* scd/app-common.h (struct app_ctx_s): Add parameter ctrl to function
pointers for readkey, setattr, sign, auth, decipher, and check_pin.
--
This is a yet another patch to allow for easier backporting.
* scd/app-common.h (struct app_ctx_s): Rename unused field
card_version to cardversion.
* scd/app.c (app_new_register): Add code rom 2.3 to detect the Yubikey
and set cardversion.
(app_get_dispserialno): New.
* scd/app-openpgp.c (do_getattr): Use app_get_dispserialno.
* scd/app-common.h (cardtype_t): New.
(apptype_t): New.
(struct app_ctx_s): Change type of field apptype. Add fields
appversion and cardtype. Adjust all app-*.c for the new type.
* scd/app.c (supported_app_list): New.
(strapptype): New.
(apptype_from_name): New.
(app_dump_state): Use strapptype.
(app_write_learn_status): Ditto.
(app_getattr): Ditto.
(check_conflict): Use apptype_from_name and integer comparison.
* scd/app-openpgp.c: Replace app->card_version by app->appversion.
--
This is another patch to make backporting from 2.3 easier.
* scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New.
(APP_READKEY_FLAG_INFO): New.
(APP_LEARN_FLAG_KEYPAIRINFO): New.
(APP_LEARN_FLAG_MULTI): New.
(struct app_ctx_s): New forward declaration.
(struct app_ctx_s): Add members prep_reselect, reselect, and
with_keygrip.
(KEYGRIP_ACTION_SEND_DATA): New.
(KEYGRIP_ACTION_WRITE_STATUS): New.
(KEYGRIP_ACTION_LOOKUP): New.
(APP_CARD): New macro.
* scd/scdaemon.h: Include app-common.h and remove from all other
files.
(app_t): Move typedef to ...
* scd/app-common.h: here.
--
These changes will make it easier to backport changes from 2.3 to 2.2.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* common/argparse.c, common/argparse.h: Rewrite.
* tests/gpgscm/main.c: Switch to the new option parser.
* g10/gpg.c: Switch to the new option parser and enable a global conf
file.
* g10/gpgv.c: Ditto.
* agent/gpg-agent.c: Ditto.
* agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c: Ditto.
* scd/scdaemon.c: Ditto.
* dirmngr/dirmngr.c: Ditto.
* dirmngr/dirmngr_ldap.c: Ditto
* dirmngr/dirmngr-client.c: Ditto.
* kbx/kbxutil.c: Ditto.
* tools/gpg-card.c: Ditto.
* tools/gpg-check-pattern.c: Ditto.
* tools/gpg-connect-agent.c: Ditto.
* tools/gpg-pair-tool.c: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpgconf.c: Ditto.
* tools/gpgsplit.c: Ditto.
* tools/gpgtar.c: Ditto.
* g13/g13.c: Ditto.
* g13/g13-syshelp.c: Ditto. Do not force verbose mode.
* sm/gpgsm.c: Ditto. Add option --no-options.
--
This is backport from master
commit cdbe10b762
commit ba463128ce
commit 3bc004decd
commit 2c823bd878
commit 0e8f6e2aa9
but without changing all functions names to gpgrt. Instead we use
wrapper functions which, when building against old Libgpg-error
versions, are implemented in argparse.c using code from the current
libgpg-error. This allows to keep the dependency requirement at
libgpg-error 1.27 to support older distributions. Tested builds
against 1.27 and 1.40-beta.
Note that g13-syshelp does not anymore default to --verbose because
that can now be enabled in /etc/gnupg/g13-syshelp.conf.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
--
It does not make sense to keep support form GnuPG 1 here given that we
don't intend to ever backport any of the current stuff to the legacy
version.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (struct app_local_s): Add keygrip_str.
(store_keygrip): New.
(read_public_key): Store the keygrip.
(get_public_key): Sitto.
(send_keypair_info): USe the stored keygrip.
(check_keyidstr): New. Factored out from other functions and
extended.
(do_sign): Use check_keyidstr.
(do_auth): Ditto.
(do_decipher): Ditto.
(do_check_pin): Ditto.
--
This code is a backport of commits:
b0f0791e4a
cd: Factor out a function to check keyidstr.
4c4999b818
scd:openpgp: Allow PKSIGN with keygrip also for OPENPGP.3.
e769609cd3
scd: Allow KEYGRIP as KEYIDSTR.
Co-authored-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (cmd_serialno): Skip options.
--
SERIALNO --all
works only in 2.3 and thus naive use with 2.2 vesions would conserer
"--all" as the reqyested applications. Fix is easy and should be done
anyway.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed. Use
new function in most places where fopen is used.
--
The config files in 2.2 are still read using fopen - we need to change
this to allow Unicode directory names. There is also one case where
files are written using the old fopen. The new option parser in 2.3
does not have this problem but at some places fopen is also still used.
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/ccid-driver.c (ccid_require_get_status): For VENDOR_SCM reader,
return 0 only at the initial call.
(bulk_in): Don't detect an error for VENDOR_SCM reader, just kicking
the loop, to invoke scd_update_reader_status_file, which calls
ccid_slot_status again.
(ccid_slot_status): Move the call of ccid_vendor_specific_setup to...
(ccid_get_atr): ... here.
--
For readers with interrupt transfer support, it is only intr_cb which
sets handle->powered_off to 1. Keeping this condition makes no race.
The function ccid_slot_status can also detect a communication error,
which causes apdu_close_reader (but not setting ->powered_off).
GnuPG-bug-id: 5121
Fixes-commit: 920f258eb6
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 484bafda4d)
* scd/command.c (reset_notify): Add option --keep-lock.
(do_reset): Add arg keep_lock.
(cmd_lock): Send progress status.
* g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs.
* g10/card-util.c (send_apdu): Ditto.
(factory_reset): Use lock commands.
--
This is required so that for example Kleopatra does not detect the
RESET and issues a SERIALNO of its own, thus conflicting with our
SERIALNO undefined.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/ccid-driver.c (ccid_vendor_specific_setup): New. Limit
only for SPR532, excluding other readers by SCM.
(ccid_slot_status): Use ccid_vendor_specific_setup.
--
We follow the setup procedure of libccid implementation, which sends
the escape command for SPR532 only.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
--
We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change. At a
very few places we keep using stdio (for example due to the use of
popen).
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 390497ea11
* scd/ccid-driver.c (ccid_slot_status): Handle LIBUSB_ERROR_TIMEOUT.
--
Backport master commit of:
b1e8072320
With SPR532, at the first connection, it fails by
LIBUSB_ERROR_TIMEOUT, but no retry.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (intr_cb): Handle the case of multiple messages.
--
Backport master commit of:
7cbb513a2d
SPR532 USB Smart Card Reader (also know as SPR332) may send two
messages at once for a single interrupt transfer. An example transfer
observed was like: 50 03 50 02, which is considered valid, according
to the CCID specification.
GnuPG-bug-id: 5065
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (CCID_CMD_TIMEOUT_LONGER): Remove.
(ccid_transceive): Don't use x4 blindly for bBWI, but use dynamically
determined value. Use value from variable wait_more for bulk_in.
Set wait_more by the value of time extension request.
--
Backport master commit of:
f1cf799a37
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.h (CCID_DRIVER_ERR_USB_*): New error codes.
* scd/apdu.h: New SW_HOST error codes.
* scd/apdu.c (host_sw_string): Print them
* scd/ccid-driver.c (map_libusb_error): New.
(ccid_open_usb_reader, bulk_in, abort_cmd): Map libusb error codes.
* scd/iso7816.c (map_sw): Map new codes to gpg-error.
--
Backport from master commit:
9a8d7e41bb
This change will help to get low level error conditions from hipher
application code.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/ccid-driver.c (ccid_open_usb_reader): Alway submit SET_INTERFACE
control transfer.
--
Backport from master commit:
611faf1579
This handling is not mondatory, but it's better to do so, because
there are card reader with pinpad and token with ack button, which
support user interaction.
User interaction status should be reset at open time. The status
should be reset when the session is closed/stopped. In practice,
since cleanup routine in a driver may not be called properly, it's
good to submit SET_INTERFACE at open time.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/ccid-driver.c (print_error) [TEST]: Add missing break. Note
that this is anyway an impossible case.
--
Backport master commit of:
8fb14d3b3f
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (verify_chv2): Check availability of keys in
question.
--
Backport master commit of:
af189be481
With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available,
it fails decrementing the signature error counter. This change
can avoid the issue.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/logging.c (log_printhex): Chnage order of args. Make it
printf alike. Change all callers.
* configure.ac: Add -Wno-format-zero-length
--
This makes it consistent with modern libgpgrt logging and thus eases
back porting from newer GnuPG versions which use libgpgrt logging.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-p15.c (make_pin_prompt): Factor some code out to ...
(get_dispserialno): this.
(do_getattr): Use new fucntion for a $DISPSERIALNO.
Signed-off-by: Werner Koch <wk@gnupg.org>
