scd: First changes to implement a PIN cache.

* scd/command.c (pincache_put): New. Uses a dummy key for now. (pincache_get): New. * scd/app.c (select_application): Flush the PIN cache. (scd_update_reader_status_file): Ditto. (maybe_switch_app): Call the new prep_reselect function. (app_write_learn_status): Ditto. * scd/app-openpgp.c (cache_pin): New helper to cache a PIN. (verify_chv2): Call it. (verify_chv3): Call it. (clear_chv_status): Call it. (do_change_pin): Call it. * scd/app-common.h (struct app_ctx_s): Add function 'prep_select'. * scd/app-openpgp.c (do_prep_reselect): New stub function. (app_select_openpgp): Set new stub function. * scd/app-piv.c (do_prep_reselect): New stub function. (app_select_piv): Set new stub function. * scd/app-common.h (struct app_ctx_s): Add parameter ctrl to setattr, sign, auth, decipher, and check_pin. Change all implementations and callers to pass such a parameter. -- This is work in progress. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-03 22:56:33 +02:00 · 2020-01-07 18:45:33 +01:00 · 2020-01-07 18:45:33 +01:00 · fbf97a7856
commit fbf97a7856
parent d5c00354bb
11 changed files with 418 additions and 85 deletions
--- a/scd/app-common.h
+++ b/scd/app-common.h
@ -136,6 +136,7 @@ struct app_ctx_s {
  struct app_local_s *app_local;  /* Local to the application. */
  struct {
    void (*deinit) (app_t app);
+    gpg_error_t (*prep_reselect) (app_t app, ctrl_t ctrl);
    gpg_error_t (*reselect) (app_t app, ctrl_t ctrl);
    gpg_error_t (*learn_status) (app_t app, ctrl_t ctrl, unsigned int flags);
    gpg_error_t (*readcert) (app_t app, const char *certid,
@ -144,22 +145,22 @@ struct app_ctx_s {
                            const char *certid, unsigned int flags,
                            unsigned char **pk, size_t *pklen);
    gpg_error_t (*getattr) (app_t app, ctrl_t ctrl, const char *name);
-    gpg_error_t (*setattr) (app_t app, const char *name,
+    gpg_error_t (*setattr) (app_t app, ctrl_t ctrl, const char *name,
                    gpg_error_t (*pincb)(void*, const char *, char **),
                    void *pincb_arg,
                    const unsigned char *value, size_t valuelen);
-    gpg_error_t (*sign) (app_t app,
+    gpg_error_t (*sign) (app_t app, ctrl_t ctrl,
                 const char *keyidstr, int hashalgo,
                 gpg_error_t (*pincb)(void*, const char *, char **),
                 void *pincb_arg,
                 const void *indata, size_t indatalen,
                 unsigned char **outdata, size_t *outdatalen );
-    gpg_error_t (*auth) (app_t app, const char *keyidstr,
+    gpg_error_t (*auth) (app_t app, ctrl_t ctrl, const char *keyidstr,
                 gpg_error_t (*pincb)(void*, const char *, char **),
                 void *pincb_arg,
                 const void *indata, size_t indatalen,
                 unsigned char **outdata, size_t *outdatalen);
-    gpg_error_t (*decipher) (app_t app, const char *keyidstr,
+    gpg_error_t (*decipher) (app_t app, ctrl_t ctrl, const char *keyidstr,
                             gpg_error_t (*pincb)(void*, const char *, char **),
                             void *pincb_arg,
                             const void *indata, size_t indatalen,
@ -184,7 +185,7 @@ struct app_ctx_s {
                       const char *chvnostr, unsigned int flags,
                       gpg_error_t (*pincb)(void*, const char *, char **),
                       void *pincb_arg);
-    gpg_error_t (*check_pin) (app_t app, const char *keyidstr,
+    gpg_error_t (*check_pin) (app_t app, ctrl_t ctrl, const char *keyidstr,
                      gpg_error_t (*pincb)(void*, const char *, char **),
                      void *pincb_arg);
    gpg_error_t (*with_keygrip) (app_t app, ctrl_t ctrl, int action,