1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

1112 Commits

Author SHA1 Message Date
NIIBE Yutaka
b743942a97 scd: Add handling of Ed448 key.
* scd/app-openpgp.c (struct app_local_s): Add ecc.algo field.
(send_key_attr): Use ecc.algo field.
(ecc_read_pubkey): Use ecc.algo field.
(ecc_writekey): Ed448 means EdDSA.
(parse_algorithm_attribute): Set ecc.algo field from card.
Add checking for Ed25519 for ECC_FLAG_DJB_TWEAK flag.

--

There used to be a possible support of Ed25519 with ECDSA, (instead of
EdDSA).  To distinguish key for Ed25519 for EdDSA, we use the
flag: (flags eddsa).  Ed448 has no support for ECDSA and defaults to
EdDSA even if no such flag.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-03-15 17:02:32 +09:00
NIIBE Yutaka
f482e4bd12 scd: Fix count_sos_bits handling.
* scd/app-openpgp.c (count_sos_bits): Handle an exceptional case.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-03-15 17:00:56 +09:00
Werner Koch
5732e7a8e9
scd: New option --pcsc-shared.
* scd/scdaemon.h (opt): Add field opcsc_shared.
* scd/scdaemon.c (opcscShared): New.
(opts): Add "--pcsc-shared".
(main): Set flag.
* scd/apdu.c (connect_pcsc_card): Use it.
(pcsc_get_status): Take flag in account.
* scd/app-openpgp.c (cache_pin): Bypass in shared mode.
(verify_chv2: Do not auto verify chv1 in shared mode.
* scd/app-piv.c (cache_pin): By pass caceh in shared mode.
--

This option should in general not be used.  The patch tries to limit
bad effects but using shared mode is somewhat dangerous depending on
the other PC/SC users.
2021-03-12 09:31:17 +01:00
NIIBE Yutaka
95156ef9bf scd: Fix computing fingerprint for ECC with SOS.
* scd/app-openpgp.c (count_sos_bits): New.  Count as sos_write does.
(store_fpr): For ECC, use count_sos_bits.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-03-12 16:20:28 +09:00
Valtteri Vuorikoski
8cad11d13b
scd:piv: Improve APT parser compatibility.
* scd/app-piv.c (app_select_piv): Allow for full AID.
--

It appears that SP-800-73-x is not too clear about the format of these
objects. Many current cards (such as the Yubikey 5 series) apparently
have only the PIX in DO 0x4F and only the RID in object 0x79/0x4F.

However, other cards as well as the PivApplet Javacard applet have the
full AID in 0x4F (which actually seems closer to what the standard
says). PivApplet also has the full AID in 0x79/0x4F, but this is
probably incorrect. (Here is a long discussion of the matter from an
OpenSC author:
https://github.com/arekinath/PivApplet/issues/43#issuecomment-772649709)

[Taken from a mail to gnupg-devel date 2021-02-03.]

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-11 14:06:51 +01:00
Werner Koch
0f191a0707
scd:p15: Fix faulty removal of a test code change.
--

Fixes-commit: 08b5ac492afc6c6e7eaaa1f70d67c81cbda2c9be
2021-03-10 12:25:42 +01:00
Werner Koch
08b5ac492a
scd:p15: Support special extended usage flags for OpenPGP keys.
* scd/app-p15.c (struct gpgusage_flags_s): New.
(struct prkdf_object_s): Add field gpgusage.
(struct app_local_s): Add field any_gpgusage.
(dump_gpgusage_flags): New.
(read_p15_info): Parse athe gpgusage flags.
(do_getattr): Take care of the gpgusage flags.
--

This features allows to mark keys to be used for OpenPGP.  This is
done by putting additional extended key infos into the certificate
stored on the cards.  Only if any such extended key usage is detected
for a stored certificate this new mode chimes in.

This feature gives the card issuer a high flexibility on how to make
sure certain keys are used with OpenPGP.
2021-03-10 11:03:02 +01:00
Werner Koch
a1f281eeec
scd: Swapped openpgp card vendor 0x000a with new 0x000d.
--
2021-03-09 11:15:34 +01:00
Werner Koch
9f8361eda8
scd: Add new Openpgp card vendor name
--
2021-03-09 11:03:14 +01:00
NIIBE Yutaka
fc99f77b14 scd: Fix for X448.
* scd/app-openpgp.c (do_decipher): Support with no prefix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-03-08 16:23:26 +09:00
Werner Koch
d51a5ca108
scd:p15: Read out the access flags.
* scd/app-p15.c (struct keyaccess_flags_s): New.
(struct prkdf_object_s): Add field accessflags.
(dump_keyusage_flags): New.
(dump_keyaccess_flags): New.
(parse_keyaccess_flags): New.
(parse_common_key_attr): Return access flags.
(read_ef_prkdf): Parse the access flags.  Allow for ECkeys.
(read_ef_pukdf): Ditto.  Use new functions for printing.
(read_p15_info): Use new fucntion for printing.
2021-02-25 17:01:38 +01:00
Werner Koch
cfdaf2bcc8
scd:p15: Get the label value of all objects for better diagnostics.
* scd/app-p15.c (struct cdf_object_s): Add fields authid, authidlen,
and label.
(struct prkdf_object_s): Add field label.
(struct aodf_object_s): Ditto.
(release_cdflist): Free new fields.
(release_prkdflist): Free new field.
(release_aodf_object): Ditto.
(parse_common_obj_attr): Return the label.
(read_ef_prkdf): Store the label.
(read_ef_pukdf): Ditto.
(read_ef_cdf): Use parse_common_obj_attr and store authid and label.
Print them im verbose mode.
(read_ef_aodf): Store the label and print it.
2021-02-24 15:50:00 +01:00
Werner Koch
33aaa37e5b
scd:p15: Make it code work again for D-Trust cards.
* scd/app-p15.c (select_and_read_binary): Allow to skip the select.
(select_and_read_record): Return the statusword.  Silence error
message for SW_FILE_STRUCT.
(select_ef_by_path): Fix selection with a home_DF.
(read_first_record): Fallback to read_binary for CardOS and return
info about this.
(read_ef_prkdf): Use info from read_first_record to decide whether to
use record or binary mode.
(read_ef_pukdf): Ditto.
(read_ef_aodf): Ditto.
(read_ef_cdf): Ditto.  New arg cdftype for diagnostics.
(read_p15_info): Pass cdftype.

* scd/apdu.h (SW_FILE_STRUCT): New.
* scd/apdu.c (apdu_strerror): Map that one to a string.
* scd/iso7816.c (map_sw): and to a gpg-error.
2021-02-23 12:56:42 +01:00
Werner Koch
2490f4e8e1
scd: Fix readkey --info in case a readkey command is available.
* scd/command.c (do_readkey): Make --info also work if a readkey
command is available.

* scd/app-p15.c (cdf_object_from_certid): Fix a but introduced with
the previous commit.
2021-02-22 18:28:45 +01:00
Werner Koch
488eaedc9a
scd:p15: Extract extended usage flagsand act upon them.
* scd/app-p15.c: Add a couple of oid constants.
(struct cdf_object_s): Replace fields image and imagelen by cert.
(struct prkdf_object_s): Add extusage flags
(send_keypairinfo): Use them.
(cdf_object_from_certid): Factor parts out to ...
(cdf_object_from_objid): new function.
(read_ef_prkdf): Move info printing to ...
(read_p15_info): here.  Fill the extusage flags.
(readcert_by_cdf): Cache the ksba cert object instead of the binary
cert.
* scd/app.c (select_additional_application): Fix a log_debug call.
(scd_update_reader_status_file): Ditto.
--

This allows us to return only KEYPAIRINFO lines for keys we can
actually use.
2021-02-22 17:51:11 +01:00
Werner Koch
6d4280b13d
scd: Minor tweak for easier backporting
* scd/app-common.h (APP_CARD): New.  Use it in app-*.c to access
app->card.
--

This should help to make backporting to 2.2 easier.
2021-02-19 10:15:54 +01:00
Werner Koch
8a74b87261
scd:piv: Fix a typo in a string.
--
2021-02-18 16:08:02 +01:00
Werner Koch
0c080ed579
scd:p15: Read PuKDF and minor refactoring.
* scd/app-p15.c (pukdf_object_t): New.
(struct app_local_s): Add field public_key_info.
(release_pukdflist): New.
(select_and_read_record): No diagnostic in case of not_found.
(read_first_record): New.  Factored out from the read_ef_ fucntions.
(read_ef_pukdf): New.  Basically a copy of read_ef_prkdf for now.
(read_p15_info): Also read the public keys.

(cardtype2str): New.
(read_ef_tokeninfo): Print a string with the cardtype.
2021-02-02 12:38:03 +01:00
Werner Koch
1e197c29ed
scd:p15: Make file selection more robust.
* scd/app-p15.c: Include host2net.h.
(DEFAULT_HOME_DF): New.
(select_and_read_binary): Replace slot by app.  Change callers.  Use
select_ef_by_path.
(select_and_read_record): ditto.
(select_ef_by_path): Make use use the home_df.
(parse_certid): Adjust for always set home_df.
(print_tokeninfo_tokenflags): Ditto.
(app_select_p15): Take the home_df from the FCI returned by select.
--

This uses modern APDUs and always selectd starting at the PCKS-15 home
DF.  We could have made this much simpler but the goal is to keep
support for older cards although we can't test that easily.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-01-27 18:39:42 +01:00
Werner Koch
7620473cd0
scd: Define new status word
* scd/apdu.h (SW_NO_CURRENT_EF): New.
--

This merely to show better diagnostics.
Used for example by CardOS 5.3.
2021-01-27 18:31:12 +01:00
Werner Koch
5bcbc8cee3
scd:p15: Factor the commonKeyAttributes parser out.
* scd/app-p15.c (read_ef_prkdf): Fix detection of unsupported key
 objects.  Factor some code out to ...
(parse_common_key_attr): new.
--
2021-01-27 13:28:12 +01:00
Werner Koch
fb84674d6c
scd:p15: Factor the commonObjectAttributes parser out.
* scd/app-p15.c (parse_common_obj_attr): New.
(read_ef_prkdf): Use new function.
(read_ef_aodf): Ditto.
2021-01-26 19:10:12 +01:00
Werner Koch
fc287c0552
scd:p15: First step towards real CardOS 5 support.
* scd/iso7816.c (iso7816_select_path): Add arg from_cdf.
* scd/app-nks.c (do_readkey): Adjust for this change.

* scd/app-p15.c (CARD_TYPE_CARDOS_53): New.
(IS_CARDOS_5): New.
(card_atr_list): Add standard ATR for CardOS 5.3.
(select_and_read_binary): Remove the fallback to record read hack.
(select_and_read_record): New.
(select_ef_by_path): Rework and support CardOS feature.
(read_ef_prkdf): Use read record for CardOS.
(read_ef_cdf): Ditto.
(read_ef_aodf): Ditto.  Also fix bug in the detection of other
unsupported attribute types.
(verify_pin): Use IS_CARDOS_5 macro.
(app_select_p15): Force direct method for CardOS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-01-26 17:42:55 +01:00
Werner Koch
60499d9894
scd:p15: Show the ATR as part of the TokenInfo diagnostics.
* scd/app-p15.c (read_ef_tokeninfo): Print the ATR in verbose mode.
--

It is convenient to see the ATR close to the other info,

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-01-21 10:44:43 +01:00
Ingo Klöcker
8fe976d5b9 scd:nks: Add support for signing plain SHA-3 digests.
* scd/app-nks.c (do_sign): Handle plain SHA-3 digests and verify
encoding of ASN.1 encoded hashes.
--

This makes it possible to create CSRs for NetKey card keys which are
signed with SHA256 by default.

GnuPG-bug-id: 5184
2021-01-06 12:19:11 +01:00
NIIBE Yutaka
3b39263088 scd:nks: Support READKEY with keygrip and for "NKS-IDLM" keyref.
* scd/app-nks.c (do_readkey): Allow KEYGRIP access.
Support NKS-IDLM.XXXX keyref.

--

GnuPG-bug-id: 5150
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-11 14:08:40 +09:00
NIIBE Yutaka
b7c087375d scd:nks: Factor out pubkey retrieval from keygrip handling.
* scd/app-nks.c (pubkey_from_pk_file): New.
(keygripstr_from_pk_file): Use pubkey_from_pk_file.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-11 14:06:52 +09:00
NIIBE Yutaka
4020cd9d65 scd:nks: Add support of KEYGRIP for do_readcert.
* scd/app-nks.c (do_readcert): Support KEYGRIP.

--

GnuPG-bug-id: 5150
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-10 10:40:35 +09:00
NIIBE Yutaka
6c43658476 scd:nks: Factor out iteration over filelist.
* scd/app-nks.c (iterate_over_filelist): New.
(do_with_keygrip): Use iterate_over_filelist.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-10 10:40:11 +09:00
NIIBE Yutaka
a9aa30ed2c scd:ccid:spr532: Extend abort_cmd for initialization time.
* scd/ccid-driver.c (abort_cmd): Add INIT argument to support
synchronize until success, even ignoring timeout.
(bulk_in): Normal use case of abort_cmd.
(ccid_vendor_specific_init): Initial use case of abort_cmd.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-09 12:54:43 +09:00
NIIBE Yutaka
f503730272 scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup.
* scd/ccid-driver.c (ccid_vendor_specific_setup): Only for SPR532,
call libusb_clear_halt.

--

GnuPG-bug-id: 5167
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-09 12:52:08 +09:00
NIIBE Yutaka
ffabc29d5e scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR.
* scd/ccid-driver.c (ccid_setup_intr): Don't call libusb_clear_halt.

--

GnuPG-bug-id: 5167
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-09 12:40:47 +09:00
NIIBE Yutaka
946555ea3c scd:yubikey: Fix support of Yubikey NEO.
* scd/app-openpgp.c (get_public_key): Yubikey NEO also has this issue.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-08 17:45:18 +09:00
NIIBE Yutaka
87d2c579cc scd:nks: Fix caching keygrip (more).
* scd/app-nks.c (keygripstr_from_pk_file): Distinguish by APP_ID.

--

GnuPG-bug-id: 5150, 5161
Fixes-commit: 920154370834ad8d947aed19c9d914a27dde6baa
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-03 16:21:49 +09:00
NIIBE Yutaka
54b88ae460 scd: Fix KEYINFO command with --data option.
* scd/command.c (cmd_keyinfo): Handle --data option correctly.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-03 15:28:35 +09:00
NIIBE Yutaka
a25c99b156 scd:openpgp: Fix writing ECC key to card.
* scd/app-openpgp.c (build_privkey_template): Adding another argument
of ecc_d_fixed_len to handle variable-size MPI.

--

GnuPG-bug-id: 5163
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-03 15:04:14 +09:00
Werner Koch
806547d9d2
scd:nks: Minor additions to the basic IDLM application support.
* scd/app-nks.c (filelist): Use special value -1 for IDLM pubkeys.
(keygripstr_from_pk_file): Handle special value.
(do_readcert): Ditto.
(do_writecert): Ditto.
--

This allows to get information about the keys from the card.  However
the do_readkey still requires a fallback to readcert.  This does not
work because there are no certificates yet on the card.  The fix is to
fully implement do_readkey.
2020-11-30 10:12:46 +01:00
Werner Koch
0e34683a6c
scd: New getinfo sub-command apdu_strerror.
* scd/apdu.c (apdu_strerror): Add missing status codes.
* scd/command.c (cmd_getinfo): New sub-command apdu_strerror.
--

This is quite handy for gpg-card's APDU command and avoids that we
need to duplicate the mapping table or put it into a shared file.
2020-11-27 11:14:30 +01:00
NIIBE Yutaka
bb591222c3 scd:ccid-driver: Fix pinpad error handling for cancel/timeout.
* scd/apdu.h (SW_HOST_UI_CANCELLED, SW_HOST_UI_TIMEOUT): New.
* scd/ccid-driver.h (CCID_DRIVER_ERR_UI_CANCELLED): New.
(CCID_DRIVER_ERR_UI_TIMEOUT): New.
* scd/ccid-driver.c (bulk_in): Handle PIN input cancel/timeout error.
* scd/iso7816.c (map_sw): Support SW_HOST_UI_CANCELLED and
SW_HOST_UI_TIMEOUT.

--

GnuPG-bug-id: 4614
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-27 15:17:56 +09:00
Werner Koch
7113263a00
agent: Fix YK s/n and prettify the request card prompt for Yubikeys
* agent/divert-scd.c (ask_for_card): Detect and re-format the Yubikey
prompt.
* scd/app.c (app_munge_serialno): Fix Yubikey s/n munging.
(card_get_dispserialno): Ditto.
* scd/app-openpgp.c (get_disp_serialno): Remove.
(get_prompt_info): Use app_get_dispserialno.--
--
2020-11-26 15:56:37 +01:00
Werner Koch
d784e76349
scd: Do not try to use a non-enabled app after card switching.
* scd/app.c (app_dump_state): Also print the refcount.
(maybe_switch_app): Make sure the app exists on the card.
--

When switching the current card and the card does not support the same
apps as the former, we now reset the app to the first one.

Testcase is to use a standard OpenPGP card and a P15 card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-26 12:16:56 +01:00
Werner Koch
764c69a841
scd: Add special serialno compare for OpenPGP cards.
* scd/app.c (is_same_serialno): New.
(check_application_conflict): Use this.
(select_application): Ditto.
(app_switch_current_card): Ditto.
* scd/app-openpgp.c (check_keyidstr): Ignore the card version and also
compare case insensitive.
--

This is required because we change what we emit as serialno of OpenPGP
cards but existing keys still use the old form of the serial
number (i.e. with a firmware version).

See-commit: 3a8250c02031080c6c8eebd5dea03f5f87f9ddd7
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-26 09:54:23 +01:00
NIIBE Yutaka
9201543708 scd,nks: Fix caching keygrip.
* scd/app-nks.c (keygripstr_from_pk_file): Identify by cfid if
available.

--

GnuPG-bug-id: 5150
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-26 09:35:35 +09:00
Werner Koch
00037f499d
scd:p15: Print the internal card type.
* scd/app-p15.c (read_ef_tokeninfo): Print the internal card type.
2020-11-25 15:48:20 +01:00
Werner Koch
c7b9a4ee43
scd:p15: Improve support for some CardOS based cards.
* scd/iso7816.c (iso7816_read_binary_ext): Add optional arg r_sw and
change callers.
(iso7816_read_record): Factor all code out to ...
(iso7816_read_record_ext): new.
* scd/app-p15.c (select_and_read_binary): Fallback to record reading.
(read_ef_aodf): Clear EOF error.
2020-11-25 15:27:21 +01:00
Werner Koch
3a8250c020
scd: Rework the handling of the displayed serial number.
* scd/app.c (app_new_register): Call app_munge_serialno for Yubikeys.
(app_munge_serialno): Handle Yubikey serial numbers.
(card_get_serialno): Remove special Yubikey treatment.  Drop arg
is_canonical.
(app_get_serialno): Clear ERRNO on error.
(card_get_dispserialno): New.  Also change formatting of Yubikey and
OpenPGP numbers to match those printed on the card.
(app_get_dispserialno): New.
* scd/app-openpgp.c (do_getattr): Use app_get_dispserialno.
(yubikey_get_serialno): Remove.
* scd/app-piv.c (get_dispserialno): Remove.
(do_getattr): Use app_get_dispserialno.
--

This patch gets us back to a unique serial number for cards and
provides a stable serial number as printed for Yubikeys.

Because we use a slightly different serial number now for Yubikeys and
cards only supporting OpenPGP card we need to come up with another
change so that the version number of OpenPGP serial numbers are
ignored when comparing card serial numbers.  This is so that existing
stub keys of gpg-agent will continue to work.

GnuPG-bug-id: 5100
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-25 10:23:55 +01:00
NIIBE Yutaka
c3a20c88fb scd: Fix an error return for READKEY.
* scd/command.c (cmd_readkey): Return when error.

--

GnuPG-bug-id: 5150
Suggested-by: Ingo Klöcker
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-25 11:38:15 +09:00
NIIBE Yutaka
006944b856 scd,nks: Fix SEGV for learn for older card.
* scd/app-nks.c (keygripstr_from_pk_file): Set algostr.

--

GnuPG-bug-id: 5144
Fixes-commit: 26da47ae53d51e16ae6867cd419ddbf124a94933
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-25 10:32:28 +09:00
Gavin L. Rebeiro
572bcacc28
doc: Fix typos
--
GnuPG-bug-id: 5071

Also fixed one in keyformat.txt [wk].
2020-11-23 12:11:15 +01:00
NIIBE Yutaka
cc8b99d18e Fix the previous comment changes help doc string.
* scd/command.c (hlp_learn): Fix the doc string.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-20 17:17:30 +09:00
Werner Koch
23f1fc766a
scd: Do not print reader status change with --debug cardio.
--

... but use --debug reader for this.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit bd3b698d8ec427a02f2fa793777f2a88bc356f25)
2020-11-11 15:23:26 +01:00
Werner Koch
8fb0d5e3c7
card: Run factory-reset in locked stated.
* scd/command.c (reset_notify): Add option --keep-lock.
(do_reset): Add arg keep_lock.
(cmd_lock): Send progress status.
* g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs.
* g10/card-util.c (send_apdu): Ditto.
(factory_reset): Use lock commands.
--

This is required so that for example Kleopatra does not detect the
RESET and issues a SERIALNO of its own, thus conflicting with our
SERIALNO undefined.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 13:41:26 +01:00
NIIBE Yutaka
f808012ac2 scd: Use lock_slot for apdu_send_direct.
* scd/apdu.c (apdu_send_direct): Use lock_slot.

--

With trylock_slot, it may return SW_HOST_BUSY.  This may occur when
apdu_get_status is called by scd_update_reader_status_file.

Simply using lock_slot is much easier for user of apdu_send_direct.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-05 16:10:49 +09:00
NIIBE Yutaka
484bafda4d scd: Internal CCID driver: Fix a race condition on close.
* scd/ccid-driver.c (ccid_require_get_status): For VENDOR_SCM reader,
return 0 only at the initial call.
(bulk_in): Don't detect an error for VENDOR_SCM reader, just kicking
the loop, to invoke scd_update_reader_status_file, which calls
ccid_slot_status again.
(ccid_slot_status): Move the call of ccid_vendor_specific_setup to...
(ccid_get_atr): ... here.

--

For readers with interrupt transfer support, it is only intr_cb which
sets handle->powered_off to 1.  Keeping this condition makes no race.
The function ccid_slot_status can also detect a communication error,
which causes apdu_close_reader (but not setting ->powered_off).

GnuPG-bug-id: 5121
Fixes-commit: 920f258eb6018ecec1d63bad6a0fb0772f72affa
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-05 16:10:15 +09:00
NIIBE Yutaka
e59d2b3632 scd: Handle canonical serialno and app specific serialno differently.
* scd/app-common.h (card_get_serialno): Add IS_CANONICAL arg.
* scd/app.c (app_send_devinfo): Use app specific serialno.
(card_get_serialno): Support two different cases.
(app_get_serialno): Return app specific serialno.
(send_serialno_and_app_status): Return canonical serialno.
* scd/command.c (cmd_serialno): Return app specific serialno.
(cmd_learn): Return canonical serialno.

--

GnuPG-bug-id: 5100
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-27 14:35:20 +09:00
NIIBE Yutaka
8264b10d33 scd: Flush the cache when writing cert data object.
* scd/app-piv.c (do_writecert): Flush the cache of the data object.

--

Suggested-by: Ingo Klöcker
GnuPG-bug-id: 5102
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-26 14:29:31 +09:00
NIIBE Yutaka
31def32eee scd: Internal CCID driver thing only for SPR532.
* scd/ccid-driver.c (ccid_vendor_specific_setup): New.  Limit
only for SPR532, excluding other readers by SCM.
(ccid_slot_status): Use ccid_vendor_specific_setup.

--

We follow the setup procedure of libccid implementation, which sends
the escape command for SPR532 only.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-26 11:38:47 +09:00
NIIBE Yutaka
3c6b5dfa2a scd: Internal CCID driver limiting only for SPR532.
* scd/ccid-driver.c (ccid_vendor_specific_init): Only do that for
SPR532.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-24 11:01:10 +09:00
Werner Koch
32f336d955
common: Allow building with released libgpg-error.
* common/sysutils.c (gnupg_access) [W32]: Fix for older libgpgrt.
--

Fixes-commit: c94ee1386e0d5cdac51086c4d5b92de59c09c9b5
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-23 20:16:18 +02:00
NIIBE Yutaka
2d4de4b6f0 scd: Handle Yubikey's multiple apps and serialno.
* scd/app-common.h (yubikey_get_serialno): New.
* scd/app-openpgp.c (yubikey_get_serialno): New.
* scd/app.c (card_get_serialno): Use OpenPGP app's serialno,
when it's enabled for Yubikey.
(send_serialno_and_app_status): Use card_get_serialno, not
directly accessing ->serialno.

--

GnuPG-bug-id: 5100
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-23 16:31:03 +09:00
NIIBE Yutaka
c8cc35dd2c scd: Use app_get_serialno for app_getattr.
* scd/app.c (app_getattr): Use app_get_serialno.

--

GnuPG-bug-id: 5100
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-23 15:25:07 +09:00
NIIBE Yutaka
65c91e601a scd: Don't overwrite serialno for Yubikey.
* scd/app-openpgp.c (app_select_openpgp): Keep ->serialno.

--

GnuPG-bug-id: 5100
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-23 15:19:53 +09:00
NIIBE Yutaka
41505f0ae5 scd,openpgp: Use app_get_serialno function to get SERIALNO.
* scd/app-openpgp.c (check_keyidstr): Don't directly access
app->serialno, but use app_get_serialno.
(do_with_keygrip): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-23 15:14:12 +09:00
Werner Koch
390497ea11
Replace most of the remaining stdio calls by estream calls.
--

We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change.  At a
very few places we keep using stdio (for example due to the use of
popen).

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-20 12:15:56 +02:00
NIIBE Yutaka
920f258eb6 scd: Internal CCID driver: More fix for SPR532.
* scd/ccid-driver.c (bulk_in): Handle the case of missing intr_cb.

--

GnuPG-bug-id: 5065
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-30 10:56:38 +09:00
NIIBE Yutaka
862d9c6fac scd: Report any error for LEARN command.
* scd/app-openpgp.c (do_learn_status): Report any error.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-30 10:48:49 +09:00
NIIBE Yutaka
1444203ca3 scd: Internal CCID driver fix.
* scd/ccid-driver.c (intr_cb): More useful debug output.
(ccid_slot_status): Remove redundant condition.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-29 13:27:19 +09:00
NIIBE Yutaka
6af978713e scd: Internal CCID driver: Call libusb_clear_halt at ccid_setup_intr.
* scd/ccid-driver.c (ccid_setup_intr): Reset the endpoint.
(ccid_vendor_specific_init): Don't call libusb_clear_halt.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-29 13:25:14 +09:00
NIIBE Yutaka
d561c936a2 scd: Internal CCID driver: Fix a failure path.
* scd/ccid-driver.c (ccid_open_usb_reader): On error, call
libusb_release_interface.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-28 15:55:44 +09:00
NIIBE Yutaka
b1e8072320 scd: Internal CCID: Handle LIBUSB_ERROR_TIMEOUT at ccid_get_atr.
* scd/ccid-driver.c (ccid_slot_status): Handle LIBUSB_ERROR_TIMEOUT.

--

With SPR532, at the first connection, it fails by
LIBUSB_ERROR_TIMEOUT, but no retry.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-28 15:52:42 +09:00
NIIBE Yutaka
c5e8ef3ab9 scd: Internal CCID: Clear the handle after use.
* scd/apdu.c (close_ccid_reader): Clear the handle.
(open_ccid_reader): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-28 13:33:20 +09:00
NIIBE Yutaka
684a52dffa scd: Change handling of SPR532 card reader.
* scd/ccid-driver.c (ccid_vendor_specific_init): Put some workaround
for SPR532 initialization.
(ccid_slot_status): Send ESCape command after GetSlotStatus.

GnuPG-bug-id: 5065
Fixes-commit: 4fae55f8ee11b3f710524e5e8b8a91b159949f2d
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-28 13:29:51 +09:00
NIIBE Yutaka
93e3c97889 scd: For PC/SC, send the ESC command at init for SPR532 reader.
* scd/apdu.c (struct reader_table_s): Remove is_spr532.
(pcsc_vendor_specific_init): Send the ESC command for SPR532.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Remove no_lc hack.

--

The "no_lc" hack lets PC/SC-lite send the ESC command for SPR532
internally, for pcsc_pinpad_verify.  However, PC/SC-lite doesn't do
that for pcsc_pinpad_modify, unfortunately.  Besides, I'm not sure
this hack works on Windows, which has different implementation of
PC/SC service.

It's better to send the ESC command by the driver explicitly, at the
initialization.  Sending the ESC command results PCSC_E_NOT_TRANSACTED
error when a card is not active (that is the case, usually).  We
ignore this error.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-25 11:24:39 +09:00
NIIBE Yutaka
4fae55f8ee scd: For SPR532, submit the ESCape command at initialization.
* scd/ccid-driver.c (ccid_vendor_specific_init): Submit the ESC
command for VENDOR_SCM.
(ccid_transceive_secure): Don't submit the ESC command every time.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-25 10:35:45 +09:00
NIIBE Yutaka
7cbb513a2d scd: Fix CCID internal driver for interrupt transfer.
* scd/ccid-driver.c (intr_cb): Handle the case of multiple messages.

--

SPR532 USB Smart Card Reader (also know as SPR332) may send two
messages at once for a single interrupt transfer.  An example transfer
observed was like: 50 03 50 02, which is considered valid, according
to the CCID specification.

GnuPG-bug-id: 5065
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-24 17:05:13 +09:00
Werner Koch
26da47ae53
scd: Extend KEYPAIRINFO with an algorithm string.
* scd/app-openpgp.c (send_keypair_info): Emit the algo string as part
of a KEYPAIRINFO.
* scd/command.c (do_readkey): Ditto.
* scd/app-piv.c (do_readkey): Ditto.
* scd/app-nks.c (do_learn_status_core): Ditto.
(struct fid_cache_s): Add field algostr.
(flush_fid_cache): Release it.
(keygripstr_from_pk_file): Fill it and add it to the cache.  Use a
single exit label.
* scd/app-help.c (app_help_get_keygrip_string_pk): Add new arg
r_algostr.  Change all callers.
--

This is helpful so that callers do not need to parse the key for this
basic information.  Use "scd readkey --info-only" to return the info
status line instead of the key material; using just --info returns the
info in addition to the key material.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-21 14:47:53 +02:00
NIIBE Yutaka
8ff3663027 scd: Clear PIN cache when changing key attributes.
* scd/app-openpgp.c (change_keyattr): Clear all PINs.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-16 13:13:29 +09:00
NIIBE Yutaka
f4c07fc3d3 scd: Clear caching PIN at KDF setup.
* scd/app-openpgp.c (do_setattr): Clear PINs.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-16 13:04:59 +09:00
NIIBE Yutaka
316a8cbc75 scd: Add better support for KDF feature.
* scd/app-openpgp.c (do_setattr): Handle kdf-seup "off" for Gnuk.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-16 12:58:30 +09:00
NIIBE Yutaka
8dfd0ebfd8 gpg,scd: Fix handling of KDF feature.
* g10/card-util.c (kdf_setup): Fix the default value.
* scd/app-openpgp.c (do_setattr): Support kdf-setup "off" by
Zeitcontrol.  Make sure Gnuk and Yubikey work well.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-16 12:49:20 +09:00
NIIBE Yutaka
6e51f2044a scd: Fix the use case of verify_chv2 by CHECKPIN.
* scd/app-openpgp.c (verify_chv2): Call verify_a_chv with chvno=1
when needed.

--

Confusingly, verify_chv2 has two different purposes;  One for
verifying with CHV2 (in addition to CHV1), and the call by
CHECKPIN.  For the latter, we should check CHV1.

Fixes-commit: af189be481df02a77e088aa0a60a1fc02dfa12bf
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-15 15:31:23 +09:00
Werner Koch
fbc1b199fd
scd:piv: Avoid conflict when writing a cert.
* scd/app-piv.c (map_curve_name_to_oid): New.
(my_cmp_public_key): New.
(do_writecert): Replace simple memcmp by cmp_canon_sexp.
--

GnuPG-bug-id: 5061
2020-09-11 15:47:39 +02:00
NIIBE Yutaka
d4cb774ddd scd: Flush KDF DO (0x00F9) when it's being set.
* scd/app-openpgp.c (do_setattr): Call flush_cache_item always.

--

Only it was called when there was an object with KDF_DATA_LENGTH_MAX.
No matter the VALUELEN, it should be flushed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-10 15:20:01 +09:00
NIIBE Yutaka
0db9c83555 scd: Add a workaround for Yubikey.
* scd/app-openpgp.c (get_public_key): Handle wrong code for Yubikey.

--

Yubikey version 5 s/n 609074582 returns 0x6982, version 5.2.4 s/n
610616049 returns 0x6581, where 0x6a88 is expected.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-08 11:41:33 +09:00
NIIBE Yutaka
270c49b8c6 scd: Fix handling 0x00FA to support OpenPGP card 3.4.
* scd/app-openpgp.c (data_objects): It may be longer.

Fixes-commit: 90d0072165cc5c6888f14462392a211de0c4b232
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-07 14:24:48 +09:00
Werner Koch
0e721b635d
scd: Increase the number of supported readers from 4 to 16.
--

The limit on 4 readers I introduced in 2003 is too low for some of our
use cases.  16 looks better.   TODO: Return a useful error message in
gpg-card if the limit has been reached.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-04 12:51:54 +02:00
NIIBE Yutaka
43bbc25b0f scd: Support GET DATA response with no header for DO 0x00FA.
* scd/app-openpgp.c (do_getattr): Support Gnuk, as well.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-04 17:16:59 +09:00
NIIBE Yutaka
eba2563dab scd: Parse "Algorithm Information" data object in scdaemon.
* scd/app-openpgp.c (data_objects): 0x00FA for binary data.
(do_getattr): Parse the data and send it in status lines.
(get_algorithm_attribute_string): New.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-04 13:12:57 +09:00
NIIBE Yutaka
90d0072165 scd: Add handling of "Algorithm Information" DO.
* cd/app-openpgp.c (data_objects): Add 0x00FA.
(do_getattr): Add KEY-ATTR-INFO.

--

See the section 4.4.3.11 Algorithm Information in the OpenPGP card
functional specification version 3.4.1.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-03 19:58:10 +09:00
Werner Koch
a0a4744bd0
scd: New option to APDU command to return the ATR as data.
* scd/command.c (cmd_apdu): Add new option --data-atr.
* tools/gpg-card.c (cmd_apdu): Use that here.  Also fix the --exlen
option and do not print the statusword in atr mode.
* tools/card-call-scd.c (scd_apdu): Detect atr mode anddon't assume a
status word.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-27 11:55:37 +02:00
Werner Koch
95b5a852e2
scd: Fix reading of the ATR for card type detection.
* scd/app.c (app_new_register): Do not use apdu_get_slot.
--

apdu_get_slot() may only be used after the APP has been initialized.
Thus we need to pass teh slot here directly.

Fixes-commit: 9f148360a2bf04672b43ef7cec48e21d44b06ae1
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-27 11:53:06 +02:00
NIIBE Yutaka
9f148360a2 scd: Add heuristics to identify cardtype.
* scd/app-common.h (cardtype_t): Add CARDTYPE_GNUK and
CARDTYPE_ZEITCONTROL.
* scd/app.c (strcardtype): Handle CARDTYPE_GNUK and
CARDTYPE_ZEITCONTROL.
(app_new_register): Detect Gnuk and Zeit Control implementation
by examining its ATR string.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-27 14:32:04 +09:00
NIIBE Yutaka
af189be481 scd: Add condition for VERIFY with 0x82.
* scd/app-openpgp.c (verify_chv2): Check availability of keys in
question.

--

With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available,
it fails decrementing the signature error counter.  This change
can avoid the issue.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-27 10:41:51 +09:00
NIIBE Yutaka
4fa0a65676 scd: Fix possible uninitialized variables.
* scd/app-openpgp.c (do_change_pin): Initialize resultlen2.
(do_change_pin): Don't call wipe_and_free on the error path.
Initialize bufferlen2.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-19 11:39:22 +09:00
Werner Koch
2af884c643
scd: Log info about CCIDs with permission problems.
* scd/apdu.c (open_ccid_reader): Add arg r_cciderr.
(apdu_open_reader): Print a note on EPERM of the USB device.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-12 16:44:22 +02:00
Werner Koch
9a8d7e41bb
scd: Map some error codes from libusb to ccid-driver error codes.
* scd/ccid-driver.h (CCID_DRIVER_ERR_USB_*): New error codes.
* scd/apdu.h: New SW_HOST error codes.
* scd/apdu.c (host_sw_string): Print them
* scd/ccid-driver.c (map_libusb_error): New.
(ccid_open_usb_reader, bulk_in, abort_cmd): Map libusb error codes.
* scd/iso7816.c (map_sw): Map new codes to gpg-error.
--

This change will help to get low level error conditions from hipher
application code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-12 16:06:49 +02:00
Werner Koch
cbf203801e
scd:piv: Allow signing using PSS.
* scd/app-piv.c (do_sign): Allow for PSS.
--

This has been tested with Scute and Openvpn.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-10 10:22:42 +02:00
Werner Koch
bb096905b9
agent: Add option --pss to pksign to be used by smartcards.
* agent/command.c (cmd_sethash): Add option --pss and allow for
--hash=null.
* agent/agent.h (struct server_control_s): Add digest.is_pss and
zero where needed.
* agent/pksign.c (agent_pksign_do): Allow for PSS with cards.
* scd/command.c (cmd_pksign): Add for --hash=none.
--

This is not a full implementaion of PSS but allows scdaemon card
drivers to detect already PSS formatted data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-10 10:22:42 +02:00
NIIBE Yutaka
2a34a2afea scd: Silence compiler warning.
* scd/app-openpgp.c (build_ecc_privkey_template): Fix allocation size.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-31 17:03:09 +09:00
NIIBE Yutaka
daa2cec6a5 scd: Fix closing reader and reeleasing context in PC/SC.
* scd/apdu.c (close_pcsc_reader): Unlock the reader_table_lock.
(apdu_dev_list_finish): Release the context when no readers.

--

Fixes-commit: 46d185f60397f68830bfdfb99627b29aea5016f1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-17 20:42:38 +09:00
NIIBE Yutaka
46d185f603 scd: PC/SC: Don't release the context when it's in use.
* scd/apdu.c (close_pcsc_reader): Check if it's not in the loop.

--

GnuPG-bug-id: 4998
Reported-by: Kevin Locke
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-17 11:11:45 +09:00
Werner Koch
c1663c690b
scd:nks: Implement writecert for the Signature card v2.
* scd/iso7816.c (CMD_UPDATE_BINARY): New.
(iso7816_update_binary): New.
* scd/app-nks.c (do_deinit): Factor some code out to...
(flush_fid_cache): new.
(do_writecert): New.
(app_select_nks): Register new handler.
--

This can be used with gpg-card to write the 3 extra certificates of a
Telesec TCOS Signature Card v2.  The card with the qualified signature
is distributed with the keys for encryption and advanced signatures
but without the certificates.  The certificates can be downloaded from
the website after an mail confirmation.  Unpacked the downloaded
zipfile has these certificates:

  auth_zert.crt
  sig_zert.crt
  enc_zert.crt

Using gpg-card issue these commands:

 writecert NKS-NKS3.4531 <sig_zert.crt
 writecert NKS-NKS3.45B1 <enc_zert.crt
 writecert NKS-NKS3.4571 <auth_zert.crt

Don't mix that up, tight now there is no checking that the
certificates match the public key.  I also need to write another patch
to actually implement signing and encryption with these nistp256
certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-02 18:35:34 +02:00
Werner Koch
07aef873eb
scd:nks: Fix certificate read problem with TCOS signature card v2.
* scd/app-nks.c (filelist): Add a dedicated key entry for ESIGN.
(do_readcert): Test for the app_id.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-30 14:41:49 +02:00
Werner Koch
58b091df83
scd: Change how the removed card flag is set.
* scd/command.c (cmd_serialno): Set/clear card removed flags for all
connections using the current card.
--

This seems to solve the problems I had in gpg-card and ssh.  I am not
sure why the old code was done this way - maybe an oversight when
adding support for multiple cards.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-30 14:41:49 +02:00
Werner Koch
9b6f574928
scd: Shorten cardio debug output for all zeroes.
* scd/apdu.c (all_zero_p): New.
(send_le): Use it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-29 15:04:08 +02:00
Werner Koch
2429e85598
scd:nks: Fix remaining tries warning in --reset mode.
* scd/app-nks.c (do_change_pin): Chnage computaion of 'remaining'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-25 11:27:26 +02:00
Werner Koch
61bb75d045
build: Fix recent commit for SOURCE_DATE_EPOCH.
--

Fixes-commit: 074ab108e768b2f946d789c1f3a7f14a65e07c52
which was recently pushed to make use of $SOURCE_DATE_EPOCH
as fallback.

Also fixes two typos
2020-06-08 18:45:55 +02:00
NIIBE Yutaka
f3df8dbb69 scd: Fix condition for C5 data object for newer Yubikey.
* scd/app-openpgp.c (compare_fingerprint): Relax the condition.

GnuPG-bug-id: 4957
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-29 11:18:50 +09:00
Werner Koch
2149676122
scd:openpgp: New KEY-STATUS attribute.
* scd/app-openpgp.c (do_getattr): Return KEY-STATUS
2020-05-27 13:47:13 +02:00
Werner Koch
11f0700282
scd:openpgp: Add attribute "UIF" for convenience.
* scd/app-openpgp.c (do_getattr): New attrubute "UIF".
(do_learn_status): Use that.
--

Actually this is not just convenience but will make it easier to add
new keys to an openpgp card - we will need to change this only at one
place.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-26 16:24:12 +02:00
Werner Koch
2009088670
scd: Fix Yubikey app switching problem
* scd/app.c (select_all_additional_applications_internal): Re-select
first app.  Add arg 'ctrl'.
--

Usually keygrip based access to the Yubikey does a switching back and
forth and thus keeps the card and scdaemon's internal state in sync.
However, if we do only a listing scdaemon did not reselect the first
application (e.g. OpenPGP) after adding other applications (e.g. PIV)
and thus led to wrong info returned in a listing.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-26 16:24:12 +02:00
Werner Koch
1f6a39092f
scd:nks: Add framework to support IDKey cards.
* scd/app-nks.c (NKS_APP_IDLM): New.
(struct app_local_s): Replace NKS_VERSION by the global APPVERSION.
(do_learn_status): Always send CHV-STATUS.
(find_fid_by_keyref): Basic support for IDLM only use.
(do_learn_status_core): Ditto.
(do_readcert): Ditto.
(verify_pin): Ditto.
(parse_pwidstr): Ditto.
(do_with_keygrip): Ditto.
(switch_application): Ditto.
(app_select_nks): Fallback to IDLM.
--
2020-05-07 19:44:45 +02:00
Werner Koch
aecc008acb
scd:nks: Get the PIN prompts right for the Signature Card
* scd/app-nks.c (get_dispserialno): Move more to the top.
(do_getattr): Add $DISPSERIALNO and SERIALNO.  Make CHV-STATUS work
with NKS15.
(verify_pin): Use dedicated min. PIN lengths.
(parse_pwidstr): Support NKS15
--

GnuPG-bug-id: 4938
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-07 14:03:38 +02:00
Werner Koch
af45d884aa
scd:nks: Support decryption using ECDH.
* scd/app-nks.c (struct fid_cache_s): Add field 'algo'.
(keygripstr_from_pk_file): Add arg 'r_algo' to return the algo.
(find_fid_by_keyref): Ditto.
(get_dispserialno): New.
(make_prompt): New.
(verify_pin): Provide better prompts.
(do_decipher): Support ECDH.
(parse_pwidstr): Add hack tospecify any pwid..
(do_change_pin): Support Signature Card V2.0 (NKS15) style NullPIN.
Provide a better prompt.
--

GnuPG-bug-id: 4938
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-07 08:18:28 +02:00
Werner Koch
314859d7e7
scd: Extend an internal function to also return the algo.
* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg
r_algo.  Change all callers.
(app_help_get_keygrip_string): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-05 08:07:11 +02:00
Werner Koch
1e72a1a218
scd:nks: Add do_with_keygrip and implement a cache.
* scd/app-nks.c (struct fid_cache_s): New.
(struct app_local_s): Add field 'fid_cache'.
(do_deinit): Release the cache.
(keygripstr_from_pk_file): Implement the cache.
(find_fid_by_keyref): New
(do_sign, do_decipher): Use new function.
(do_with_keygrip): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-04 19:01:16 +02:00
Werner Koch
f05a32e5c9
scd:nks: Allow retrieving certificates from a Signature Card v.20
* scd/app-nks.c: Major rework to support non-RSA cards.
--

This is a fist step so support this ECC card.  The code has been
reworked while taking care that old cards should keep on working.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-17 16:09:58 +02:00
Werner Koch
3633ca6e21
scd: Detect missing card in "getinfo all_active_apps".
* scd/app.c (send_card_and_app_list): Detect no app case.
--

This is a minor nug fix to return a better error message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-17 16:09:54 +02:00
Werner Koch
bfedc760ef
scd:p15: Return a display S/N via Assuan.
* scd/app-p15.c (make_pin_prompt): Factor some code out to ...
(get_dispserialno): this.
(do_getattr): Use new fucntion for a $DISPSERIALNO.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-09 12:20:18 +02:00
Werner Koch
9ec8d984be
scd:p15: Show a pretty PIN prompt.
* scd/app-p15.c (struct prkdf_object_s): New fields common_name and
serial_number.
(release_prkdflist): Free them.
(keygrip_from_prkdf): Parse cert and set them.
(any_control_or_space): New.
(make_pin_prompt): New.
(verify_pin): Construct a pretty PIN prompt.
(do_sign): Remove debug output.
--

The D-Trust card has the SerialNumber part of the Subject printed on
the front matter, we assume this is also possible with other cards and
thus we show this as serial number.

The holder of the card is also extracted from the card's subject.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 20:38:15 +02:00
Werner Koch
f28795b615
scd: Return GPG_ERR_BAD_PIN on 0x63Cn status word.
* scd/iso7816.c (map_sw): Detect 0x63Cn status code.
--

I really wonder when that got lost and we ended up with a simple card
error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 19:09:27 +02:00
Werner Koch
60d018f6a9
scd: Factor common PIN status check out.
* scd/iso7816.h (ISO7816_VERIFY_ERROR): New.
(ISO7816_VERIFY_NO_PIN): New.
(ISO7816_VERIFY_BLOCKED): New.
(ISO7816_VERIFY_NULLPIN): New.
(ISO7816_VERIFY_NOT_NEEDED): New.
* scd/iso7816.c (iso7816_verify_status): New.
* scd/app-nks.c (get_chv_status): Use new function.
* scd/app-piv.c (get_chv_status): Ditto.
(verify_chv): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 18:26:00 +02:00
Werner Koch
42ddcc87f4
scd:p15: Fix decrypt followed by sign problem for D-Trust cards.
* scd/iso7816.c (iso7816_select_mf): New.
* scd/app-p15.c (card_product_t): New.
(struct app_local_s): Add field 'card_product'.
(read_ef_tokeninfo): Detect D-Trust card.
(prepare_verify_pin): Switch to D-Trust AID.
(do_decipher): Restore a SE for D-TRust cards.  Chnage the passing
indicator to 0x81.
--

Using what I learned from a USB trace running the Governikus Signer
Software on Windows this fixes the left over problem with the new
D-Trust card support.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 16:03:11 +02:00
Werner Koch
aa60645b99
scd:p15: Emit MANUFACTURER, $ENCRKEYID, $SIGNKEYID.
* scd/app-p15.c (read_ef_tokeninfo): Store manufacturer_id.
(do_getattr): Implement MANUFACTURER, $ENCRKEYID and $SIGNKEYID.
(send_keypairinfo): Also print usage flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 11:21:32 +02:00
Werner Koch
541a6a903e
scd:openpgp: New attribute "MANUFACTURER".
* scd/app-openpgp.c (get_manufacturer): New..
(do_getattr): Add new attribute "MANUFACTURER".
(do_learn_status): Always print it.
--

This will make it easy to maintain the list of OpenPGP vendors at just
one place.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 09:56:56 +02:00
Werner Koch
61c5b0767f
scd:p15: Implement do_with_keygrip and capabilities.
* scd/app-p15.c (prepare_verify_pin): Allow use without an AODF.
(verify_pin): Ditto.
(do_with_keygrip): Implement capability restrictions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-02 14:23:26 +02:00
Werner Koch
8149742ddf
scd:p15: Rename some variables and functions for clarity.
* scd/app-p15.c: Rename keyinfo to prkdf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-02 12:40:09 +02:00
Werner Koch
5b7b42e2b2
scd: Use Gcrypt usage constants for the do_with_keygrip capabilities.
* scd/command.c (cmd_keyinfo): Use Gcrypt constants for CAP.
* scd/app-openpgp.c (do_with_keygrip): Adjust for them.
* scd/app-piv.c (do_with_keygrip): Ditto.
--

That makes it easier to read.  An open question is whether we should
allow several capabilities and whether they are the ORed or ANDed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-02 11:54:01 +02:00
NIIBE Yutaka
2ccbcfec12 scd: New command DEVINFO.
* scd/app.c (notify_cond): New condition variable.
(app_send_devinfo, app_wait): New.
(scd_update_reader_status_file): Kick NOTIFY_COND.
(initialize_module_command): Initialize NOTIFY_COND.
* scd/command.c (struct server_local_s):  Add watching_status.
(cmd_devinfo): New.
(register_commands): Add DEVINFO command.
(send_client_notifications): Write status change to DEVINFO channel.
* scd/scdaemon.h (app_wait, app_send_devinfo): New.

GnuPG-bug-id: 4864
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-02 15:39:26 +09:00
Werner Koch
29f8f52bf8
scd:p15: Cache the PIN.
* scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified.
(verify_pin): Make use of it.
--

Theee is still a problem with the APDUs we send: Switching between
signing and decryption does work but not in the other way.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 20:31:21 +02:00
Werner Koch
132d82c158
scd:p15: Run a keygrip_from_prkdf before verify_pin
* scd/app-p15.c (do_sign): Move keygrip_from_prkdf before PIN
verification.
(do_decipher): Add keygrip_from_prkdf.
--

This is required because that function may change the current file
which is set by prepare_verify_pin right before MSE.  HAs alredy been
done on the backport to 2.2

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 17:49:14 +02:00
Werner Koch
ca4391399c
scd:p15: Support decryption with CardOS 5 cards.
* scd/app-p15.c (do_decipher): New.
--

tested using the D-TRUSt card and a SCR3310 reader.  The Kobil KAAN
Advanced, I used for the signing tests could not be used because it
supports only Short APDU Level exchange.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 14:07:56 +02:00
Werner Koch
375b145487
scd:p15: Factor PIN verification out to a new function.
* scd/app-p15.c (do_sign): Factor code out to ...
(prepare_verify_pin, verify_pin): new functions.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 11:58:08 +02:00
Werner Koch
103c1576b7
scd:p15: Support signing with CardOS 5 cards.
* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg
r_pkey and change all callers.
(app_help_get_keygrip_string): Ditto.
* scd/app-p15.c (struct cdf_object_s): Use bit flags
(struct aodf_object_s): Ditto.  Add field 'fid'.
(struct prkdf_object_s): Ditto.  Add fields keygrip, keyalgo, and
keynbits.
(parse_certid): Allow a keygrip instead of a certid aka keyref.
(read_ef_aodf): Store the FID.
(keygripstr_from_prkdf): Rename to ...
(keygrip_from_prkdf): this.  Remove arg r_gripstr and implement cache.
Change callers to directly use the values from the object.  Also store
the algo and length of the key ion the object.
(keyref_from_keyinfo): New. Factored out code.
(do_sign): Support SHA-256 and >2048 bit RSA keys.
(do_with_keygrip): New.
(app_select_p15): Register new function.
--

This has been tested with a D-Trust card featuring 3072 bit keys.
Note that non-repudiation key for a qualified signature does not yet
work because we do not yet support rsaPSS padding.  Thus a gpgsm
--learn shows a couple of Bad Signature errors for this key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 19:55:15 +02:00
Werner Koch
2bdd4fc7b6
scd:p15: Read certificates in extended mode.
* scd/app-p15.c (readcert_by_cdf): Allow reading in extended mode.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 11:57:19 +02:00
Werner Koch
c9ad81070a
scd: Add function for binary read in extended mode.
* scd/iso7816.c (iso7816_read_binary): Factor code out to ...
(iso7816_read_binary_ext): new function.  Add arg extended_mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 11:53:36 +02:00
Werner Koch
c29603fa9a
scd:p15: Improve diagnostics
--

This removes almost all log_debug calls and uses opt.verbose and
log_info to show card information.  Also avoid too long and thus
harder to read lines.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 11:20:59 +02:00
Werner Koch
8a68d497f1
scd:p15: Detect CardOS 5 cards and print some basic infos.
* scd/app-p15.c (read_ef_odf): Detect the home_DF on the fly.  Silence
the garbage warning for null bytes.
(print_tokeninfo_tokenflags): New.
(read_ef_tokeninfo): Print manufacturer, label, and flags.
(app_select_p15): No need to use the app_get_slot macro.
(CARD_TYPE_CARDOS_50): New const.
(card_atr_list): Detect CardOS 5.0
--

The card under test is a "Test-Signaturkarte D-TRUST Card 3.1" for a
mere 49 Euro and no specs available.  D-Trust is a branch of the
German Bundesdruckerei.  Compare that to Telesec and Yubikey who have
always been nice enough to send bunches of sample cards without a need
to wade through lots of forms and not even asking for money.  Guess
which cards I prefer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-30 21:19:24 +02:00
Werner Koch
4c4999b818
scd:openpgp: Allow PKSIGN with keygrip also for OPENPGP.3.
* scd/app-openpgp.c (check_keyidstr): Add optional arg r_use_auth to
test also for OpenPGP.3.
(do_sign): Enable that new mode.
--

This is very useful to allow gpgsm to use a certificate based on the
OpenPGP card's authentication key.  That key is usually used for ssh
but it makes sense to use it also for user certificate based
authentication.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-27 19:37:29 +01:00
Werner Koch
451cd1b392
gpgconf: Further simplify the gpgconf option processing.
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list.  Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--

There is no need to read the list of options from the components
unless they convey a default value.  It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed.   Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 19:12:41 +01:00
Werner Koch
daf5f4355d
scd: Re-group the options in the --help output.
--

This looks better and is also required for further simplifications of
gpgconf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 15:15:21 +01:00
Werner Koch
4423e9dcde
gpgconf: Support reading global options (part 2).
* tools/gpgconf-comp.c: Remove all regular option descriptions.  They
are now read in from the component.  Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--

This second part removes all regular option descriptions because they
can be read from the components.  A few were missing in the components
and thus moved to there.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 10:09:26 +01:00
NIIBE Yutaka
19f70b5072 scd: Fix the previous commit.
* scd/app-openpgp.c (do_setattr): Flush the KDF DO just before setting.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-02-28 16:25:15 +09:00
NIIBE Yutaka
3ba7c9bcf7 scd: Improve setattr for KDF.
* scd/app-openpgp.c (do_setattr): For setting KDF DO, support standard
OpenPGP card, which needs to update PIN.

GnuPG-bug-id: 3891
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-02-28 15:58:24 +09:00
NIIBE Yutaka
11da441016 scd: Fix pinpad handling when KDF enabled.
* scd/app-openpgp.c (do_getattr): Send the KDF DO information.

--

Fixes-commit: 95c7498b76231d3297541172d878f6a26702539b
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-02-28 15:56:53 +09:00
Werner Koch
ba463128ce
Use gpgrt's new option parser for the remaining daemons.
* scd/scdaemon.c: Switch to the new option parser and enable a global
conf file.
* dirmngr/dirmngr.c: Ditto.
* g13/g13.c: Ditto.
* g13/g13-syshelp.c: Ditto.  Do not force verbose mode.
* dirmngr/dirmngr_ldap.c: Switch to the new option parser.
* dirmngr/dirmngr-client.c: Switch to the new option parser.
--

This finalizes the switch to the new option parser.  What's left is to
remove the old argparser code from common.

g13-syshelp does not anymore default to --verbose because that can now
be enabled in /etc/gnupg/g13-syshelp.conf.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-21 21:45:13 +01:00
Werner Koch
0e8f6e2aa9
gpg: Use gpgrt's new option parser to provide a global conf file.
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h.  Do this also for all main modules which use our option
parser except for gpg.  Replace calls to strusage by calls to
gpgrt_strusage everywhere.

* g10/gpg.c (opts): Change type to gpgrt_opt_t.  Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t.  Rework the option
parser to make use of the new gpgrt_argparser.
--

This is not yet finished but a make check works.  gpg has the most
complex and oldest option handling and thus this is the first
migration target.  SE-Linux checks and version-ed config files are
missing and will be added later.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-20 11:13:32 +01:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
NIIBE Yutaka
95c7498b76 scd: Disable pinpad if it's impossible by KDF DO.
* scd/app-openpgp.c (struct app_local_s): Add pinpad.disabled field.
(do_getattr): Set pinpad.disabled field.
(check_pinpad_request): Use the pinpad.disabled field.
(do_setattr): Update pinpad.disabled field.

--

GnuPG-bug-id: 4832
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-02-17 17:44:59 +09:00
Werner Koch
11d917c779
scd: Print the main app name also for not fully supported cards.
* scd/app.c (send_serialno_and_app_status): Add fallback.
--

The app list was only printed for apps which support the with_keygrip
function.  That is not the case for the netkey and otehr cards.  The
new fallback prints the actual app name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 15:43:17 +01:00
Werner Koch
1ad84aabb4
scd:openpgp: Return key creation time as part of KEYPARIINFO.
* scd/app-openpgp.c (send_keypair_info): Reaturn the key creation time
as part of a KEYPAIRINFO.
(do_readkey): Do not return the KEY-TIME anymore.
--

Sending the KEY_TIME status as part of a READKEY command was only
recently added.  It is better to merge that into the KEYPAIRINFO line.
Another patch with chnage this for the consumers of that info.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 11:52:10 +01:00
Werner Koch
77ea916533
scd:openpgp: Send a KEY-TIME status with READKEY
* scd/app-openpgp.c (retrieve_fprtime_from_card): New.
(do_readkey): Send a KEY_TIME status.
--

It might be easier to fold this into KEYPAIRINFO but for backward
compatibility using a separate status line is safer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-11 20:41:29 +01:00
Werner Koch
323548acd9
scd:openpgp: Optional allow for lowercase keyrefs.
* scd/app-openpgp.c (do_readkey): Use case insensitive match of the
keyref.
(do_writekey, do_sign, do_auth, do_decipher): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-11 14:51:50 +01:00
Werner Koch
d7d75da505
scd:openpgp: Allow auto-changing of the key attributes in genkey.
* scd/app-openpgp.c (struct app_local_s): Add field keyalgo.
(parse_algorithm_attribute): Store the new keyalgo field.
(change_keyattr): Change info message.
(change_keyattr_from_string): Rewrite to also accept a keyref and a
keyalgo string.
(do_genkey): Change the keyattr if a keyalgo string is given.
--

Having this feature makes it easier to use OpenPGP cards in a similar
way to other cards.  Note that the explicit changing via SETATTR is
still supported.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-11 14:49:11 +01:00
Werner Koch
24095101a5
common: Extend the openpgp_curve_to_oid function.
* common/openpgp-oid.c (openpgp_curve_to_oid): Add optional arg R_NBITS.
Change all callers.
--

In particular for ed25519 and cv25519 it is quite useful to have an
ability to get the required algorithm.
2020-02-11 14:40:54 +01:00
Werner Koch
6aff8a1328
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C.  Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.

* g10/main.h: Put util.h before the local header files.
--

This change is required for use with gcc/ld's LTO feature which does
not allow common blocks.  Further gcc 10 will make -fno-common the
default and thus this chnage is always needed.  What a pitty.

Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7)

- Applied respective chnages also to gpg-card and keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 16:50:47 +01:00
Werner Koch
fb6ff7ead7
scd:openpgp: Let the genkey function also accept a full keyref.
* scd/app-openpgp.c (send_key_attr): Use log_assert.
(do_genkey): Allow prefix.
--

It is more uniform to always use full keyref (e.g. "OPENPGP.1")
instead of just the key number.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 00:33:51 +01:00
Werner Koch
718555874e
scd: New commands SWITCHCARD and SWITCHAPP.
* scd/app.c: Include membuf.h.
(app_switch_current_card): New.
(send_card_and_app_list): Factor code out to ...
(send_serialno_and_app_status): new.
(app_send_card_list): New.
(app_send_active_apps): New.
(app_switch_active_app): New.
* scd/command.c (cmd_switchcard): New.
(cmd_switchapp): New.
(register_commands): Register new commands.
(cmd_getinfo): New sub-commands "active_apps" and "all_active_apps".
--

These new commands allow to switch between known cards and are in
particular useful for the gpg-card tool.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-16 19:42:16 +01:00
Werner Koch
dd61164410
scd:piv: Remove debug code from a recent commit.
* scd/app-piv.c (ask_and_prepare_chv): here.
--

The test code from the last PIV change was accidently kept enabled.
Fixes-commit: 2dd6b4b998dd6e156e2e75ede0f40fb768c69f40

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-16 19:38:54 +01:00
Werner Koch
2dd6b4b998
scd: Make the PIN cache robust against wrongdoing of gpg-agent.
* scd/app-openpgp.c (struct app_local_s): New field pincache.
(cache_pin): Set it.
(pin_from_cache): Consult it.
* scd/app-piv.c (struct app_local_s): New field pincache.
(cache_pin): Set it.
(pin_from_cache): Consult it.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 18:24:01 +01:00
Werner Koch
60502c3606
scd:piv: Implement PIN cache.
* scd/command.c (pincache_put): Add arg pinlen and change all callers
to provide it.
* scd/app-piv.c (cache_pin): New.
(pin_from_cache): New.
(ask_and_prepare_chv): Add args no_cache and r_unpaddedpinlen.  Take
PIN from the cache.  Return the unpadded length.
(verify_chv): Add arg ctrl.  Cache the PIN.
(do_change_chv): Clear PIN cache.
--

The PIV pins are padded but we want to store the unpadded PIN.  Thus
the changes to the function.

Code has has been tested by commenting the no_cache parameter because
we the current test certificate was created for PIV.9C which requires
a verification for each use.  More testing is required.

GnuPG-bug-id: 4791
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 17:53:49 +01:00
Werner Koch
2b843be5ac
scd: Fix memory leak in command READKEY.
* scd/command.c (cmd_readcert): Replace xstrdup by xtrystrdup.
(cmd_readkey): Ditto.  Fix memory leak.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 12:18:53 +01:00
Werner Koch
0e48aa0849
scd: Make SERIALNO --all work correctly and use it.
* scd/app.c (maybe_switch_app): Factor reselect code out to ...
(run_reselect): new.
(app_write_learn_status): Tweak diagnostics.
(app_do_with_keygrip): Run reselect if a card has more than one
switchable application.

* agent/call-scd.c (agent_card_serialno): Ditto.
* tools/card-call-scd.c (start_agent): Use option --all with SERIALNO.
(scd_serialno): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 12:12:57 +01:00
NIIBE Yutaka
0cfded4bb1 scd: Implement direct access by KEYGRIP for GETATTR and READKEY.
* scd/app-openpgp.c (do_readkey): Handle KEYGRIP access.
* scd/command.c (do_readkey): New.
(cmd_readkey): Use do_readkey supporting KEYGRIP access.
(cmd_getattr): Supporting KEYGRIP access.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-10 15:58:49 +09:00
Werner Koch
63bda3aad8
scd:openpgp: Implement PIN cache.
* scd/app-openpgp.c (wipe_and_free, wipe_and_free_string): Use them
everywere where we do a wipememory followed by a free.
(pin2hash_if_kdf): Change interface.  The input PIN is not anymore
changed.  Further there are no more assumptions about the length of
the provided buffer.
(cache_pin): Restructure.
(chvno_to_keyref): New.
(pin_from_cache): New.
(verify_a_chv): Add arg CTRL.  Adjust for changed pin2hash_if_kdf.
Chache and retrieve the PIN here.
(verify_chv2): Do not cache the PIN here.
(build_enter_admin_pin_prompt): Add arg 'r_remaining'.
(verify_chv3): Adjust for changed pin2hash_if_kdf.  Implement the PIN
cache.
(do_change_pin): Clear the PIN cache.  Do not change the PIN here.
Lots of adjustments to cope with the chnaged pin2hash_if_kdf.
(do_sign): Do not cache the PIN here.
--

Note that some of the changes are required because we can't rely that
the PIN is always cached in secure memory.  Thus it is better to do an
explicit wipe.

Testing the PIN cache can currently only be done my modifying the
code to do a verification for each operation.  Only some basic testing
has been done.  Clearing the PIN cache is also not fully
implemented.  With the forthcoming changes to app-piv we should be
enter able to test the PIN cache.

Missing stuff:
 - The agent should be able to selectively clear the cache on a per
   slot base.
 - We should replace AESWRAP by OCB.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-09 12:14:05 +01:00
Werner Koch
ce5a7fb72b
scd: Use a scdaemon internal key to protect the PIN cache IPC.
* agent/call-scd.c (handle_pincache_put): Do not decrypt.
(handle_pincache_get): New.
(inq_needpin): Call it.
* scd/command.c (set_key_for_pincache): New.
(pincache_put): Restructure and set key.
(pincache_get): Ditto.
--

This change does away with encrypting and decrypting the cached PIN in
the agent.  There is no need for this we can simply cache the
cryptogram and let scdaemon decrypt after retrieving it from the
agent.  This way we do not need to share a key between gpg-agent and
scdaemon and further the cached content is invalid after the scdaemon
process has been replaced.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-09 12:00:50 +01:00
Werner Koch
fbf97a7856
scd: First changes to implement a PIN cache.
* scd/command.c (pincache_put): New.  Uses a dummy key for now.
(pincache_get): New.
* scd/app.c (select_application): Flush the PIN cache.
(scd_update_reader_status_file): Ditto.
(maybe_switch_app): Call the new prep_reselect function.
(app_write_learn_status): Ditto.
* scd/app-openpgp.c (cache_pin): New helper to cache a PIN.
(verify_chv2): Call it.
(verify_chv3): Call it.
(clear_chv_status): Call it.
(do_change_pin): Call it.

* scd/app-common.h (struct app_ctx_s): Add function 'prep_select'.
* scd/app-openpgp.c (do_prep_reselect): New stub function.
(app_select_openpgp): Set new stub function.
* scd/app-piv.c (do_prep_reselect): New stub function.
(app_select_piv): Set new stub function.

* scd/app-common.h (struct app_ctx_s): Add parameter ctrl to setattr,
sign, auth, decipher, and check_pin.  Change all implementations and
callers to pass such a parameter.
--

This is work in progress.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-07 18:45:33 +01:00
Werner Koch
c0625c15c1
scd: Minor fix for readibility.
* scd/command.c (open_card_with_request): Use NULL instead of
APPTYPE_NULL.
--

Using the enum is wrong because a string is expected.  However it did
harm anything because the value of the enum is 0 and thus equivalent
to NULL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-03 11:43:55 +01:00
NIIBE Yutaka
b2a2df174b scd: Enhance KEYINFO command to limit listing with capability.
* scd/app-common.h: Add CAPABILITY argument to the WITH_KEYGRIP.
(app_do_with_keygrip): Likewise.
* scd/app-openpgp.c (send_keyinfo_if_available): New.
(do_with_keygrip): Support listing with CAPABILITY.
* scd/app-piv.c (do_with_keygrip): Likewise.
* scd/app.c (maybe_switch_app): Supply the argument.
(app_do_with_keygrip): Add CAPABILITY argument.
* scd/command.c (cmd_pksign, cmd_pkauth): Supply the argument.
(cmd_pkdecrypt): Likewise.
(cmd_keyinfo): Support listing with CAPABILITY.

--

GnuPG-bug-id: 4784
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-12-19 17:30:59 +09:00
Werner Koch
8fb14d3b3f
doc: Fixed variable naming.
* kbx/keybox.h: Fix naming of arguments.
* scd/ccid-driver.c (print_error) [TEST]: Add missing break.  Note
that this is anyway an impossible case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-26 11:24:08 +01:00
NIIBE Yutaka
1cb9a831f6 scd,ccid: Fix detection of supported readers with pinpad.
* scd/ccid-driver.c (ccid_transceive_secure): When not supported,
return CCID_DRIVER_ERR_NOT_SUPPORTED.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-11-15 15:46:37 +09:00
NIIBE Yutaka
c6702d77d9 scd,ccid: Fix GEMPC_EZIO handling.
* scd/ccid-driver.c (ccid_transceive_secure): Fix for 08e6:34c2.

Fixes-commit: c933c15d587a1c0df3f4b3bf37d8d15164dd318f
GnuPG-bug-id: 4654
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-29 07:57:59 +09:00
NIIBE Yutaka
c933c15d58 scd,ccid: Add 08e6:34c2 (GEMPC_EZIO).
* scd/ccid-driver.c (ccid_transceive_secure): Add pinpad support
for 08e6:34c2 which supports extended APDU exchange.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-15 09:40:01 +09:00
NIIBE Yutaka
49671b76ea scd,pcsc: Use HANDLE for context and card.
* scd/apdu.c (HANDLE): New.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-17 19:54:52 +09:00
NIIBE Yutaka
980d0234d3 scd: Remove old fallback logic from CCID to PC/SC.
* scd/apdu.c (apdu_dev_list_start): Return an error on failure.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-12 09:34:34 +09:00
NIIBE Yutaka
6d750fe7fc scd,pcsc: Support "reader-port" option for PC/SC reader.
* scd/apdu.c (apdu_open_reader): Skip use of a reader if it's not the
one specified when it is specified.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-12 09:30:37 +09:00
NIIBE Yutaka
c569e49d17 scd,pcsc: Remove the restriction of no-scanning in PC/SC.
* scd/apdu.h (app_open_reader): Remove the last argument.
* scd/apdu.c (app_open_reader): Ditto.
* scd/app.c (select_application): Don't supply APP_EMPTY.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-12 08:48:48 +09:00
NIIBE Yutaka
92be4e87ee scd,pcsc: Fix examining the list of readers.
* scd/apdu.c (apdu_dev_list_start): Traverse the string+NUL carefully.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-11 11:05:03 +09:00
NIIBE Yutaka
441106cdf0 scd,pcsc: Fix for initializing PC/SC.
* scd/apdu.c (pcsc_init): Load it at first.
(apdu_open_reader): Check for the CCID internal driver.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-11 10:36:29 +09:00
NIIBE Yutaka
e8534f8999 scd,pcsc: Support multiple card readers.
* scd/apdu.c (close_pcsc_reader, apdu_init): Clear pcsc.rdrname.
(pcsc_init): Load of PC/SC module moved from ...
(open_pcsc_reader): ... here.
(apdu_dev_list_start): Add support for PC/SC.
(apdu_dev_list_finish): Likewise.
(apdu_open_reader): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-11 10:11:33 +09:00
NIIBE Yutaka
1080e91efd scd,pcsc: Use a single context.
* scd/apdu.c (pcsc): New variable.
(struct reader_table_s): Remove pcsc.context from member.
(pcsc_get_status, connect_pcsc_card): Use pcsc.context.
(close_pcsc_reader): Release pcsc.context here with reference count.
(pcsc_init): New.
(open_pcsc_reader): Don't call pcsc_establish_context here.  Call
close_pcsc_reader instead of pcsc_release_context.
(apdu_open_reader): Call pcsc_init if needed.
(apdu_init): Initialize pcsc.count and pcsc.context.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-11 10:11:25 +09:00
NIIBE Yutaka
f44aa290c1 scd: Clean up the structure for future fix of PC/SC.
* scd/apdu.c (struct dev_list): Rename from ccid_table, with void*.
(open_ccid_reader): Follow the change.
(apdu_dev_list_start, apdu_dev_list_finish): Likewise.
(apdu_open_reader): Likewise.
* scd/ccid-driver.c (ccid_dev_scan): Use void *.
(ccid_dev_scan_finish, ccid_get_BAI, ccid_open_usb_reader): Likewise.
* scd/ccid-driver.h: Change the APIs.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-09-11 10:11:18 +09:00
Werner Koch
7febb4f247
scd: Implement auto-switching between Yubikey apps.
* scd/app.c (apptype_from_keyref): New.
(maybe_switch_app): Add arg 'keyref' and use this also for switching.
Change all callers to pass a keyref if needed.
--

A drawback of this auto-switching is that the PIN cache of the cards
are cleared.  That could be mitigated by having our own cache but we
always tried to avoid that.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 14:07:27 +02:00
Werner Koch
5d9eb060b7
scd:openpgp: Avoid PIN caching issues after re-select.
* scd/app-openpgp.c (do_reselect): Clear PIN cache flags.
--

It seems that the verification status of the OpenPGP app on a Yubikey
is reset on a select.  We need to reflect this in our cache to avoid a
"Bad PIN" error on computing a signature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 13:53:58 +02:00
Werner Koch
947b44e835
scd:piv: Allow the keygrip as alternative to a keyref.
* scd/app-piv.c (find_dobj_by_keyref): Allow the keygrip as input.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 13:03:00 +02:00
Werner Koch
c8d739a356
scd: Improve locking of app_do_with_keygrip.
* scd/app.c (app_do_with_keygrip): Lock once per card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 13:02:59 +02:00
Werner Koch
4e701953fe
scd: New debug flag "app".
* scd/scdaemon.h (DBG_APP_VALUE, DBG_APP): New.
* scd/scdaemon.c (debug_flags): Add "app".
* scd/app.c (xstrapptype): New.
(app_readcert, app_readkey, app_getattr): Add debug output.
(app_setattr, app_sign, app_auth): Ditto.
(app_writecert, app_writekey, app_change_pin): Ditto.
(app_check_pin): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 13:02:59 +02:00
Werner Koch
fed9c93e05
scd: New sub-command cmd_has_option for GETINFO.
* scd/command.c (cmd_getinfo): Add cmd_has_option sub-command.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-04 13:50:12 +02:00
Werner Koch
9a0d8f2d89
scd: Add option --all to the SERIALNO command.
* scd/command.c (cmd_serialno): Add option --all.
(open_card_with_request): Implement that option.
* scd/app.c (select_all_additional_applications_internal): New.
(select_additional_application): Add mode to call new function.
--

This option is currently only useful for Yubikeys and basically
ignored with other cards.  Its use is

  SERIALNO --all
  LEARN --force --multi

which will then print keypairinfo and other stuff for the OpenPGP and
PIV application of a Yubikey.  Scute is going to use this to allow
using certificates from OpenPGP and PIV at the same time.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-04 13:38:58 +02:00
Werner Koch
fa25837942
scd: Fix Error checking in additioal app selection.
* scd/app.c (select_additional_application): Return error for unknown
NAME.
--

ERR was only set but not used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-04 12:27:54 +02:00
Werner Koch
5cf5a04bae
scd: Add option --multi to the LEARN command.
* scd/app-common.h (APP_LEARN_FLAG_MULTI): New.
* scd/command.c (cmd_learn): Add option --multi.
* scd/app.c (app_write_learn_status): Factor some code out to ...
(write_learn_status_core): new.
(app_write_learn_status): Implement flag --multi.
--

This new option is intended to return information about all active
applications of the current card.  Thus if a "SERIALNO openpgp" and a
"SERIALNO piv" has been done in a session the command "LEARN --force
--multi" returns information about both applications.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-04 12:08:07 +02:00
Werner Koch
2cdea776cd
scd: Use a macro for the flag parameter of learn_status.
* scd/app-common.h (APP_LEARN_FLAG_KEYPAIRINFO): New flag macro..
* scd/command.c (cmd_learn): Pass that flag instead of a plain number.
* scd/app-nks.c (do_learn_status_core): Use new flag.
* scd/app-p15.c (do_learn_status): Ditto.
* scd/app-piv.c (do_learn_status): Ditto.
* scd/app-sc-hsm.c (do_learn_status): Ditto.
* scd/app.c (app_write_learn_status): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-04 10:45:29 +02:00
Werner Koch
0d2c9ef29c
scd:nks: Extend keypairinfo with usage flags.
* scd/app-nks.c (do_learn_status_core): Return usage.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0a9053eff0406c6799ee201013194200c0ed3487)
2019-08-21 14:57:27 +02:00
Werner Koch
671e54d62c
scd:nks: Support attributes $ENCRKEYID and $SIGNKEYID.
* scd/app-nks.c (do_getattr): Add new attributes.
--

Note that these were already added to 2.2 as part of
commit 23784f8bf0ac6d6c52cb2de2f99f46017a92c11a

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-21 14:18:43 +02:00
NIIBE Yutaka
6fae96094c scd: Fix check_application_conflict.
* scd/scd/app.c (check_application_conflict): Compare APPTYPE.

Fixes-commit: 5a5288d051a551a1a8f169225e62572f6ee8cb10
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-21 12:42:32 +09:00
NIIBE Yutaka
8dc19d35e8 scd: Fix selecting additional APP.
* scd/app.c (select_additional_application_internal): Factor out.
(select_additional_application): Getting the lock and call
select_additional_application_internal, set current_apptype, then.
(select_application): Call select_additional_application_internal
for Yubikey.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-21 12:01:21 +09:00
NIIBE Yutaka
4781c4a866 scd: Fix how select_additional_application is called.
* scd/app.c (check_application_conflict): Check against current APP.
(select_additional_application): Update current_apptype of CTRL.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-21 12:01:21 +09:00
NIIBE Yutaka
09d000babb scd: Fix resetting CARD_CTX.
* scd/app.c (deallocate_card): Don't call scd_clear_current_app.
(card_reset): Reset ctrl->current_apptype.
* scd/command.c (open_card_with_request): Likewise.
(send_client_notifications): Likewise.
(scd_clear_current_app): Remove.

--

It's too late to call scd_clear_current_app from deallocate_card,
because CARD_CTX is already reset.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-21 12:01:21 +09:00
NIIBE Yutaka
d4f135c34b scd: Fix switching to another APP.
* scd/app.c (select_additional_application): Initialize card of APP.
Break after the selection.
Don't free APP if success.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-21 12:01:21 +09:00
NIIBE Yutaka
100642e776 scd: Remove fallback mechanism to PC/SC.
* scd/apdu.c [HAVE_LIBUSB] (apdu_open_reader): Simply let it fail.

GnuPG-bug-id: 4673
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-07 08:50:19 +09:00
NIIBE Yutaka
996c497a86 scd: Handle CCID bwi of time extension.
* scd/ccid-driver.c (bulk_in): Increase timeout by the multiplier
value as defined section 6.2.6 in CCID specification.

--

For TPDU level transfer, it was handled.  This is fix for APDU level
transfer.

GnuPG-bug-id: 4646
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-25 09:16:46 +09:00
NIIBE Yutaka
858dc95643 scd: Fix bBWI value.
* scd/ccid-driver.c (ccid_transceive_apdu_level): Use bBWI=0 for APDU
level transfer.
(ccid_transceive): Use bBWI=0 or the value returend by WTX for TPDU
level transfer.

GnuPG-bug-id: 4654
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-25 09:15:12 +09:00
NIIBE Yutaka
13bc0431ff scd: Error code map fix for older Yubikey.
* scd/iso7816.c (map_sw): Recognize 6A86.

Fixes-commit: ec56996029d95d4bd26e1badfe207232270c6247
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-22 10:14:21 +09:00
NIIBE Yutaka
57565d5f97 scd: Support "[CHV3]" attribute for keyid string.
* scd/app-openpgp.c (check_keyidstr0: Relax the check.

Fixes-commit: b0f0791e4ade845b2a0e2a94dbda4f3bf1ceb039
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-19 13:23:59 +09:00
Werner Koch
fb1c8978f5
scd: Remove useless GNUPG_SCD_MAIN_HEADER macro.
* scd/apdu.c (): Remove never set and useless macro.
* scd/ccid-driver.c: Ditto.
* scd/iso7816.c: Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-12 13:39:47 +02:00
NIIBE Yutaka
b310604252 scd: Fix internal CCID driver, so that -DTEST works.
* scd/ccid-driver.c: Support a test program by ccid-driver.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-11 14:37:27 +09:00
NIIBE Yutaka
2536bf2761 scd: Fix debug logging of the internal CCID driver.
* scd/ccid-driver.c [GNUPG_MAJOR_VERSION] (DEBUGOUT): Use log_debug.

Fixes-commit: 79c99921e35921140c83d7c101829d95f038f3da
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-11 13:21:48 +09:00
NIIBE Yutaka
c51a568555 scd: ccid-driver: Initial getting ATR more robustly.
* scd/ccid-driver.c (send_power_off): New.
(do_close_reader): Use send_power_off.
(ccid_get_atr): Add error recovery.

GnuPG-bug-id: 4616
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-09 10:56:09 +09:00
NIIBE Yutaka
39c40e572c scd: Fix keygrip search.
* scd/app.c (app_do_with_keygrip): Break the entire loop.

Fixes-commit: 5a5288d051a551a1a8f169225e62572f6ee8cb10
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-08 12:26:51 +09:00
Werner Koch
92ba831758
scd: Do not conflict if a card with another serialno is demanded.
* scd/app.c (check_application_conflict): Add args to pass a serialno.
* scd/command.c (open_card_with_request): Pass the serialno to
check_application_conflict.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-25 09:48:18 +02:00
Werner Koch
c8e62965bc
scd: Return a stable list with "getinfo card_list".
* scd/app.c (compare_card_list_items): New.
(app_send_card_list): Sort the card objects by slot.
--

This is required so that in gpg-card a "list N" command always returns
the expected card.  Sorting by slot should be sufficient.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-25 09:23:38 +02:00
Werner Koch
d803b3bb3c
scd: Add an re-select mechanism to switch apps.
* scd/app-common.h (struct app_ctx_s): Add func ptr 'reselect'.
* scd/app-piv.c (do_reselect): New.
(app_select_piv): Move AID constant to file scope.
* scd/app-openpgp.c (do_reselect): New.
(app_select_openpgp): Move AID constant to file scope.
* scd/app.c (apptype_from_name): New.
(check_application_conflict): Check against all apps of the card.
Always set current_apptype.
(select_additional_application): New.
(maybe_switch_app): New.
(app_write_learn_status, app_readcert, app_readkey, app_getattr)
(app_setattr, app_sign, app_auth, app_decipher, app_writecert)
(app_writekey, app_genkey, app_change_pin, app_check_pin): Use it here.
(app_do_with_keygrip): Force reselect on success.
(app_new_register): Move setting of CURRENT_APPTYPE to ...
(select_application): here so that it will be set to the requested
card.
* scd/command.c (open_card_with_request): Select additional
application if possible.
--

Noet that we will likely need to rework this even more so to get well
defined semantics for card access.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-25 09:21:14 +02:00
Daniel Kahn Gillmor
d7d1ff4557 spelling: Fix "synchronize"
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-06-23 20:21:02 -04:00
Werner Koch
b304c006a3
scd: Take the card look while running app->with_keygrip.
* scd/app.c (app_do_with_keygrip): Lock the card.
--

Better safe than sorry.

We should also review the card reference counting to see whether we
better ref the returned card object already here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 14:51:55 +02:00
Werner Koch
0400a4eb17
scd: Take the lock earlier in the function dispatchers.
* scd/app.c: Chnage all function dispatcher.
--

This change will allow us to easier integrate an app swithcing logic.
The change should have no user visible effect.  The error checking we
do now with the card locked will rarely be asserted.  It is the
correct thing to do anyway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 14:01:06 +02:00
Werner Koch
1b78e4951e
scd: Add code to check whether app switching is possible.
* scd/app.c (check_conflict): Fold into ...
(check_application_conflict): this and adjust callers.  Return a
different error code if it is possible to switch apps.
--

Right now this change does nothing visible.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 11:44:25 +02:00
Werner Koch
91e2931caa
scd: Track the currently selected app.
* scd/scdaemon.h (struct server_control_s): Add 'current_apptype'.
* scd/command.c (scd_clear_current_app): New.
* scd/app.c (app_new_register): Set it.
(deallocate_card): Clear it.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 11:42:59 +02:00
Werner Koch
43dcf93407
scd: Simplify inclusion of app-common.h.
* scd/scdaemon.h: Include app-common.h.  Remove inclusion of that
header from all other files.
(card_t, app_t): Move typedef to ...
* scd/app-common.h: here.  Use them in the defs.
--

In another patch we will need apptype_t in the ctrl object and thus we
need to reorganize things a bit now.  Given that most files need
app-common anyway it makes sense to always include it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 11:42:59 +02:00
Werner Koch
9551275857
scd: Use enums for cardtype and apptype.
* scd/app-common.h (cardtype_t): New.
(apptype_t): New.
(struct card_ctx_s): Change type of cardtype.
(struct app_ctx_s): Change type of apptype.  Adjust all users.
* scd/app.c (struct app_priority_list_s): Add field apptype.
(strcardtype): New.  Use as needed.
(strapptype): New.  Use as needed.
--

Using strcmp is lame and we can't use a switch to let the compiler
complain about missed cases.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 11:42:58 +02:00
Werner Koch
5a5288d051
scd: Split data structures into app and card related objects.
* scd/app-common.h (struct card_ctx_s): New.
(struct app_ctx_s): Factor card specific fields out to card_ctx_s.
(app_get_slot): New.
* scd/scdaemon.h (card_t): New.
(struct server_control_s): Rename field app_ctx to card_ctx and change
all users.
* scd/app-dinsig.c: Use app_get_slot and adjust for chang in card
related fields.
* scd/app-geldkarte.c: Ditto.
* scd/app-nks.c: Ditto.
* scd/app-openpgp.c: Ditto.
* scd/app-p15.c: Ditto.
* scd/app-sc-hsm.c: Ditto.
* scd/app.c: Lost of changes to adjust for the changed data
structures.  Change all callers.
(app_list_lock): Rename to card_list_lock.
(app_top): Remove.
(card_top): New.
(lock_app): Rename to lock_card and change arg type.
(unlock_app): Rename to unlock_card.
(app_dump_state): Print card and app info.
(app_reset): Rename to card_reset.
(app_new_register): Change for the new data structure.
(deallocate_card): Dealloc card and all apps.
(app_ref): Rename to card_ref.
(app_unref): Rename to card_unref.
(app_unref_locked): Rename to card_unref_locked.
(card_get_serialno): New.
* scd/command.c (cmd_pkdecrypt): Actually use the looked up card and
former app object and not the standard one from the context.
--

Although quite large, this is a straightforward change to separate
card/token related data from card application related data.  Before
this change there was a one-to-one relation between card and
application and no way to represent several applications on a card.
The new data structure will allow for such a representation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-19 08:50:40 +02:00
NIIBE Yutaka
c3dd53a65d scd: KEYINFO: Send LF for --data.
* scd/command.c (send_keyinfo): Send LF for --data.

--

Fixes-commit: 01730529f20882cd98882a61408e9bee960c86f1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-18 10:13:40 +09:00
Werner Koch
e900bf2973
scd:piv: Add the do_with_keygrip feature.
* scd/app-piv.c (do_with_keygrip): New.
(app_select_piv): Register function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-17 18:04:36 +02:00
Werner Koch
c594dcfc93
scd: Add explict functions for 'app' reference counting.
* scd/app.c (app_ref): New.
(app_unref): New.
(release_application): Renamed to ...
(app_unref_locked): this and remove arg locked_already.  Change
callers to use this or app_ref.
* scd/command.c (open_card_with_request):
(cmd_pksign, cmd_pkauth, cmd_pkdecrypt): Use app_ref and app_unref
instead of accessing the counter directly.
--

This is better in case we need to debug stuff.  There is a real change
however: We now lock and unlock the app before changing the reference
count.

The whole app locking business should be reviewed because we pass
pointers along without immediately bumping the refcount.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-17 16:19:22 +02:00
Werner Koch
70f7b26287
scd: Slight change to app->fnc.do_with_keygrip.
* scd/app-openpgp.c (do_with_keygrip): Return a real error code to
avoid misinterpretation of the result.  Also fix the case for a too
small buffer.
--

The only real chnage is the case for a too small buffer.  That should
in general never happen but if so we now return an error instead of
success.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-17 14:35:21 +02:00
Werner Koch
479c2775d5
scd: Use the correct gpg for the v1.0 OpenPGP card hack.
* scd/app-openpgp.c (get_public_key): Use gnupg_module_name instead of
just "gpg".
--

There is no bug report regarding this and it would be very unlikely
but we should always use the gpg belonging to our code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-17 13:56:32 +02:00
NIIBE Yutaka
72fe8d652f scd: Bring back --card-timeout option as deprecated.
* doc/scdaemon.texi (card-timeout): Add.
* scd/scdaemon.c (main): Revert the change.

--

GnuPG-bug-id: 3383
Fixes-commit: 4262933ef6f7530b4ad55646250a6763de9bf103
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-06 09:55:10 +09:00
NIIBE Yutaka
4262933ef6 scd: Remove unsupported --card-timeout option.
* doc/scdaemon.texi (card-timeout): Remove.
* scd/scdaemon.c (main): Remove oCardTimeout handling.

--

There was the card-timeout option in GnuPG 2.0, but it was never
implemented correctly.  The intention of this option was to allow
sharing smartcard among multiple applications, but this didn't work
well as user's expectation (it only worked with DISCONNECT command).
This is because other parts of scdaemon assumes exclusive access.  In
GnuPG 2.1, the support of the option was removed, improving
"DISCONNECT" command always works well without this option.

GnuPG-bug-id: 3383
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 09:47:14 +09:00
NIIBE Yutaka
1eb93d9229 scd: Fix for SCARD_IO_REQUEST structure.
* scd/apdu.c (struct pcsc_io_request_s): Use pcsc_dword_t for Windows.

--

This fix is for correctness and for the future when we will support
64-bit Windows.

GnuPG-bug-id: 4454
Suggested-by: Juris Ozols
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-21 16:38:23 +09:00
Werner Koch
79c99921e3
scd: Remove unused cruft from GnuPG 1.x
* scd/apdu.c: Remove code used only by GnuPG 1.
* scd/app-openpgp.c: Ditto.
* scd/ccid-driver.c: Ditto.
* scd/iso7816.c: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-16 08:24:42 +02:00
NIIBE Yutaka
dc35b25195 agent,scd: Scan and load all public keys for availability.
* agent/divert-scd.c (ask_for_card): Scan by SERIALNO command.
* scd/app-openpgp.c (do_with_keygrip): Make sure to load pubkey.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-16 10:09:41 +09:00
NIIBE Yutaka
01730529f2 scd: Don't put newline at the end of status.
* scd/command.c (send_keyinfo): Remove newline.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-15 17:12:23 +09:00
NIIBE Yutaka
62c29af632 scd: Fix return value for KEYINFO command.
* scd/command.c (cmd_keyinfo): Return GPG_ERR_NOT_FOUND if none.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-15 15:44:32 +09:00
NIIBE Yutaka
c856ee7312 scd: Support direct use of app with PKSIGN/PKAUTH/PKDECRYPT.
* scd/command.c (cmd_pksign, cmd_pkauth, cmd_pkdecrypt): When length
of keyidstr is 40, it is considered as a keygrip for direct use.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-07 09:41:14 +09:00
NIIBE Yutaka
874bc970ba scd: Add new command: KEYINFO.
* scd/app-common.h (struct app_ctx_s): Add with_keygrip function.
* scd/app-openpgp.c (do_with_keygrip): New.
* scd/app.c (app_do_with_keygrip): New.
* scd/command.c (cmd_keyinfo): New.
(send_keyinfo): New.

--

KEYGRIP_ACTION_LOOKUP is not yet used.  It will be used for directly
asking PK* action to determine an APP.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-25 14:49:49 +09:00
NIIBE Yutaka
e769609cd3 scd: Allow KEYGRIP as KEYIDSTR.
* scd/app-openpgp.c (struct app_local_s): Add keygrip_str.
(store_keygrip): New.
(read_public_key): Call store_keygrip to hold keygrip.
(get_public_key): Likewise.
(send_keypair_info): Use stored keygrip_str.
(check_keyidstr): Allow use of KEYGRIP.
(do_check_pin): Allow use of KEYGRIP of signing slot.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-23 10:51:01 +09:00
NIIBE Yutaka
b0f0791e4a scd: Factor out a function to check keyidstr.
* scd/app-openpgp.c (check_keyidstr): New.
(do_sign, do_auth, do_decipher, do_check_pin): Use check_keyidstr.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-22 20:34:36 +09:00
Werner Koch
958172cc3a
scd:piv: Fix RSA decryption.
* scd/app-piv.c (do_decipher): Fixup leading zero byte.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-04 12:52:09 +02:00
NIIBE Yutaka
f1cf799a37 scd: Better handling of timeout and time extension.
* scd/ccid-driver.c (CCID_CMD_TIMEOUT_LONGER): Remove.
(ccid_transceive): Don't use x4 blindly for bBWI, but use dynamically
determined value.  Use value from variable wait_more for bulk_in.
Set wait_more by the value of time extension request.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-04 15:58:21 +09:00
Werner Koch
679b8f1c04
scd: New options --info and --info-only for READKEY.
* scd/command.c (cmd_readkey): New options --info and --info-only.
* scd/app.c (app_readkey): New arg 'flags'.
* scd/app-common.h (APP_READKEY_FLAG_INFO): New.
(struct app_ctx_s): New args 'ctrl' and 'flags' for member readkey.
Change all implementers.
* scd/app-nks.c (do_readkey): Stub implementation of
APP_READKEY_FLAG_INFO.
* scd/app-openpgp.c (do_readkey): Implement APP_READKEY_FLAG_INFO.
* scd/app-piv.c (do_readkey): Ditto.
--

This feature allows to quickly get the keygrip and in most cases also
the usage flags for one specific keyref.  Example:

 <- readkey --info-only  PIV.9D
 -> S KEYPAIRINFO FC6061FB457224370B85C6F34DD56CD29E669620 PIV.9D e
 -> OK

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 17:31:39 +02:00
Werner Koch
2b1135cf92
scd: New standard attributes $ENCRKEYID and $SIGNKEYID.
* g10/call-agent.c (agent_scd_keypairinfo): Use --keypairinfo.
* sm/call-agent.c (gpgsm_agent_scd_keypairinfo): Ditto.
* scd/app-openpgp.c (do_getattr): Add attributes "$ENCRKEYID" and
"$SIGNKEYID".
* scd/app-piv.c (do_getattr): Ditto.
--

We already have $AUTHKEYID to locate the keyref of the key to be used
with ssh.  It will also be useful to have default keyref for
encryption and signing.  For example, this will allow us to repalce
the use of "OPENPGP.2" by a app type specific keyref.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 13:16:22 +02:00
Werner Koch
97feef8ee9
scd: New option --application-priority.
* scd/scdaemon.c (oApplicationPriority): New.
(opts): Add "application_priority".
(main): Process option.
* scd/app.c (app_update_priority_list): New.
(get_supported_applications): Take apps from global list.

* tools/gpgconf-comp.c (gc_options_scdaemon): Add option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-28 17:38:05 +01:00
Werner Koch
5a3055eb72
scd: Support reading the Yubikey 4 firmware version.
* scd/app.c (app_new_register): Detect yk4 version numbers.
--

Having the version of the yubikey is important to select which other
methods can be used with a Yubikey.  Note that we do not detect the
formfactor of a Yubikey 4 and instead use 0 for our serial number
prefix.  This does not affect app-openpgp becuase there we use the app
specific serial number.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-27 17:35:50 +01:00
Werner Koch
5a96db65e5
doc: Add a spec comment to app-piv.c
--
2019-03-22 12:29:02 +01:00
Werner Koch
393269948c
scd: Refactor the app selection code.
* scd/app.c (app_priority_list): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-22 09:44:04 +01:00
NIIBE Yutaka
f199b627ce Fix the previous commit.
* g10/ecdh.c (kek_params_table): Revert the change.
* scd/app-openpgp.c (ecdh_params): Use CIPHER_ALGO_AES256
for 384-bit key.

--

Avoiding CIPHER_ALGO_AES192 is intentional here.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-03-14 08:23:38 +09:00
NIIBE Yutaka
af3efd149f g10: Fix symmetric cipher algo constant for ECDH.
* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for
ECC strength 384, according to RFC-6637.

--

Reported-by: Trevor Bentley
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-03-13 09:12:14 +09:00
Werner Koch
8d4af54ddd
card: Print card version. Check for bad Yubikeys.
* scd/app.c (app_new_register): Set card version for Yubikeys.
(app_write_learn_status): Print CARDVERSION and APPVERSION.
* tools/card-call-scd.c (learn_status_cb): Detect them.
* tools/gpg-card.h (struct card_info_s): Add appversion and
cardversion.
* tools/gpg-card.c (list_openpgp): Remove version printing from serial
number.
(print_a_version): New.
(list_card): Print card and app version.
(cmd_generate): Do not allow broken Yubikeys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 17:40:08 +01:00
Werner Koch
64caa6a082
scd: Rename a shared info field name.
* scd/app-piv.c (app_select_piv):
* scd/app-common.h (struct app_ctx_s): Rename 'card_version' to
'cardversion'.  Rename all users.  Add 'appversion'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 17:17:39 +01:00
Werner Koch
e897e1e255
scd:piv: Implement import of private keys for Yubikeys.
* scd/app-piv.c (concat_tlv_list): Add arg 'secure' and adjust
 callers.
(writekey_rsa, writekey_ecc): New.
(do_writekey): New.
(do_writecert): Provide a better error message for an empty cert.
(app_select_piv): Register do_writekey.
* scd/iso7816.c (iso7816_send_apdu): New.
* scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New.
* agent/command.c (cmd_keytocard): Make the timestamp optional.
* tools/card-call-scd.c (inq_writekey_parms): Remove.
(scd_writekey): Rewrite.
* tools/gpg-card.c (cmd_writekey): New.
(enum cmdids): Add cmdWRITEKEY.
(dispatch_command, interactive_loop): Call cmd_writekey.
--

This has been tested with gpgsm and RSA keys.  For ECC keys only
partly tested using the sample OpenPGP nistp256 and nistp384 keys
because gpgsm does not yet support ECC certificates and thus we can't
write the certificates to the cert object after a writekey.  Note that
they nevertheless show up in "gpgcard list" because gpg-card searches
for them in gpg and gpgsm.  However, this does not work completely.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 15:49:20 +01:00
Werner Koch
51df13d9ec
scd:piv: Add feature to read Yubikey attestation certificates.
* scd/app-piv.c (do_readcert): Add hack to read Yubikey attestaions.
--

Use
  gpg-card 'readcert PIV.ATST.9A >x.crt'
to store the attestation certificate for 9A into X.CRT.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-01 14:04:29 +01:00