From 905b6a36d3ca21b2f619721e1de892398e5eb759 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 6 Nov 2012 12:02:25 +0100 Subject: Allow decryption with card keys > 3072 bits * scd/command.c (MAXLEN_SETDATA): New. (cmd_setdata): Add option --append. * agent/call-scd.c (agent_card_pkdecrypt): Use new option for long data. * scd/app-openpgp.c (struct app_local_s): Add field manufacturer. (app_select_openpgp): Store manufacturer. (do_decipher): Print a note for broken cards. -- Please note that I was not able to run a full test because I only have broken cards (S/N < 346) available. --- scd/app-openpgp.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'scd/app-openpgp.c') diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 9c8ef59cb..5a9214c1c 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -158,6 +158,8 @@ struct app_local_s { unsigned char status_indicator; /* The card status indicator. */ + unsigned int manufacturer:16; /* Manufacturer ID from the s/n. */ + /* Keep track of the ISO card capabilities. */ struct { @@ -3474,6 +3476,12 @@ do_decipher (app_t app, const char *keyidstr, indata, indatalen, le_value, padind, outdata, outdatalen); xfree (fixbuf); + + if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */ + && app->app_local->manufacturer == 5 + && app->card_version == 0x0200) + log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)" + " do not work with encryption keys > 2048 bits\n"); } return rc; @@ -3761,6 +3769,8 @@ app_select_openpgp (app_t app) goto leave; } + app->app_local->manufacturer = manufacturer; + if (app->card_version >= 0x0200) app->app_local->extcap.is_v2 = 1; -- cgit v1.2.3