diff options
| author | Werner Koch <[email protected]> | 2010-09-06 19:57:42 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2010-09-06 19:57:42 +0000 |
| commit | 299ed4c9e26f16ce5365ed69dde5e109aa4e4f9e (patch) | |
| tree | 76ec60edc1f48dff9ad7b1d968ebedab0692dc14 /g10/card-util.c | |
| parent | Merge secret keys during import (diff) | |
| download | gnupg-299ed4c9e26f16ce5365ed69dde5e109aa4e4f9e.tar.gz gnupg-299ed4c9e26f16ce5365ed69dde5e109aa4e4f9e.zip | |
Removed more secret key related code.
It builds fine and passes some of the tests but there are quite some
features which don't work yet.
Diffstat (limited to '')
| -rw-r--r-- | g10/card-util.c | 294 |
1 files changed, 150 insertions, 144 deletions
diff --git a/g10/card-util.c b/g10/card-util.c index 4b537bcb3..1dd7a9219 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -207,6 +207,9 @@ get_manufacturer (unsigned int no) case 0x0005: return "ZeitControl"; case 0x002A: return "Magrathea"; + + case 0xF517: return "FSIJ"; + /* 0x00000 and 0xFFFF are defined as test cards per spec, 0xFFF00 to 0xFFFE are assigned for use with randomly created serial numbers. */ @@ -581,6 +584,7 @@ card_status (estream_t fp, char *serialno, size_t serialnobuflen) print_pubkey_info (fp, pk); +#if GNUPG_MAJOR_VERSION == 1 if ( !get_seckeyblock_byfprint (&keyblock, thefpr, 20) ) print_card_key_info (fp, keyblock); else if ( !get_keyblock_byfprint (&keyblock, thefpr, 20) ) @@ -599,6 +603,7 @@ card_status (estream_t fp, char *serialno, size_t serialnobuflen) } release_kbnode (keyblock); +#endif /* GNUPG_MAJOR_VERSION == 1 */ } else tty_fprintf (fp, "[none]\n"); @@ -1514,150 +1519,151 @@ card_generate_subkey (KBNODE pub_keyblock, KBNODE sec_keyblock) int card_store_subkey (KBNODE node, int use) { - struct agent_card_info_s info; - int okay = 0; - int rc; - int keyno, i; - PKT_secret_key *copied_sk = NULL; - PKT_secret_key *sk; - size_t n; - const char *s; - int allow_keyno[3]; - unsigned int nbits; - - - assert (node->pkt->pkttype == PKT_SECRET_KEY - || node->pkt->pkttype == PKT_SECRET_SUBKEY); - sk = node->pkt->pkt.secret_key; - - if (get_info_for_key_operation (&info)) - return 0; - - if (!info.extcap.ki) - { - tty_printf ("The card does not support the import of keys\n"); - tty_printf ("\n"); - goto leave; - } - - show_card_key_info (&info); - - nbits = nbits_from_sk (sk); - - if (!is_RSA (sk->pubkey_algo) || (!info.is_v2 && nbits != 1024) ) - { - tty_printf ("You may only store a 1024 bit RSA key on the card\n"); - tty_printf ("\n"); - goto leave; - } - - allow_keyno[0] = (!use || (use & (PUBKEY_USAGE_SIG))); - allow_keyno[1] = (!use || (use & (PUBKEY_USAGE_ENC))); - allow_keyno[2] = (!use || (use & (PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH))); - - tty_printf (_("Please select where to store the key:\n")); - - if (allow_keyno[0]) - tty_printf (_(" (1) Signature key\n")); - if (allow_keyno[1]) - tty_printf (_(" (2) Encryption key\n")); - if (allow_keyno[2]) - tty_printf (_(" (3) Authentication key\n")); - - for (;;) - { - char *answer = cpr_get ("cardedit.genkeys.storekeytype", - _("Your selection? ")); - cpr_kill_prompt(); - if (*answer == CONTROL_D || !*answer) - { - xfree (answer); - goto leave; - } - keyno = *answer? atoi(answer): 0; - xfree(answer); - if (keyno >= 1 && keyno <= 3 && allow_keyno[keyno-1]) - { - if (info.is_v2 && !info.extcap.aac - && info.key_attr[keyno-1].nbits != nbits) - { - tty_printf ("Key does not match the card's capability.\n"); - } - else - break; /* Okay. */ - } - else - tty_printf(_("Invalid selection.\n")); - } - - if (replace_existing_key_p (&info, keyno)) - goto leave; - - /* Unprotect key. */ - switch (is_secret_key_protected (sk) ) - { - case 0: /* Not protected. */ - break; - case -1: - log_error (_("unknown key protection algorithm\n")); - goto leave; - default: - if (sk->protect.s2k.mode == 1001) - { - log_error (_("secret parts of key are not available\n")); - goto leave; - } - if (sk->protect.s2k.mode == 1002) - { - log_error (_("secret key already stored on a card\n")); - goto leave; - } - /* We better copy the key before we unprotect it. */ - copied_sk = sk = copy_secret_key (NULL, sk); - rc = 0/*check_secret_key (sk, 0)*/; - if (rc) - goto leave; - } - -#warning code save_unprotected_key_to_card - /* rc = save_unprotected_key_to_card (sk, keyno); */ - /* if (rc) */ - /* { */ - /* log_error (_("error writing key to card: %s\n"), gpg_strerror (rc)); */ - /* goto leave; */ - /* } */ - - /* Get back to the maybe protected original secret key. */ - if (copied_sk) - { - free_secret_key (copied_sk); - copied_sk = NULL; - } - sk = node->pkt->pkt.secret_key; - - /* Get rid of the secret key parameters and store the serial numer. */ - n = pubkey_get_nskey (sk->pubkey_algo); - for (i=pubkey_get_npkey (sk->pubkey_algo); i < n; i++) - { - gcry_mpi_release (sk->skey[i]); - sk->skey[i] = NULL; - } - i = pubkey_get_npkey (sk->pubkey_algo); - sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8); - sk->is_protected = 1; - sk->protect.s2k.mode = 1002; - s = info.serialno; - for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1]; - sk->protect.ivlen++, s += 2) - sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s); - - okay = 1; - - leave: - if (copied_sk) - free_secret_key (copied_sk); - agent_release_card_info (&info); - return okay; +/* struct agent_card_info_s info; */ +/* int okay = 0; */ +/* int rc; */ +/* int keyno, i; */ +/* PKT_secret_key *copied_sk = NULL; */ +/* PKT_secret_key *sk; */ +/* size_t n; */ +/* const char *s; */ +/* int allow_keyno[3]; */ +/* unsigned int nbits; */ + + +/* assert (node->pkt->pkttype == PKT_SECRET_KEY */ +/* || node->pkt->pkttype == PKT_SECRET_SUBKEY); */ +/* sk = node->pkt->pkt.secret_key; */ + +/* if (get_info_for_key_operation (&info)) */ +/* return 0; */ + +/* if (!info.extcap.ki) */ +/* { */ +/* tty_printf ("The card does not support the import of keys\n"); */ +/* tty_printf ("\n"); */ +/* goto leave; */ +/* } */ + +/* show_card_key_info (&info); */ + +/* nbits = nbits_from_sk (sk); */ + +/* if (!is_RSA (sk->pubkey_algo) || (!info.is_v2 && nbits != 1024) ) */ +/* { */ +/* tty_printf ("You may only store a 1024 bit RSA key on the card\n"); */ +/* tty_printf ("\n"); */ +/* goto leave; */ +/* } */ + +/* allow_keyno[0] = (!use || (use & (PUBKEY_USAGE_SIG))); */ +/* allow_keyno[1] = (!use || (use & (PUBKEY_USAGE_ENC))); */ +/* allow_keyno[2] = (!use || (use & (PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH))); */ + +/* tty_printf (_("Please select where to store the key:\n")); */ + +/* if (allow_keyno[0]) */ +/* tty_printf (_(" (1) Signature key\n")); */ +/* if (allow_keyno[1]) */ +/* tty_printf (_(" (2) Encryption key\n")); */ +/* if (allow_keyno[2]) */ +/* tty_printf (_(" (3) Authentication key\n")); */ + +/* for (;;) */ +/* { */ +/* char *answer = cpr_get ("cardedit.genkeys.storekeytype", */ +/* _("Your selection? ")); */ +/* cpr_kill_prompt(); */ +/* if (*answer == CONTROL_D || !*answer) */ +/* { */ +/* xfree (answer); */ +/* goto leave; */ +/* } */ +/* keyno = *answer? atoi(answer): 0; */ +/* xfree(answer); */ +/* if (keyno >= 1 && keyno <= 3 && allow_keyno[keyno-1]) */ +/* { */ +/* if (info.is_v2 && !info.extcap.aac */ +/* && info.key_attr[keyno-1].nbits != nbits) */ +/* { */ +/* tty_printf ("Key does not match the card's capability.\n"); */ +/* } */ +/* else */ +/* break; /\* Okay. *\/ */ +/* } */ +/* else */ +/* tty_printf(_("Invalid selection.\n")); */ +/* } */ + +/* if (replace_existing_key_p (&info, keyno)) */ +/* goto leave; */ + +/* /\* Unprotect key. *\/ */ +/* switch (is_secret_key_protected (sk) ) */ +/* { */ +/* case 0: /\* Not protected. *\/ */ +/* break; */ +/* case -1: */ +/* log_error (_("unknown key protection algorithm\n")); */ +/* goto leave; */ +/* default: */ +/* if (sk->protect.s2k.mode == 1001) */ +/* { */ +/* log_error (_("secret parts of key are not available\n")); */ +/* goto leave; */ +/* } */ +/* if (sk->protect.s2k.mode == 1002) */ +/* { */ +/* log_error (_("secret key already stored on a card\n")); */ +/* goto leave; */ +/* } */ +/* /\* We better copy the key before we unprotect it. *\/ */ +/* copied_sk = sk = copy_secret_key (NULL, sk); */ +/* rc = 0/\*check_secret_key (sk, 0)*\/; */ +/* if (rc) */ +/* goto leave; */ +/* } */ + +/* #warning code save_unprotected_key_to_card */ +/* /\* rc = save_unprotected_key_to_card (sk, keyno); *\/ */ +/* /\* if (rc) *\/ */ +/* /\* { *\/ */ +/* /\* log_error (_("error writing key to card: %s\n"), gpg_strerror (rc)); *\/ */ +/* /\* goto leave; *\/ */ +/* /\* } *\/ */ + +/* /\* Get back to the maybe protected original secret key. *\/ */ +/* if (copied_sk) */ +/* { */ +/* free_secret_key (copied_sk); */ +/* copied_sk = NULL; */ +/* } */ +/* sk = node->pkt->pkt.secret_key; */ + +/* /\* Get rid of the secret key parameters and store the serial numer. *\/ */ +/* n = pubkey_get_nskey (sk->pubkey_algo); */ +/* for (i=pubkey_get_npkey (sk->pubkey_algo); i < n; i++) */ +/* { */ +/* gcry_mpi_release (sk->skey[i]); */ +/* sk->skey[i] = NULL; */ +/* } */ +/* i = pubkey_get_npkey (sk->pubkey_algo); */ +/* sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8); */ +/* sk->is_protected = 1; */ +/* sk->protect.s2k.mode = 1002; */ +/* s = info.serialno; */ +/* for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1]; */ +/* sk->protect.ivlen++, s += 2) */ +/* sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s); */ + +/* okay = 1; */ + +/* leave: */ +/* if (copied_sk) */ +/* free_secret_key (copied_sk); */ +/* agent_release_card_info (&info); */ +/* return okay; */ + return -1; } |