| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* scd/ccid-driver.c (MAX_DEVICE): Rename to CCID_MAX_DEVICE.
--
Just for documentation reasons.
|
|
* scd/ccid-driver.c: Move struct defines to the top.
--
|
|
* scd/ccid-driver.c (ccid_dev_scan): Use loop var and not the count.
--
Due to an assignment out of bounds this might lead to a crash if there
are more than 15 readers. In any case it fixes a memory leak.
Kudos to the friendly auditor who found that bug.
Fixes-commit: 8a41e73c31adb86d4a7dca4da695e5ad1347811f
|
|
* scd/app-p15.c (CARD_PRODUCT_GENUA): New.
(cardproduct2str): Add it.
(read_p15_info): Detect and set GENUA
(make_pin_prompt): Take holder string from the AODF.
|
|
* scd/app-p15.c (read_p15_info): Disable extended mode for Genua
cards.
|
|
* scd/command.c (scd_command_handler): Use gnupg_fd_t for the argument
but no INT2FD to listen. Use GNUPG_INVALID_FD.
* tpm2d/command.c (tpm2d_command_handler): Likewise.
* scd/scdaemon.c (start_connection_thread): Follow the change.
* tpm2d/tpm2daemon.c (start_connection_thread): Likewise.
* scd/scdaemon.h (scd_command_handler): Use gnupg_fd_t.
* tpm2d/tpm2daemon.h (tpm2d_command_handler): Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/scdaemon.c (main): Use gnupg_fd_t for socket, and use
assuan_sock_close for the socket allocated by assuan_sock_new.
(handle_connections): Use gnupg_fd_t for listen_fd.
Use assuan_sock_close for the socket by npth_accept.
--
GnuPG-bug-id: 5029
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app.c (app_send_devinfo): Fix for outputing once.
* scd/command.c (hlp_devinfo): Fix comment.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/command.c (cmd_passwd): Handle KEYGRIP optionally.
--
GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/command.c (cmd_serialno, cmd_getattr): Use 'while' instead of
'for'.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app.c (app_auth): It's only APPTYPE_OPENPGP which supports
the challenge response interaction.
* scd/command.c (cmd_pkauth): It only wants if it works or not.
--
GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-openpgp.c (rmd160_prefix, sha1_prefix, sha224_prefix)
(sha256_prefix, sha384_prefix, sha512_prefix): Move the scope up.
(gen_challenge): New.
(do_auth): Support challenge-response check if it signs correctly.
* scd/app.c (app_auth): Remove the check INDATA and INDATALEN.
* scd/command.c (cmd_pkauth): Support --challenge-response option.
--
GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/command.c (do_readkey): Support --format=ssh option.
* common/ssh-utils.c (ssh_public_key_in_base64): New.
* common/ssh-utils.h (ssh_public_key_in_base64): New declaration.
--
Code duplication (agent/command-ssh.c) will be cleaned up later.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-p15.c (do_sign, do_decipher): Replace GT by GE.
--
|
|
* scd/apdu.c (apdu_open_reader): Make sure dl->idx is always
incremented to handle error from open_pcsc_reader correctly.
--
Reported-by: Anže Jenšterle
GnuPG-bug-id: 5758
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-openpgp.c (do_auth): Use extended Lc, when supported.
--
GnuPG-bug-id: 5682
Co-authored-by: Klas Lindfors
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/command.c (cmd_readkey): Free allocated memory on failure path.
--
GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <[email protected]>
|
|
--
|
|
* scd/app.c (app_send_devinfo): Factor out lock/unlock.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app.c (struct mrsw_lock): Add notify_cond member.
(notify_cond): Remove.
(card_list_r_lock, card_list_r_unlock): Rename.
(card_list_w_lock, card_list_w_unlock): Rename.
(card_list_signal, card_list_wait): New, fixing thinko about
notify/wakeup with MRSW lock.
(app_send_devinfo): Support looping.
(select_application): Notify app_send_devinfo thread for newly
detected device.
(initialize_module_command): Initialize notify_cond member.
(app_wait): Remove.
* scd/command.c (cmd_devinfo): Use new API of app_send_devinfo.
* scd/scdaemon.h (app_wait): Remove.
--
GnuPG-bug-id: 5359
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* agent/findkey.c (unprotect): Use gnupg_sleep.
* agent/gpg-agent.c (handle_connections): Likewise.
* dirmngr/crlfetch.c (handle_connections): Likewise.
* kbx/keyboxd.c (handle_connections): Likewise.
* tpm2d/tpm3daemon.c (handle_connections): Likewise.
* scd/scdaemon.c (handle_connections): Likewise.
* scd/command.c (cmd_lock): Likewise.
* dirmngr/ldap-wrapper.c (ldap_reaper_thread): Likewise.
(ldap_wrapper_wait_connections): Use gnupg_usleep.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* sm/certdump.c (parse_dn_part): Translate OID to "Callsign"
* sm/keylist.c (oidtranstbl): Some more OIDs.
--
This is Ham thingy to make it easier to read LotW certificates.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/apdu.c (apdu_dev_list_start): Increment PCSC.COUNT here.
(apdu_dev_list_finish): Decrement PCSC.COUNT.
--
GnuPG-bug-id: 5416
Fixes-commit: 32baa9acfb153004bdb2509f9516482b78f256a4
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app.c (app_get_challenge): Remove the check to ref_count.
* scd/command.c (send_client_notifications): Update comments.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app.c (maybe_switch_app): Remove check of ref_count.
--
Fixes-commit: 0d6b4210cf31d1c3ca0e8b034537a158fe3caca8
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-common.h (card_reset): Simplify more.
(select_additional_application): Supply CARD.
(card_ref, card_unref): Remove.
(card_get, card_put): New.
* scd/app.c (card_reset): No locking/unlocking inside.
(app_switch_current_card): Fix comment.
(select_additional_application): No locking/unlocking inside.
(do_with_keygrip): New, unlocked version.
(card_get): New, with support of KEYGRIP.
(card_unref): Remove.
(card_put): New.
(app_write_learn_status, app_readcert: No locking/unlocking inside.
(app_readkey, app_getattr, app_setattr, app_sign, app_auth): Likewise.
(app_decipher, app_writecert, app_writekey): Likewise.
(app_genkey, app_get_challenge, app_change_pin): Likewise.
(app_check_pin, app_switch_active_app): Likewise.
* scd/command.c (do_reset): Use card_get/card_put.
(open_card_with_request): Use card_get/card_put, return CARD locked.
(cmd_serialno): Follow the change of open_card_with_request.
(cmd_switchapp): Use card_get/card_put.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign): Likewise.
(cmd_pkauth, cmd_pkdecrypt, cmd_getattr): Likewise.
(cmd_setattr, cmd_writecert, cmd_writekey): Likewise.
(cmd_genkey, cmd_random, cmd_passwd): Likewise.
(cmd_checkpin, cmd_getinfo, cmd_restart): Likewise.
(cmd_disconnect, cmd_apdu, cmd_devinfo): Likewise.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-common.h (card_reset, select_application): Simplify.
* scd/app.c (card_reset, select_application): Simplify.
* scd/command.c (do_reset): Follow the change.
(open_card, open_card_with_request): Follow the change.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app.c (card_list_lock): Use MRSW lock.
(lock_r_card_list, unlock_r_card_list): New.
(lock_w_card_list, unlock_w_card_list): New.
(app_dump_state, app_send_devinfo): Use the MRSW lock.
(select_application, app_switch_current_card): Likewise.
(scd_update_reader_status_file): Likewise.
(initialize_module_command, send_card_and_app_list): Likewise.
(app_do_with_keygrip, app_wait): Likewise.
--
GnuPG-bug-id: 5524
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
--
|
|
* scd/app-common.h (check_aid): New method.
* scd/app-openpgp.c (do_check_aid): New.
* scd/app-piv.c (do_check_aid): New.
* scd/app.c (check_external_interference): New.
(maybe_switch_app): Check interference to determine switching is
needed.
--
GnuPG-bug-id: 5484
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/ccid-driver.c (intr_cb): Ignore LIBUSB_TRANSFER_OVERFLOW.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-p15.c (auth_type_t): New.
(struct aodf_object_s): Add field auth_type.
(read_ef_aodf): Distinguish between pin and authkey types. Include
the authtype in the verbose mode diags.
--
Note that the bulk of chnages are just indentation chnages. There
should be no functional change.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/app-p15.c (verify_pin): acii-numerix is different than BCD.
|
|
* scd/app-p15.c (CARD_TYPE_AET): New.
(cardtype2str): Add string.
(card_atr_list): Add corresponding ATR.
(app_local_s): New flag no_extended_mode. Turn two other flags into
bit flags.
(select_ef_by_path): Hack to handle the 3FFF thing.
(readcert_by_cdf): Do not use etxended mode for AET.
(app_select_p15): Set no_extended_mode.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/app-p15.c (read_ef_prkdf, read_ef_pukdf)
(read_ef_cdf, read_ef_aodf): Allow for a zero length path and
correctly skip unsupported auth types.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/iso7816.c (iso7816_read_binary_ext): Handle the 0x6a86 SW the
same as 6b00.
* scd/apdu.c (apdu_get_atr): Modify debug messages.
* scd/app-p15.c (app_select_p15): Print FCI on error.
(read_p15_info): Clean up diag in presence of debug options.
--
Some cards return 6a86 instead of 6b00.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/app.c (scd_update_reader_status_file): Clear ->reset_requested.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-openpgp.c (do_change_pin): Allow null-string.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
--
|
|
* scd/app.c (app_new_register): Handle serial number correctly.
--
GnuPG-bug-id: 5442
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/apdu.c (apdu_open_reader): READERNO should be -1 when
READER-PORT is specified for PC/SC.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-openpgp.c (ecc_writekey): Don't remove zero-byte.
--
Fixes-commit: a25c99b156ca9acaa7712e9c09a6df0a7a23c833
GnuPG-bug-id: 5163
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/app-p15.c (send_certinfo): free labelbuf
(do_sign): goto leave instead of return
* scd/app-piv.c (do_sign): goto leave instead of return, fix typo in
variable name, avoid using uninitialized variables
* scd/command.c (cmd_genkey): goto leave instead of return
--
Signed-off-by: Jakub Jelen <[email protected]>
GnuPG-bug-id: 5393
|
|
* scd/app-p15.c (do_getattr): Append product name to MANUFACTURER if
manufacturer_id does not already contain a bracket and if we have a
product name.
|
|
* scd/apdu.c (apdu_dev_list_finish): Fix for calling
release_pcsc_context.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* agent/command-ssh.c (ssh_handler_request_identities): Remove double
check of ERR.
* g10/getkey.c (get_pubkey_byname): Remove double use of break.
* g10/pkglue.c (pk_encrypt): Handle possible NULL-ptr access due to
failed malloc.
Signed-off-by: Werner Koch <[email protected]>
|
|
* scd/apdu.c (apdu_dev_list_start): Remove locking READER_TABLE_LOCK.
Don't increment PCSC.COUNT here.
(apdu_dev_list_finish): Don't decrement PCSC.COUNT here.
(apdu_open_reader): Protect access with READER_TABLE_LOCK.
--
GnuPG-bug-id: 5416
Fixes-commit: 8d81fd7c01e8dfacc719ff190f8e364014e32fdf
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* scd/apdu.c (close_pcsc_reader): Don't touch .RDRNAME field.
(apdu_dev_list_finish): Clear .RDRNAME field and replace call of
close_pcsc_reader by release_pcsc_context. Add assertion.
--
GnuPG-bug-id: 5416
Signed-off-by: NIIBE Yutaka <[email protected]>
|
