mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
scd: Add option --clear to PASSWD.
* scd/command.c (cmd_passwd): Add option --clear. (send_status_printf): New. * scd/app-common.h (APP_CHANGE_FLAG_CLEAR): New. * scd/app-nks.c (do_change_pin): Return an error if that option is used. * scd/app-openpgp.c (do_change_pin): Ditto. -- Card application may support this option to clear the PIN verification status of a specific PIN. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 29929e65521279eabc98a67c766fe485057405a9)
This commit is contained in:
parent
9309175de8
commit
d4082ff430
@ -62,6 +62,7 @@ XGETTEXT_OPTIONS = \
|
|||||||
--flag=print_further_info:1:c-format \
|
--flag=print_further_info:1:c-format \
|
||||||
--flag=write_status_printf:2:c-format \
|
--flag=write_status_printf:2:c-format \
|
||||||
--flag=gpgconf_write_status:2:c-format \
|
--flag=gpgconf_write_status:2:c-format \
|
||||||
|
--flag=send_status_printf:3:c-format \
|
||||||
--flag=wks_write_status:2:c-format
|
--flag=wks_write_status:2:c-format
|
||||||
|
|
||||||
# This is the copyright holder that gets inserted into the header of the
|
# This is the copyright holder that gets inserted into the header of the
|
||||||
|
@ -26,8 +26,9 @@
|
|||||||
#include <ksba.h>
|
#include <ksba.h>
|
||||||
|
|
||||||
|
|
||||||
#define APP_CHANGE_FLAG_RESET 1
|
#define APP_CHANGE_FLAG_RESET 1 /* PIN Reset mode. */
|
||||||
#define APP_CHANGE_FLAG_NULLPIN 2
|
#define APP_CHANGE_FLAG_NULLPIN 2 /* NULL PIN mode. */
|
||||||
|
#define APP_CHANGE_FLAG_CLEAR 4 /* Clear the given PIN. */
|
||||||
|
|
||||||
/* Bit flags set by the decipher function into R_INFO. */
|
/* Bit flags set by the decipher function into R_INFO. */
|
||||||
#define APP_DECIPHER_INFO_NOPAD 1 /* Padding has been removed. */
|
#define APP_DECIPHER_INFO_NOPAD 1 /* Padding has been removed. */
|
||||||
|
@ -1169,6 +1169,9 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr,
|
|||||||
if (!newdesc)
|
if (!newdesc)
|
||||||
return gpg_error (GPG_ERR_INV_ID);
|
return gpg_error (GPG_ERR_INV_ID);
|
||||||
|
|
||||||
|
if ((flags & APP_CHANGE_FLAG_CLEAR))
|
||||||
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||||
|
|
||||||
err = switch_application (app, is_sigg);
|
err = switch_application (app, is_sigg);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
@ -2584,10 +2584,14 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
int pinlen = 0;
|
int pinlen = 0;
|
||||||
|
|
||||||
(void)ctrl;
|
(void)ctrl;
|
||||||
|
|
||||||
memset (&pininfo, 0, sizeof pininfo);
|
memset (&pininfo, 0, sizeof pininfo);
|
||||||
pininfo.fixedlen = -1;
|
pininfo.fixedlen = -1;
|
||||||
pininfo.minlen = minlen;
|
pininfo.minlen = minlen;
|
||||||
|
|
||||||
|
if ((flags & APP_CHANGE_FLAG_CLEAR))
|
||||||
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||||
|
|
||||||
if (reset_mode && chvno == 3)
|
if (reset_mode && chvno == 3)
|
||||||
{
|
{
|
||||||
rc = gpg_error (GPG_ERR_INV_ID);
|
rc = gpg_error (GPG_ERR_INV_ID);
|
||||||
|
@ -938,7 +938,7 @@ app_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, int reset_mode,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Perform a VERIFY operation without doing anything lese. This may
|
/* Perform a VERIFY operation without doing anything else. This may
|
||||||
be used to initialize a the PIN cache for long lasting other
|
be used to initialize a the PIN cache for long lasting other
|
||||||
operations. Its use is highly application dependent. */
|
operations. Its use is highly application dependent. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
|
@ -1192,12 +1192,13 @@ cmd_random (assuan_context_t ctx, char *line)
|
|||||||
|
|
||||||
|
|
||||||
static const char hlp_passwd[] =
|
static const char hlp_passwd[] =
|
||||||
"PASSWD [--reset] [--nullpin] <chvno>\n"
|
"PASSWD [--reset] [--nullpin] [--clear] <chvno>\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Change the PIN or, if --reset is given, reset the retry counter of\n"
|
"Change the PIN or, if --reset is given, reset the retry counter of\n"
|
||||||
"the card holder verification vector CHVNO. The option --nullpin is\n"
|
"the card holder verification vector CHVNO. The option --nullpin is\n"
|
||||||
"used for TCOS cards to set the initial PIN. The format of CHVNO\n"
|
"used for TCOS cards to set the initial PIN. The option --clear clears\n"
|
||||||
"depends on the card application.";
|
"the security status associated with the PIN so that the PIN needs to\n"
|
||||||
|
"be presented again. The format of CHVNO depends on the card application.";
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
cmd_passwd (assuan_context_t ctx, char *line)
|
cmd_passwd (assuan_context_t ctx, char *line)
|
||||||
{
|
{
|
||||||
@ -1210,6 +1211,8 @@ cmd_passwd (assuan_context_t ctx, char *line)
|
|||||||
flags |= APP_CHANGE_FLAG_RESET;
|
flags |= APP_CHANGE_FLAG_RESET;
|
||||||
if (has_option (line, "--nullpin"))
|
if (has_option (line, "--nullpin"))
|
||||||
flags |= APP_CHANGE_FLAG_NULLPIN;
|
flags |= APP_CHANGE_FLAG_NULLPIN;
|
||||||
|
if (has_option (line, "--clear"))
|
||||||
|
flags |= APP_CHANGE_FLAG_CLEAR;
|
||||||
|
|
||||||
line = skip_options (line);
|
line = skip_options (line);
|
||||||
|
|
||||||
@ -1220,6 +1223,11 @@ cmd_passwd (assuan_context_t ctx, char *line)
|
|||||||
line++;
|
line++;
|
||||||
*line = 0;
|
*line = 0;
|
||||||
|
|
||||||
|
/* Do not allow other flags aside of --clear. */
|
||||||
|
if ((flags & APP_CHANGE_FLAG_CLEAR) && (flags & ~APP_CHANGE_FLAG_CLEAR))
|
||||||
|
return set_error (GPG_ERR_UNSUPPORTED_OPERATION,
|
||||||
|
"--clear used with other options");
|
||||||
|
|
||||||
if ((rc = open_card (ctrl)))
|
if ((rc = open_card (ctrl)))
|
||||||
return rc;
|
return rc;
|
||||||
|
|
||||||
@ -1899,6 +1907,26 @@ send_status_direct (ctrl_t ctrl, const char *keyword, const char *args)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* This status functions expects a printf style format string. No
|
||||||
|
* filtering of the data is done instead the orintf formatted data is
|
||||||
|
* send using assuan_send_status. */
|
||||||
|
gpg_error_t
|
||||||
|
send_status_printf (ctrl_t ctrl, const char *keyword, const char *format, ...)
|
||||||
|
{
|
||||||
|
gpg_error_t err;
|
||||||
|
va_list arg_ptr;
|
||||||
|
assuan_context_t ctx;
|
||||||
|
|
||||||
|
if (!ctrl || !ctrl->server_local || !(ctx = ctrl->server_local->assuan_ctx))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
va_start (arg_ptr, format);
|
||||||
|
err = vprint_assuan_status (ctx, keyword, format, arg_ptr);
|
||||||
|
va_end (arg_ptr);
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
void
|
void
|
||||||
popup_prompt (void *opaque, int on)
|
popup_prompt (void *opaque, int on)
|
||||||
{
|
{
|
||||||
|
@ -123,6 +123,9 @@ int scd_command_handler (ctrl_t, int);
|
|||||||
void send_status_info (ctrl_t ctrl, const char *keyword, ...)
|
void send_status_info (ctrl_t ctrl, const char *keyword, ...)
|
||||||
GPGRT_ATTR_SENTINEL(1);
|
GPGRT_ATTR_SENTINEL(1);
|
||||||
void send_status_direct (ctrl_t ctrl, const char *keyword, const char *args);
|
void send_status_direct (ctrl_t ctrl, const char *keyword, const char *args);
|
||||||
|
gpg_error_t send_status_printf (ctrl_t ctrl, const char *keyword,
|
||||||
|
const char *format, ...) GPGRT_ATTR_PRINTF(3,4);
|
||||||
|
|
||||||
void popup_prompt (void *opaque, int on);
|
void popup_prompt (void *opaque, int on);
|
||||||
void send_client_notifications (app_t app, int removal);
|
void send_client_notifications (app_t app, int removal);
|
||||||
void scd_kick_the_loop (void);
|
void scd_kick_the_loop (void);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user