Fixed card key generation of gpg2.

Reveal less information about timings while generating a key.
author: Werner Koch <[email protected]> 2007-07-05 16:58:19 +0000
committer: Werner Koch <[email protected]> 2007-07-05 16:58:19 +0000
commit: 4631bc8ddf86b3917bf786c315273d8b1c7798e8 (patch)
tree: 2022343674f6703aefb41f2e142765ba319dbf5f /scd
parent: 2007-07-05 Marcus Brinkmann <[email protected]> (diff)
download: gnupg-4631bc8ddf86b3917bf786c315273d8b1c7798e8.tar.gz
gnupg-4631bc8ddf86b3917bf786c315273d8b1c7798e8.zip
5 files changed, 89 insertions, 22 deletions
diff --git a/scd/ChangeLog b/scd/ChangeLog
index e46e8e9ec..8020ca31a 100644
--- a/scd/ChangeLog
+++ b/scd/ChangeLog
@@ -1,3 +1,14 @@
+2007-07-05  Werner Koch  <[email protected]>
+
+	* command.c (has_option_name, skip_options): New.
+	(cmd_genkey): Add option --timestamp.
+	(cmd_writekey): Enter confidential mode while inquiring the key data.
+
+	* app.c (app_genkey): Add arg CREATETIME.
+	* app-common.h (app_ctx_s): Likewise
+	* app-openpgp.c (do_genkey): Ditto.  Use it.
+
+
 2007-07-04  Werner Koch  <[email protected]>
 
 	* command.c (cmd_getinfo): New subcommand "version".
diff --git a/scd/app-common.h b/scd/app-common.h
index 1334cb23f..5ddf0c0dc 100644
--- a/scd/app-common.h
+++ b/scd/app-common.h
@@ -96,9 +96,10 @@ struct app_ctx_s {
                              void *pincb_arg,
                              const unsigned char *pk, size_t pklen);
     gpg_error_t (*genkey) (app_t app, ctrl_t ctrl,
-                   const char *keynostr, unsigned int flags,
-                   gpg_error_t (*pincb)(void*, const char *, char **),
-                   void *pincb_arg);
+                           const char *keynostr, unsigned int flags,
+                           time_t createtime,
+                           gpg_error_t (*pincb)(void*, const char *, char **),
+                           void *pincb_arg);
     gpg_error_t (*change_pin) (app_t app, ctrl_t ctrl,
                        const char *chvnostr, int reset_mode,
                        gpg_error_t (*pincb)(void*, const char *, char **),
@@ -166,9 +167,10 @@ gpg_error_t app_writekey (app_t app, ctrl_t ctrl,
                           void *pincb_arg,
                           const unsigned char *keydata, size_t keydatalen);
 gpg_error_t app_genkey (app_t app, ctrl_t ctrl,
-                const char *keynostr, unsigned int flags,
-                gpg_error_t (*pincb)(void*, const char *, char **),
-                void *pincb_arg);
+                        const char *keynostr, unsigned int flags,
+                        time_t createtime,
+                        gpg_error_t (*pincb)(void*, const char *, char **),
+                        void *pincb_arg);
 gpg_error_t app_get_challenge (app_t app, size_t nbytes,
                                unsigned char *buffer);
 gpg_error_t app_change_pin (app_t app, ctrl_t ctrl,
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 893cc572f..bf7c0afc5 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -1981,8 +1981,9 @@ do_writekey (app_t app, ctrl_t ctrl,
 /* Handle the GENKEY command. */
 static gpg_error_t 
 do_genkey (app_t app, ctrl_t ctrl,  const char *keynostr, unsigned int flags,
-          gpg_error_t (*pincb)(void*, const char *, char **),
-          void *pincb_arg)
+           time_t createtime,
+           gpg_error_t (*pincb)(void*, const char *, char **),
+           void *pincb_arg)
 {
   int rc;
   char numbuf[30];
@@ -2014,7 +2015,7 @@ do_genkey (app_t app, ctrl_t ctrl,  const char *keynostr, unsigned int flags,
   if (rc)
     return rc;
 
-  /* Prepare for key generation by verifying the ADmin PIN.  */
+  /* Prepare for key generation by verifying the Admin PIN.  */
   rc = verify_chv3 (app, pincb, pincb_arg);
   if (rc)
     goto leave;
@@ -2067,7 +2068,7 @@ do_genkey (app_t app, ctrl_t ctrl,  const char *keynostr, unsigned int flags,
 /*    log_printhex ("RSA e:", e, elen); */
   send_key_data (ctrl, "e", e, elen);
 
-  created_at = gnupg_get_time ();
+  created_at = createtime? createtime : gnupg_get_time ();
   sprintf (numbuf, "%lu", (unsigned long)created_at);
   send_status_info (ctrl, "KEY-CREATED-AT",
                     numbuf, (size_t)strlen(numbuf), NULL, 0);
diff --git a/scd/app.c b/scd/app.c
index 3411c186c..8cb066f30 100644
--- a/scd/app.c
+++ b/scd/app.c
@@ -766,6 +766,7 @@ app_writekey (app_t app, ctrl_t ctrl,
 /* Perform a SETATTR operation.  */
 gpg_error_t 
 app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
+            time_t createtime,
             gpg_error_t (*pincb)(void*, const char *, char **),
             void *pincb_arg)
 {
@@ -780,7 +781,8 @@ app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
   err = lock_reader (app->slot);
   if (err)
     return err;
-  err = app->fnc.genkey (app, ctrl, keynostr, flags, pincb, pincb_arg);
+  err = app->fnc.genkey (app, ctrl, keynostr, flags, 
+                         createtime, pincb, pincb_arg);
   unlock_reader (app->slot);
   if (opt.verbose)
     log_info ("operation genkey result: %s\n", gpg_strerror (err));
diff --git a/scd/command.c b/scd/command.c
index 5f787e2fb..e65262d06 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -1,5 +1,6 @@
 /* command.c - SCdaemon command handler
- * Copyright (C) 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2003, 2004, 2005,
+ *               2007  Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -178,6 +179,41 @@ has_option (const char *line, const char *name)
   return (s && (s == line || spacep (s-1)) && (!s[n] || spacep (s+n)));
 }
 
+/* Same as has_option but does only test for the name of the option
+   and ignores an argument, i.e. with NAME being "--hash" it would
+   return a pointer for "--hash" as well as for "--hash=foo".  If
+   thhere is no such option NULL is returned.  The pointer returned
+   points right behind the option name, this may be an equal sign, Nul
+   or a space.  */
+static const char *
+has_option_name (const char *line, const char *name)
+{
+  const char *s;
+  int n = strlen (name);
+
+  s = strstr (line, name);
+  return (s && (s == line || spacep (s-1))
+          && (!s[n] || spacep (s+n) || s[n] == '=')) ? (s+n) : NULL;
+}
+
+
+/* Skip over options.  It is assumed that leading spaces have been
+   removed (this is the case for lines passed to a handler from
+   assuan).  Blanks after the options are also removed. */
+static char *
+skip_options (char *line)
+{
+  while ( *line == '-' && line[1] == '-' )
+    {
+      while (*line && !spacep (line))
+        line++;
+      while (spacep (line))
+        line++;
+    }
+  return line;
+}
+
+
 
 /* Convert the STRING into a newly allocated buffer while translating
    the hex numbers.  Stops at the first invalid character.  Blanks and
@@ -1099,7 +1135,9 @@ cmd_writekey (assuan_context_t ctx, char *line)
     return out_of_core ();
 
   /* Now get the actual keydata. */
+  assuan_begin_confidential (ctx);
   rc = assuan_inquire (ctx, "KEYDATA", &keydata, &keydatalen, MAXLEN_KEYDATA);
+  assuan_end_confidential (ctx);
   if (rc)
     {
       xfree (keyid);
@@ -1118,7 +1156,7 @@ cmd_writekey (assuan_context_t ctx, char *line)
 
 
 
-/* GENKEY [--force] <no>
+/* GENKEY [--force] [--timestamp=<isodate>] <no>
 
    Generate a key on-card identified by NO, which is application
    specific.  Return values are application specific.  For OpenPGP
@@ -1128,11 +1166,14 @@ cmd_writekey (assuan_context_t ctx, char *line)
      S KEY-CREATED-AT <seconds_since_epoch>
      S KEY-DATA [p|n] <hexdata>
      
-
    --force is required to overwrite an already existing key.  The
    KEY-CREATED-AT is required for further processing because it is
    part of the hashed key material for the fingerprint.
 
+   If --timestamp is given an OpenPGP key will be created using this
+   value.  The value needs to be in ISO Format; e.g.
+   "--timestamp=20030316T120000" and after 1970-01-01 00:00:00.
+
    The public part of the key can also later be retrieved using the
    READKEY command.
 
@@ -1143,19 +1184,28 @@ cmd_genkey (assuan_context_t ctx, char *line)
   ctrl_t ctrl = assuan_get_pointer (ctx);
   int rc;
   char *keyno;
-  int force = has_option (line, "--force");
+  int force;
+  const char *s;
+  time_t timestamp;
 
   if ( IS_LOCKED (ctrl) )
     return gpg_error (GPG_ERR_LOCKED);
 
-  /* Skip over options. */
-  while ( *line == '-' && line[1] == '-' )
+  force = has_option (line, "--force");
+
+  if ((s=has_option_name (line, "--timestamp")))
     {
-      while (*line && !spacep (line))
-        line++;
-      while (spacep (line))
-        line++;
+      if (*s != '=')
+        return set_error (GPG_ERR_ASS_PARAMETER, "missing value for option");
+      timestamp = isotime2epoch (s+1);
+      if (timestamp < 1)
+        return set_error (GPG_ERR_ASS_PARAMETER, "invalid time value");
     }
+  else
+    timestamp = 0;
+
+
+  line = skip_options (line);
   if (!*line)
     return set_error (GPG_ERR_ASS_PARAMETER, "no key number given");
   keyno = line;
@@ -1172,7 +1222,8 @@ cmd_genkey (assuan_context_t ctx, char *line)
   keyno = xtrystrdup (keyno);
   if (!keyno)
     return out_of_core ();
-  rc = app_genkey (ctrl->app_ctx, ctrl, keyno, force? 1:0, pin_cb, ctx);
+  rc = app_genkey (ctrl->app_ctx, ctrl, keyno, force? 1:0,
+                   timestamp, pin_cb, ctx);
   xfree (keyno);
 
   TEST_CARD_REMOVAL (ctrl, rc);
author	Werner Koch <[email protected]>	2007-07-05 16:58:19 +0000
committer	Werner Koch <[email protected]>	2007-07-05 16:58:19 +0000
commit	4631bc8ddf86b3917bf786c315273d8b1c7798e8 (patch)
tree	2022343674f6703aefb41f2e142765ba319dbf5f /scd
parent	2007-07-05 Marcus Brinkmann <[email protected]> (diff)
download	gnupg-4631bc8ddf86b3917bf786c315273d8b1c7798e8.tar.gz gnupg-4631bc8ddf86b3917bf786c315273d8b1c7798e8.zip