (ctrl->app_ctx, ctrl, keyidstr, pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
&outdata, &outdatalen);
xfree (keyidstr);
@ -1080,9 +1078,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
keyidstr = xtrystrdup (line);
if (!keyidstr)
return out_of_core ();
rc = app_decipher (ctrl->app_ctx,
keyidstr,
pin_cb, ctx,
rc = app_decipher (ctrl->app_ctx, ctrl, keyidstr, pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
&outdata, &outdatalen, &infoflags);
@ -1194,7 +1190,7 @@ cmd_setattr (assuan_context_t ctx, char *orig_line)
line++;
nbytes = percent_plus_unescape_inplace (line, 0);
rc = app_setattr (ctrl->app_ctx, keyword, pin_cb, ctx,
rc = app_setattr (ctrl->app_ctx, ctrl, keyword, pin_cb, ctx,
(const unsigned char*)line, nbytes);
xfree (linebuf);
@ -1441,7 +1437,7 @@ cmd_random (assuan_context_t ctx, char *line)
if (!buffer)
return out_of_core ();
rc = app_get_challenge (ctrl->app_ctx, nbytes, buffer);
rc = app_get_challenge (ctrl->app_ctx, ctrl, nbytes, buffer);
if (!rc)
{
rc = assuan_send_data (ctx, buffer, nbytes);
@ -1562,7 +1558,7 @@ cmd_checkpin (assuan_context_t ctx, char *line)
if (!idstr)
return out_of_core ();
rc = app_check_pin (ctrl->app_ctx, idstr, pin_cb, ctx);
rc = app_check_pin (ctrl->app_ctx, ctrl, idstr, pin_cb, ctx);
xfree (idstr);
if (rc)
log_error ("app_check_pin failed: %s\n", gpg_strerror (rc));