mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
scd: KEYNO cleanup.
* scd/app-openpgp.c (get_public_key, send_keypair_info, do_readkey) (change_keyattr, change_keyattr_from_string, ecc_writekey, do_genkey) (compare_fingerprint, check_against_given_fingerprint): KEYNO starts from 0. -- Backport of master commit: fd689e85423d0d80d725f0315c52d94f0e9766f8
This commit is contained in:
parent
f1b9521fd6
commit
a6f7c8d9b7
@ -1162,7 +1162,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid,
|
|||||||
the APP handle. On error that field gets cleared. If we already
|
the APP handle. On error that field gets cleared. If we already
|
||||||
know about the public key we will just return. Note that this does
|
know about the public key we will just return. Note that this does
|
||||||
not mean a key is available; this is soley indicated by the
|
not mean a key is available; this is soley indicated by the
|
||||||
presence of the app->app_local->pk[KEYNO-1].key field.
|
presence of the app->app_local->pk[KEYNO].key field.
|
||||||
|
|
||||||
Note that GnuPG 1.x does not need this and it would be too time
|
Note that GnuPG 1.x does not need this and it would be too time
|
||||||
consuming to send it just for the fun of it. However, given that we
|
consuming to send it just for the fun of it. However, given that we
|
||||||
@ -1181,9 +1181,8 @@ get_public_key (app_t app, int keyno)
|
|||||||
char *keybuf = NULL;
|
char *keybuf = NULL;
|
||||||
char *keybuf_p;
|
char *keybuf_p;
|
||||||
|
|
||||||
if (keyno < 1 || keyno > 3)
|
if (keyno < 0 || keyno > 2)
|
||||||
return gpg_error (GPG_ERR_INV_ID);
|
return gpg_error (GPG_ERR_INV_ID);
|
||||||
keyno--;
|
|
||||||
|
|
||||||
/* Already cached? */
|
/* Already cached? */
|
||||||
if (app->app_local->pk[keyno].read_done)
|
if (app->app_local->pk[keyno].read_done)
|
||||||
@ -1369,11 +1368,12 @@ get_public_key (app_t app, int keyno)
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Send the KEYPAIRINFO back. KEYNO needs to be in the range [1,3].
|
/* Send the KEYPAIRINFO back. KEY needs to be in the range [1,3].
|
||||||
This is used by the LEARN command. */
|
This is used by the LEARN command. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
send_keypair_info (app_t app, ctrl_t ctrl, int keyno)
|
send_keypair_info (app_t app, ctrl_t ctrl, int key)
|
||||||
{
|
{
|
||||||
|
int keyno = key - 1;
|
||||||
gpg_error_t err = 0;
|
gpg_error_t err = 0;
|
||||||
/* Note that GnuPG 1.x does not need this and it would be too time
|
/* Note that GnuPG 1.x does not need this and it would be too time
|
||||||
consuming to send it just for the fun of it. */
|
consuming to send it just for the fun of it. */
|
||||||
@ -1386,19 +1386,19 @@ send_keypair_info (app_t app, ctrl_t ctrl, int keyno)
|
|||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
assert (keyno >= 1 && keyno <= 3);
|
assert (keyno >= 0 && keyno <= 2);
|
||||||
if (!app->app_local->pk[keyno-1].key)
|
if (!app->app_local->pk[keyno].key)
|
||||||
goto leave; /* No such key - ignore. */
|
goto leave; /* No such key - ignore. */
|
||||||
|
|
||||||
err = keygrip_from_canon_sexp (app->app_local->pk[keyno-1].key,
|
err = keygrip_from_canon_sexp (app->app_local->pk[keyno].key,
|
||||||
app->app_local->pk[keyno-1].keylen,
|
app->app_local->pk[keyno].keylen,
|
||||||
grip);
|
grip);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
bin2hex (grip, 20, gripstr);
|
bin2hex (grip, 20, gripstr);
|
||||||
|
|
||||||
sprintf (idbuf, "OPENPGP.%d", keyno);
|
sprintf (idbuf, "OPENPGP.%d", keyno+1);
|
||||||
send_status_info (ctrl, "KEYPAIRINFO",
|
send_status_info (ctrl, "KEYPAIRINFO",
|
||||||
gripstr, 40,
|
gripstr, 40,
|
||||||
idbuf, strlen (idbuf),
|
idbuf, strlen (idbuf),
|
||||||
@ -1461,11 +1461,11 @@ do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
|
|||||||
unsigned char *buf;
|
unsigned char *buf;
|
||||||
|
|
||||||
if (!strcmp (keyid, "OPENPGP.1"))
|
if (!strcmp (keyid, "OPENPGP.1"))
|
||||||
keyno = 1;
|
keyno = 0;
|
||||||
else if (!strcmp (keyid, "OPENPGP.2"))
|
else if (!strcmp (keyid, "OPENPGP.2"))
|
||||||
keyno = 2;
|
keyno = 1;
|
||||||
else if (!strcmp (keyid, "OPENPGP.3"))
|
else if (!strcmp (keyid, "OPENPGP.3"))
|
||||||
keyno = 3;
|
keyno = 2;
|
||||||
else
|
else
|
||||||
return gpg_error (GPG_ERR_INV_ID);
|
return gpg_error (GPG_ERR_INV_ID);
|
||||||
|
|
||||||
@ -1473,10 +1473,10 @@ do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
|
|||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
buf = app->app_local->pk[keyno-1].key;
|
buf = app->app_local->pk[keyno].key;
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return gpg_error (GPG_ERR_NO_PUBKEY);
|
return gpg_error (GPG_ERR_NO_PUBKEY);
|
||||||
*pklen = app->app_local->pk[keyno-1].keylen;;
|
*pklen = app->app_local->pk[keyno].keylen;;
|
||||||
*pk = xtrymalloc (*pklen);
|
*pk = xtrymalloc (*pklen);
|
||||||
if (!*pk)
|
if (!*pk)
|
||||||
{
|
{
|
||||||
@ -2610,14 +2610,18 @@ change_keyattr_from_string (app_t app,
|
|||||||
happen. */
|
happen. */
|
||||||
if (sscanf (string, " --force %d %d %u", &keyno, &algo, &nbits) != 3)
|
if (sscanf (string, " --force %d %d %u", &keyno, &algo, &nbits) != 3)
|
||||||
err = gpg_error (GPG_ERR_INV_DATA);
|
err = gpg_error (GPG_ERR_INV_DATA);
|
||||||
else if (keyno < 1 || keyno > 3)
|
keyno = keyno - 1;
|
||||||
err = gpg_error (GPG_ERR_INV_ID);
|
if (!err)
|
||||||
else if (algo != PUBKEY_ALGO_RSA)
|
{
|
||||||
err = gpg_error (GPG_ERR_PUBKEY_ALGO);
|
if (keyno < 0 || keyno > 2)
|
||||||
else if (nbits < 1024)
|
err = gpg_error (GPG_ERR_INV_ID);
|
||||||
err = gpg_error (GPG_ERR_TOO_SHORT);
|
else if (algo != PUBKEY_ALGO_RSA)
|
||||||
else
|
err = gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||||||
err = change_keyattr (app, keyno-1, nbits, pincb, pincb_arg);
|
else if (nbits < 1024)
|
||||||
|
err = gpg_error (GPG_ERR_TOO_SHORT);
|
||||||
|
else
|
||||||
|
err = change_keyattr (app, keyno, nbits, pincb, pincb_arg);
|
||||||
|
}
|
||||||
|
|
||||||
xfree (string);
|
xfree (string);
|
||||||
return err;
|
return err;
|
||||||
@ -3002,16 +3006,15 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
|
|||||||
unsigned char *buffer = NULL;
|
unsigned char *buffer = NULL;
|
||||||
size_t buflen, keydatalen, mlen, elen;
|
size_t buflen, keydatalen, mlen, elen;
|
||||||
time_t created_at;
|
time_t created_at;
|
||||||
int keyno = atoi (keynostr);
|
int keyno = atoi (keynostr) - 1;
|
||||||
int force = (flags & 1);
|
int force = (flags & 1);
|
||||||
time_t start_at;
|
time_t start_at;
|
||||||
int exmode;
|
int exmode;
|
||||||
int le_value;
|
int le_value;
|
||||||
unsigned int keybits;
|
unsigned int keybits;
|
||||||
|
|
||||||
if (keyno < 1 || keyno > 3)
|
if (keyno < 0 || keyno > 2)
|
||||||
return gpg_error (GPG_ERR_INV_ID);
|
return gpg_error (GPG_ERR_INV_ID);
|
||||||
keyno--;
|
|
||||||
|
|
||||||
/* We flush the cache to increase the traffic before a key
|
/* We flush the cache to increase the traffic before a key
|
||||||
generation. This _might_ help a card to gather more entropy. */
|
generation. This _might_ help a card to gather more entropy. */
|
||||||
@ -3161,7 +3164,7 @@ compare_fingerprint (app_t app, int keyno, unsigned char *sha1fpr)
|
|||||||
size_t buflen, n;
|
size_t buflen, n;
|
||||||
int rc, i;
|
int rc, i;
|
||||||
|
|
||||||
assert (keyno >= 1 && keyno <= 3);
|
assert (keyno >= 0 && keyno <= 2);
|
||||||
|
|
||||||
rc = get_cached_data (app, 0x006E, &buffer, &buflen, 0, 0);
|
rc = get_cached_data (app, 0x006E, &buffer, &buflen, 0, 0);
|
||||||
if (rc)
|
if (rc)
|
||||||
@ -3176,7 +3179,7 @@ compare_fingerprint (app_t app, int keyno, unsigned char *sha1fpr)
|
|||||||
log_error (_("error reading fingerprint DO\n"));
|
log_error (_("error reading fingerprint DO\n"));
|
||||||
return gpg_error (GPG_ERR_GENERAL);
|
return gpg_error (GPG_ERR_GENERAL);
|
||||||
}
|
}
|
||||||
fpr += (keyno-1)*20;
|
fpr += keyno*20;
|
||||||
for (i=0; i < 20; i++)
|
for (i=0; i < 20; i++)
|
||||||
if (sha1fpr[i] != fpr[i])
|
if (sha1fpr[i] != fpr[i])
|
||||||
{
|
{
|
||||||
@ -3195,7 +3198,7 @@ compare_fingerprint (app_t app, int keyno, unsigned char *sha1fpr)
|
|||||||
gpg has not been updated. If there is no fingerprint we assume
|
gpg has not been updated. If there is no fingerprint we assume
|
||||||
that this is okay. */
|
that this is okay. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
check_against_given_fingerprint (app_t app, const char *fpr, int keyno)
|
check_against_given_fingerprint (app_t app, const char *fpr, int key)
|
||||||
{
|
{
|
||||||
unsigned char tmp[20];
|
unsigned char tmp[20];
|
||||||
const char *s;
|
const char *s;
|
||||||
@ -3212,7 +3215,7 @@ check_against_given_fingerprint (app_t app, const char *fpr, int keyno)
|
|||||||
|
|
||||||
for (s=fpr, n=0; n < 20; s += 2, n++)
|
for (s=fpr, n=0; n < 20; s += 2, n++)
|
||||||
tmp[n] = xtoi_2 (s);
|
tmp[n] = xtoi_2 (s);
|
||||||
return compare_fingerprint (app, keyno, tmp);
|
return compare_fingerprint (app, key-1, tmp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user