diff options
| author | Werner Koch <[email protected]> | 2019-02-05 13:48:49 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-02-11 09:59:22 +0000 |
| commit | 6651a0640d0f1b4dd161210dc55974d9b93b7253 (patch) | |
| tree | f77ff7c35faa64b241dca622e3cae9ede1d4920a | |
| parent | gpg: Emit an ERROR status if no key was found with --list-keys. (diff) | |
| download | gnupg-6651a0640d0f1b4dd161210dc55974d9b93b7253.tar.gz gnupg-6651a0640d0f1b4dd161210dc55974d9b93b7253.zip | |
scd: Allow standard keyref scheme for app-openpgp.
* scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with
"OPENPGP."
--
The generic keyref allows for better error detection in case a keyref
is send to a wrong card. This has been taken from master commit
3231ecdafd71ac47b734469b07170756979ede72 which has additional changed
for gpg-card-tool, which is only available there.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | doc/wks.texi | 2 | ||||
| -rw-r--r-- | scd/app-openpgp.c | 15 | ||||
| -rw-r--r-- | scd/iso7816.c | 1 |
3 files changed, 16 insertions, 2 deletions
diff --git a/doc/wks.texi b/doc/wks.texi index d6798b1ab..7a19e75ff 100644 --- a/doc/wks.texi +++ b/doc/wks.texi @@ -124,7 +124,7 @@ Requires installation of that command. @item --with-colons @opindex with-colons This option has currently only an effect on the @option{--supported} -command. If it is used all arguimenst on the command line are taken +command. If it is used all arguments on the command line are taken as domain names and tested for WKD support. The output format is one line per domain with colon delimited fields. The currently specified fields are (future versions may specify additional fields): diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 760332ef9..db206f5d9 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -2563,6 +2563,8 @@ do_writecert (app_t app, ctrl_t ctrl, - 2 1 Verify CHV2 and set a new CHV1 and CHV2. - 2 2 Verify Reset Code and set a new PW1. - 3 any Verify CHV3/PW3 and set a new CHV3/PW3. + + The CHVNO can be prefixed with "OPENPGP.". */ static gpg_error_t do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, @@ -2571,7 +2573,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, void *pincb_arg) { int rc = 0; - int chvno = atoi (chvnostr); + int chvno; char *resetcode = NULL; char *oldpinvalue = NULL; char *pinvalue = NULL; @@ -2585,6 +2587,17 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, (void)ctrl; + if (digitp (chvnostr)) + chvno = atoi (chvnostr); + else if (!ascii_strcasecmp (chvnostr, "OPENPGP.1")) + chvno = 1; + else if (!ascii_strcasecmp (chvnostr, "OPENPGP.2")) + chvno = 2; + else if (!ascii_strcasecmp (chvnostr, "OPENPGP.3")) + chvno = 3; + else + return gpg_error (GPG_ERR_INV_ID); + memset (&pininfo, 0, sizeof pininfo); pininfo.fixedlen = -1; pininfo.minlen = minlen; diff --git a/scd/iso7816.c b/scd/iso7816.c index 9e550736b..b7819bfc9 100644 --- a/scd/iso7816.c +++ b/scd/iso7816.c @@ -330,6 +330,7 @@ iso7816_change_reference_data (int slot, int chvno, sw = apdu_send_simple (slot, 0, 0x00, CMD_CHANGE_REFERENCE_DATA, oldchvlen? 0 : 1, chvno, oldchvlen+newchvlen, buf); + wipememory (buf, oldchvlen+newchvlen); xfree (buf); return map_sw (sw); |