mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
scd: First changes to implement a PIN cache.
* scd/command.c (pincache_put): New. Uses a dummy key for now. (pincache_get): New. * scd/app.c (select_application): Flush the PIN cache. (scd_update_reader_status_file): Ditto. (maybe_switch_app): Call the new prep_reselect function. (app_write_learn_status): Ditto. * scd/app-openpgp.c (cache_pin): New helper to cache a PIN. (verify_chv2): Call it. (verify_chv3): Call it. (clear_chv_status): Call it. (do_change_pin): Call it. * scd/app-common.h (struct app_ctx_s): Add function 'prep_select'. * scd/app-openpgp.c (do_prep_reselect): New stub function. (app_select_openpgp): Set new stub function. * scd/app-piv.c (do_prep_reselect): New stub function. (app_select_piv): Set new stub function. * scd/app-common.h (struct app_ctx_s): Add parameter ctrl to setattr, sign, auth, decipher, and check_pin. Change all implementations and callers to pass such a parameter. -- This is work in progress. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
d5c00354bb
commit
fbf97a7856
11 changed files with 418 additions and 85 deletions
|
@ -2853,7 +2853,7 @@ micardo_mse (app_t app, unsigned short fid)
|
|||
that callback should return the PIN in an allocated buffer and
|
||||
store that as the 3rd argument. */
|
||||
static gpg_error_t
|
||||
do_sign (app_t app, const char *keyidstr, int hashalgo,
|
||||
do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
||||
gpg_error_t (*pincb)(void*, const char *, char **),
|
||||
void *pincb_arg,
|
||||
const void *indata, size_t indatalen,
|
||||
|
@ -2876,6 +2876,8 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
|
|||
int no_data_padding = 0; /* True if the card want the data without padding.*/
|
||||
int mse_done = 0; /* Set to true if the MSE has been done. */
|
||||
|
||||
(void)ctrl;
|
||||
|
||||
if (!keyidstr || !*keyidstr)
|
||||
return gpg_error (GPG_ERR_INV_VALUE);
|
||||
if (indatalen != 20 && indatalen != 16 && indatalen != 35 && indatalen != 36)
|
||||
|
@ -3208,7 +3210,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
|
|||
must match the criteria used for the attribute $AUTHKEYID. See
|
||||
do_sign for calling conventions; there is no HASHALGO, though. */
|
||||
static gpg_error_t
|
||||
do_auth (app_t app, const char *keyidstr,
|
||||
do_auth (app_t app, ctrl_t ctrl, const char *keyidstr,
|
||||
gpg_error_t (*pincb)(void*, const char *, char **),
|
||||
void *pincb_arg,
|
||||
const void *indata, size_t indatalen,
|
||||
|
@ -3231,7 +3233,7 @@ do_auth (app_t app, const char *keyidstr,
|
|||
}
|
||||
|
||||
algo = indatalen == 36? MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1;
|
||||
return do_sign (app, keyidstr, algo, pincb, pincb_arg,
|
||||
return do_sign (app, ctrl, keyidstr, algo, pincb, pincb_arg,
|
||||
indata, indatalen, outdata, outdatalen);
|
||||
}
|
||||
|
||||
|
@ -3415,6 +3417,7 @@ app_select_p15 (app_t app)
|
|||
}
|
||||
|
||||
app->fnc.deinit = do_deinit;
|
||||
app->fnc.prep_reselect = NULL;
|
||||
app->fnc.reselect = NULL;
|
||||
app->fnc.learn_status = do_learn_status;
|
||||
app->fnc.readcert = do_readcert;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue