security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

scd: Support direct use of app with PKSIGN/PKAUTH/PKDECRYPT. 

* scd/command.c (cmd_pksign, cmd_pkauth, cmd_pkdecrypt): When length
of keyidstr is 40, it is considered as a keygrip for direct use.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2019-05-07 09:41:14 +09:00
parent f43560a4d6
commit c856ee7312
1 changed files with 76 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
scd/command.c
View File

@ -757,6 +757,8 @@ cmd_pksign (assuan_context_t ctx, char *line)
size_t outdatalen; size_t outdatalen;
char *keyidstr; char *keyidstr;
int hash_algo; int hash_algo;
app_t app;
int direct = 0;
if (has_option (line, "--hash=rmd160")) if (has_option (line, "--hash=rmd160"))
hash_algo = GCRY_MD_RMD160; hash_algo = GCRY_MD_RMD160;
@ -789,11 +791,30 @@ cmd_pksign (assuan_context_t ctx, char *line)
if (!keyidstr) if (!keyidstr)
return out_of_core (); return out_of_core ();
rc = app_sign (ctrl->app_ctx, ctrl, /* When it's a keygrip, we directly use APP, with no change of
keyidstr, hash_algo, ctrl->app_ctx. */
pin_cb, ctx, if (strlen (keyidstr) == 40)
ctrl->in_data.value, ctrl->in_data.valuelen, {
&outdata, &outdatalen); app = app_do_with_keygrip (ctrl, KEYGRIP_ACTION_LOOKUP, keyidstr);
direct = 1;
}
else
app = ctrl->app_ctx;
if (app)
{
if (direct)
app->ref_count++;
rc = app_sign (app, ctrl,
keyidstr, hash_algo,
pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
&outdata, &outdatalen);
if (direct)
app->ref_count--;
}
else
rc = gpg_error (GPG_ERR_NO_SECKEY);
xfree (keyidstr); xfree (keyidstr);
if (rc) if (rc)
@ -822,6 +843,8 @@ cmd_pkauth (assuan_context_t ctx, char *line)
unsigned char *outdata; unsigned char *outdata;
size_t outdatalen; size_t outdatalen;
char *keyidstr; char *keyidstr;
app_t app;
int direct = 0;
if ((rc = open_card (ctrl))) if ((rc = open_card (ctrl)))
return rc; return rc;
@ -836,9 +859,29 @@ cmd_pkauth (assuan_context_t ctx, char *line)
if (!keyidstr) if (!keyidstr)
return out_of_core (); return out_of_core ();
rc = app_auth (ctrl->app_ctx, ctrl, keyidstr, pin_cb, ctx, /* When it's a keygrip, we directly use APP, with no change of
ctrl->in_data.value, ctrl->in_data.valuelen, ctrl->app_ctx. */
&outdata, &outdatalen); if (strlen (keyidstr) == 40)
{
app = app_do_with_keygrip (ctrl, KEYGRIP_ACTION_LOOKUP, keyidstr);
direct = 1;
}
else
app = ctrl->app_ctx;
if (app)
{
if (direct)
app->ref_count++;
rc = app_auth (app, ctrl, keyidstr, pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
&outdata, &outdatalen);
if (direct)
app->ref_count--;
}
else
rc = gpg_error (GPG_ERR_NO_SECKEY);
xfree (keyidstr); xfree (keyidstr);
if (rc) if (rc)
{ {
@ -867,6 +910,8 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
size_t outdatalen; size_t outdatalen;
char *keyidstr; char *keyidstr;
unsigned int infoflags; unsigned int infoflags;
app_t app;
int direct = 0;
if ((rc = open_card (ctrl))) if ((rc = open_card (ctrl)))
return rc; return rc;
@ -874,9 +919,29 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
keyidstr = xtrystrdup (line); keyidstr = xtrystrdup (line);
if (!keyidstr) if (!keyidstr)
return out_of_core (); return out_of_core ();
rc = app_decipher (ctrl->app_ctx, ctrl, keyidstr, pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen, /* When it's a keygrip, we directly use APP, with no change of
&outdata, &outdatalen, &infoflags); ctrl->app_ctx. */
if (strlen (keyidstr) == 40)
{
app = app_do_with_keygrip (ctrl, KEYGRIP_ACTION_LOOKUP, keyidstr);
direct = 1;
}
else
app = ctrl->app_ctx;
if (app)
{
if (direct)
app->ref_count++;
rc = app_decipher (ctrl->app_ctx, ctrl, keyidstr, pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
&outdata, &outdatalen, &infoflags);
if (direct)
app->ref_count--;
}
else
rc = gpg_error (GPG_ERR_NO_SECKEY);
xfree (keyidstr); xfree (keyidstr);
if (rc) if (rc)