1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

66 Commits

Author SHA1 Message Date
Werner Koch
438b7881ba
card: Remove command "key-attr" and hack on "generate".
* tools/gpg-card.h (struct key_attr): Remove.
(struct key_info_s): Remove key_attr.  Add keyalgo and keyalgo_id.
* tools/card-call-scd.c (learn_status_cb): Rework the key-attr info.
* tools/gpg-card.c (list_one_kinfo): Always show the algorithm; if
there is no key show the key attributes instead.
(list_openpgp): Do not print the "Key attributes".
(generate_key): Factor the repalce key pormpt out to ...
(ask_replace_keys): new.
(generate_openpgp): Rename to generate_all_openpgp_card_keys and add
an algo parameter.
(generate_generic): Rename to generate_key.  Prepare generation of a
single OpenPGP key.
(cmd_generate): Revamp.
(ask_card_rsa_keysize): Remove.
(ask_card_keyattr): Remove.
(do_change_keyattr): Remove.
(cmd_keyattr): Remove.
(enum cmdids): Remove cmdKEYATTR.
(cmds): Ditto.
(dispatch_command): Ditto.
(interactive_loop): Ditto.
--

This change shows the key attributes of an OpenPGP card instead of the
key's algorithm if no key exists.  It also remove the key-attr command
because for uniformity it is better to do this directly in
scd/app-openpgp.c At least for this new gpg-card tool.

There a couple of other changes but to the generate command but they
are not yet ready.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 14:12:36 +01:00
Werner Koch
9df9996b41
card: Support brainpool curves in the generate command.
* tools/gpg-card.c (cmd_generate): Add brainpool curves and dummy name
"help".

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 14:02:59 +01:00
Werner Koch
8bbc4f0d2c
card: Add new OpenPGP card vendor.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-28 15:49:18 +01:00
Werner Koch
da2ccfdbeb
card: Add new OpenPGP card vendor
--
2020-01-21 11:15:47 +01:00
Werner Koch
bd85f9232a
card: Allow switching of cards and applications.
* tools/card-call-scd.c (struct card_cardlist_parm_s): Add field
with_apps.
(card_cardlist_cb): Handle the new with_apps flag.
(scd_switchcard): New.
(scd_switchapp): New.
(scd_applist): New.
(scd_serialno): Pass --all also in --demand mode.

* tools/gpg-card.c (cmd_list): Simplify switching of cards.  Add
switching of alls.  Print a list of apps per card.
--

Note that the output format of "list --card" slightly changes: The
current card is indicated with an asterisk.  That should not harm any
robust parsers which might already be in use.  It is anyway a
development version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-16 21:28:45 +01:00
Werner Koch
b3226d91d0
gpg: Use modern spelling for the female salutation.
--
GnuPG-bug-id: 4682

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-22 10:24:16 +02:00
Werner Koch
bcca3acb87
card: Allow card selection with LIST.
* tools/card-call-scd.c (start_agent): Request serialno only whean
started.
(scd_serialno): Allow NULL for r_serialno.
* tools/gpg-card.c (cmd_factoryreset): Use changed scd_serialno.
(cmd_list): New.
(dispatch_command): Use cmd_list for cmdLIST.
(interactive_loop): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 10:27:08 +02:00
Werner Koch
f952226043
common: Extend function pubkey_algo_string.
* common/sexputil.c (pubkey_algo_string): Add arg R_ALGOID.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Adjust.
* tools/gpg-card.c (list_one_kinfo): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-02 18:50:55 +02:00
Werner Koch
80c069b5e1
card: For passwd add a PIV menu and make the OpenPGP menu optional.
* tools/gpg-card.c (get_selection): New.
(cmd_passwd): Reworked.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-28 14:46:05 +01:00
Werner Koch
2f761251c5
card: Allow "yubikey disable" only for Yubikey-5 and later.
* tools/card-yubikey.c (yubikey_commands): Add new arg INFO and test
for Yubikey-5.
* tools/gpg-card.c (cmd_yubikey): Pass info to yubikey_commands.
--

The configuration can be read from a Yubikey-4 but not be written.
The mode command is also not useful because it allows only the
selection of transports.  It does not allow to disable single
applications based on one transport (like OPGP and PIV).  Thsi patch
shows an appropriate error message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-28 10:57:27 +01:00
Werner Koch
4e1f04a4cd
card: Allow PEM encoded certificates in "writecert".
* tools/gpg-card.c (cmd_writecert): Convert from base64.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 12:40:45 +01:00
Werner Koch
772bba34ea
card: Print the keyref also for non-initialized slots.
* tools/gpg-card.c (list_one_kinfo): Add arg label_keyref and change
callers.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 10:25:31 +01:00
Werner Koch
8d4af54ddd
card: Print card version. Check for bad Yubikeys.
* scd/app.c (app_new_register): Set card version for Yubikeys.
(app_write_learn_status): Print CARDVERSION and APPVERSION.
* tools/card-call-scd.c (learn_status_cb): Detect them.
* tools/gpg-card.h (struct card_info_s): Add appversion and
cardversion.
* tools/gpg-card.c (list_openpgp): Remove version printing from serial
number.
(print_a_version): New.
(list_card): Print card and app version.
(cmd_generate): Do not allow broken Yubikeys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 17:40:08 +01:00
Werner Koch
e897e1e255
scd:piv: Implement import of private keys for Yubikeys.
* scd/app-piv.c (concat_tlv_list): Add arg 'secure' and adjust
 callers.
(writekey_rsa, writekey_ecc): New.
(do_writekey): New.
(do_writecert): Provide a better error message for an empty cert.
(app_select_piv): Register do_writekey.
* scd/iso7816.c (iso7816_send_apdu): New.
* scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New.
* agent/command.c (cmd_keytocard): Make the timestamp optional.
* tools/card-call-scd.c (inq_writekey_parms): Remove.
(scd_writekey): Rewrite.
* tools/gpg-card.c (cmd_writekey): New.
(enum cmdids): Add cmdWRITEKEY.
(dispatch_command, interactive_loop): Call cmd_writekey.
--

This has been tested with gpgsm and RSA keys.  For ECC keys only
partly tested using the sample OpenPGP nistp256 and nistp384 keys
because gpgsm does not yet support ECC certificates and thus we can't
write the certificates to the cert object after a writekey.  Note that
they nevertheless show up in "gpgcard list" because gpg-card searches
for them in gpg and gpgsm.  However, this does not work completely.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 15:49:20 +01:00
Werner Koch
280baee72d
card: Remove the "admin" command.
* tools/gpg-card.c (cmd_passwd): Remove arg allow_admin.
(enum cmdids): Rename cmdAUTHENTICATE to cmdAUTH and cmdFACTORYRESET
to cmdFACTRST.
(cmds): Remove column 'admin_only'.
(interactive_loop): Remove admin_only stuff.
--

That command has always been an annoyance.  Symbols have been renamed
for source cosmetics.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-01 12:20:24 +01:00
Werner Koch
28de5c0ea5
card: Rename gpg-card-tool to gpg-card.
* tools/card-tool-keys.c: Rename to card-keys.c.
* tools/card-tool-misc.c: Rename to card-misc.c.
* tools/card-tool-yubikey.c: Rename to card-yubikey.c.
* tools/card-tool.h: Rename to gpg-card.h.
* tools/gpg-card-tool-w32info.rc: Rename to gpg-card-w32info.rc
* doc/card-tool.texi: Rename top gpg-card.texi

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-02-25 09:34:30 +01:00