mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-05 12:31:50 +01:00
agent: Minor change to the KEYTOCARD command.
* agent/command.c (cmd_keytocard): Make timestamp optional. Use modern parser function. * agent/call-scd.c (agent_card_writekey): Rename an arg and for clarity return gpg_error_t instead of int. * agent/divert-scd.c (divert_writekey): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
86c241a8c9
commit
bcc89a6df2
@ -548,8 +548,9 @@ int divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
|
|||||||
char **r_buf, size_t *r_len, int *r_padding);
|
char **r_buf, size_t *r_len, int *r_padding);
|
||||||
int divert_generic_cmd (ctrl_t ctrl,
|
int divert_generic_cmd (ctrl_t ctrl,
|
||||||
const char *cmdline, void *assuan_context);
|
const char *cmdline, void *assuan_context);
|
||||||
int divert_writekey (ctrl_t ctrl, int force, const char *serialno,
|
gpg_error_t divert_writekey (ctrl_t ctrl, int force, const char *serialno,
|
||||||
const char *id, const char *keydata, size_t keydatalen);
|
const char *keyref,
|
||||||
|
const char *keydata, size_t keydatalen);
|
||||||
|
|
||||||
|
|
||||||
/*-- call-scd.c --*/
|
/*-- call-scd.c --*/
|
||||||
@ -586,9 +587,9 @@ int agent_card_pkdecrypt (ctrl_t ctrl,
|
|||||||
int agent_card_readcert (ctrl_t ctrl,
|
int agent_card_readcert (ctrl_t ctrl,
|
||||||
const char *id, char **r_buf, size_t *r_buflen);
|
const char *id, char **r_buf, size_t *r_buflen);
|
||||||
int agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf);
|
int agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf);
|
||||||
int agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
|
gpg_error_t agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
|
||||||
const char *id, const char *keydata,
|
const char *keyref,
|
||||||
size_t keydatalen,
|
const char *keydata, size_t keydatalen,
|
||||||
int (*getpin_cb)(void *, const char *,
|
int (*getpin_cb)(void *, const char *,
|
||||||
const char *, char*, size_t),
|
const char *, char*, size_t),
|
||||||
void *getpin_cb_arg);
|
void *getpin_cb_arg);
|
||||||
|
@ -1075,23 +1075,26 @@ inq_writekey_parms (void *opaque, const char *line)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int
|
/* Call scd to write a key to a card under the id KEYREF. */
|
||||||
|
gpg_error_t
|
||||||
agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
|
agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
|
||||||
const char *id, const char *keydata, size_t keydatalen,
|
const char *keyref,
|
||||||
|
const char *keydata, size_t keydatalen,
|
||||||
int (*getpin_cb)(void *, const char *,
|
int (*getpin_cb)(void *, const char *,
|
||||||
const char *, char*, size_t),
|
const char *, char*, size_t),
|
||||||
void *getpin_cb_arg)
|
void *getpin_cb_arg)
|
||||||
{
|
{
|
||||||
int rc;
|
gpg_error_t err;
|
||||||
char line[ASSUAN_LINELENGTH];
|
char line[ASSUAN_LINELENGTH];
|
||||||
struct inq_needpin_parm_s parms;
|
struct inq_needpin_parm_s parms;
|
||||||
|
|
||||||
(void)serialno;
|
(void)serialno;
|
||||||
rc = start_scd (ctrl);
|
|
||||||
if (rc)
|
|
||||||
return rc;
|
|
||||||
|
|
||||||
snprintf (line, DIM(line), "WRITEKEY %s%s", force ? "--force " : "", id);
|
err = start_scd (ctrl);
|
||||||
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
|
snprintf (line, DIM(line), "WRITEKEY %s%s", force ? "--force " : "", keyref);
|
||||||
parms.ctx = ctrl->scd_local->ctx;
|
parms.ctx = ctrl->scd_local->ctx;
|
||||||
parms.getpin_cb = getpin_cb;
|
parms.getpin_cb = getpin_cb;
|
||||||
parms.getpin_cb_arg = getpin_cb_arg;
|
parms.getpin_cb_arg = getpin_cb_arg;
|
||||||
@ -1100,9 +1103,9 @@ agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
|
|||||||
parms.keydata = keydata;
|
parms.keydata = keydata;
|
||||||
parms.keydatalen = keydatalen;
|
parms.keydatalen = keydatalen;
|
||||||
|
|
||||||
rc = assuan_transact (ctrl->scd_local->ctx, line, NULL, NULL,
|
err = assuan_transact (ctrl->scd_local->ctx, line, NULL, NULL,
|
||||||
inq_writekey_parms, &parms, NULL, NULL);
|
inq_writekey_parms, &parms, NULL, NULL);
|
||||||
return unlock_scd (ctrl, rc);
|
return unlock_scd (ctrl, err);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -2484,19 +2484,23 @@ cmd_delete_key (assuan_context_t ctx, char *line)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
static const char hlp_keytocard[] =
|
static const char hlp_keytocard[] =
|
||||||
"KEYTOCARD [--force] <hexstring_with_keygrip> <serialno> <id> <timestamp>\n"
|
"KEYTOCARD [--force] <hexgrip> <serialno> <keyref> [<timestamp>]\n"
|
||||||
"\n";
|
"\n"
|
||||||
|
"TIMESTAMP is required for OpenPGP and defaults to the Epoch."
|
||||||
|
;
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
cmd_keytocard (assuan_context_t ctx, char *line)
|
cmd_keytocard (assuan_context_t ctx, char *line)
|
||||||
{
|
{
|
||||||
ctrl_t ctrl = assuan_get_pointer (ctx);
|
ctrl_t ctrl = assuan_get_pointer (ctx);
|
||||||
int force;
|
int force;
|
||||||
gpg_error_t err = 0;
|
gpg_error_t err = 0;
|
||||||
|
char *argv[5];
|
||||||
|
int argc;
|
||||||
unsigned char grip[20];
|
unsigned char grip[20];
|
||||||
|
const char *serialno, *timestamp_str, *keyref;
|
||||||
gcry_sexp_t s_skey = NULL;
|
gcry_sexp_t s_skey = NULL;
|
||||||
unsigned char *keydata;
|
unsigned char *keydata;
|
||||||
size_t keydatalen;
|
size_t keydatalen;
|
||||||
const char *serialno, *timestamp_str, *id;
|
|
||||||
unsigned char *shadow_info = NULL;
|
unsigned char *shadow_info = NULL;
|
||||||
time_t timestamp;
|
time_t timestamp;
|
||||||
|
|
||||||
@ -2506,7 +2510,14 @@ cmd_keytocard (assuan_context_t ctx, char *line)
|
|||||||
force = has_option (line, "--force");
|
force = has_option (line, "--force");
|
||||||
line = skip_options (line);
|
line = skip_options (line);
|
||||||
|
|
||||||
err = parse_keygrip (ctx, line, grip);
|
argc = split_fields (line, argv, DIM (argv));
|
||||||
|
if (argc < 3)
|
||||||
|
{
|
||||||
|
err = gpg_error (GPG_ERR_MISSING_VALUE);
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
|
err = parse_keygrip (ctx, argv[0], grip);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
@ -2516,39 +2527,9 @@ cmd_keytocard (assuan_context_t ctx, char *line)
|
|||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Fixme: Replace the parsing code by split_fields(). */
|
serialno = argv[1];
|
||||||
line += 40;
|
keyref = argv[2];
|
||||||
while (*line && (*line == ' ' || *line == '\t'))
|
timestamp_str = argc > 3? argv[3] : "19700101T000000";
|
||||||
line++;
|
|
||||||
serialno = line;
|
|
||||||
while (*line && (*line != ' ' && *line != '\t'))
|
|
||||||
line++;
|
|
||||||
if (!*line)
|
|
||||||
{
|
|
||||||
err = gpg_error (GPG_ERR_MISSING_VALUE);
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
*line = '\0';
|
|
||||||
line++;
|
|
||||||
while (*line && (*line == ' ' || *line == '\t'))
|
|
||||||
line++;
|
|
||||||
id = line;
|
|
||||||
while (*line && (*line != ' ' && *line != '\t'))
|
|
||||||
line++;
|
|
||||||
if (!*line)
|
|
||||||
{
|
|
||||||
err = gpg_error (GPG_ERR_MISSING_VALUE);
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
*line = '\0';
|
|
||||||
line++;
|
|
||||||
while (*line && (*line == ' ' || *line == '\t'))
|
|
||||||
line++;
|
|
||||||
timestamp_str = line;
|
|
||||||
while (*line && (*line != ' ' && *line != '\t'))
|
|
||||||
line++;
|
|
||||||
if (*line)
|
|
||||||
*line = '\0';
|
|
||||||
|
|
||||||
if ((timestamp = isotime2epoch (timestamp_str)) == (time_t)(-1))
|
if ((timestamp = isotime2epoch (timestamp_str)) == (time_t)(-1))
|
||||||
{
|
{
|
||||||
@ -2560,38 +2541,37 @@ cmd_keytocard (assuan_context_t ctx, char *line)
|
|||||||
&shadow_info, CACHE_MODE_IGNORE, NULL,
|
&shadow_info, CACHE_MODE_IGNORE, NULL,
|
||||||
&s_skey, NULL);
|
&s_skey, NULL);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
|
||||||
xfree (shadow_info);
|
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
|
||||||
if (shadow_info)
|
if (shadow_info)
|
||||||
{
|
{
|
||||||
/* Key is on a smartcard already. */
|
/* Key is already on a smartcard - we can't extract it. */
|
||||||
xfree (shadow_info);
|
|
||||||
gcry_sexp_release (s_skey);
|
|
||||||
err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
|
err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Note: We can't use make_canon_sexp because we need to allocate a
|
||||||
|
* few extra bytes for our hack below. */
|
||||||
keydatalen = gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, NULL, 0);
|
keydatalen = gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, NULL, 0);
|
||||||
keydata = xtrymalloc_secure (keydatalen + 30);
|
keydata = xtrymalloc_secure (keydatalen + 30);
|
||||||
if (keydata == NULL)
|
if (keydata == NULL)
|
||||||
{
|
{
|
||||||
err = gpg_error_from_syserror ();
|
err = gpg_error_from_syserror ();
|
||||||
gcry_sexp_release (s_skey);
|
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, keydata, keydatalen);
|
gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, keydata, keydatalen);
|
||||||
gcry_sexp_release (s_skey);
|
gcry_sexp_release (s_skey);
|
||||||
|
s_skey = NULL;
|
||||||
keydatalen--; /* Decrement for last '\0'. */
|
keydatalen--; /* Decrement for last '\0'. */
|
||||||
/* Add timestamp "created-at" in the private key */
|
/* Hack to insert the timestamp "created-at" into the private key. */
|
||||||
snprintf (keydata+keydatalen-1, 30, KEYTOCARD_TIMESTAMP_FORMAT, timestamp);
|
snprintf (keydata+keydatalen-1, 30, KEYTOCARD_TIMESTAMP_FORMAT, timestamp);
|
||||||
keydatalen += 10 + 19 - 1;
|
keydatalen += 10 + 19 - 1;
|
||||||
err = divert_writekey (ctrl, force, serialno, id, keydata, keydatalen);
|
|
||||||
|
err = divert_writekey (ctrl, force, serialno, keyref, keydata, keydatalen);
|
||||||
xfree (keydata);
|
xfree (keydata);
|
||||||
|
|
||||||
leave:
|
leave:
|
||||||
|
gcry_sexp_release (s_skey);
|
||||||
|
xfree (shadow_info);
|
||||||
return leave_cmd (ctx, err);
|
return leave_cmd (ctx, err);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -597,12 +597,13 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
|
||||||
|
gpg_error_t
|
||||||
divert_writekey (ctrl_t ctrl, int force, const char *serialno,
|
divert_writekey (ctrl_t ctrl, int force, const char *serialno,
|
||||||
const char *id, const char *keydata, size_t keydatalen)
|
const char *keyref, const char *keydata, size_t keydatalen)
|
||||||
{
|
{
|
||||||
return agent_card_writekey (ctrl, force, serialno, id, keydata, keydatalen,
|
return agent_card_writekey (ctrl, force, serialno, keyref,
|
||||||
getpin_cb, ctrl);
|
keydata, keydatalen, getpin_cb, ctrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
|
Loading…
x
Reference in New Issue
Block a user