* scd/app-openpgp.c (data_objects): Special DOs like "Login Data",
"URL", "Private DO N" can be longer size >= 256.
(struct app_local_s): Define bits for v3 card.
(get_cached_data): Use extcap.max_special_do for special DOs.
(app_select_openpgp): Detect if extcap_v3, kdf_do, and other bits.
--
GnuPG-bug-id: 3262
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-reader.c (scan_usb_device): Only for scan mode, so, rename
from scan_or_find_usb_device.
(scan_devices): Likewise. Remove support of special transport types.
(ccid_get_reader_list): Simplify.
(abort_cmd): Fix error return.
(send_escape_cmd): Fix for RESULTLEN == NULL.
(ccid_transceive_secure): Remove unnecessary var updates.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (CCID_CMD_TIMEOUT): Back to original value.
(CCID_CMD_TIMEOUT_LONGER): New.
(ccid_transceive): Add kludge for key generation.
--
At key generation of longer key size, OpenPGP card sends back "time
extension" with BWI=100, which is unusual value in the protocol and it
actually requires host having longer timeout like 43 seconds.
Reported-by: Szczepan Zalega <szczepan@nitrokey.com>
Fixes-commit: 6510df3a7c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-dinsig.c (do_sign): Remove assignment to HASHALGO.
* scd/app-p15.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_aodf): Likewise.
(read_ef_cdf): Change the control to parse_error.
* scd/app-sc-hsm.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_prkd): Remove assign to S.
(read_ef_prkd): Check if PRKDF is not null.
(read_ef_cd): Likewise for CDF.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (notify_fd): Remove.
(the_event) [W32]: New.
(main_thread_pid) [!W32]: New.
(handle_signal): Handle SIGCONT.
(scd_kick_the_loop): Use signal on UNIX and event on Windows.
(handle_connections): Likewise.
--
Code with CreateEvent is copied from gpg-agent.c.
Code for signal is copied from dkg's gpg-agent-idling in Debian.
GnuPG-bug-id: 2982
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (get_prompt_info): Change texts.
* agent/call-pinentry.c (struct entry_features): New.
(getinfo_features_cb): New.
(start_pinentry): Set new fucntion as status callback.
(build_cmd_setdesc): New. Replace all snprintf for SETDESC by this
one.
--
Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/app-openpgp.c (get_prompt_info): Change wording and order
slightly.
--
The word "Card" was repeated too much in the prompt and moving
signatures to the bottom results in a more consistent layout
between the prompts with signcount and the prompts without.
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* scd/app-openpgp.c (get_disp_name): New.
(get_disp_serialno): New.
(get_prompt_info): New.
(build_enter_admin_pin_prompt): Rework the prompt texts. Factor some
code out to ...
(get_remaining_tries): New.
(verify_a_chv): Print a remaining counter also for the standard PIN.
Rework the prompt texts.
* agent/divert-scd.c (ask_for_card): Pretty format an OpenPGP serial
no.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-common.h (struct app_ctx_s): Add reset_requested.
* scd/app.c (app_reset): Locking APP, set reset_requested.
(deallocate_app): Release the lock.
(release_application): Add LOCKED_ALREADY argument.
(scd_update_reader_status_file): Hold the lock when accessing APP.
When reset_requested is set, close the reader and deallocate APP.
* scd/command.c (open_card_with_request, cmd_restart): Follow the
change of release_application.
(send_client_notifications): Here it calls release_application holding
the lock.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (release_application_internal): Remove.
(release_application): Merge release_application_internal.
(app_reset): Kick the loop and let close the reader. Sleep is
required here to wait closing.
(scd_update_reader_status_file): When APP is no use, close it.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (apdu_open_reader): Add an argument APP_EMPTY.
When CCID driver fails to open, try PC/SC if APP is nothing.
* scd/app.c (select_application): Supply arg if APP is nothing.
--
After scanning available card readers by CCID driver, scdaemon should
try PC/SC service if no APP is registered yet. Also, when the slot
is allocated for PC/SC (ccid.handle==NULL), it should not call
ccid_compare_BAI, otherwise scdaemon crashes.
Debian-bug-id: 852702, 854005, 854595, 854616
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (get_active_connection_count): New.
(start_connection_thread): Bump ACTIVE_CONNECTIONS up and down.
* scd/command.c (cmd_getinfo): Add subcommand "connections".
--
Apply gpg-agent change to scdaemon. See the commit in 2016-08-06:
40d16029ed
Then, add kicking the loop, so that main loop can notice the change of
the connection.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (ticker_disabled): Remove.
(handle_tick, need_tick): Remove.
(handle_connections): Don't check ticker_disabled.
--
Now, removal of device/card is only done by the function
scd_update_reader_status_file, it should be called if needed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (select_application): Fix the logic if periodical check is
needed. If it is needed for newly found device(s), kick the loop.
(scd_update_reader_status_file): Return value if select(2) should be
called with timeout.
* scd/ccid-driver.c (ccid_require_get_status): Don't return 0 for
token with no interrupt transfer for now.
* scd/command.c (open_card_with_request): Fix scan by SERIALNO.
* scd/scdaemon.c (update_usb): Remove.
(handle_connections): Evaluate need_tick after handle_tick.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (get_status_reader): Add ON_WIRE arg, here.
(ct_get_status, pcsc_get_status_direct, pcsc_get_status_wrapped)
(pcsc_get_status, get_status_ccid, my_rapdu_get_status): Likewise.
(reset_pcsc_reader_wrapped, open_pcsc_reader_wrapped): Follow the
change.
(apdu_get_status_internal): It's lower-level driver which judge
it's not needed. Otherwise, it can't detect the removal.
* scd/ccid-driver.c (ccid_slot_status): After the POWERED_OFF check,
we can skip sending GetSlotStatus packet on wire, when no need.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Fixes-commit: c8eee4d396a751d41fd1ee1e1b87b851fca172a
* scd/ccid-driver.c (do_close_reader): Don't lock events, but check the
return value of libusb_cancel_transfer.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-common.h (struct app_ctx_s): Rename field to
periodical_check_needed.
* scd/scdaemon.c (update_usb): Rename from update_fdset_for_usb.
Don't use libusb_get_pollfds any more.
(scd_kick_the_loop): New.
(need_tick): Follow the rename.
(handle_connections): No libusb event handling here.
* scd/app.c (app_new_register): Follow the change of rename.
(select_application, scd_update_reader_status_file): Likewise.
* scd/ccid-driver.c (ccid_usb_thread_is_alive): New.
(intr_cb): Call scd_kick_the_loop.
(ccid_usb_thread): New. Thread to invoke INTERRUPT callback.
(ccid_open_usb_reader): Add thread invocation.
(ccid_require_get_status): Remove
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP.
(do_close_reader): Carefully handle handle->transfer.
(get_escaped_usb_string): Insert npth_unprotect/npth_protect.
(do_close_reader, bulk_out, bulk_in, abort_cmd, ccid_slot_status)
(ccid_transceive, ccid_transceive_secure): Likewise.
--
It found that libusb_get_pollfds is not supported on Windows.
Besides, it's a bit difficult to use for the select loop.
Thus, we use the thread named ccid_usb_thread, instead.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c(struct reader_table_s): Add require_get_status.
(apdu_connect): Change return value meaning. Call apdu_reset here.
* scd/app.c (app_new_register): Add require_get_status.
(select_application): Use the return value of apdu_connect.
(scd_update_reader_status_file): Call update_fdset_for_usb with
checking all_have_intr_endp.
(app_list_start, app_list_finish): Remove.
* scd/ccid-driver.c (struct ccid_driver_s): Add transfer.
(intr_cb): Don't call libusb_transfer in this callback.
(ccid_require_get_status): New.
(do_close_reader): Call libusb_transfer here.
* scd/scdaemon.c (update_fdset_for_usb): Remove the first argument.
--
With Gnuk Token, it works fine as expected. With Gemalto reader,
intr_cb is not called when card is removed. So, the macro
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP is not defined yet.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (update_fdset_for_usb): Wake up the select(2).
(handle_connections): Use a kind of "self-pipe" technique.
--
Use pipe to wake up select(2). If UNIX-only, signal could be used. For
portability, "self-pipe" is better, here. Setup for non-blocking for
pipe fds are not needed, because speed of USB device insertion is
limited by human physical interaction; No one can do hundreds of
device insertion/removal-s per second.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/logging.c (do_logv): Remove extra parentheses in comparison.
* dirmngr/dns-stuff.c (resolve_addr_libdns): Init RES so that
dns_res_close is given a defined value in the error case.
* dirmngr/http.c (cookie_read, cookie_write) [HTTP_USE_NTBTLS]: Fix
format string char.
* dirmngr/ks-engine-hkp.c (ks_hkp_help): Remove duplicate "const".
* dirmngr/ks-engine-http.c (ks_http_help): Ditto.
* dirmngr/ks-engine-kdns.c (ks_kdns_help): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_help): Ditto.
* scd/app-p15.c (send_keypairinfo, do_getattr): Fix format string
char.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Init PID for the
error case.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
* tools/gpgconf.c (query_swdb): Init VALUE_SIZE_UL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app.c (app_get_serial_and_stamp): Remove.
(app_get_serialno): New.
(app_write_learn_status): Use send_status_direct.
(app_getattr): Use app_get_serialno for SERIALNO and
send with send_status_direct.
* scd/app-openpgp.c (do_getattr): Likewise.
* scd/command.c (cmd_serialno): Don't send TIMESTAMP of 0.
(cmd_learn): Likewise. Don't inquire with TIMESTAMP of 0.
--
In the SERIALNO protocol, timestamp used to be considered, but had never
used at all. In the new implementation, removed card/token is always
detected and connection becomes invalid, no timestamp is required any
more. Examined scute and poldi as well for this protocol change.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (apdu_dev_list_finish): Don't call ccid_dev_scan_finish
with no table.
(apdu_open_reader): Only increment when it's zero.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (scan_or_find_usb_device): Don't scan for
configuration but use active configuration. Support alt_setting.
(scan_or_find_devices): Support alt_setting.
(ccid_open_reader): Support alt_setting.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (reader_table_lock, apdu_init): New.
(new_reader_slot): Serialize by reader_table_lock.
* scd/app.c (lock_app, unlock_app, app_new_register): Fix error code
usage.
(initialize_module_command): Call apdu_init.
* scd/scdaemon.c (main): Handle error for initialize_module_command.
--
This is a long standing bug. There are two different things; The
serialization of allocating a new SLOT, and the serialization of using
the SLOT. The latter was implemented in new_reader_slot by lock_slot.
However, the former was not done. Thus, there was a possible race where
a same SLOT is allocated to multiple threads.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app.c (lock_app): Rename from lock_reader and use internal field
of APP.
(unlock_app): Likewise.
(app_dump_state): Use APP.
(application_notify_card_reset): Remove.
(check_conflict): Change API for APP, instead of SLOT.
(check_application_conflict): Likewise.
(release_application_internal): New.
(app_reset): New.
(app_new_register): New.
(select_application): Change API for APP, instead of SLOT.
(deallocate_app, release_application): Modify for manage link.
(report_change): New.
(scd_update_reader_status_file): Moved from command.c and
use APP list, instead of VREADER.
(initialize_module_command): Moved from command.c.
* scd/command.c (TEST_CARD_REMOVAL): Remove.
(IS_LOCKED): Simplify.
(vreader_table): Remove.
(vreader_slot, update_card_removed): Remove.
(do_reset): Call app_reset.
(get_current_reader): Remove.
(open_card): Add SCAN arg.
(cmd_serialno): No retry, since retry is done in lower layer in apdu.c.
No do_reset, since it is done in lower layer.
Add clearing card_removed flag.
(cmd_disconnect): Call apdu_disconnect.
(send_client_notifications): Modify for APP.
(update_reader_status_file): Remove.
--
APP is the abstraction of the card application. For management of
cards, it is better to focus on the APP instead of the physical reader.
This change makes support of multiple card/token easier.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (struct reader_table_s): Remove any_status, last_status,
status, and change_counter field.
(new_reader_slot, dump_reader_status, ct_activate_card, open_ct_reader)
(connect_pcsc_card, open_pcsc_reader_direct, open_pcsc_reader_wrapped)
(open_ccid_reader, apdu_reset): Follow the change.
(ct_dump_reader_status): Remove.
(apdu_get_status_internal, apdu_get_status): Remove CHANGED arg.
(apdu_connect): Follow the change.
* scd/command.c (struct vreader_s): Remove reset_failed, any, and
changed field.
(cmd_getinfo, update_reader_status_file): Follow the change.
--
In the past, scdaemon monitors card insertion (as well as removal), so
the code has been complicated, and there has been duplication in two
layers. Now, it only monitors card removal, it's now simplified.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (scan_or_find_usb_device): Fix return value.
Support device with multiple CCID interfaces. Fix the case with
READERNO. Support partial string match of "reader-port" like PC/SC
driver.
--
I don't know any device with multiple CCID interfaces, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg
R_ALGO and change all callers.
* common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code.
* g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO.
* g10/gpg.c (oDefaultNewKeyAlgo): New enum.
(opts): New option "--default-new-key-algo".
(main): Set the option.
* g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace
them by ...
(DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants.
(get_keysize_range): Remove arg R_DEF and return that value instead.
Change all callers.
(gen_rsa): Use get_keysize_range instead of the removed
DEFAULT_STD_KEYSIZE.
(parse_key_parameter_part): New function.
(parse_key_parameter_string): New function.
(quick_generate_keypair): Refactor using parse_key_parameter_string.
(generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--
This new option is intended to be used in the forthcoming
--set-profile command of gpgconf. It allows to provide a gpg
configuration with custom defaults for a new key using the simple
commands which use the default algorithm set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (struct app_local_s): Remove max_cmd_data and
max_rsp_data fields as Extended Capabilities bits are different.
(get_cached_data) Use extcap.max_certlen_3.
(get_one_do): Don't use exmode=1.
(determine_rsa_response): New.
(get_public_key, do_genkey): Call determine_rsa_response.
(do_sign): Use keyattr[0].rsa.n_bits / 8, instead of max_rsp_data.
(do_auth): Use keyattr[2].rsa.n_bits / 8, instead of max_rsp_data.
(do_decipher): Likewise with Use keyattr[1].rsa.n_bits / 8.
(show_caps): Remove max_cmd_data and max_rsp_data.
(app_select_openpgp): Likewise.
--
OpenPGP card V3 had introduced incompatible change in Extended
Capabilities bits. We can work around by this change by not
using those bits.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (send_le): Fix the size, adding two for status
bytes to Le.
--
This is long standing bug. So far, Le was not exact value.
Since forthcoming change will introduce exact value of expected length
of response data, this change is needed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (pcsc_vendor_specific_init): Only check vender ID.
--
Some other products by Cherry works with pinpad, although it only works
for smaller keys (RSA 1024). TPDU support is good for larger keys.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dirmngr.c (main): Before calling setsid do not close the
standard fds but connect them to /dev/null.
* scd/scdaemon.c (main): Ditto. Noet that the old test for a log
stream was even reverted.
--
Note that this was fixed for gpg-agent 10 years ago on 2006-11-09.
Signed-off-by: Werner Koch <wk@gnupg.org>
There were several different variant spellings of "passphrase". This
should fix them all for all English text.
I did notice that po/it.po contains multiple instances of
"passhprase", which also looks suspect to me, but i do not know
Italian, so i did not try to correct it.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* scd/app-openpgp.c (do_decipher): When it's x-coordinate only, add the
prefix 0x41.
--
Card should return fixed size bytes, either in format of
(04 || X || Y) or (X, x-coordinate only).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (send_key_attr): Use curve instead of OID.
(ecdh_params): New.
(ecc_read_pubkey): Use ecdh_params. Use curve name.
(ecc_writekey): Likewise.
(ecc_curve): Rename from ecc_oid.
(parse_algorithm_attribute): Use ecc_curve.
* g10/call-agent.c (learn_status_cb): Use openpgp_is_curve_supported to
intern the curve name string.
* g10/card-util.c (card_status): Conver curve name to alias for print.
--
Now, sdcaemon answer for KEY-ATTR is in the canonical curve name
instead of the alias. Since it is used of key generation for
card encryption key with backup, it should be canonical name.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/keygen.c (generate_keypair): For card key generation, fill
parameters by KEY-ATTR.
* scd/app-openpgp.c (ecc_read_pubkey): OID should be freed at last,
after its reference by OIDBUF is finished.
(ecc_writekey): Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (rsa_read_pubkey, ecc_read_pubkey): New.
(read_public_key): New.
(get_public_key, do_genkey): Use read_public_key.
--
With this change, since GENKEY updates the public key (pk[keyno].key) in
APP, READKEY will be possible after the command even for the old
card (version <= 0x0100).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (get_public_key): Fix a message.
(change_keyattr_from_string, ecc_writekey): Call mpi_release sooner.
(do_genkey): Add ECC support.
--
In OpenPGP card specification 3.0, ECC is introduced. So far, do_genkey
only supported RSA. Since KDF spec. is needed to calculate the
fingerprint, it is hard coded in app-openpgp.c. But it's defined by
OpenPGP ECC (RFC-6637), and card does nothing with KDF in fact.
Co-authored-by: Arnaud Fontaine <arnaud.fontaine@ssi.gouv.fr>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/iso7816.c (do_generate_keypair): Use const char * for DATA.
(iso7816_generate_keypair, iso7816_read_public_key): Likewise.
* scd/app-openpgp.c (get_public_key): Follow the change.
(do_genkey): Ditto. Use ERR instead of RC. Use u32 for CREATED_AT.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (build_ecc_privkey_template): Size can be greater
than 128 when it comes with public key for curve of larger field.
--
Reported-by: Arnaud Fontaine <arnaud.fontaine@ssi.gouv.fr>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/gpg-agent.c (thread_init_once, initialize_modules): New.
(main): Make sure no daemonizing-fork call after npth_init, and no npth
calls before npth_init, with care of npth calls by assuan hooks.
* dirmngr/dirmngr.c (thread_init): New.
(main): Make sure npth_init must not be called before daemonizing fork.
* scd/scdaemon.c (main): Likewise.
--
It is simply the best for nPth not to allow the daemonizing fork after
npth_init, because semantics and implementations of forked child process
in a threaded application is a difficult corner case.
GnuPG-bug-id: 1779
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (ECC_FLAG_PUBKEY): New.
(send_key_attr, get_public_key, ecc_writekey, do_auth, do_decipher)
(parse_algorithm_attribute): Check ECC_FLAG_DJB_TWEAK.
(build_ecc_privkey_template): Add ECC_Q and ECC_Q_LEN.
Support offering public key when ECC_FLAG_PUBKEY sets.
(ecc_writekey): Supply ECC_Q and ECC_Q_LEN.
(parse_algorithm_attribute): Parse pubkey-required byte.
--
OpenPGPcard protocol specification version 3.2 supports algorithm
attributes for ECC key which specifies public key data is required for
"keytocard" command. This change supports the feature.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (update_card_removed): Call apdu_close_reader here.
--
This is update of the commit 8fe8105576
It is better apdu_close_reader is called in update_card_removed.
The commit 1598a44764 introduced a
regression, it doesn't close the reader after removal of the card, while
the code before the commit call apdu_close_reader in do_reset.
So, this fix.
GnuPG-bug-id: 2449
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/init.c (init_common_subsystems): Initialize libgcrypt.
* dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt.
--
Most other modules already call gcry_check_version() after
init_common_subsystems() so may as well move initialization of libgcrypt
to here. Also fixes a warning in the system log from gpgconf --homedir.
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
with clearer text.
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* scd/app.c (application_notify_card_reset): Add message for debug.
*scd/command.c (update_card_removed): Call release_application and set
SLOT -1 here.
(struct server_local_s): Remove app_ctx_marked_for_release.
(do_reset): Don't mark release but call release_application here.
(open_card): Remove app_ctx_marked_for_release handling.
(update_reader_status_file): Don't set SLOT here, so that it can be
released the APP by application_notify_card_reset in
update_card_removed.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/command.c (do_reset, cmd_restart): Reset app_ctx before calling
release_application.
--
Thanks to Ben Warren for the report.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* (parse_ccid_descriptor): nonnull_nad = 0 for all GEMPC device.
--
We can't use the driver for 08E6:3438, while it works well under PC/SC
service. I found that the library of ccid always uses the node
address = ZERO for all transactions. So, we extend the same handling
for not only GEMPC_CT30, but also for all its devices.
Debian-bug-id: 814584
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/scdaemon.c (opts): Add --homedir.
--
Without that entry the homedir setting won't work.
GnuPG-bug-id: 2386
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (create_server_socket): Call chmod before listen.
* scd/scdaemon.c (create_server_socket): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
--
This is just in case of a improperly set umask. Note that a connect
requires a write permissions.
* agent/gpg-agent.c (remove_socket): Do not remove the enclosing
directory.
* scd/scdaemon.c (cleanup): Ditto.
--
The socket directory is now below /run or at ~/.gnupg. Thus we should
not try to remove the directory of the socket. The auto-removal was
introduced at a time we used a temporary directory for the sockets.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (LIBUSB_CPPFLAGS): New.
* scd/Makefile.am (AM_CPPFLAGS): Add LIBUSB_CPPFLAGS.
* scd/ccid-driver.c: Use libusb 1.0 API.
--
Changes are straightforward, not use any new features.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/app-openpgp.c (do_genkey): Strip leading zeros for fingerprint
computation.
--
This bug is difficult to reproduce because the probability is 1/256,
and key generation takes long time. The regression was introduced
when we add the support for ECC.
GnuPG-bug-id: 2150
* scd/apdu.c (pcsc_error_to_sw): map PCSC_E_NO_SERVICE and
PCSC_E_SERVICE_STOPPED to the internal SW_HOST_NO_READER error code.
--
Signed-off-by: Daniel Hoffend <dh@dotlan.net>
GnuPG-bug-id: 2167
In Windows 8 (and later), PC/SC service only runs when reader/token is
plugged in. After its removal, it returns PCSC_E_NO_SERVICE error.
This error should be handled as no reader. This comment is by gniibe.
* scd/app.c (lock_table): Remove LAST_APP field.
(lock_reader, app_dump_state, application_notify_card_reset)
(release_application): Follow the change.
(check_conflict): New.
(check_application_conflict): Lock the slot and call check_conflict.
(select_application): Call check_conflict and not use LAST_APP.
--
We don't need LAST_APP field but just keep the application context by
APP field. Since we have a reference counter, it is possible if we
can deallocate or not.
* scd/app-openpgp.c (do_decipher): Handle trancated cipher text.
Also fix xfree bug introduced.
--
In old format with no prefix, cipher text can be trancated when it
is parsed as MPI. Recover the value adding back zeros.
Fixes-commit: 11b2691edd
* scd/app-openpgp.c (do_decipher): Check 0x02 also for 16+1 byte long
INDATA.
(do_decipher): Fix integer arithmetic in void pointer.
(do_decipher): Add missing memcpy.
--
I have not tested this fix but it is obvious.
Fixes-commit: 11b2691edd
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/apdu.c (apdu_close_reader): Call CLOSE_READER method even if we
got an error from apdu_disconnect.
* scd/app-common.h (no_reuse): Remove.
* scd/app.c (application_notify_card_reset): Deallocate APP here.
(select_application, release_application): Don't use NO_REUSE.
--
Reproducible scenario: Invoke gpg --card-edit session from a terminal.
Invoke another gpg --card-edit session from another. Remove a token.
Insert a token again. Type RET on both terminals. One of terminal
answers "Conflicting usage".
Perhaps, having NO_REUSE field was to avoid race conditions. Now,
APP can be safely deallocated by application_notify_card_reset.
Thanks to the2nd.
* scd/app-openpgp.c (get_public_key): Improve error handling.
--
Found using the Clang Static Analyzer.
Signed-off-by: Justus Winter <justus@g10code.com>
* scd/ccid-driver.c (bulk_out): Use LIBUSB_ERRNO_NO_SUCH_DEVICE.
--
With libusb-compat library, the error is different than original
libusb. (The libusb-compat library is used by Fedora.)
* scd/ccid-driver.c (CCID_CMD_TIMEOUT): New.
(ccid_transceive_apdu_level, ccid_transceive): Use.
--
It is reported that key generation causes timeout with OpenPGPcard
v2.1. Ideally, timeout value could be determined at run-time by
examining card's ATR. Compile-time fixed value is OK for internal
CCID driver.
* scd/app-openpgp.c (change_rsa_keyattr): New.
(change_keyattr_from_string): Use change_rsa_keyattr.
(rsa_writekey): Call change_rsa_keyattr when different size.
(ecc_writekey): Try to change key attribute.
* agent/cvt-openpgp.c (get_keygrip): Handle Curve25519.
(convert_secret_key, convert_transfer_key): Ditto.
* common/openpgp-oid.c (oidtable): Add Curve25519.
(oid_crv25519, openpgp_oid_is_crv25519): New.
* common/util.h (openpgp_oid_is_crv25519): New.
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Handle the case
with Montgomery curve which uses x-only coordinate.
* g10/keygen.c (gen_ecc): Handle Curve25519.
(ask_curve): Change the API and second arg is to return subkey algo.
(generate_keypair, generate_subkeypair): Follow chage of ask_curve.
* g10/keyid.c (keygrip_from_pk): Handle Curve25519.
* g10/pkglue.c (pk_encrypt): Handle Curve25519.
* g10/pubkey-enc.c (get_it): Handle the case with Montgomery curve.
* scd/app-openpgp.c (ECC_FLAG_DJB_TWEAK): New.
(send_key_attr): Work with general ECC, Ed25519, and Curve25519.
(get_public_key): Likewise.
(ecc_writekey): Handle flag_djb_tweak.
--
When libgcrypt has Curve25519, GnuPG now supports Curve25519.
* common/openpgp-oid.c (openpgp_oid_to_curve): Add CANON argument.
* common/util.h: Update.
* g10/import.c (transfer_secret_keys): Follow the change.
* g10/keyid.c (pubkey_string): Likewise.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Likewise.
* parse-packet.c (parse_key): Likewise.
* scd/app-openpgp.c (send_key_attr, get_public_key): Likewise.
--
Change the function so that caller can select canonical name of curve
or name for printing. Suggested by wk.
* scd/app-openpgp.c (send_key_attr): Send KEYNO.
(get_public_key): Fix SEXP composing.
(ecc_writekey): Fix OID length calculation.
(ecc_oid): Prepend the length before query.
(parse_algorithm_attribute): Handle the case the curve is not available.
* common/util.h: Provide replacement for GPGRT_ATTR_ macros when using
libgpg-error < 1.20.
* common/mischelp.h: Ditto.
* common/types.h: Ditto.
--
Given that libgpg-error is a dependency of all GnuPG related libraries
it is better to define such macros at only one place instead of having
similar macros at a lot of places. For now we need repalcement
macros, though.
* g10/call-agent.h (struct agent_card_info_s): Add curve field.
* g10/call-agent.c (learn_status_cb): Use curve name.
* g10/card-util.c (card_status): Show pubkey name.
* scd/app-openpgp.c (struct app_local_s): Record OID and flags.
(store_fpr): Use ALGO instead of key type.
(send_key_attr): Use curve name instead of OID.
(get_public_key): Clean up by OID to curve name.
(ecc_writekey): Support any curves in libgcrypt.
(do_genkey, do_auth, ): Follow the change.
(ecc_oid): New.
(parse_algorithm_attribute): Show OID here.
* g10/card-util.c (do_change_keysize): Put "rsa".
* scd/app-openpgp.c (change_keyattr, change_keyattr_from_string):
Change the command format.
(rsa_writekey): Check key type.
(do_writekey): Remove "ecdh" and "ecdsa" support which was available
in experimental libgcrypt before 1.6.0.
* scd/Makefile.am (sc_copykeys_*): Remove.
* scd/sc-copykeys.c: Remove.
* scd/pcsc-wrapper.c: Remove.
* scd/{card-common.h,card-dinsig.c,card-p15.c,card.c}: Remove.
--
sc-copykeys doesn't work any more because it's based on old API.
pcsc-wrapper has gone because of nPth which is compatible to pthreads.
The card* files are old files, now we have app*.
* g13/g13.c: Make use of debug_parse_flag.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto
* agent/gpg-agent.c: Ditto. But do not terminate on "help"
* dirmngr/dirmngr.c: Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/adpu.c (pcsc_pinpad_verify, pcsc_pinpad_modify): Bigger buffer
for TPDU card reader.
--
GnuPG-bug-id: 2003, 2004
This is needed for PC/SC on Debian Jessie. Note that it's not only
for Cherry ST-2000, but also, for any TPDU card readers.
* scd/apdu.c (pcsc_vendor_specific_init): Set pinmax to 15.
* scd/ccid-driver.c (ccid_transceive_secure): Add zero for the
template of APDU.
--
GnuPG-bug-id: 2003, 2004
* scd/apdu.c (open_pcsc_reader_direct): Partial string match.
--
The card reader name by PC/SC service might include USB bus,
which varies (on some platform like GNU/Linux). Thus, it's
better to match partial string.
Original patch was submitted by anstein. I changed it to fallback to
the first reader if no match found.
Note that we need to change pcsc-wrapper.c in 2.0 backport.
GnuPG-bug-id: 1618, 1930
* scd/apdu.c (send_le): Bug fix for not append Z when lc<0&&le<0.
* scd/app-common.h (struct app_ctx_s): Use bit fields for flags.
* scd/ccid-driver.c (CCID_MAX_BUF): New. Only for OpenPGPcard.
(struct ccid_driver_s): New field of max_ccid_msglen.
Remove ifsd field.
(parse_ccid_descriptor): Initialize max_ccid_msglen.
(ccid_transceive_apdu_level): Implement sending extended APDU in
chain of CCID message.
--
With this patch, we won't need PC/SC library/service any more.
GnuPG-bug-id: 1947
* agent/pksign.c (agent_pksign_do): Use int.
* scd/app-openpgp.c (get_public_key): Likewise.
--
On 64-bit architecture, int and size_t might be different.
For the first argument for '%b', int is expected.
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--
Commit 91b826a388 was not enough to
avoid all sign extension on shift problems. Hanno Böck found a case
with an invalid read due to this problem. To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (store_fpr): Remove CARD_VERSION from the
arguments.
(rsa_writekey): Follow the change.
(do_genkey): Likewise.
(ecc_writekey): Likewise. Cast to size_t.
--
KEYTOCARD caused SEGV of scdaemon on 64-bit arch. That's because
int is 32-bit, but size_t is 64-bit.
* scd/ccid-driver.c (send_escape_cmd): Fix setting of 'rc'.
--
Variable 'rc' in send_escape_cmd was overwritten before it was
returned, leading to incorrect computation.
Signed-off-by: Joshua Rogers <git@internot.info>
[Log entry reformatted - wk]
(cherry picked from commit 3d9f8bf1dc)
* scd/pcsc-wrapper.c (handle_transmit): Enlarge buffer to 4096 too
allow for larger certificates.
--
Cherry-pick from 5798673156.
Forward ported from 2.0.
* scd/app-openpgp.c (get_public_key): correctly close 'fp' upon use.
--
Inside the get_public_key function, 'fp' was opened using popen, but
incorrectly closed using fclose.
Debian-Bug-Id: 773474
* scd/command.c (cmd_readkey): avoid double-free of cert
--
When ksba_cert_new() fails, cert will be double-freed.
Debian-Bug-Id: 773471
Original patch changed by wk to do the free only at leave.
* agent/divert-scd.c (divert_pkdecrypt): Support ECDH.
* scd/app-openpgp.c (get_algo_byte, store_fpr): Support ECDH.
(send_key_attr): Support ECDH. Fix EdDSA algorithm value.
(retrieve_key_material): Initialize fields.
(get_public_key, ecc_writekey, do_writekey): Support ECDH.
(ecdh_writekey): Remove.
(do_decipher): Support ECDH.
(parse_algorithm_attribute): Support ECDH. Fix EdDSA.
--
Following the gpg-agent protocol, SCDaemon's counter part is now
implemented.
* common/util.h (GPG_ERR_OBJ_TERM_STATE): New.
* scd/iso7816.c (map_sw): Add this error code.
* scd/app-openpgp.c (do_getattr): Return the life cycle indicator.
* scd/app.c (select_application): Allow a return value of
GPG_ERR_OBJ_TERM_STATE.
* scd/scdaemon.c (set_debug): Print the DBG_READER value.
* g10/call-agent.c (start_agent): Print a status line for the
termination state.
(agent_scd_learn): Make arg "info" optional.
(agent_scd_apdu): New.
* g10/card-util.c (send_apdu): New.
(factory_reset): New.
(card_edit): Add command factory-reset.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/scdaemon.c (ENAMETOOLONG): New.
(redir_socket_name): New.
(cleanup): Take care of a redirected socket.
(main): Pass redir_socket_name to create_server_socket.
(create_socket_name): Remove superfluous length check.
(create_server_socket): Add arg r_redir_name and implement
redirection. Replace assert for older Assuan by an error message.
Signed-off-by: Werner Koch <wk@gnupg.org>
* gl/: Remove entire tree.
* configure.ac: Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* Makefile.am (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/Makefile.am (common_libs): Remove ../gl/gnulib.a
* common/Makefile.am (t_common_ldadd): Ditto.
* dirmngr/Makefile.am (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/Makefile.am (needed_libs): Ditto.
* g13/Makefile.am (g13_LDADD): Ditto.
* kbx/Makefile.am (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/Makefile.am (scdaemon_LDADD): Ditto.
* sm/Makefile.am (common_libs): Ditto.
* tools/Makefile.am (common_libs, commonpth_libs): Ditto.
* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"
* common/t-timestuff.c: Use putenv if setenv is not available.
--
gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X. This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.
In part two we will address the functions
mkdtemp
setenv
unsetenv
strpbrk
which may bot be implemented on all platforms. They are not required
on a libc based system.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
Also fixed some of my own copyright notices due to the termination of
my assignment. The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options. Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
support.
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* configure.ac (GPG_AGENT_INFO_NAME): Remove.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket
support.
--
The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.
* scd/app-sc-hsm.c: Re-indendet some parts and set some vars to NULL
after xfree for improbed robustness.
(read_ef_prkd): Replace serial operator by blocks for better
readability.
(apply_PKCS_padding): Rewrite for easier auditing.
(strip_PKCS15_padding): Ditto. Add stricter check on SRCLEN.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-sc-hsm.c (select_and_read_binary): Use SW_ macro.
(parse_certid): Remove useless test.
(send_certinfo, send_keypairinfo): Shrink malloc to the needed size.
(do_getattr): Ditto.
(verify_pin): Use SW_ macro.
(do_decipher): Replace OFS variable and extend comment.
--
Code parts which have not been audited are marked with a warning
pragma.
* scd/app-sc-hsm.c: New.
* scd/app.c (select_application, get_supported_applications): Register
new app.
--
Add a read/only driver for scdaemon that provides access to keys and
certificates on a SmartCard-HSM (www.smartcard-hsm.com).
The driver supports RSA and ECC keys on SmartCard-HSM cards and
USB-Sticks.
The driver does not yet support the MicroSD edition.
--
ChangeLog and FSF copyright year fix by wk.
* scd/ccid-driver.h (VENDOR_REINER, CYBERJACK_GO): New.
* scd/ccid-driver.c (ccid_transceive_secure): Handle the case for
VENDOR_REINER. Original work was by Alina Friedrichsen (tiny change).
--
This is revised version which adapts changes of ccid-driver and was
later ported from branch-2.0 to master (2.1)
* configure.ac (HAVE_NPTH): New ac_define.
* common/estream.c: Use USE_NPTH instead of HAVE_NPTH.
* common/http.c: Ditto. Replace remaining calls to pth by npth calls.
(connect_server): Remove useless _().
* common/exechelp-posix.c, common/exechelp-w32.c
* common/exechelp-w32ce.c: Use HAVE_PTH to include npth.h.
* common/init.c (_init_common_subsystems): Remove call to pth_init.
* common/sysutils.c (gnupg_sleep): Use npth_sleep.
* scd/ccid-driver.c (my_sleep): Ditto.
--
USE_NPTH is used in case were we may build with and without nPth. The
missing definition HAVE_NPTH didn't allowed us to build outher sources
with nPTh support.
* scd/app-openpgp.c (KEY_TYPE_EDDSA, CURVE_ED25519): New.
(struct app_local_s): Add eddsa.
(get_algo_byte, store_fpr): Support KEY_TYPE_EDDSA.
(get_ecc_key_parameters, get_curve_name): Support CURVE_ED25519.
(send_key_attr, get_public_key): Support KEY_TYPE_EDDSA.
(build_ecc_privkey_template): Rename as it supports both of
ECDSA and EdDSA.
(ecc_writekey): Rename. Support CURVE_ED25519, too.
(do_writekey): Follow the change of ecc_writekey.
(do_auth): Support KEY_TYPE_EDDSA.
(parse_ecc_curve): Support CURVE_ED25519. Bug fix for other curves.
(parse_algorithm_attribute): Bug fix for ECDH. Support EdDSA.
* scd/apdu.c (new_reader_slot): Acquire lock.
(open_ct_reader, open_pcsc_reader_direct, open_pcsc_reader_wrapped)
(open_ccid_reader, open_rapdu_reader): Release lock.
(lock_slot, trylock_slot, unlock_slot): Move more to the top.
--
Fixes a test case of:
No libpcsclite1 installed.
Run gpg-agent
Run command "gpg-connect-agent learn /bye" with no card/token
Sometimes it fails: ERR 100663356 Not supported <SCD>
While it should be always: ERR 100663404 Card error <SCD>
(cherry picked from commit 4f557cb9c2)
Resolved conflicts:
scd/apdu.c: pth/npth changes. Move lock helpers to the top.
Take care of removed pcsc_no_service.
* scd/pcsc-wrapper.c [__APPLE__]: Fix syntax error.
--
For W32 and probably for Cygwin we don't need the wrapper, thus the
problems does not exhibit itself.
(cherry picked from commit 8ddf604659)
* scd/scdaemon.c (opts): Ignore --disable-keypad.
--
The renaming of --disable-keypad to --disable-pinpad might mess up
configuration files managed with a GUI. The GUI does not not anymore
know about the old option and would allow the user to switch
"disable-pinpad" on. However, a "disable-keypad" might still linger
in the conf file with gpgconf not knowing about it. Thus the conf
file would always be rejected and manual intervention would be
required. Ignoring the old option nicely solves the problem.
(cherry picked from commit e24e92d7e2)
Replace hardwired strings at many places with new macros from config.h
and use the new strusage macro replacement feature.
* common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn
sentinels.
* agent/command.c (cmd_import_key): Use asprintf to create the prompt.
* scd/apdu.c (check_pcsc_pinpad): Set ->minlen and ->maxlen only when
those are specified.
(pcsc_pinpad_modify): Remove old check code.
--
GnuPG-bug-id: 1549
* scd/apdu.c (open_pcsc_reader_direct): Don't call
pcsc_vendor_specific_init here, but...
(connect_pcsc_card): Call it here.
--
Thanks to Martin Wolters for the bug report.
* scd/ccid-driver.c: Move vendor and product ids to ...
* scd/ccid-driver.h: here.
* scd/apdu.c (CCID_DRIVER_INCLUDE_USB_IDS): Define to include ids.
(pcsc_vendor_specific_init): Use vendor and product id macros.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (do_writekey): Added RSA_CRT and RSA_CRT_N support.
--
Updates of original patch by wk:
- unsigned char *rsa_u, *rsa_dp, rsa_dq;
+ unsigned char *rsa_u, *rsa_dp, *rsa_dq;
and AUTHORS. Missing signed-off-by assumed due to DCO send the other
day.
* scd/app-common.h (APP_DECIPHER_INFO_NOPAD): New.
* scd/app-openpgp.c (do_decipher): Add arg R_INFO.
* scd/app-nks.c (do_decipher): Add arg R_INFO as a dummy.
* scd/app.c (app_decipher): Add arg R_INFO.
* scd/command.c (cmd_pkdecrypt): Print status line "PADDING".
* agent/call-scd.c (padding_info_cb): New.
(agent_card_pkdecrypt): Add arg R_PADDING.
* agent/divert-scd.c (divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Ditto.
* agent/command.c (cmd_pkdecrypt): Print status line "PADDING".
* g10/call-agent.c (padding_info_cb): New.
(agent_pkdecrypt): Add arg R_PADDING.
* g10/pubkey-enc.c (get_it): Use padding info.
--
Decryption using a card never worked in gpg 2.1 because the
information whether the pkcs#1 padding needs to be removed was not
available. Gpg < 2.1 too this info from the secret sub key but that
has gone in 2.1.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command.c (cmd_preset_passphrase, pinentry_loopback): Use %zu
in format string.
* scd/ccid-driver.c (ccid_get_atr): Ditto.
* agent/command-ssh.c (stream_read_string): Init arg STRING_SIZE to
avoid maybe_unitialized warning.
--
Actually the first one might have been a problem on big endian
machines.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/apdu.c (CM_IOCTL_GET_FEATURE_REQUEST): Use SCARD_CTL_CODE.
(SCARD_CTL_CODE): Define if not defined.
(reader_table_s): Add is_spr532.
(new_reader_slot): Clear it.
(check_pcsc_pinpad): Set it.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Add fix for SPR532.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (update_reader_status_file): Add condition
vr->status == 0.
--
To reproduce the bug: (1) insert card,
(2) run "gpg2 --card-status",
(3) remove card, (4) invoke "gpg2 --card-edit",
(5) invoke some command like "verify"
The last step fails (but with no error message to user).
* scd/apdu.c (pcsc_dword_t): New. It was named as DWORD (double-word)
when a word was 16-bit.
(struct reader_table_s): Fixes for types.
(struct pcsc_readerstate_s) [__APPLE__]: Enable #pragma pack(1).
Throughout: Fixes for types.
* scd/pcsc-wrapper.c: Likewise.
--
Problem reported for 1.4.x by the issue 1358.
* scd/apdu.c (pcsc_pinpad_verify, pcsc_pinpad_modify): Default value
of maxlen for pinpad input is now 15 (was: 25).
* scd/ccid-driver.c (ccid_transceive_secure): Likewise.
--
For newer PC/SC, it is better to use FEATURE_GET_TLV_PROPERTIES to get
bMaxPINSize.
* scd/ccid-driver.c (ccid_transceive_apdu_level): Support larger
APDU.
--
This is still ad hoc change, but it's OK. Supporting full extended
APDU exchange level is not worth yet.
* scd/app-openpgp.c (do_sign): Only prepend message digest block
for RSA or do_auth.
(do_auth): Remove message digest block for ECDSA.
--
If we don't need to check the message digest block by SCDaemon, we
don't requite the message digest block for ECDSA by gpg-agent.
* scd/app-openpgp.c (key_type_t): New.
(CURVE_NIST_P256, CURVE_NIST_P384, CURVE_NIST_P521): New.
(struct app_local_s): Change keyattr to have key_type and union.
(get_ecc_key_parameters, get_curve_name): New.
(send_key_attr, get_public_key): Support ECDSA.
(build_privkey_template, do_writekey, do_genkey): Follow the change
of the member KEY_ATTR.
(parse_historical): New.
(parse_algorithm_attribute): Support ECDSA.
--
Add ECDSA support to OpenPGP card.
* scd/app-openpgp.c (struct app_local_s): Remove VARLEN.
(parse_login_data): "P=0" means to disable pinpad.
(check_keypad_request): Default is to use pinpad if available.
* scd/ccid-driver.c: Add 2013.
(VENDER_VEGA, VEGA_ALPHA):New.
(ccid_transceive_secure): VEGA_ALPHA is same firmware as GEMPC_PINPAD.
Change bNumberMessage to 0x01, as it works better (was: 0xff).
* scd/iso7816.h (struct pininfo_s): Rename from iso7816_pininfo_s.
Change meaning of MODE.
(pininfo_t): Rename from iso7816_pininfo_t.
* scd/sc-copykeys.c: Include "iso7816.h".
* scd/scdaemon.c, scd/command.c: Likewise.
* scd/ccid-driver.c: Include "scdaemon.h" and "iso7816.h".
(ccid_transceive_secure): Follow the change of PININFO_T.
* scd/app.c: Include "apdu.h" after "iso7816.h".
* scd/iso7816.c (iso7816_check_keypad, iso7816_verify_kp)
(iso7816_change_reference_data_kp): Follow the change of API.
* scd/apdu.c (struct reader_table_s): Change API of CHECK_KEYPAD,
KEYPAD_VERIFY, KEYPAD_MODIFY to have arg of PININFO_T.
(check_pcsc_keypad, check_ccid_keypad): Likewise.
(apdu_check_keypad, apdu_keypad_verify, apdu_keypad_modify): Likewise.
(pcsc_keypad_verify, pcsc_keypad_modify, ct_send_apdu)
(pcsc_send_apdu_direct, pcsc_send_apdu_wrapped, pcsc_send_apdu)
(send_apdu_ccid, ccid_keypad_operation, my_rapdu_send_apdu, send_apdu)
(send_le): Follow the change of API.
* scd/apdu.h (apdu_check_keypad, apdu_keypad_verify)
(apdu_keypad_modify): Change the API.
* scd/app-dinsig.c, scd/app-nks.c, scd/app-openpgp.c: Follow the
change.
* scd/ccid-driver.c (struct ccid_driver_s): Add auto_voltage,
auto_param, and auto_pps.
(parse_ccid_descriptor): Set auto_voltage, auto_param, and auto_pps.
Support non-autoconf readers.
(update_param_by_atr): New.
(ccid_get_atr): Use 5V for PowerOn when auto_voltage is not supported.
Use 0x10 when nonnull_nad for SetParameters.
Call update_param_by_atr for parsing ATR, and use param for
SetParameters.
Send PPS if reader requires it and card is negotiable.
When bNadValue in the return values of SetParameters == 0,
clear handle->nonnull_nad flag.
--
This change is to support more card readers by the internal driver.
Tested with 08e6:3478 Gemplus PinPad Smart Card Reader.
* scd/apdu.c (pcsc_no_service): Remove.
(open_pcsc_reader_direct, open_pcsc_reader_wrapped): Remove
pcsc_no_service support.
(apdu_open_reader): Remove R_NO_SERVICE.
* scd/apdu.h (apdu_open_reader): Remove R_NO_SERVICE.
* scd/command.c (reader_disabled): Remove.
(get_current_reader): Follow the change of R_NO_SERVICE.
(open_card, cmd_serialno, scd_command_handler): Remove reader_disabled
support.
* scd/sc-copykeys.c (main): Follow the change of R_NO_SERVICE.
--
Daemon should handle all possible cases. Even if such a difficult
case like reader_disabled, it should not exit.
* scd/command.c (update_reader_status_file): Don't call
get_current_reader.
--
This fix has a impact that the insertion of a card reader will not be
detected upon the insertion, but will be deferred until user tries to
access his card.
* scd/command.c (MAXLEN_SETDATA): New.
(cmd_setdata): Add option --append.
* agent/call-scd.c (agent_card_pkdecrypt): Use new option for long
data.
* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
(app_select_openpgp): Store manufacturer.
(do_decipher): Print a note for broken cards.
--
Please note that I was not able to run a full test because I only have
broken cards (S/N < 346) available.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems. We now use two \x27 characters ('...').
The proper solution would be to use the correct Unicode symmetric
quotes here. However this has the disadvantage that the system
requires Unicode support. We don't want that today. If Unicode is
available a generated po file can be used to output proper quotes. A
simple sed script like the one used for en@quote is sufficient to
change them.
The changes have been done by applying
sed -i "s/\`\([^'\`]*\)'/'\1'/g"
to most files and fixing obvious problems by hand. The msgid strings in
the po files were fixed with a similar command.
When the KILLSCD command had been sent a race condition would occur
causing PID -1 getting killed, which on Linux seems to terminate all
applications for the current user.
GnuPG requires that options are given before other arguments. This
can sometimes be confusing. We now print a warning if we found an
argument looking alike a long option without being preceded by the
stop option. This is bug#1343.
* common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New.
* common/argparse.c (arg_parse): Set new flag.
* g10/gpg.c (main): Print the warning.
* agent/gpg-agent.c (main): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
* g13/g13.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
For the shared code parts it is cumbersome to pass an error sourse
variable to each function. Its value is always a constant for a given
binary and thus a global variable makes things a lot easier than the
former macro stuff.
* common/init.c (default_errsource): New global var.
(init_common_subsystems): Rename to _init_common_subsystems. Set
DEFAULT_ERRSOURCE.
* common/init.h: Assert value of GPG_ERR_SOURCE_DEFAULT.
(init_common_subsystems): New macro.
* common/util.h (default_errsource): Add declaration.
* kbx/keybox-defs.h: Add some GPG_ERR_SOURCE_DEFAULT trickery.