diff options
| author | Werner Koch <[email protected]> | 2009-05-13 11:42:34 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2009-05-13 11:42:34 +0000 |
| commit | a766a37290cf334d5eead1041ea271a5d714d66f (patch) | |
| tree | c3b804cebf89ec95903775e9e1ebb4ec5ea86257 | |
| parent | Fix bug 1045. (diff) | |
| download | gnupg-a766a37290cf334d5eead1041ea271a5d714d66f.tar.gz gnupg-a766a37290cf334d5eead1041ea271a5d714d66f.zip | |
Print keyid in gpg --list-packets.
Add some not yet code to app-nks.c
Changed batch mode expiration time computation
| -rw-r--r-- | g10/ChangeLog | 7 | ||||
| -rw-r--r-- | g10/keygen.c | 8 | ||||
| -rw-r--r-- | g10/parse-packet.c | 10 | ||||
| -rw-r--r-- | scd/ChangeLog | 4 | ||||
| -rw-r--r-- | scd/apdu.c | 4 | ||||
| -rw-r--r-- | scd/app-nks.c | 93 |
6 files changed, 121 insertions, 5 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 3ed1e5c7a..ef51b4a77 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,12 @@ +2009-05-13 Werner Koch <[email protected]> + + * keygen.c (parse_expire_string): Base ISO date string at noon. + Also allow full ISO timestamp. + 2009-05-11 Werner Koch <[email protected]> + * parse-packet.c (parse_key): Print the key id in list mode. + * skclist.c (build_sk_list): Use log_info for "duplicated entry". Fixes bug#1045. diff --git a/g10/keygen.c b/g10/keygen.c index 6a37471cb..8afa74e3e 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1799,13 +1799,17 @@ parse_expire_string( const char *string ) u32 seconds; u32 abs_date = 0; u32 curtime = make_timestamp (); + time_t tt; if (!*string) seconds = 0; else if (!strncmp (string, "seconds=", 8)) seconds = atoi (string+8); - else if ((abs_date = scan_isodatestr(string)) && abs_date > curtime) - seconds = abs_date - curtime; + else if ((abs_date = scan_isodatestr(string)) + && (abs_date+86400/2) > curtime) + seconds = (abs_date+86400/2) - curtime; + else if ((tt = isotime2epoch (string)) != (time_t)(-1)) + seconds = (u32)tt - curtime; else if ((mult = check_valid_days (string))) seconds = atoi (string) * 86400L * mult; else diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 57f94cd85..fd01e7635 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1672,6 +1672,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, int npkey, nskey; int is_v4=0; int rc=0; + u32 keyid[2]; (void)hdr; @@ -1997,6 +1998,9 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, fprintf (listfp, "\tchecksum: %04hx\n", sk->csum); } } + + if (list_mode) + keyid_from_sk (sk, keyid); } else { PKT_public_key *pk = pkt->pkt.public_key; @@ -2021,8 +2025,14 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, } if (rc) goto leave; + if (list_mode) + keyid_from_pk (pk, keyid); } + if (list_mode) + fprintf (listfp, "\tkeyid: %08lX%08lX\n", + (ulong)keyid[0], (ulong)keyid[1]); + leave: iobuf_skip_rest(inp, pktlen, 0); return rc; diff --git a/scd/ChangeLog b/scd/ChangeLog index 1ac95859b..60af202f2 100644 --- a/scd/ChangeLog +++ b/scd/ChangeLog @@ -1,3 +1,7 @@ +2009-05-11 Werner Koch <[email protected]> + + * apdu.c (send_le): Replace log_error by log_info. + 2009-05-08 Werner Koch <[email protected]> * app-openpgp.c (do_genkey): Allow larger key sizes. diff --git a/scd/apdu.c b/scd/apdu.c index 219dda04b..568f5cb97 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -3000,8 +3000,8 @@ send_le (int slot, int class, int ins, int p0, int p1, rc = send_apdu (slot, apdu, apdulen, result, &resultlen, pininfo); if (rc || resultlen < 2) { - log_error ("apdu_send_simple(%d) failed: %s\n", - slot, apdu_strerror (rc)); + log_info ("apdu_send_simple(%d) failed: %s\n", + slot, apdu_strerror (rc)); unlock_slot (slot); return rc? rc : SW_HOST_INCOMPLETE_CARD_RESPONSE; } diff --git a/scd/app-nks.c b/scd/app-nks.c index 7e6c7f9a8..53435c360 100644 --- a/scd/app-nks.c +++ b/scd/app-nks.c @@ -666,6 +666,97 @@ do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen) } +/* Handle the WRITEKEY command for NKS. This function expects a + canonical encoded S-expression with the public key in KEYDATA and + its length in KEYDATALEN. The only supported KEYID is + "$IFDAUTHKEY" to store the terminal key on the card. Bit 0 of + FLAGS indicates whether an existing key shall get overwritten. + PINCB and PINCB_ARG are the usual arguments for the pinentry + callback. */ +static gpg_error_t +do_writekey (app_t app, ctrl_t ctrl, + const char *keyid, unsigned int flags, + gpg_error_t (*pincb)(void*, const char *, char **), + void *pincb_arg, + const unsigned char *keydata, size_t keydatalen) +{ + gpg_error_t err; + int force = (flags & 1); + const unsigned char *rsa_n = NULL; + const unsigned char *rsa_e = NULL; + size_t rsa_n_len, rsa_e_len; + unsigned int nbits; + + (void)ctrl; + (void)pincb; + (void)pincb_arg; + + if (!strcmp (keyid, "$IFDAUTHKEY") && app->app_local->nks_version >= 3) + ; + else + return gpg_error (GPG_ERR_INV_ID); + + if (!force && !do_readkey (app, keyid, NULL, NULL)) + return gpg_error (GPG_ERR_EEXIST); + + /* Parse the S-expression. */ + err = get_rsa_pk_from_canon_sexp (keydata, keydatalen, + &rsa_n, &rsa_n_len, &rsa_e, &rsa_e_len); + if (err) + goto leave; + + /* Check that the parameters match the requirements. */ + nbits = app_help_count_bits (rsa_n, rsa_n_len); + if (nbits != 1024) + { + log_error (_("RSA modulus missing or not of size %d bits\n"), 1024); + err = gpg_error (GPG_ERR_BAD_PUBKEY); + goto leave; + } + + nbits = app_help_count_bits (rsa_e, rsa_e_len); + if (nbits < 2 || nbits > 32) + { + log_error (_("RSA public exponent missing or larger than %d bits\n"), + 32); + err = gpg_error (GPG_ERR_BAD_PUBKEY); + goto leave; + } + +/* /\* Store them. *\/ */ +/* err = verify_pin (app, 0, NULL, pincb, pincb_arg); */ +/* if (err) */ +/* goto leave; */ + + /* Send the MSE:Store_Public_Key. */ + err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); +/* mse = xtrymalloc (1000); */ + +/* mse[0] = 0x80; /\* Algorithm reference. *\/ */ +/* mse[1] = 1; */ +/* mse[2] = 0x17; */ +/* mse[3] = 0x84; /\* Private key reference. *\/ */ +/* mse[4] = 1; */ +/* mse[5] = 0x77; */ +/* mse[6] = 0x7F; /\* Public key parameter. *\/ */ +/* mse[7] = 0x49; */ +/* mse[8] = 0x81; */ +/* mse[9] = 3 + 0x80 + 2 + rsa_e_len; */ +/* mse[10] = 0x81; /\* RSA modulus of 128 byte. *\/ */ +/* mse[11] = 0x81; */ +/* mse[12] = rsa_n_len; */ +/* memcpy (mse+12, rsa_n, rsa_n_len); */ +/* mse[10] = 0x82; /\* RSA public exponent of up to 4 bytes. *\/ */ +/* mse[12] = rsa_e_len; */ +/* memcpy (mse+12, rsa_e, rsa_e_len); */ +/* err = iso7816_manage_security_env (app->slot, 0x81, 0xB6, */ +/* mse, sizeof mse); */ + + leave: + return err; +} + + static gpg_error_t basic_pin_checks (const char *pinvalue, int minlen, int maxlen) { @@ -1309,7 +1400,7 @@ app_select_nks (app_t app) app->fnc.readkey = do_readkey; app->fnc.getattr = do_getattr; app->fnc.setattr = NULL; - app->fnc.writekey = NULL; + app->fnc.writekey = do_writekey; app->fnc.genkey = NULL; app->fnc.sign = do_sign; app->fnc.auth = NULL; |