* scd/ccid-driver.c (intr_cb): Handle the case of multiple messages.
--
Backport master commit of:
7cbb513a2d
SPR532 USB Smart Card Reader (also know as SPR332) may send two
messages at once for a single interrupt transfer. An example transfer
observed was like: 50 03 50 02, which is considered valid, according
to the CCID specification.
GnuPG-bug-id: 5065
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (CCID_CMD_TIMEOUT_LONGER): Remove.
(ccid_transceive): Don't use x4 blindly for bBWI, but use dynamically
determined value. Use value from variable wait_more for bulk_in.
Set wait_more by the value of time extension request.
--
Backport master commit of:
f1cf799a37
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.h (CCID_DRIVER_ERR_USB_*): New error codes.
* scd/apdu.h: New SW_HOST error codes.
* scd/apdu.c (host_sw_string): Print them
* scd/ccid-driver.c (map_libusb_error): New.
(ccid_open_usb_reader, bulk_in, abort_cmd): Map libusb error codes.
* scd/iso7816.c (map_sw): Map new codes to gpg-error.
--
Backport from master commit:
9a8d7e41bb
This change will help to get low level error conditions from hipher
application code.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/ccid-driver.c (ccid_open_usb_reader): Alway submit SET_INTERFACE
control transfer.
--
Backport from master commit:
611faf1579
This handling is not mondatory, but it's better to do so, because
there are card reader with pinpad and token with ack button, which
support user interaction.
User interaction status should be reset at open time. The status
should be reset when the session is closed/stopped. In practice,
since cleanup routine in a driver may not be called properly, it's
good to submit SET_INTERFACE at open time.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (print_error) [TEST]: Add missing break. Note
that this is anyway an impossible case.
--
Backport master commit of:
8fb14d3b3f
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (verify_chv2): Check availability of keys in
question.
--
Backport master commit of:
af189be481
With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available,
it fails decrementing the signature error counter. This change
can avoid the issue.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/logging.c (log_printhex): Chnage order of args. Make it
printf alike. Change all callers.
* configure.ac: Add -Wno-format-zero-length
--
This makes it consistent with modern libgpgrt logging and thus eases
back porting from newer GnuPG versions which use libgpgrt logging.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (make_pin_prompt): Factor some code out to ...
(get_dispserialno): this.
(do_getattr): Use new fucntion for a $DISPSERIALNO.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (struct prkdf_object_s): New fields common_name and
serial_number.
(release_prkdflist): Free them.
(keygrip_from_prkdf): Parse cert and set them.
(any_control_or_space): New.
(make_pin_prompt): New.
(verify_pin): Construct a pretty PIN prompt.
(do_sign): Remove debug output.
--
The D-Trust card has the SerialNumber part of the Subject printed on
the front matter, we assume this is also possible with other cards and
thus we show this as serial number.
The holder of the card is also extracted from the card's subject.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/iso7816.c (map_sw): Detect 0x63Cn status code.
--
I really wonder when that got lost and we ended up with a simple card
error.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master.
* scd/iso7816.c (iso7816_select_mf): New.
* scd/app-p15.c (card_product_t): New.
(struct app_local_s): Add field 'card_product'.
(read_ef_tokeninfo): Detect D-Trust card.
(prepare_verify_pin): Switch to D-Trust AID.
(do_decipher): Restore a SE for D-TRust cards. Change the padding
indicator to 0x81.
* common/percent.c (percent_data_escape): new. Taken from master.
--
Using what I learned from a USB trace running the Governikus Signer
Software on Windows this fixes the left over problem with the new
D-Trust card support.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master. This required to add the percent_data_escape
function we introduced in master on 2018-07-02:
commit 58baf40af6
common: New function percent_data_escape.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (read_ef_tokeninfo): Store manufacturer_id.
(do_getattr): Implement MANUFACTURER, $ENCRKEYID and $SIGNKEYID.
(send_keypairinfo): Also print usage flags.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (get_manufacturer): New..
(do_getattr): Add new attribute "MANUFACTURER".
(do_learn_status): Always print it.
--
This will make it easy to maintain the list of OpenPGP vendors at just
one place.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master:
.. or well in master and 2.2
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c: Rename keyinfo to prkdf.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master. Removed the do_with_keygrip related parts
because that function is not available.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified.
(verify_pin): Make use of it.
--
Theee is still a problem with the APDUs we send: Switching between
signing and decryption does work but not in the other way.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (do_decipher): Get the keygrip.
--
This was lost during the backport.
Fixes-commit: 4af38ea5e4
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (do_decipher): New.
--
tested using the D-TRUSt card and a SCR3310 reader. The Kobil KAAN
Advanced, I used for the signing tests could not be used because it
supports only Short APDU Level exchange.
Signed-off-by: Werner Koch <wk@gnupg.org>
Back ported from master.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (do_sign): Factor code out to ...
(prepare_verify_pin, verify_pin): new functions.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
Bakc ported from master
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg
r_pkey and change all callers.
(app_help_get_keygrip_string): Ditto.
* scd/app-p15.c (struct cdf_object_s): Use bit flags
(struct aodf_object_s): Ditto. Add field 'fid'.
(struct prkdf_object_s): Ditto. Add fields keygrip, keyalgo, and
keynbits.
(parse_certid): Allow a keygrip instead of a certid aka keyref.
(read_ef_aodf): Store the FID.
(keygripstr_from_prkdf): Rename to ...
(keygrip_from_prkdf): this. Remove arg r_gripstr and implement cache.
Change callers to directly use the values from the object. Also store
the algo and length of the key ion the object.
(keyref_from_keyinfo): New. Factored out code.
(do_sign): Support SHA-256 and >2048 bit RSA keys.
common/scd:p15: Support signing with CardOS 5 cards.
* common/util.h (KEYGRIP_LEN): New.
--
This has been tested with a D-Trust card featuring 3072 bit keys.
Note that non-repudiation key for a qualified signature does not yet
work because we do not yet support rsaPSS padding. Thus a gpgsm
--learn shows a couple of Bad Signature errors for this key.
Signed-off-by: Werner Koch <wk@gnupg.org>
Back ported from master:
- Removed do_with_keygrip
- Added KEYGRIP_LEN
- app_help_get_keygrip_string_pk actually added.
- Move keygrip_from_prkdf in do_sign before the verification.
It used to work in master only because there it is implictly
called prior to signing by do_with_keygrip
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/iso7816.c (iso7816_read_binary): Factor code out to ...
(iso7816_read_binary_ext): new function. Add arg extended_mode.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
This removes almost all log_debug calls and uses opt.verbose and
log_info to show card information. Also avoid too long and thus
harder to read lines.
Signed-off-by: Werner Koch <wk@gnupg.org>
(back ported from master)
* scd/app-p15.c (read_ef_odf): Detect the home_DF on the fly. Silence
the garbage warning for null bytes.
(print_tokeninfo_tokenflags): New.
(read_ef_tokeninfo): Print manufacturer, label, and flags.
(app_select_p15): No need to use the app_get_slot macro.
(CARD_TYPE_CARDOS_50): New const.
(card_atr_list): Detect CardOS 5.0
--
The card under test is a "Test-Signaturkarte D-TRUST Card 3.1" for a
mere 49 Euro and no specs available. D-Trust is a branch of the
German Bundesdruckerei. Compare that to Telesec and Yubikey who have
always been nice enough to send bunches of sample cards without a need
to wade through lots of forms and not even asking for money. Guess
which cards I prefer.
Signed-off-by: Werner Koch <wk@gnupg.org>
(backported from master)
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C. Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.
* g10/main.h: Put util.h before the local header files.
--
This change is required for use with gcc/ld's LTO feature which does
not allow common blocks. Further gcc 10 will make -fno-common the
default and thus this chnage is always needed. What a pitty.
Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/ccid-driver.h (GEMPC_EZIO): New.
* scd/ccid-driver.c (ccid_transceive_secure): Support GEMPC_EZIO.
--
This is backport from master.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/call-agent.c (agent_scd_keypairinfo): Use --keypairinfo.
* sm/call-agent.c (gpgsm_agent_scd_keypairinfo): Ditto.
* scd/app-openpgp.c (do_getattr): Add attributes "$ENCRKEYID" and
"$SIGNKEYID".
* scd/app-nks.c (do_getattr): Add attributes too.
--
We already have $AUTHKEYID to locate the keyref of the key to be used
with ssh. It will also be useful to have default keyref for
encryption and signing. For example, this will allow us to replace
the use of "OPENPGP.2" by a app type specific keyref.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 2b1135cf92)
Removed changes for the non-existing app-piv.c.
Added support for NKS.
* g10/card-util.c (current_card_status): String changes.
(change_sex): Description change.
(cmds): Add "salutation"; keep "sex" as an alias.
--
Note that we can't change the used values or tags but at least the UI
should show reflect the real purpose of the field.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 166f3f9ec4)
* scd/ccid-driver.c (bulk_in): Increase timeout by the multiplier
value as defined section 6.2.6 in CCID specification.
--
Backport master commit of:
996c497a86
For TPDU level transfer, it was handled. This is fix for APDU level
transfer.
GnuPG-bug-id: 4646
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (ccid_transceive_apdu_level): Use bBWI=0 for APDU
level transfer.
(ccid_transceive): Use bBWI=0 or the value returend by WTX for TPDU
level transfer.
--
Backported master commit of:
858dc95643
GnuPG-bug-id: 4654
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for
ECC strength 384, according to RFC-6637.
--
Reported-by: Trevor Bentley
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit af3efd149f)
* scd/app-openpgp.c (do_setattr): Add new table item to flush a
different tag.
--
For whatever reasons the OpenPGP card reads the 3 CA fingerprints from
one object but sets them individually using 3 different tags. The
cache flushing was not prepared for this and so a changed CA
fingerprint showed only up after a card reset. This patch fixes it.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c9f4c1f0de)
Fixed conflict by removing the UIF-* entries from the table.
* scd/app.c (app_genkey): Add arg keytype.
* scd/app-common.h (struct app_ctx_s): Fitto for the genkey member.
* scd/command.c (cmd_genkey): Adjust for change.
* scd/iso7816.c (do_generate_keypair): Replace arg read_only by new
args p1 and p2.
(iso7816_read_public_key): Adjust for this.
(iso7816_generate_keypair): Add new args p1 and p2.
* scd/app-openpgp.c (do_genkey): Adjust for changes.
--
The OpenPGP card creates keys according to parameters read from a data
object. Other cards we are about to implement require a direct
specification of the requested keytype. This patch implements the
required changes.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9a9cb0257a)
* scd/app-common.h (APP_GENKEY_FLAG_FORCE): New.
* scd/app.c (app_change_pin): Rename arg reset_mode to flags and
change from int to unsigned int.
--
This is basically a documentation fix.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c26af8ac26)
* scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with
"OPENPGP."
--
The generic keyref allows for better error detection in case a keyref
is send to a wrong card. This has been taken from master commit
3231ecdafd which has additional changed
for gpg-card-tool, which is only available there.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (cmd_passwd): Add option --clear.
(send_status_printf): New.
* scd/app-common.h (APP_CHANGE_FLAG_CLEAR): New.
* scd/app-nks.c (do_change_pin): Return an error if that option is
used.
* scd/app-openpgp.c (do_change_pin): Ditto.
--
Card application may support this option to clear the PIN verification
status of a specific PIN.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 29929e6552)
* scd/apdu.c (apdu_send_direct): New arg R_SW.
* scd/command.c (cmd_apdu): Ditto.
* scd/iso7816.c (iso7816_apdu_direct): New arg R_SW.
(iso7816_general_authenticate): New.
* scd/app-nks.c (get_chv_status, get_nks_version): Pass NULL for new
arg.
--
iso7816_general_authenticate will be used for the PIV card support.
The new arg to iso7816_apdu_direct and apdu_send_direct allows to get
the raw status word back without the need to handle an output buffer.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 70bb5c7931)
* scd/ccid-driver.c (intr_cb): When LIBUSB_TRANSFER_NO_DEVICE,
just handle this event as failure.
--
Cherry-picked from master commit:
5ab3bc422a
It used to try another interrupt transfer request to make sure
if it fails again.
GnuPG-bug-id: 4308
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (do_sign): Clear DID_CHV1 after signing.
--
Cherry-picked from master commit of:
78f542e1f4
We have a corner case: In "not forced" situation and authenticated,
and it is changed to "forced", card implementaiton can actually accept
signing, but GnuPG requires authentication, because it is "forced".
GnuPG-bug-id: 4177
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/card-util.c (gen_kdf_data): Support single salt.
(kdf_setup): Can have argument for single salt.
* scd/app-openpgp.c (pin2hash_if_kdf): Support single salt.
--
Gnuk has "admin-less" mode. To support "admin-less" mode with KDF
feature, salt should be same for user and admin. Thus, I introduce a
valid use of single salt.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (change_rsa_keyattr): Try usual RSA.
--
In the OpenPGP card specification, there are multiple options to
support RSA (having P and Q or not, etc.), and it is implementation
dependent. Since GnuPG doesn't have knowledge which card
implementation support which option and there is no way (yet) for card
to express itself which key attributes are supported, we haven't
supported key attribute change back to RSA. But, many card
implementation uses P and Q, try this option. If other cases,
factory-reset would be easier option.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (setup_signal_mask): New.
(main): Call setup_signal_mask.
(handle_connections): Remove signal mask setup.
--
For new thread, signal mask is inherited by thread creation.
Thus, it is best to setup signal mask just after npth_init.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (intr_cb): Try submitting INTERRUPT urb
to see if it's suspend/resume.
--
Upon suspend/resume, LIBUSB_TRANSFER_NO_DEVICE is returned, since all
URBs are cancelled. We need to see if it's real NODEV error or its by
suspend/resume. We can distinguish by sending URB again.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* configure.ac (require_pipe_to_unblock_pselect): Default is "yes".
* scd/scdaemon.c (scd_kick_the_loop): Minor clean up.
--
Normally SIGCONT or SIGUSR2 works for unblocking pselect. But on my
machine with GNU/Linux, when a machine is suspend/resume-ed, pselect
keeps blocked, while signal itself is delivered.
It's better to use pipe.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (struct reader_table_s): Add field of current_state.
(new_reader_slot): Initialize current_state.
(pcsc_get_status): Keep the status in READER_TABLE array.
Return SW_HOST_NO_READER when PCSC_STATE_CHANGED.
* scd/scdaemon.c (handle_connections): Silence a warning.
--
To detect some change of card status, including suspend/resume
possibly, SCardGetStatusChange should be used keeping the
dwCurrentState field.
This change could improve situation for suspend/resume with Yubikey on
Windows. Even not, this is doing the Right Thing.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/asshelp2.c (vprint_assuan_status_strings): New.
(print_assuan_status_strings): New.
* agent/command.c (agent_write_status): Replace by call to new
function.
* dirmngr/server.c (dirmngr_status): Ditto.
* g13/server.c (g13_status): Ditto.
* g13/sh-cmd.c (g13_status): Ditto.
* sm/server.c (gpgsm_status2): Ditto.
* scd/command.c (send_status_info): Bump up N.
--
This fixes a potential overflow if LFs are passed to the status
string functions. This is actually not the case and would be wrong
because neither the truncating in libassuan or our escaping is not the
Right Thing. In any case the functions need to be more robust and
comply to the promised interface. Thus the code has been factored out
to a helper function and N has been bumped up correctly and checked in
all cases.
For some uses this changes the behaviour in the error case (i.e. CR or
LF passed): It will now always be C-escaped and not passed to
libassuan which would truncate the line at the first LF.
Reported-by: private_pers
* scd/app-openpgp.c (get_cached_data): Return NULL for Data Object
with no data.
--
When GET_DATA returns no data with success (90 00), this routine
firstly returned buffer with length zero, and secondly (with cache)
returned NULL, which is inconsistent. Now, it returns NULL for both
cases.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* configure.ac (HAVE_PSELECT_NO_EINTR): New.
* scd/scdaemon.c (scd_kick_the_loop): Write to pipe.
(handle_connections): Use pipe.
--
On NetBSD, signal to the same process cannot unblock pselect,
with unknown reason. Use pipe instead, for such systems.
GnuPG-bug-id: 3778
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (do_close_reader): Set NULL on close.
(bulk_in): Move DEBUGOUT and check by EP_INTR.
(ccid_get_atr): Clear powered_off flag after initial status check.
--
Many card readers automatically turn on inserted card, but some
defaults to turning off at start.
GnuPG-bug-id: 3508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/gpg-agent.c (oListenBacklog): New const.
(opts): New option --listen-backlog.
(listen_backlog): New var.
(main): Parse new options.
(create_server_socket): Use var instead of 5.
* dirmngr/dirmngr.c: Likewise.
* scd/scdaemon.c: Likewise.
--
GnuPG-bug-id: 3473
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/apdu.c (open_ccid_reader): Fix error handling of ccid_get_atr.
* scd/app.c (select_application): Always kick the loop if new APP.
* scd/ccid-driver.c (ccid_open_usb_reader): Don't setup at open.
(ccid_slot_status): Setup interrupt transfer when !ON_WIRE.
--
We can use the interrupt transfer to be notified about card status
change. In this case, we don't need to issue PC_to_RDR_GetSlotStatus
command. This change improve the setup the notification; it should be
done after registration of APP.
When the setup is done just after opening the USB connection (before
issuing PC_to_RDR_IccPowerOn), a reader might notifies about no card
availability (because of not yet powered on), even though the card is
ready to be powered on.
GnuPG-bug-id: 3508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (determine_rsa_response): Round bits up.
--
Co-authored-by: Arnaud Fontaine <arnaud.fontaine@ssi.gouv.fr>
Arnaud wrote:
Actually, when the incorrect expected response length (i.e. Le
field) is transmitted to the card, the card's answer is missing a
byte (i.e. ... 6101) so an additional command has to be sent to the
card to retrieve the last byte. Using the correct length avoids to
send the additional command to retrieve the missing byte, when the
computed length is wrong.
Note that an value of 65537 for E is pretty standard and thus we can
avoid the 6101 return code inmost cases.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (main): Always to the chdir.
* dirmngr/dirmngr.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
--
Note that only dirmngr did not call the chdir with --no-detach. thus
we kept it this way.
Tested gpg-agent by checking the properties shown by procexp.
Gnupg-bug-id: 2670
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c [HAVE_W32_SYSTEM]: Include <direct.h>.
(main) [HAVE_W32_SYSTEM]: Change working directory to \.
* dirmngr/dirmngr.c [HAVE_W32_SYSTEM]: Include <direct.h>.
(main) [HAVE_W32_SYSTEM]: Change working directory to \.
* scd/scdaemon.c [HAVE_W32_SYSTEM]: Include <direct.h>.
(main) [HAVE_W32_SYSTEM]: Change working directory to \.
Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2670
* scd/ccid-driver.c (intr_cb): Only kick the loop for removal.
(bulk_in): Don't set POWERED_OFF when interrupt transfer is enabled.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (data_objects): Special DOs like "Login Data",
"URL", "Private DO N" can be longer size >= 256.
(struct app_local_s): Define bits for v3 card.
(get_cached_data): Use extcap.max_special_do for special DOs.
(app_select_openpgp): Detect if extcap_v3, kdf_do, and other bits.
--
GnuPG-bug-id: 3262
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-reader.c (scan_usb_device): Only for scan mode, so, rename
from scan_or_find_usb_device.
(scan_devices): Likewise. Remove support of special transport types.
(ccid_get_reader_list): Simplify.
(abort_cmd): Fix error return.
(send_escape_cmd): Fix for RESULTLEN == NULL.
(ccid_transceive_secure): Remove unnecessary var updates.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (CCID_CMD_TIMEOUT): Back to original value.
(CCID_CMD_TIMEOUT_LONGER): New.
(ccid_transceive): Add kludge for key generation.
--
At key generation of longer key size, OpenPGP card sends back "time
extension" with BWI=100, which is unusual value in the protocol and it
actually requires host having longer timeout like 43 seconds.
Reported-by: Szczepan Zalega <szczepan@nitrokey.com>
Fixes-commit: 6510df3a7c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-dinsig.c (do_sign): Remove assignment to HASHALGO.
* scd/app-p15.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_aodf): Likewise.
(read_ef_cdf): Change the control to parse_error.
* scd/app-sc-hsm.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_prkd): Remove assign to S.
(read_ef_prkd): Check if PRKDF is not null.
(read_ef_cd): Likewise for CDF.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (notify_fd): Remove.
(the_event) [W32]: New.
(main_thread_pid) [!W32]: New.
(handle_signal): Handle SIGCONT.
(scd_kick_the_loop): Use signal on UNIX and event on Windows.
(handle_connections): Likewise.
--
Code with CreateEvent is copied from gpg-agent.c.
Code for signal is copied from dkg's gpg-agent-idling in Debian.
GnuPG-bug-id: 2982
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (get_prompt_info): Change texts.
* agent/call-pinentry.c (struct entry_features): New.
(getinfo_features_cb): New.
(start_pinentry): Set new fucntion as status callback.
(build_cmd_setdesc): New. Replace all snprintf for SETDESC by this
one.
--
Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/app-openpgp.c (get_prompt_info): Change wording and order
slightly.
--
The word "Card" was repeated too much in the prompt and moving
signatures to the bottom results in a more consistent layout
between the prompts with signcount and the prompts without.
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* scd/app-openpgp.c (get_disp_name): New.
(get_disp_serialno): New.
(get_prompt_info): New.
(build_enter_admin_pin_prompt): Rework the prompt texts. Factor some
code out to ...
(get_remaining_tries): New.
(verify_a_chv): Print a remaining counter also for the standard PIN.
Rework the prompt texts.
* agent/divert-scd.c (ask_for_card): Pretty format an OpenPGP serial
no.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-common.h (struct app_ctx_s): Add reset_requested.
* scd/app.c (app_reset): Locking APP, set reset_requested.
(deallocate_app): Release the lock.
(release_application): Add LOCKED_ALREADY argument.
(scd_update_reader_status_file): Hold the lock when accessing APP.
When reset_requested is set, close the reader and deallocate APP.
* scd/command.c (open_card_with_request, cmd_restart): Follow the
change of release_application.
(send_client_notifications): Here it calls release_application holding
the lock.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (release_application_internal): Remove.
(release_application): Merge release_application_internal.
(app_reset): Kick the loop and let close the reader. Sleep is
required here to wait closing.
(scd_update_reader_status_file): When APP is no use, close it.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (apdu_open_reader): Add an argument APP_EMPTY.
When CCID driver fails to open, try PC/SC if APP is nothing.
* scd/app.c (select_application): Supply arg if APP is nothing.
--
After scanning available card readers by CCID driver, scdaemon should
try PC/SC service if no APP is registered yet. Also, when the slot
is allocated for PC/SC (ccid.handle==NULL), it should not call
ccid_compare_BAI, otherwise scdaemon crashes.
Debian-bug-id: 852702, 854005, 854595, 854616
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (get_active_connection_count): New.
(start_connection_thread): Bump ACTIVE_CONNECTIONS up and down.
* scd/command.c (cmd_getinfo): Add subcommand "connections".
--
Apply gpg-agent change to scdaemon. See the commit in 2016-08-06:
40d16029ed
Then, add kicking the loop, so that main loop can notice the change of
the connection.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (ticker_disabled): Remove.
(handle_tick, need_tick): Remove.
(handle_connections): Don't check ticker_disabled.
--
Now, removal of device/card is only done by the function
scd_update_reader_status_file, it should be called if needed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (select_application): Fix the logic if periodical check is
needed. If it is needed for newly found device(s), kick the loop.
(scd_update_reader_status_file): Return value if select(2) should be
called with timeout.
* scd/ccid-driver.c (ccid_require_get_status): Don't return 0 for
token with no interrupt transfer for now.
* scd/command.c (open_card_with_request): Fix scan by SERIALNO.
* scd/scdaemon.c (update_usb): Remove.
(handle_connections): Evaluate need_tick after handle_tick.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (get_status_reader): Add ON_WIRE arg, here.
(ct_get_status, pcsc_get_status_direct, pcsc_get_status_wrapped)
(pcsc_get_status, get_status_ccid, my_rapdu_get_status): Likewise.
(reset_pcsc_reader_wrapped, open_pcsc_reader_wrapped): Follow the
change.
(apdu_get_status_internal): It's lower-level driver which judge
it's not needed. Otherwise, it can't detect the removal.
* scd/ccid-driver.c (ccid_slot_status): After the POWERED_OFF check,
we can skip sending GetSlotStatus packet on wire, when no need.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Fixes-commit: c8eee4d396a751d41fd1ee1e1b87b851fca172a
* scd/ccid-driver.c (do_close_reader): Don't lock events, but check the
return value of libusb_cancel_transfer.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-common.h (struct app_ctx_s): Rename field to
periodical_check_needed.
* scd/scdaemon.c (update_usb): Rename from update_fdset_for_usb.
Don't use libusb_get_pollfds any more.
(scd_kick_the_loop): New.
(need_tick): Follow the rename.
(handle_connections): No libusb event handling here.
* scd/app.c (app_new_register): Follow the change of rename.
(select_application, scd_update_reader_status_file): Likewise.
* scd/ccid-driver.c (ccid_usb_thread_is_alive): New.
(intr_cb): Call scd_kick_the_loop.
(ccid_usb_thread): New. Thread to invoke INTERRUPT callback.
(ccid_open_usb_reader): Add thread invocation.
(ccid_require_get_status): Remove
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP.
(do_close_reader): Carefully handle handle->transfer.
(get_escaped_usb_string): Insert npth_unprotect/npth_protect.
(do_close_reader, bulk_out, bulk_in, abort_cmd, ccid_slot_status)
(ccid_transceive, ccid_transceive_secure): Likewise.
--
It found that libusb_get_pollfds is not supported on Windows.
Besides, it's a bit difficult to use for the select loop.
Thus, we use the thread named ccid_usb_thread, instead.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c(struct reader_table_s): Add require_get_status.
(apdu_connect): Change return value meaning. Call apdu_reset here.
* scd/app.c (app_new_register): Add require_get_status.
(select_application): Use the return value of apdu_connect.
(scd_update_reader_status_file): Call update_fdset_for_usb with
checking all_have_intr_endp.
(app_list_start, app_list_finish): Remove.
* scd/ccid-driver.c (struct ccid_driver_s): Add transfer.
(intr_cb): Don't call libusb_transfer in this callback.
(ccid_require_get_status): New.
(do_close_reader): Call libusb_transfer here.
* scd/scdaemon.c (update_fdset_for_usb): Remove the first argument.
--
With Gnuk Token, it works fine as expected. With Gemalto reader,
intr_cb is not called when card is removed. So, the macro
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP is not defined yet.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (update_fdset_for_usb): Wake up the select(2).
(handle_connections): Use a kind of "self-pipe" technique.
--
Use pipe to wake up select(2). If UNIX-only, signal could be used. For
portability, "self-pipe" is better, here. Setup for non-blocking for
pipe fds are not needed, because speed of USB device insertion is
limited by human physical interaction; No one can do hundreds of
device insertion/removal-s per second.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/logging.c (do_logv): Remove extra parentheses in comparison.
* dirmngr/dns-stuff.c (resolve_addr_libdns): Init RES so that
dns_res_close is given a defined value in the error case.
* dirmngr/http.c (cookie_read, cookie_write) [HTTP_USE_NTBTLS]: Fix
format string char.
* dirmngr/ks-engine-hkp.c (ks_hkp_help): Remove duplicate "const".
* dirmngr/ks-engine-http.c (ks_http_help): Ditto.
* dirmngr/ks-engine-kdns.c (ks_kdns_help): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_help): Ditto.
* scd/app-p15.c (send_keypairinfo, do_getattr): Fix format string
char.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Init PID for the
error case.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
* tools/gpgconf.c (query_swdb): Init VALUE_SIZE_UL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app.c (app_get_serial_and_stamp): Remove.
(app_get_serialno): New.
(app_write_learn_status): Use send_status_direct.
(app_getattr): Use app_get_serialno for SERIALNO and
send with send_status_direct.
* scd/app-openpgp.c (do_getattr): Likewise.
* scd/command.c (cmd_serialno): Don't send TIMESTAMP of 0.
(cmd_learn): Likewise. Don't inquire with TIMESTAMP of 0.
--
In the SERIALNO protocol, timestamp used to be considered, but had never
used at all. In the new implementation, removed card/token is always
detected and connection becomes invalid, no timestamp is required any
more. Examined scute and poldi as well for this protocol change.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (apdu_dev_list_finish): Don't call ccid_dev_scan_finish
with no table.
(apdu_open_reader): Only increment when it's zero.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (scan_or_find_usb_device): Don't scan for
configuration but use active configuration. Support alt_setting.
(scan_or_find_devices): Support alt_setting.
(ccid_open_reader): Support alt_setting.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (reader_table_lock, apdu_init): New.
(new_reader_slot): Serialize by reader_table_lock.
* scd/app.c (lock_app, unlock_app, app_new_register): Fix error code
usage.
(initialize_module_command): Call apdu_init.
* scd/scdaemon.c (main): Handle error for initialize_module_command.
--
This is a long standing bug. There are two different things; The
serialization of allocating a new SLOT, and the serialization of using
the SLOT. The latter was implemented in new_reader_slot by lock_slot.
However, the former was not done. Thus, there was a possible race where
a same SLOT is allocated to multiple threads.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (lock_app): Rename from lock_reader and use internal field
of APP.
(unlock_app): Likewise.
(app_dump_state): Use APP.
(application_notify_card_reset): Remove.
(check_conflict): Change API for APP, instead of SLOT.
(check_application_conflict): Likewise.
(release_application_internal): New.
(app_reset): New.
(app_new_register): New.
(select_application): Change API for APP, instead of SLOT.
(deallocate_app, release_application): Modify for manage link.
(report_change): New.
(scd_update_reader_status_file): Moved from command.c and
use APP list, instead of VREADER.
(initialize_module_command): Moved from command.c.
* scd/command.c (TEST_CARD_REMOVAL): Remove.
(IS_LOCKED): Simplify.
(vreader_table): Remove.
(vreader_slot, update_card_removed): Remove.
(do_reset): Call app_reset.
(get_current_reader): Remove.
(open_card): Add SCAN arg.
(cmd_serialno): No retry, since retry is done in lower layer in apdu.c.
No do_reset, since it is done in lower layer.
Add clearing card_removed flag.
(cmd_disconnect): Call apdu_disconnect.
(send_client_notifications): Modify for APP.
(update_reader_status_file): Remove.
--
APP is the abstraction of the card application. For management of
cards, it is better to focus on the APP instead of the physical reader.
This change makes support of multiple card/token easier.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (struct reader_table_s): Remove any_status, last_status,
status, and change_counter field.
(new_reader_slot, dump_reader_status, ct_activate_card, open_ct_reader)
(connect_pcsc_card, open_pcsc_reader_direct, open_pcsc_reader_wrapped)
(open_ccid_reader, apdu_reset): Follow the change.
(ct_dump_reader_status): Remove.
(apdu_get_status_internal, apdu_get_status): Remove CHANGED arg.
(apdu_connect): Follow the change.
* scd/command.c (struct vreader_s): Remove reset_failed, any, and
changed field.
(cmd_getinfo, update_reader_status_file): Follow the change.
--
In the past, scdaemon monitors card insertion (as well as removal), so
the code has been complicated, and there has been duplication in two
layers. Now, it only monitors card removal, it's now simplified.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (scan_or_find_usb_device): Fix return value.
Support device with multiple CCID interfaces. Fix the case with
READERNO. Support partial string match of "reader-port" like PC/SC
driver.
--
I don't know any device with multiple CCID interfaces, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg
R_ALGO and change all callers.
* common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code.
* g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO.
* g10/gpg.c (oDefaultNewKeyAlgo): New enum.
(opts): New option "--default-new-key-algo".
(main): Set the option.
* g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace
them by ...
(DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants.
(get_keysize_range): Remove arg R_DEF and return that value instead.
Change all callers.
(gen_rsa): Use get_keysize_range instead of the removed
DEFAULT_STD_KEYSIZE.
(parse_key_parameter_part): New function.
(parse_key_parameter_string): New function.
(quick_generate_keypair): Refactor using parse_key_parameter_string.
(generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--
This new option is intended to be used in the forthcoming
--set-profile command of gpgconf. It allows to provide a gpg
configuration with custom defaults for a new key using the simple
commands which use the default algorithm set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (struct app_local_s): Remove max_cmd_data and
max_rsp_data fields as Extended Capabilities bits are different.
(get_cached_data) Use extcap.max_certlen_3.
(get_one_do): Don't use exmode=1.
(determine_rsa_response): New.
(get_public_key, do_genkey): Call determine_rsa_response.
(do_sign): Use keyattr[0].rsa.n_bits / 8, instead of max_rsp_data.
(do_auth): Use keyattr[2].rsa.n_bits / 8, instead of max_rsp_data.
(do_decipher): Likewise with Use keyattr[1].rsa.n_bits / 8.
(show_caps): Remove max_cmd_data and max_rsp_data.
(app_select_openpgp): Likewise.
--
OpenPGP card V3 had introduced incompatible change in Extended
Capabilities bits. We can work around by this change by not
using those bits.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (send_le): Fix the size, adding two for status
bytes to Le.
--
This is long standing bug. So far, Le was not exact value.
Since forthcoming change will introduce exact value of expected length
of response data, this change is needed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (pcsc_vendor_specific_init): Only check vender ID.
--
Some other products by Cherry works with pinpad, although it only works
for smaller keys (RSA 1024). TPDU support is good for larger keys.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dirmngr.c (main): Before calling setsid do not close the
standard fds but connect them to /dev/null.
* scd/scdaemon.c (main): Ditto. Noet that the old test for a log
stream was even reverted.
--
Note that this was fixed for gpg-agent 10 years ago on 2006-11-09.
Signed-off-by: Werner Koch <wk@gnupg.org>
There were several different variant spellings of "passphrase". This
should fix them all for all English text.
I did notice that po/it.po contains multiple instances of
"passhprase", which also looks suspect to me, but i do not know
Italian, so i did not try to correct it.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* scd/app-openpgp.c (do_decipher): When it's x-coordinate only, add the
prefix 0x41.
--
Card should return fixed size bytes, either in format of
(04 || X || Y) or (X, x-coordinate only).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (send_key_attr): Use curve instead of OID.
(ecdh_params): New.
(ecc_read_pubkey): Use ecdh_params. Use curve name.
(ecc_writekey): Likewise.
(ecc_curve): Rename from ecc_oid.
(parse_algorithm_attribute): Use ecc_curve.
* g10/call-agent.c (learn_status_cb): Use openpgp_is_curve_supported to
intern the curve name string.
* g10/card-util.c (card_status): Conver curve name to alias for print.
--
Now, sdcaemon answer for KEY-ATTR is in the canonical curve name
instead of the alias. Since it is used of key generation for
card encryption key with backup, it should be canonical name.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/keygen.c (generate_keypair): For card key generation, fill
parameters by KEY-ATTR.
* scd/app-openpgp.c (ecc_read_pubkey): OID should be freed at last,
after its reference by OIDBUF is finished.
(ecc_writekey): Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (rsa_read_pubkey, ecc_read_pubkey): New.
(read_public_key): New.
(get_public_key, do_genkey): Use read_public_key.
--
With this change, since GENKEY updates the public key (pk[keyno].key) in
APP, READKEY will be possible after the command even for the old
card (version <= 0x0100).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (get_public_key): Fix a message.
(change_keyattr_from_string, ecc_writekey): Call mpi_release sooner.
(do_genkey): Add ECC support.
--
In OpenPGP card specification 3.0, ECC is introduced. So far, do_genkey
only supported RSA. Since KDF spec. is needed to calculate the
fingerprint, it is hard coded in app-openpgp.c. But it's defined by
OpenPGP ECC (RFC-6637), and card does nothing with KDF in fact.
Co-authored-by: Arnaud Fontaine <arnaud.fontaine@ssi.gouv.fr>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/iso7816.c (do_generate_keypair): Use const char * for DATA.
(iso7816_generate_keypair, iso7816_read_public_key): Likewise.
* scd/app-openpgp.c (get_public_key): Follow the change.
(do_genkey): Ditto. Use ERR instead of RC. Use u32 for CREATED_AT.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (build_ecc_privkey_template): Size can be greater
than 128 when it comes with public key for curve of larger field.
--
Reported-by: Arnaud Fontaine <arnaud.fontaine@ssi.gouv.fr>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/gpg-agent.c (thread_init_once, initialize_modules): New.
(main): Make sure no daemonizing-fork call after npth_init, and no npth
calls before npth_init, with care of npth calls by assuan hooks.
* dirmngr/dirmngr.c (thread_init): New.
(main): Make sure npth_init must not be called before daemonizing fork.
* scd/scdaemon.c (main): Likewise.
--
It is simply the best for nPth not to allow the daemonizing fork after
npth_init, because semantics and implementations of forked child process
in a threaded application is a difficult corner case.
GnuPG-bug-id: 1779
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (ECC_FLAG_PUBKEY): New.
(send_key_attr, get_public_key, ecc_writekey, do_auth, do_decipher)
(parse_algorithm_attribute): Check ECC_FLAG_DJB_TWEAK.
(build_ecc_privkey_template): Add ECC_Q and ECC_Q_LEN.
Support offering public key when ECC_FLAG_PUBKEY sets.
(ecc_writekey): Supply ECC_Q and ECC_Q_LEN.
(parse_algorithm_attribute): Parse pubkey-required byte.
--
OpenPGPcard protocol specification version 3.2 supports algorithm
attributes for ECC key which specifies public key data is required for
"keytocard" command. This change supports the feature.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (update_card_removed): Call apdu_close_reader here.
--
This is update of the commit 8fe8105576
It is better apdu_close_reader is called in update_card_removed.
The commit 1598a44764 introduced a
regression, it doesn't close the reader after removal of the card, while
the code before the commit call apdu_close_reader in do_reset.
So, this fix.
GnuPG-bug-id: 2449
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/init.c (init_common_subsystems): Initialize libgcrypt.
* dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt.
--
Most other modules already call gcry_check_version() after
init_common_subsystems() so may as well move initialization of libgcrypt
to here. Also fixes a warning in the system log from gpgconf --homedir.
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
with clearer text.
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* scd/app.c (application_notify_card_reset): Add message for debug.
*scd/command.c (update_card_removed): Call release_application and set
SLOT -1 here.
(struct server_local_s): Remove app_ctx_marked_for_release.
(do_reset): Don't mark release but call release_application here.
(open_card): Remove app_ctx_marked_for_release handling.
(update_reader_status_file): Don't set SLOT here, so that it can be
released the APP by application_notify_card_reset in
update_card_removed.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/command.c (do_reset, cmd_restart): Reset app_ctx before calling
release_application.
--
Thanks to Ben Warren for the report.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* (parse_ccid_descriptor): nonnull_nad = 0 for all GEMPC device.
--
We can't use the driver for 08E6:3438, while it works well under PC/SC
service. I found that the library of ccid always uses the node
address = ZERO for all transactions. So, we extend the same handling
for not only GEMPC_CT30, but also for all its devices.
Debian-bug-id: 814584
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (opts): Add --homedir.
--
Without that entry the homedir setting won't work.
GnuPG-bug-id: 2386
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (create_server_socket): Call chmod before listen.
* scd/scdaemon.c (create_server_socket): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
--
This is just in case of a improperly set umask. Note that a connect
requires a write permissions.
* agent/gpg-agent.c (remove_socket): Do not remove the enclosing
directory.
* scd/scdaemon.c (cleanup): Ditto.
--
The socket directory is now below /run or at ~/.gnupg. Thus we should
not try to remove the directory of the socket. The auto-removal was
introduced at a time we used a temporary directory for the sockets.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (LIBUSB_CPPFLAGS): New.
* scd/Makefile.am (AM_CPPFLAGS): Add LIBUSB_CPPFLAGS.
* scd/ccid-driver.c: Use libusb 1.0 API.
--
Changes are straightforward, not use any new features.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (do_genkey): Strip leading zeros for fingerprint
computation.
--
This bug is difficult to reproduce because the probability is 1/256,
and key generation takes long time. The regression was introduced
when we add the support for ECC.
GnuPG-bug-id: 2150
* scd/apdu.c (pcsc_error_to_sw): map PCSC_E_NO_SERVICE and
PCSC_E_SERVICE_STOPPED to the internal SW_HOST_NO_READER error code.
--
Signed-off-by: Daniel Hoffend <dh@dotlan.net>
GnuPG-bug-id: 2167
In Windows 8 (and later), PC/SC service only runs when reader/token is
plugged in. After its removal, it returns PCSC_E_NO_SERVICE error.
This error should be handled as no reader. This comment is by gniibe.
* scd/app.c (lock_table): Remove LAST_APP field.
(lock_reader, app_dump_state, application_notify_card_reset)
(release_application): Follow the change.
(check_conflict): New.
(check_application_conflict): Lock the slot and call check_conflict.
(select_application): Call check_conflict and not use LAST_APP.
--
We don't need LAST_APP field but just keep the application context by
APP field. Since we have a reference counter, it is possible if we
can deallocate or not.