security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Print keyid in gpg --list-packets. 

Add some not yet code to app-nks.c
Changed batch mode expiration time computation
This commit is contained in:
Werner Koch 2009-05-13 11:42:34 +00:00
parent dcc0907793
commit a766a37290
6 changed files with 121 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
g10/ChangeLog
View File

@ -1,5 +1,12 @@
2009-05-13 Werner Koch <wk@g10code.com>
* keygen.c (parse_expire_string): Base ISO date string at noon.
Also allow full ISO timestamp.
2009-05-11 Werner Koch <wk@g10code.com>
* parse-packet.c (parse_key): Print the key id in list mode.
* skclist.c (build_sk_list): Use log_info for "duplicated entry".
Fixes bug#1045.

8
g10/keygen.c
View File

@ -1799,13 +1799,17 @@ parse_expire_string( const char *string )
u32 seconds;
u32 abs_date = 0;
u32 curtime = make_timestamp ();
time_t tt;
if (!*string)
seconds = 0;
else if (!strncmp (string, "seconds=", 8))
seconds = atoi (string+8);
else if ((abs_date = scan_isodatestr(string)) && abs_date > curtime)
seconds = abs_date - curtime;
else if ((abs_date = scan_isodatestr(string))
&& (abs_date+86400/2) > curtime)
seconds = (abs_date+86400/2) - curtime;
else if ((tt = isotime2epoch (string)) != (time_t)(-1))
seconds = (u32)tt - curtime;
else if ((mult = check_valid_days (string)))
seconds = atoi (string) * 86400L * mult;
else

10
g10/parse-packet.c
View File

@ -1672,6 +1672,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
int npkey, nskey;
int is_v4=0;
int rc=0;
u32 keyid[2];
(void)hdr;
@ -1997,6 +1998,9 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
fprintf (listfp, "\tchecksum: %04hx\n", sk->csum);
}
}
if (list_mode)
keyid_from_sk (sk, keyid);
}
else {
PKT_public_key *pk = pkt->pkt.public_key;
@ -2021,8 +2025,14 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
}
if (rc)
goto leave;
if (list_mode)
keyid_from_pk (pk, keyid);
}
if (list_mode)
fprintf (listfp, "\tkeyid: %08lX%08lX\n",
(ulong)keyid[0], (ulong)keyid[1]);
leave:
iobuf_skip_rest(inp, pktlen, 0);
return rc;

4
scd/ChangeLog
View File

@ -1,3 +1,7 @@
2009-05-11 Werner Koch <wk@g10code.com>
* apdu.c (send_le): Replace log_error by log_info.
2009-05-08 Werner Koch <wk@g10code.com>
* app-openpgp.c (do_genkey): Allow larger key sizes.

4
scd/apdu.c
View File

@ -3000,8 +3000,8 @@ send_le (int slot, int class, int ins, int p0, int p1,
rc = send_apdu (slot, apdu, apdulen, result, &resultlen, pininfo);
if (rc || resultlen < 2)
{
log_error ("apdu_send_simple(%d) failed: %s\n",
slot, apdu_strerror (rc));
log_info ("apdu_send_simple(%d) failed: %s\n",
slot, apdu_strerror (rc));
unlock_slot (slot);
return rc? rc : SW_HOST_INCOMPLETE_CARD_RESPONSE;
}

93
scd/app-nks.c
View File

@ -666,6 +666,97 @@ do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
}
/* Handle the WRITEKEY command for NKS. This function expects a
canonical encoded S-expression with the public key in KEYDATA and
its length in KEYDATALEN. The only supported KEYID is
"$IFDAUTHKEY" to store the terminal key on the card. Bit 0 of
FLAGS indicates whether an existing key shall get overwritten.
PINCB and PINCB_ARG are the usual arguments for the pinentry
callback. */
static gpg_error_t
do_writekey (app_t app, ctrl_t ctrl,
const char *keyid, unsigned int flags,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const unsigned char *keydata, size_t keydatalen)
{
gpg_error_t err;
int force = (flags & 1);
const unsigned char *rsa_n = NULL;
const unsigned char *rsa_e = NULL;
size_t rsa_n_len, rsa_e_len;
unsigned int nbits;
(void)ctrl;
(void)pincb;
(void)pincb_arg;
if (!strcmp (keyid, "$IFDAUTHKEY") && app->app_local->nks_version >= 3)
;
else
return gpg_error (GPG_ERR_INV_ID);
if (!force && !do_readkey (app, keyid, NULL, NULL))
return gpg_error (GPG_ERR_EEXIST);
/* Parse the S-expression. */
err = get_rsa_pk_from_canon_sexp (keydata, keydatalen,
&rsa_n, &rsa_n_len, &rsa_e, &rsa_e_len);
if (err)
goto leave;
/* Check that the parameters match the requirements. */
nbits = app_help_count_bits (rsa_n, rsa_n_len);
if (nbits != 1024)
{
log_error (_("RSA modulus missing or not of size %d bits\n"), 1024);
err = gpg_error (GPG_ERR_BAD_PUBKEY);
goto leave;
}
nbits = app_help_count_bits (rsa_e, rsa_e_len);
if (nbits < 2 || nbits > 32)
{
log_error (_("RSA public exponent missing or larger than %d bits\n"),
32);
err = gpg_error (GPG_ERR_BAD_PUBKEY);
goto leave;
}
/* /\* Store them. *\/ */
/* err = verify_pin (app, 0, NULL, pincb, pincb_arg); */
/* if (err) */
/* goto leave; */
/* Send the MSE:Store_Public_Key. */
err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
/* mse = xtrymalloc (1000); */
/* mse[0] = 0x80; /\* Algorithm reference. *\/ */
/* mse[1] = 1; */
/* mse[2] = 0x17; */
/* mse[3] = 0x84; /\* Private key reference. *\/ */
/* mse[4] = 1; */
/* mse[5] = 0x77; */
/* mse[6] = 0x7F; /\* Public key parameter. *\/ */
/* mse[7] = 0x49; */
/* mse[8] = 0x81; */
/* mse[9] = 3 + 0x80 + 2 + rsa_e_len; */
/* mse[10] = 0x81; /\* RSA modulus of 128 byte. *\/ */
/* mse[11] = 0x81; */
/* mse[12] = rsa_n_len; */
/* memcpy (mse+12, rsa_n, rsa_n_len); */
/* mse[10] = 0x82; /\* RSA public exponent of up to 4 bytes. *\/ */
/* mse[12] = rsa_e_len; */
/* memcpy (mse+12, rsa_e, rsa_e_len); */
/* err = iso7816_manage_security_env (app->slot, 0x81, 0xB6, */
/* mse, sizeof mse); */
leave:
return err;
}
static gpg_error_t
basic_pin_checks (const char *pinvalue, int minlen, int maxlen)
{
@ -1309,7 +1400,7 @@ app_select_nks (app_t app)
app->fnc.readkey = do_readkey;
app->fnc.getattr = do_getattr;
app->fnc.setattr = NULL;
app->fnc.writekey = NULL;
app->fnc.writekey = do_writekey;
app->fnc.genkey = NULL;
app->fnc.sign = do_sign;
app->fnc.auth = NULL;