diff options
| -rw-r--r-- | g10/card-util.c | 35 | ||||
| -rw-r--r-- | scd/app-openpgp.c | 18 |
2 files changed, 48 insertions, 5 deletions
diff --git a/g10/card-util.c b/g10/card-util.c index 779e9d8e7..b95efa8ba 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -2109,6 +2109,28 @@ kdf_setup (const char *args) leave: agent_release_card_info (&info); } + +static void +uif (int arg_number, const char *arg_rest) +{ + gpg_error_t err; + char name[100]; + unsigned char data[2]; + + snprintf (name, sizeof name, "UIF-%d", arg_number); + if ( !strcmp (arg_rest, "off") ) + data[0] = 0x00; + else if ( !strcmp (arg_rest, "on") ) + data[0] = 0x01; + else if ( !strcmp (arg_rest, "permanent") ) + data[0] = 0x02; + + data[1] = 0x20; + + err = agent_scd_setattr (name, data, 2, NULL); + if (err) + log_error (_("error for setup UIF: %s\n"), gpg_strerror (err)); +} /* Data used by the command parser. This needs to be outside of the function scope to allow readline based command completion. */ @@ -2119,7 +2141,7 @@ enum cmdids cmdNAME, cmdURL, cmdFETCH, cmdLOGIN, cmdLANG, cmdSEX, cmdCAFPR, cmdFORCESIG, cmdGENERATE, cmdPASSWD, cmdPRIVATEDO, cmdWRITECERT, cmdREADCERT, cmdUNBLOCK, cmdFACTORYRESET, cmdKDFSETUP, - cmdKEYATTR, + cmdKEYATTR, cmdUIF, cmdINVCMD }; @@ -2151,10 +2173,11 @@ static struct { "generate", cmdGENERATE, 1, N_("generate new keys")}, { "passwd" , cmdPASSWD, 0, N_("menu to change or unblock the PIN")}, { "verify" , cmdVERIFY, 0, N_("verify the PIN and list all data")}, - { "unblock" , cmdUNBLOCK,0, N_("unblock the PIN using a Reset Code") }, + { "unblock" , cmdUNBLOCK,0, N_("unblock the PIN using a Reset Code")}, { "factory-reset", cmdFACTORYRESET, 1, N_("destroy all keys and data")}, { "kdf-setup", cmdKDFSETUP, 1, N_("setup KDF for PIN authentication")}, { "key-attr", cmdKEYATTR, 1, N_("change the key attribute")}, + { "uif", cmdUIF, 1, N_("change the User Interaction Flag")}, /* Note, that we do not announce these command yet. */ { "privatedo", cmdPRIVATEDO, 0, NULL }, { "readcert", cmdREADCERT, 0, NULL }, @@ -2446,6 +2469,14 @@ card_edit (ctrl_t ctrl, strlist_t commands) key_attr (); break; + case cmdUIF: + if ( arg_number < 1 || arg_number > 3 ) + tty_printf ("usage: uif N [on|off|permanent]\n" + " 1 <= N <= 3\n"); + else + uif (arg_number, arg_rest); + break; + case cmdQUIT: goto leave; diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index c17452555..8df9fab0a 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -119,8 +119,11 @@ static struct { { 0x0104, 0, 0, 0, 0, 0, 0, 2, "Private DO 4"}, { 0x7F21, 1, 0, 1, 0, 0, 0, 1, "Cardholder certificate"}, /* V3.0 */ - { 0x7F74, 0, 0, 1, 0, 0, 0, 0, "General Feature Management"}, + { 0x7F74, 0, 0x6E, 1, 0, 0, 0, 0, "General Feature Management"}, { 0x00D5, 0, 0, 1, 0, 0, 0, 0, "AES key data"}, + { 0x00D6, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for Signature"}, + { 0x00D7, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for decryption"}, + { 0x00D8, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for authentication"}, { 0x00F9, 0, 0, 1, 0, 0, 0, 0, "KDF data object"}, { 0 } }; @@ -985,6 +988,9 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) { "PRIVATE-DO-4", 0x0104 }, { "$AUTHKEYID", 0x0000, -3 }, { "$DISPSERIALNO",0x0000, -4 }, + { "UIF-1", 0x00D6, 0 }, + { "UIF-2", 0x00D7, 0 }, + { "UIF-3", 0x00D8, 0 }, { "KDF", 0x00F9 }, { NULL, 0 } }; @@ -1827,6 +1833,9 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) do_getattr (app, ctrl, "CA-FPR"); do_getattr (app, ctrl, "CHV-STATUS"); do_getattr (app, ctrl, "SIG-COUNTER"); + do_getattr (app, ctrl, "UIF-1"); + do_getattr (app, ctrl, "UIF-2"); + do_getattr (app, ctrl, "UIF-3"); if (app->app_local->extcap.private_dos) { do_getattr (app, ctrl, "PRIVATE-DO-1"); @@ -2459,6 +2468,9 @@ do_setattr (app_t app, const char *name, { "SM-KEY-MAC", 0x00D2, 3, 0, 1 }, { "KEY-ATTR", 0, 0, 3, 1 }, { "AESKEY", 0x00D5, 3, 0, 1 }, + { "UIF-1", 0x00D6, 3, 0, 1 }, + { "UIF-2", 0x00D7, 3, 0, 1 }, + { "UIF-3", 0x00D8, 3, 0, 1 }, { "KDF", 0x00F9, 3, 4, 1 }, { NULL, 0 } }; @@ -2839,10 +2851,10 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */ } else - { + { rc = pin2hash_if_kdf (app, chvno, oldpinvalue, &pinlen0); if (!rc) - rc = pin2hash_if_kdf (app, chvno, pinvalue, &pinlen); + rc = pin2hash_if_kdf (app, chvno, pinvalue, &pinlen); if (!rc) rc = iso7816_change_reference_data (app->slot, 0x80 + chvno, oldpinvalue, pinlen0, |