diff options
Diffstat (limited to 'scd')
| -rw-r--r-- | scd/ChangeLog | 6 | ||||
| -rw-r--r-- | scd/app-openpgp.c | 25 | ||||
| -rw-r--r-- | scd/command.c | 8 |
3 files changed, 30 insertions, 9 deletions
diff --git a/scd/ChangeLog b/scd/ChangeLog index 0a614c855..9c4d03592 100644 --- a/scd/ChangeLog +++ b/scd/ChangeLog @@ -1,3 +1,9 @@ +2011-06-16 Werner Koch <[email protected]> + + * app-openpgp.c (send_key_data): Implemented chunked mode. + (change_keyattr): Increase limit to 4096. + (do_decipher): Adjust padding for 4096 bit keys. + 2011-02-23 Werner Koch <[email protected]> * apdu.c (apdu_open_reader): Lock in to CCID if used once. diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 660519059..fef17faa9 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -756,20 +756,29 @@ static void send_key_data (ctrl_t ctrl, const char *name, const unsigned char *a, size_t alen) { - char *buf; + char *buffer, *buf; + size_t buflen; - buf = bin2hex (a, alen, NULL); - if (!buf) + buffer = buf = bin2hex (a, alen, NULL); + if (!buffer) { log_error ("memory allocation error in send_key_data\n"); return; } + buflen = strlen (buffer); + /* 768 is the hexified size for the modulus of an 3072 bit key. We + use extra chunks to transmit larger data (i.e for 4096 bit). */ + for ( ;buflen > 768; buflen -= 768, buf += 768) + send_status_info (ctrl, "KEY-DATA", + "-", 1, + buf, 768, + NULL, 0); send_status_info (ctrl, "KEY-DATA", name, (size_t)strlen(name), - buf, (size_t)strlen (buf), + buf, buflen, NULL, 0); - xfree (buf); + xfree (buffer); } @@ -2365,7 +2374,7 @@ change_keyattr (app_t app, int keyno, unsigned int nbits, assert (keyno >=0 && keyno <= 2); - if (nbits > 3072) + if (nbits > 4096) return gpg_error (GPG_ERR_TOO_LARGE); /* Read the current attributes into a buffer. */ @@ -2823,7 +2832,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, already lead to a 527 byte long status line and thus a 4096 bit key would exceed the Assuan line length limit. */ keybits = app->app_local->keyattr[keyno].n_bits; - if (keybits > 3072) + if (keybits > 4096) return gpg_error (GPG_ERR_TOO_LARGE); /* Prepare for key generation by verifying the Admin PIN. */ @@ -3377,6 +3386,8 @@ do_decipher (app_t app, const char *keyidstr, fixuplen = 256 - indatalen; else if (indatalen >= (384-16) && indatalen < 384) /* 3072 bit key. */ fixuplen = 384 - indatalen; + else if (indatalen >= (512-16) && indatalen < 512) /* 4096 bit key. */ + fixuplen = 512 - indatalen; else fixuplen = 0; diff --git a/scd/command.c b/scd/command.c index be11ccb77..a579b24eb 100644 --- a/scd/command.c +++ b/scd/command.c @@ -1288,11 +1288,15 @@ static const char hlp_genkey[] = "\n" "Generate a key on-card identified by NO, which is application\n" "specific. Return values are application specific. For OpenPGP\n" - "cards 2 status lines are returned:\n" + "cards 3 status lines are returned:\n" "\n" " S KEY-FPR <hexstring>\n" " S KEY-CREATED-AT <seconds_since_epoch>\n" - " S KEY-DATA [p|n] <hexdata>\n" + " S KEY-DATA [-|p|n] <hexdata>\n" + "\n" + " 'p' and 'n' are the names of the RSA parameters; '-' is used to\n" + " indicate that HEXDATA is the first chunk of a parameter given\n" + " by the next KEY-DATA.\n" "\n" "--force is required to overwrite an already existing key. The\n" "KEY-CREATED-AT is required for further processing because it is\n" |