Fixes the case when scdaemon prompts for card insertion.
* scd/app-openpgp.c (do_set_pin_prompt): Fix indentation. No longer
unset the prompt with '-' since the OPTION command without a value
does this anyway.
* scd/app.c (expand_pin_prompt): Fix indentation.
* scd/command.c (set_pinentry_prompt): Set both the default and
application prompt when available.
This adds scdaemon "OPTION pin-prompt" and "OPTION pin-admin-prompt"
along with special escapes to replace in the prompt string to inform the
user of a signature count and admin PIN attempts remaining.
It also adds another "standard" pinentry escape "|I|" to ignore the
default pinentry prompt from gpg-agent and use the supplied 'info'
parameter unmodified (cannot be used with other pinentry flags).
* agent/divert-scd.c (getpin_cb): Add |I| pinentry flag to ignore the
default prompt and use the 'info' parameter as the entire prompt.
* scd/app-common.h (PIN_PROMPT_NONE, PIN_SIGN_PROMPT, PIN_ADMIN_PROMPT):
New enumeration.
(set_pin_prompt): New application callback to set a user-defined
pinentry prompt.
* scd/app-openpgp.c (verify_a_chv): Expand a user-defined pinentry
prompt.
(build_enter_admin_pin_prompt): Ditto.
(do_change_pin): Ditto.
(do_set_pin_prompt): New.
* scd/app.c (expand_pin_prompt): New.
(app_set_pin_prompt): Ditto.
* scd/command.c (set_pinentry_prompt): New.
(option_handler): Add option 'pin-prompt' and 'pin-admin-prompt'.
(open_card): Set the user-defined pinentry prompts after selecting an
application.
* apdu.c (pcsc_keypad_verify): Have dummy Lc field with value 0.
(pcsc_keypad_modify): Likewise.
(pcsc_keypad_modify): It's only for ISO7816_CHANGE_REFERENCE_DATA.
bConfirmPIN value is determined by the parameter p0.
* app-openpgp.c (do_change_pin): The flag use_keypad should be 0 when
reset_mode is on, or resetcode is on. use_keypad only makes sense for
iso7816_change_reference_data_kp.
* iso7816.h (iso7816_put_data_kp): Remove.
(iso7816_reset_retry_counter_kp): Remove.
(iso7816_reset_retry_counter_with_rc_kp): Remove.
(iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
* iso7816.c (iso7816_put_data_kp): Remove.
(iso7816_reset_retry_counter_kp): Remove.
(iso7816_reset_retry_counter_with_rc_kp): Remove.
(iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
Before this change, it is layered like following:
iso7816_verify
iso7816_verify_kp
apdu_send_simple, apdu_send_simple_kp
...
After this change, it will be layered like:
iso7816_verify iso7816_verify_kp
apdu_send_simple apdu_keypad_verify
...
and apdu_send_simple_kp will be deprecated.
For PC/SC API, we use:
SCardControl API to compose CCID PC_to_RDR_Secure message
SCardTransmit API to compose CCID PC_to_RDR_XfrBlock message
Considering the support of PC/SC, we have nothing to share between _kp
version of iso7816_* and no _kp version.
This patch implementes a chunk mode to pass the key parameters from
scdaemon to gpg. This allows to pass arbitrary long key paremeters;
it is used for keys larger than 3072 bit.
Note: the card key generation in gpg is currently broken. The keys
are generated but it is not possible to create the self-signature
because at that time the gpg-agent does not yet know about the new
keys and thus can't divert the sign request to the card. We either
need to run the learn command right after calling agent_scd_genkey or
implement a way to sign using the currently inserted card. Another
option would be to get rid of agent_scd_genkey and implement the
feature directly in agent_genkey.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
* scdaemon.c (main): Use estream_asprintf instead of asprintf.
* command.c (update_reader_status_file): Likewise.
(cmd_serialno): Use estream_asprintf instead of asprintf
and xfree instead of free to release memory allocated
through (estream_)asprintf.
(cmd_learn): Likewise.
(pin_cb): Likewise.
* app-openpgp.c (get_public_key): Likewise.