| Commit message (Collapse) | Author | Files | Lines |
|---|
|
--
This is helpful for backporting other changes.
|
|
--
This is helpful for backporting other changes.
|
|
* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg
r_algo. Change all callers.
(app_help_get_keygrip_string): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/app-common.h (struct app_ctx_s): Add parameter ctrl to function
pointers for readkey, setattr, sign, auth, decipher, and check_pin.
--
This is a yet another patch to allow for easier backporting.
|
|
* scd/app-common.h (cardtype_t): New.
(apptype_t): New.
(struct app_ctx_s): Change type of field apptype. Add fields
appversion and cardtype. Adjust all app-*.c for the new type.
* scd/app.c (supported_app_list): New.
(strapptype): New.
(apptype_from_name): New.
(app_dump_state): Use strapptype.
(app_write_learn_status): Ditto.
(app_getattr): Ditto.
(check_conflict): Use apptype_from_name and integer comparison.
* scd/app-openpgp.c: Replace app->card_version by app->appversion.
--
This is another patch to make backporting from 2.3 easier.
|
|
* scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New.
(APP_READKEY_FLAG_INFO): New.
(APP_LEARN_FLAG_KEYPAIRINFO): New.
(APP_LEARN_FLAG_MULTI): New.
(struct app_ctx_s): New forward declaration.
(struct app_ctx_s): Add members prep_reselect, reselect, and
with_keygrip.
(KEYGRIP_ACTION_SEND_DATA): New.
(KEYGRIP_ACTION_WRITE_STATUS): New.
(KEYGRIP_ACTION_LOOKUP): New.
(APP_CARD): New macro.
* scd/scdaemon.h: Include app-common.h and remove from all other
files.
(app_t): Move typedef to ...
* scd/app-common.h: here.
--
These changes will make it easier to backport changes from 2.3 to 2.2.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg
r_pkey and change all callers.
(app_help_get_keygrip_string): Ditto.
* scd/app-p15.c (struct cdf_object_s): Use bit flags
(struct aodf_object_s): Ditto. Add field 'fid'.
(struct prkdf_object_s): Ditto. Add fields keygrip, keyalgo, and
keynbits.
(parse_certid): Allow a keygrip instead of a certid aka keyref.
(read_ef_aodf): Store the FID.
(keygripstr_from_prkdf): Rename to ...
(keygrip_from_prkdf): this. Remove arg r_gripstr and implement cache.
Change callers to directly use the values from the object. Also store
the algo and length of the key ion the object.
(keyref_from_keyinfo): New. Factored out code.
(do_sign): Support SHA-256 and >2048 bit RSA keys.
common/scd:p15: Support signing with CardOS 5 cards.
* common/util.h (KEYGRIP_LEN): New.
--
This has been tested with a D-Trust card featuring 3072 bit keys.
Note that non-repudiation key for a qualified signature does not yet
work because we do not yet support rsaPSS padding. Thus a gpgsm
--learn shows a couple of Bad Signature errors for this key.
Signed-off-by: Werner Koch <[email protected]>
Back ported from master:
- Removed do_with_keygrip
- Added KEYGRIP_LEN
- app_help_get_keygrip_string_pk actually added.
- Move keygrip_from_prkdf in do_sign before the verification.
It used to work in master only because there it is implictly
called prior to signing by do_with_keygrip
Signed-off-by: Werner Koch <[email protected]>
|
|
* dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* g10/Makefile.am (AM_CPPFLAGS): Ditto.
* g13/Makefile.am (AM_CPPFLAGS): Ditto.
* kbx/Makefile.am (AM_CPPFLAGS): Ditto.
* scd/Makefile.am (AM_CPPFLAGS): Ditto.
* sm/Makefile.am (AM_CPPFLAGS): Ditto.
* tools/Makefile.am (AM_CPPFLAGS): Ditto.
* Throughout: Follow the change.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-dinsig.c (do_sign): Remove assignment to HASHALGO.
* scd/app-p15.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_aodf): Likewise.
(read_ef_cdf): Change the control to parse_error.
* scd/app-sc-hsm.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_prkd): Remove assign to S.
(read_ef_prkd): Check if PRKDF is not null.
(read_ef_cd): Likewise for CDF.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/iso7816.c (iso7816_select_file, iso7816_select_path): Remove
unused arguments.
* scd/app-dinsig.c (do_readcert): Follow the change.
* scd/app-help.c (app_help_read_length_of_cert): Likewise.
* scd/app-nks.c (keygripstr_from_pk_file, do_readcert, do_readkey)
(switch_application): Likewise.
* scd/app-p15.c (select_and_read_binary, select_ef_by_path)
(micardo_mse, app_select_p15): Likewise.
* scd/app.c (app_new_register): Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
--
This fixes extra word repetitions (like "the the" or "is is") in the
code and docs.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
|
--
|
|
* NEWS: Mention scd changes.
* agent/divert-scd.c (getpin_cb): Change message.
* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.
* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.
* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.
* scd/iso7816.h (iso7816_check_pinpad): Rename.
* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.
* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.
* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.
* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.
* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.
* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.
* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
|
|
* scd/iso7816.h (struct pininfo_s): Remove MODE and add FIXEDLEN.
* scd/app-dinsig.c (verify_pin): Initialize FIXEDLEN to unknown.
* scd/app-nks.c (verify_pin): Likewise.
* scd/app-openpgp.c (verify_a_chv, verify_chv3, do_change_pin):
Likewise.
* scd/apdu.c (check_pcsc_keypad): Add comment.
(pcsc_keypad_verify, pcsc_keypad_modify): PC/SC driver only support
readers with the feature of variable length input (yet).
(apdu_check_keypad): Set FIXEDLEN.
* scd/ccid-driver.c (ccid_transceive_secure): Add GEMPC_PINPAD
specific settings.
Support fixed length PIN input for keypad.
|
|
* scd/iso7816.h (struct pininfo_s): Rename from iso7816_pininfo_s.
Change meaning of MODE.
(pininfo_t): Rename from iso7816_pininfo_t.
* scd/sc-copykeys.c: Include "iso7816.h".
* scd/scdaemon.c, scd/command.c: Likewise.
* scd/ccid-driver.c: Include "scdaemon.h" and "iso7816.h".
(ccid_transceive_secure): Follow the change of PININFO_T.
* scd/app.c: Include "apdu.h" after "iso7816.h".
* scd/iso7816.c (iso7816_check_keypad, iso7816_verify_kp)
(iso7816_change_reference_data_kp): Follow the change of API.
* scd/apdu.c (struct reader_table_s): Change API of CHECK_KEYPAD,
KEYPAD_VERIFY, KEYPAD_MODIFY to have arg of PININFO_T.
(check_pcsc_keypad, check_ccid_keypad): Likewise.
(apdu_check_keypad, apdu_keypad_verify, apdu_keypad_modify): Likewise.
(pcsc_keypad_verify, pcsc_keypad_modify, ct_send_apdu)
(pcsc_send_apdu_direct, pcsc_send_apdu_wrapped, pcsc_send_apdu)
(send_apdu_ccid, ccid_keypad_operation, my_rapdu_send_apdu, send_apdu)
(send_le): Follow the change of API.
* scd/apdu.h (apdu_check_keypad, apdu_keypad_verify)
(apdu_keypad_modify): Change the API.
* scd/app-dinsig.c, scd/app-nks.c, scd/app-openpgp.c: Follow the
change.
|
|
Before this change, it is layered like following:
iso7816_verify
iso7816_verify_kp
apdu_send_simple, apdu_send_simple_kp
...
After this change, it will be layered like:
iso7816_verify iso7816_verify_kp
apdu_send_simple apdu_keypad_verify
...
and apdu_send_simple_kp will be deprecated.
For PC/SC API, we use:
SCardControl API to compose CCID PC_to_RDR_Secure message
SCardTransmit API to compose CCID PC_to_RDR_XfrBlock message
Considering the support of PC/SC, we have nothing to share between _kp
version of iso7816_* and no _kp version.
|
|
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
|
|
|
|
Extend SCD LEARN command.
|
|
|
|
Support restriction attribute.
Fix utf-8 printing problems.
Use AES by default.
|
|
Removed intl/.
|
|
DINSIG and NKS card applications are now also PIN pad aware.
|
|
|
|
|
|
|
|
gpg-agent accordingly. Code cleanups.
|
|
* app-nks.c (get_length_of_cert): Removed.
* app-help.c: New.
(app_help_read_length_of_cert): New. Code taken from above. New
optional arg R_CERTOFF.
* card-dinsig.c: Removed.
* card.c (card_get_serial_and_stamp): Do not bind to the old and
never finsiged card-dinsig.c.
* iso7816.c (iso7816_read_binary): Allow for an NMAX > 254.
|
|
smartcard applications.
|
