mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-24 15:17:02 +01:00
* primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru.
Fixes #423. * DETAILS: Document new status codes. * cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign) (agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin) (agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a SC_OP_FAILURE after card operations which might change data. * card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has been changed. (change_name): Removed a debug output. * status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE and SC_OP_SUCCESS. * de.po: Updated. Translation is still in the works, though.
This commit is contained in:
parent
db82cdd26a
commit
c91e30fda4
@ -1,3 +1,8 @@
|
|||||||
|
2005-03-07 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru.
|
||||||
|
Fixes #423.
|
||||||
|
|
||||||
2004-11-30 David Shaw <dshaw@jabberwocky.com>
|
2004-11-30 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* md.c (string_to_digest_algo): Allow read/write SHA384 and
|
* md.c (string_to_digest_algo): Allow read/write SHA384 and
|
||||||
|
@ -462,15 +462,16 @@ is_prime( MPI n, int steps, int *count )
|
|||||||
mpi_set_ui( x, 2 );
|
mpi_set_ui( x, 2 );
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
/*mpi_set_bytes( x, nbits-1, get_random_byte, 0 );*/
|
char *p;
|
||||||
{ char *p = get_random_bits( nbits, 0, 0 );
|
|
||||||
mpi_set_buffer( x, p, (nbits+7)/8, 0 );
|
p = get_random_bits( nbits, 0, 0 );
|
||||||
m_free(p);
|
mpi_set_buffer( x, p, (nbits+7)/8, 0 );
|
||||||
}
|
m_free(p);
|
||||||
/* make sure that the number is smaller than the prime
|
|
||||||
* and keep the randomness of the high bit */
|
/* Make sure that the number is smaller than the prime
|
||||||
|
* and keep the randomness of the high bit. */
|
||||||
if( mpi_test_bit( x, nbits-2 ) ) {
|
if( mpi_test_bit( x, nbits-2 ) ) {
|
||||||
mpi_set_highbit( x, nbits-2 ); /* clear all higher bits */
|
mpi_set_highbit( x, nbits-2 ); /* Clear all higher bits */
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
mpi_set_highbit( x, nbits-2 );
|
mpi_set_highbit( x, nbits-2 );
|
||||||
@ -498,6 +499,7 @@ is_prime( MPI n, int steps, int *count )
|
|||||||
mpi_free( z );
|
mpi_free( z );
|
||||||
mpi_free( nminus1 );
|
mpi_free( nminus1 );
|
||||||
mpi_free( q );
|
mpi_free( q );
|
||||||
|
mpi_free (a2);
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
2005-03-07 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* DETAILS: Document new status codes.
|
||||||
|
|
||||||
2005-02-15 Werner Koch <wk@g10code.com>
|
2005-02-15 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* faq.raw: Add htmlcharset header line as suggested by Maxim
|
* faq.raw: Add htmlcharset header line as suggested by Maxim
|
||||||
@ -6,7 +10,6 @@
|
|||||||
|
|
||||||
* gpg.ru.sgml: Updated from upstream. Added a closing PARA.
|
* gpg.ru.sgml: Updated from upstream. Added a closing PARA.
|
||||||
|
|
||||||
|
|
||||||
* gpg.sgml: Add bkuptocard command for --edit-key.
|
* gpg.sgml: Add bkuptocard command for --edit-key.
|
||||||
|
|
||||||
2005-02-05 David Shaw <dshaw@jabberwocky.com>
|
2005-02-05 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
13
doc/DETAILS
13
doc/DETAILS
@ -349,6 +349,9 @@ more arguments in future versions.
|
|||||||
The supplied passphrase was good and the secret key material
|
The supplied passphrase was good and the secret key material
|
||||||
is therefore usable.
|
is therefore usable.
|
||||||
|
|
||||||
|
BAD_PASSPHRASE_PIN
|
||||||
|
Reserved for future use.
|
||||||
|
|
||||||
DECRYPTION_FAILED
|
DECRYPTION_FAILED
|
||||||
The symmetric decryption failed - one reason could be a wrong
|
The symmetric decryption failed - one reason could be a wrong
|
||||||
passphrase for a symmetrical encrypted message.
|
passphrase for a symmetrical encrypted message.
|
||||||
@ -570,6 +573,16 @@ more arguments in future versions.
|
|||||||
This indicates that a signature subpacket was seen. The
|
This indicates that a signature subpacket was seen. The
|
||||||
format is the same as the "spk" record above.
|
format is the same as the "spk" record above.
|
||||||
|
|
||||||
|
SC_OP_FAILURE
|
||||||
|
An operation on a smartcard definitely failed. Currently
|
||||||
|
there is no indication of the actual error code, but
|
||||||
|
application should be prepared to later accept more arguments.
|
||||||
|
|
||||||
|
SC_OP_SUCCESS
|
||||||
|
A smart card operaion succeeded. This status is only printed
|
||||||
|
for certain operation and is mostly useful to check whether a
|
||||||
|
PIN change really worked.
|
||||||
|
|
||||||
|
|
||||||
Format of the "--attribute-fd" output
|
Format of the "--attribute-fd" output
|
||||||
=====================================
|
=====================================
|
||||||
|
@ -1,3 +1,15 @@
|
|||||||
|
2005-03-07 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
|
||||||
|
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
|
||||||
|
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
|
||||||
|
SC_OP_FAILURE after card operations which might change data.
|
||||||
|
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
|
||||||
|
been changed.
|
||||||
|
(change_name): Removed a debug output.
|
||||||
|
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE
|
||||||
|
and SC_OP_SUCCESS.
|
||||||
|
|
||||||
2005-02-24 David Shaw <dshaw@jabberwocky.com>
|
2005-02-24 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* keyedit.c (keyedit_menu): Only print the key signing hint when
|
* keyedit.c (keyedit_menu): Only print the key signing hint when
|
||||||
|
@ -77,7 +77,10 @@ change_pin (int chvno, int allow_admin)
|
|||||||
if (rc)
|
if (rc)
|
||||||
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
||||||
else
|
else
|
||||||
tty_printf ("PIN changed.\n");
|
{
|
||||||
|
write_status (STATUS_SC_OP_SUCCESS);
|
||||||
|
tty_printf ("PIN changed.\n");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
for (;;)
|
for (;;)
|
||||||
@ -103,7 +106,10 @@ change_pin (int chvno, int allow_admin)
|
|||||||
if (rc)
|
if (rc)
|
||||||
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
||||||
else
|
else
|
||||||
tty_printf ("PIN changed.\n");
|
{
|
||||||
|
write_status (STATUS_SC_OP_SUCCESS);
|
||||||
|
tty_printf ("PIN changed.\n");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if (*answer == '2')
|
else if (*answer == '2')
|
||||||
{
|
{
|
||||||
@ -111,15 +117,21 @@ change_pin (int chvno, int allow_admin)
|
|||||||
if (rc)
|
if (rc)
|
||||||
tty_printf ("Error unblocking the PIN: %s\n", gpg_strerror (rc));
|
tty_printf ("Error unblocking the PIN: %s\n", gpg_strerror (rc));
|
||||||
else
|
else
|
||||||
tty_printf ("PIN unblocked and new PIN set.\n");
|
{
|
||||||
}
|
write_status (STATUS_SC_OP_SUCCESS);
|
||||||
|
tty_printf ("PIN unblocked and new PIN set.\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
else if (*answer == '3')
|
else if (*answer == '3')
|
||||||
{
|
{
|
||||||
rc = agent_scd_change_pin (3);
|
rc = agent_scd_change_pin (3);
|
||||||
if (rc)
|
if (rc)
|
||||||
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
|
||||||
else
|
else
|
||||||
tty_printf ("PIN changed.\n");
|
{
|
||||||
|
write_status (STATUS_SC_OP_SUCCESS);
|
||||||
|
tty_printf ("PIN changed.\n");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if (*answer == 'q' || *answer == 'Q')
|
else if (*answer == 'q' || *answer == 'Q')
|
||||||
{
|
{
|
||||||
@ -529,7 +541,6 @@ change_name (void)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
log_debug ("setting Name to `%s'\n", isoname);
|
|
||||||
rc = agent_scd_setattr ("DISP-NAME", isoname, strlen (isoname) );
|
rc = agent_scd_setattr ("DISP-NAME", isoname, strlen (isoname) );
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error ("error setting Name: %s\n", gpg_strerror (rc));
|
log_error ("error setting Name: %s\n", gpg_strerror (rc));
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/* cardglue.c - mainly dispatcher for card related functions.
|
/* cardglue.c - mainly dispatcher for card related functions.
|
||||||
* Copyright (C) 2003, 2004 Free Software Foundation, Inc.
|
* Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This file is part of GnuPG.
|
* This file is part of GnuPG.
|
||||||
*
|
*
|
||||||
@ -737,12 +737,17 @@ agent_scd_setattr (const char *name,
|
|||||||
const unsigned char *value, size_t valuelen)
|
const unsigned char *value, size_t valuelen)
|
||||||
{
|
{
|
||||||
APP app;
|
APP app;
|
||||||
|
int rc;
|
||||||
|
|
||||||
app = current_app? current_app : open_card ();
|
app = current_app? current_app : open_card ();
|
||||||
if (!app)
|
if (!app)
|
||||||
return gpg_error (GPG_ERR_CARD);
|
return gpg_error (GPG_ERR_CARD);
|
||||||
|
|
||||||
return app->fnc.setattr (app, name, pin_cb, NULL, value, valuelen);
|
rc = app->fnc.setattr (app, name, pin_cb, NULL, value, valuelen);
|
||||||
|
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -805,6 +810,7 @@ agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force)
|
|||||||
APP app;
|
APP app;
|
||||||
char keynostr[20];
|
char keynostr[20];
|
||||||
struct ctrl_ctx_s ctrl;
|
struct ctrl_ctx_s ctrl;
|
||||||
|
int rc;
|
||||||
|
|
||||||
app = current_app? current_app : open_card ();
|
app = current_app? current_app : open_card ();
|
||||||
if (!app)
|
if (!app)
|
||||||
@ -815,9 +821,12 @@ agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force)
|
|||||||
ctrl.status_cb = genkey_status_cb;
|
ctrl.status_cb = genkey_status_cb;
|
||||||
ctrl.status_cb_arg = info;
|
ctrl.status_cb_arg = info;
|
||||||
|
|
||||||
return app->fnc.genkey (app, &ctrl, keynostr,
|
rc = app->fnc.genkey (app, &ctrl, keynostr,
|
||||||
force? 1:0,
|
force? 1:0,
|
||||||
pin_cb, NULL);
|
pin_cb, NULL);
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Send a PKSIGN command to the SCdaemon. */
|
/* Send a PKSIGN command to the SCdaemon. */
|
||||||
@ -840,13 +849,15 @@ agent_scd_pksign (const char *serialno, int hashalgo,
|
|||||||
rc = check_card_serialno (app, serialno);
|
rc = check_card_serialno (app, serialno);
|
||||||
if (rc == -1)
|
if (rc == -1)
|
||||||
goto retry;
|
goto retry;
|
||||||
if (rc)
|
|
||||||
return rc;
|
|
||||||
|
|
||||||
return app->fnc.sign (app, serialno, hashalgo,
|
if (!rc)
|
||||||
|
rc = app->fnc.sign (app, serialno, hashalgo,
|
||||||
pin_cb, NULL,
|
pin_cb, NULL,
|
||||||
indata, indatalen,
|
indata, indatalen,
|
||||||
r_buf, r_buflen);
|
r_buf, r_buflen);
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -870,13 +881,15 @@ agent_scd_pkdecrypt (const char *serialno,
|
|||||||
rc = check_card_serialno (app, serialno);
|
rc = check_card_serialno (app, serialno);
|
||||||
if (rc == -1)
|
if (rc == -1)
|
||||||
goto retry;
|
goto retry;
|
||||||
if (rc)
|
|
||||||
return rc;
|
|
||||||
|
|
||||||
return app->fnc.decipher (app, serialno,
|
if (!rc)
|
||||||
|
rc = app->fnc.decipher (app, serialno,
|
||||||
pin_cb, NULL,
|
pin_cb, NULL,
|
||||||
indata, indatalen,
|
indata, indatalen,
|
||||||
r_buf, r_buflen);
|
r_buf, r_buflen);
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Change the PIN of an OpenPGP card or reset the retry counter. */
|
/* Change the PIN of an OpenPGP card or reset the retry counter. */
|
||||||
@ -886,6 +899,7 @@ agent_scd_change_pin (int chvno)
|
|||||||
APP app;
|
APP app;
|
||||||
char chvnostr[20];
|
char chvnostr[20];
|
||||||
int reset = 0;
|
int reset = 0;
|
||||||
|
int rc;
|
||||||
|
|
||||||
reset = (chvno >= 100);
|
reset = (chvno >= 100);
|
||||||
chvno %= 100;
|
chvno %= 100;
|
||||||
@ -895,8 +909,11 @@ agent_scd_change_pin (int chvno)
|
|||||||
return gpg_error (GPG_ERR_CARD);
|
return gpg_error (GPG_ERR_CARD);
|
||||||
|
|
||||||
sprintf (chvnostr, "%d", chvno);
|
sprintf (chvnostr, "%d", chvno);
|
||||||
return app->fnc.change_pin (app, NULL, chvnostr, reset,
|
rc = app->fnc.change_pin (app, NULL, chvnostr, reset,
|
||||||
pin_cb, NULL);
|
pin_cb, NULL);
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Perform a CHECKPIN operation. SERIALNO should be the serial
|
/* Perform a CHECKPIN operation. SERIALNO should be the serial
|
||||||
@ -906,12 +923,16 @@ int
|
|||||||
agent_scd_checkpin (const char *serialnobuf)
|
agent_scd_checkpin (const char *serialnobuf)
|
||||||
{
|
{
|
||||||
APP app;
|
APP app;
|
||||||
|
int rc;
|
||||||
|
|
||||||
app = current_app? current_app : open_card ();
|
app = current_app? current_app : open_card ();
|
||||||
if (!app)
|
if (!app)
|
||||||
return gpg_error (GPG_ERR_CARD);
|
return gpg_error (GPG_ERR_CARD);
|
||||||
|
|
||||||
return app->fnc.check_pin (app, serialnobuf, pin_cb, NULL);
|
rc = app->fnc.check_pin (app, serialnobuf, pin_cb, NULL);
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -924,12 +945,16 @@ agent_openpgp_storekey (int keyno,
|
|||||||
const unsigned char *e, size_t elen)
|
const unsigned char *e, size_t elen)
|
||||||
{
|
{
|
||||||
APP app;
|
APP app;
|
||||||
|
int rc;
|
||||||
|
|
||||||
app = current_app? current_app : open_card ();
|
app = current_app? current_app : open_card ();
|
||||||
if (!app)
|
if (!app)
|
||||||
return gpg_error (GPG_ERR_CARD);
|
return gpg_error (GPG_ERR_CARD);
|
||||||
|
|
||||||
return app_openpgp_storekey (app, keyno, template, template_len,
|
rc = app_openpgp_storekey (app, keyno, template, template_len,
|
||||||
created_at, m, mlen, e, elen,
|
created_at, m, mlen, e, elen,
|
||||||
pin_cb, NULL);
|
pin_cb, NULL);
|
||||||
|
if (rc)
|
||||||
|
write_status (STATUS_SC_OP_FAILURE);
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
@ -112,6 +112,7 @@ get_status_string ( int no )
|
|||||||
case STATUS_ENC_TO : s = "ENC_TO"; break;
|
case STATUS_ENC_TO : s = "ENC_TO"; break;
|
||||||
case STATUS_NODATA : s = "NODATA"; break;
|
case STATUS_NODATA : s = "NODATA"; break;
|
||||||
case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE"; break;
|
case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE"; break;
|
||||||
|
case STATUS_BAD_PASSPHRASE_PIN: s = "BAD_PASSPHRASE_PIN"; break;
|
||||||
case STATUS_NO_PUBKEY : s = "NO_PUBKEY"; break;
|
case STATUS_NO_PUBKEY : s = "NO_PUBKEY"; break;
|
||||||
case STATUS_NO_SECKEY : s = "NO_SECKEY"; break;
|
case STATUS_NO_SECKEY : s = "NO_SECKEY"; break;
|
||||||
case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM"; break;
|
case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM"; break;
|
||||||
@ -159,6 +160,8 @@ get_status_string ( int no )
|
|||||||
case STATUS_PLAINTEXT : s = "PLAINTEXT"; break;
|
case STATUS_PLAINTEXT : s = "PLAINTEXT"; break;
|
||||||
case STATUS_PLAINTEXT_LENGTH:s = "PLAINTEXT_LENGTH"; break;
|
case STATUS_PLAINTEXT_LENGTH:s = "PLAINTEXT_LENGTH"; break;
|
||||||
case STATUS_SIG_SUBPACKET : s = "SIG_SUBPACKET"; break;
|
case STATUS_SIG_SUBPACKET : s = "SIG_SUBPACKET"; break;
|
||||||
|
case STATUS_SC_OP_SUCCESS : s = "SC_OP_SUCCESS"; break;
|
||||||
|
case STATUS_SC_OP_FAILURE : s = "SC_OP_FAILURE"; break;
|
||||||
default: s = "?"; break;
|
default: s = "?"; break;
|
||||||
}
|
}
|
||||||
return s;
|
return s;
|
||||||
|
@ -107,6 +107,13 @@
|
|||||||
#define STATUS_NEED_PASSPHRASE_PIN 76
|
#define STATUS_NEED_PASSPHRASE_PIN 76
|
||||||
#define STATUS_SIG_SUBPACKET 77
|
#define STATUS_SIG_SUBPACKET 77
|
||||||
|
|
||||||
|
/* Extra status codes for certain smartcard operations. Primary
|
||||||
|
useful to double check that change PIN worked as expected. */
|
||||||
|
#define STATUS_BAD_PASSPHRASE_PIN 78
|
||||||
|
#define STATUS_SC_OP_FAILURE 79
|
||||||
|
#define STATUS_SC_OP_SUCCESS 80
|
||||||
|
|
||||||
|
|
||||||
/*-- status.c --*/
|
/*-- status.c --*/
|
||||||
void set_status_fd ( int fd );
|
void set_status_fd ( int fd );
|
||||||
int is_status_enabled ( void );
|
int is_status_enabled ( void );
|
||||||
|
@ -428,7 +428,8 @@ Wed Oct 14 09:55:25 1998 Werner Koch (wk@isil.d.shuttle.de)
|
|||||||
* config.sub: (freebsd): Add to maybe_os
|
* config.sub: (freebsd): Add to maybe_os
|
||||||
|
|
||||||
|
|
||||||
Copyright 1998, 1999, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
|
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004,
|
||||||
|
2005 Free Software Foundation, Inc.
|
||||||
|
|
||||||
This file is free software; as a special exception the author gives
|
This file is free software; as a special exception the author gives
|
||||||
unlimited permission to copy and/or distribute it, with or without
|
unlimited permission to copy and/or distribute it, with or without
|
||||||
|
Loading…
x
Reference in New Issue
Block a user