Jonas Borgström
6acb1d06f0
scd: add support for RSA_CRT and RSA_CRT_N key import.
...
* scd/app-openpgp.c (do_writekey): Added RSA_CRT and RSA_CRT_N support.
--
Updates of original patch by wk:
- unsigned char *rsa_u, *rsa_dp, rsa_dq;
+ unsigned char *rsa_u, *rsa_dp, *rsa_dq;
and AUTHORS. Missing signed-off-by assumed due to DCO send the other
day.
(cherry picked from commit cc67918c08
)
Solved conflicts:
AUTHORS => Removed
scd/app-openpgp.c => s/.rsa.format/.format/.
2013-08-29 18:11:01 +02:00
NIIBE Yutaka
9158f58822
scd: fix parsing login-data DO.
...
* scd/app-openpgp.c (parse_login_data): Release RELPTR. Fix parsing.
--
Signed-off-by: NIIBE Yutaka
2013-08-27 10:28:50 +09:00
NIIBE Yutaka
c2744e97c8
scd: Rename 'keypad' to 'pinpad'.
...
* NEWS: Mention scd changes.
* agent/divert-scd.c (getpin_cb): Change message.
* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.
* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.
* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.
* scd/iso7816.h (iso7816_check_pinpad): Rename.
* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.
* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.
* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.
* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.
* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.
* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.
* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
2013-02-08 09:20:43 +09:00
NIIBE Yutaka
9fec82a30b
scd: Fix check_keypad_request.
...
* scd/app-openpgp.c (check_keypad_request): 0 means not to use pinpad.
2013-02-05 15:01:37 +09:00
NIIBE Yutaka
031f783d8a
SCD: Support P=N format for login data.
...
* scd/app-openpgp.c (parse_login_data): Support P=N format.
2013-02-05 14:14:23 +09:00
NIIBE Yutaka
1788aad9c1
SCD: Defaults to use pinpad if the reader has the capability.
...
* scd/app-openpgp.c (struct app_local_s): Remove VARLEN.
(parse_login_data): "P=0" means to disable pinpad.
(check_keypad_request): Default is to use pinpad if available.
2013-02-05 14:13:33 +09:00
NIIBE Yutaka
85bd703e78
SCD: handle keypad request on the card.
...
* scd/app-openpgp.c: Add 2013.
(struct app_local_s): Add keypad structure.
(parse_login_data): Add parsing keypad request on the card.
(check_keypad_request): New.
(verify_a_chv, verify_chv3, do_change_pin): Call check_keypad_request
to determine use of keypad.
2013-02-05 14:12:58 +09:00
NIIBE Yutaka
15200f7001
SCD: Support fixed length PIN input for keypad.
...
* scd/iso7816.h (struct pininfo_s): Remove MODE and add FIXEDLEN.
* scd/app-dinsig.c (verify_pin): Initialize FIXEDLEN to unknown.
* scd/app-nks.c (verify_pin): Likewise.
* scd/app-openpgp.c (verify_a_chv, verify_chv3, do_change_pin):
Likewise.
* scd/apdu.c (check_pcsc_keypad): Add comment.
(pcsc_keypad_verify, pcsc_keypad_modify): PC/SC driver only support
readers with the feature of variable length input (yet).
(apdu_check_keypad): Set FIXEDLEN.
* scd/ccid-driver.c (ccid_transceive_secure): Add GEMPC_PINPAD
specific settings.
Support fixed length PIN input for keypad.
2013-02-05 14:11:19 +09:00
NIIBE Yutaka
4fe024cf33
SCD: API cleanup for keypad handling.
...
* scd/iso7816.h (struct pininfo_s): Rename from iso7816_pininfo_s.
Change meaning of MODE.
(pininfo_t): Rename from iso7816_pininfo_t.
* scd/sc-copykeys.c: Include "iso7816.h".
* scd/scdaemon.c, scd/command.c: Likewise.
* scd/ccid-driver.c: Include "scdaemon.h" and "iso7816.h".
(ccid_transceive_secure): Follow the change of PININFO_T.
* scd/app.c: Include "apdu.h" after "iso7816.h".
* scd/iso7816.c (iso7816_check_keypad, iso7816_verify_kp)
(iso7816_change_reference_data_kp): Follow the change of API.
* scd/apdu.c (struct reader_table_s): Change API of CHECK_KEYPAD,
KEYPAD_VERIFY, KEYPAD_MODIFY to have arg of PININFO_T.
(check_pcsc_keypad, check_ccid_keypad): Likewise.
(apdu_check_keypad, apdu_keypad_verify, apdu_keypad_modify): Likewise.
(pcsc_keypad_verify, pcsc_keypad_modify, ct_send_apdu)
(pcsc_send_apdu_direct, pcsc_send_apdu_wrapped, pcsc_send_apdu)
(send_apdu_ccid, ccid_keypad_operation, my_rapdu_send_apdu, send_apdu)
(send_le): Follow the change of API.
* scd/apdu.h (apdu_check_keypad, apdu_keypad_verify)
(apdu_keypad_modify): Change the API.
* scd/app-dinsig.c, scd/app-nks.c, scd/app-openpgp.c: Follow the
change.
2013-02-05 14:09:47 +09:00
NIIBE Yutaka
3e7cc25d4a
SCD: Fix the process of writing key or generating key.
...
* scd/app-openpgp.c (store_fpr): Flush KEY-FPR and KEY-TIME.
2012-12-13 13:36:23 +09:00
Werner Koch
ab4ea45f54
Allow decryption with card keys > 3072 bit
...
* scd/command.c (MAXLEN_SETDATA): New.
(cmd_setdata): Add option --append.
* g10/call-agent.c (agent_scd_pkdecrypt): Use new option for long data
* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
(app_select_openpgp): Store manufacturer.
(do_decipher): Print a note for broken cards.
--
Please note that I was not able to run a full test because I only have
broken cards (S/N < 346) available.
2012-11-06 14:39:22 +01:00
Werner Koch
c0a20d6124
Remove trailing white space from some files
...
--
2012-11-06 14:34:32 +01:00
David Prévot
bc95b35289
Actually show translators comments in PO files
2012-08-24 10:33:28 +02:00
NIIBE Yutaka
196a60078b
Fix pinpad input support for passphrase modification. (backport)
...
* apdu.c (pcsc_keypad_verify): Have dummy Lc field with value 0.
(pcsc_keypad_modify): Likewise.
(pcsc_keypad_modify): It's only for ISO7816_CHANGE_REFERENCE_DATA.
bConfirmPIN value is determined by the parameter p0.
* app-openpgp.c (do_change_pin): The flag use_keypad should be 0 when
reset_mode is on, or resetcode is on. use_keypad only makes sense for
iso7816_change_reference_data_kp.
* iso7816.h (iso7816_put_data_kp): Remove.
(iso7816_reset_retry_counter_kp): Remove.
(iso7816_reset_retry_counter_with_rc_kp): Remove.
(iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
* iso7816.c (iso7816_put_data_kp): Remove.
(iso7816_reset_retry_counter_kp): Remove.
(iso7816_reset_retry_counter_with_rc_kp): Remove.
(iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
2012-06-25 10:04:23 +09:00
NIIBE Yutaka
056e1329b0
scd: Fix pinpad input support (backport from master)
...
* app-openpgp.c (do_change_pin): Fix pincb messages when
use_keypad == 1.
2012-06-25 10:04:23 +09:00
NIIBE Yutaka
f98a5e8480
scd: PC/SC pinpad support (pinpad input for modify pass phrase). (backport)
...
* iso7816.h (iso7816_change_reference_data_kp): Remove arguments
of OLDCHV, OLDCHVLEN, NEWCHV, and NEWCHVLEN.
* iso7816.c (iso7816_change_reference_data_kp): Call
apdu_keypad_modify.
(iso7816_change_reference_data): Don't call
iso7816_change_reference_data_kp.
* apdu.h (apdu_keypad_modify): New.
* apdu.c (pcsc_keypad_modify, apdu_keypad_modify): New.
(struct reader_table_s): New memeber function keypad_modify.
(new_reader_slot, open_ct_reader, open_ccid_reader)
(open_rapdu_reader): Initialize keypad_modify.
* app-openpgp.c (do_change_pin): Handle keypad and call
iso7816_change_reference_data_kp if it is the case.
2012-06-25 10:04:22 +09:00
NIIBE Yutaka
c2525d507d
scd: PC/SC pinpad support. (Backported from master.)
...
* iso7816.h (iso7816_verify_kp): Remove arguments of CHV and CHVLEN.
* iso7816.c (iso7816_verify_kp): Call apdu_keypad_verify. Only
handle thecase with PININFO.
(iso7816_verify): Call apdu_send_simple.
* app-openpgp.c (verify_a_chv, verify_chv3): Follow the change of
iso7816_verify_kp.
* app-nks.c (verify_pin): Likewise.
* app-dinsig.c (verify_pin): Likewise.
* apdu.c: Include "iso7816.h".
(struct reader_table_s): New memeber function keypad_verify.
Add fields verify_ioctl and modify_ioctl in pcsc.
(CM_IOCTL_GET_FEATURE_REQUEST, FEATURE_VERIFY_PIN_DIRECT)
(FEATURE_MODIFY_PIN_DIRECT): New.
(pcsc_control): New.
(control_pcsc_direct, control_pcsc_wrapped, control_pcsc)
(check_pcsc_keypad, pcsc_keypad_verify): New.
(ccid_keypad_verify, apdu_keypad_verify): New.
(new_reader_slot): Initialize with check_pcsc_keypad,
pcsc_keypad_verify, verify_ioctl and modify_ioctl.
(open_ct_reader): Initialize keypad_verify with NULL.
(open_ccid_reader): Initialize keypad_verify.
(open_rapdu_reader): Initialize keypad_verify with NULL.
(apdu_open_reader): Initialize pcsc_control.
* pcsc-wrapper.c (load_pcsc_driver): Initialize pcsc_control.
(handle_control): New.
(main): Handle the case 6 of handle_control.
2012-06-25 10:04:22 +09:00
Werner Koch
fb44677c9f
Allow generation of card keys up to 4096 bit.
...
This patch implementes a chunk mode to pass the key parameters from
scdaemon to gpg. This allows to pass arbitrary long key paremeters;
it is used for keys larger than 3072 bit.
2011-07-07 11:20:53 +02:00
Werner Koch
983f91937c
Fix for extended length Le in decipher
2009-09-03 10:57:23 +00:00
Werner Koch
e57d2a8630
Ask for the keysize when generating a new card key.
2009-08-05 11:24:43 +00:00
Werner Koch
806b0acad7
Better reset the PIN verification stati after changing the key attributes.
2009-07-10 10:47:30 +00:00
Werner Koch
96abdb1386
Fix for card keys > 2048 bit.
2009-07-10 10:15:33 +00:00
Werner Koch
31084d6dc9
Support writing of existing keys with non-matching key sizes.
2009-07-09 14:54:18 +00:00
Werner Koch
d8d1ca6151
Reworked the estream memory buffer allocation.
...
Committed already posted patches for the v2 card.
2009-06-29 10:43:57 +00:00
Werner Koch
5f8acaccc0
Add readcert command.
...
fix reading large certificates.
2009-06-17 09:45:50 +00:00
Werner Koch
bdbeb0ac2b
app-openpgp changes
2009-06-09 19:11:28 +00:00
Werner Koch
db47caf05b
Typo fix. Updated German translation.
2009-06-08 09:11:27 +00:00
Werner Koch
e095815c4d
Make PIN changing code work for v2 cards.
2009-05-20 16:12:25 +00:00
Werner Koch
c4e92c3344
Made card key generate with backup key work for 2048 bit.
...
Improved card key generation prompts.
2009-05-15 19:26:46 +00:00
Werner Koch
eeca39ae50
More support for Netkey cards.
...
Small changes to teh CCID driver.
Support 2048 bit OpenPGP cards.
2009-05-08 15:07:45 +00:00
Werner Koch
9d6a2a60c2
Prepare for OpenPGP cards with extended length support.
2009-04-01 14:38:22 +00:00
Werner Koch
98e1a75e20
Implement decryption for TCOS 3 cards.
2009-03-30 12:46:06 +00:00
Werner Koch
a3b63ac1dc
Add server option with-ephemeral-keys.
...
Extend SCD LEARN command.
2009-03-18 11:18:56 +00:00
Werner Koch
1eeefbf7f7
Add new attribute KEY-ATTR.
2009-03-10 16:10:35 +00:00
Werner Koch
59d7a54e72
New PIN Callback attributes in gpg-agent.
...
Common prompts for keypad and simple card reader.
More support for Netkey cards; PIN management works now.
2009-03-05 19:19:37 +00:00
Werner Koch
041c764672
Add option --card-timeout.
...
Add a new attribyte to app-openpgp.c
Fix two portability bugs.
Have gpg-connect-agent autostart gpg-agent on W32.
2008-12-05 12:01:01 +00:00
Werner Koch
338ddd0bb6
Use bin2hex if possible.
2008-11-03 10:54:18 +00:00
Werner Koch
0a5f742466
Marked all unused args on non-W32 platforms.
2008-10-20 13:53:23 +00:00
Werner Koch
96f16f736e
Finished support for v2 cards with the exception of secure messaging.
2008-09-25 10:06:02 +00:00
Werner Koch
761e997af5
Improvements for 2k keys.
2008-09-23 15:42:11 +00:00
Werner Koch
f899b9683b
Support the Certifciate DO of the v2 OpenPGP cards.
2008-09-23 09:57:45 +00:00
Moritz Schulte
72110961f1
2008-08-30 Moritz <moritz@gnu.org>
...
* scdaemon.c (main): Use estream_asprintf instead of asprintf.
* command.c (update_reader_status_file): Likewise.
(cmd_serialno): Use estream_asprintf instead of asprintf
and xfree instead of free to release memory allocated
through (estream_)asprintf.
(cmd_learn): Likewise.
(pin_cb): Likewise.
* app-openpgp.c (get_public_key): Likewise.
2008-08-31 11:55:09 +00:00
Werner Koch
8e89644451
Fix new test for v2 cards.
2008-08-18 11:08:04 +00:00
Werner Koch
e27ca6e059
prompt change.
2008-07-30 10:25:18 +00:00
Werner Koch
9d5a10a453
Do not run the setuid test if running under as root proper.
...
Documentation fixes.
Some enhancements for the new OpenPGP Card.
2008-07-17 19:40:53 +00:00
Werner Koch
4817ff6528
Add support for the TCOS NullPIN feature.
2008-06-24 16:00:29 +00:00
Werner Koch
6e17d90e09
Use default PIN flag
2008-04-21 07:53:20 +00:00
Werner Koch
a2ede07293
Preparing a release.
2008-03-26 09:20:40 +00:00
Werner Koch
bae4b256c7
Support DSA2.
...
Support Camellia for testing.
More audit stuff.
2007-12-12 10:28:30 +00:00
Werner Koch
bc482052f8
Fix for bug 851.
...
Fixed auto generation of the stub key for the card.
Allow to encrypt toElgamal encryption keys of type 20.
2007-12-10 15:19:34 +00:00