scd: First changes to implement a PIN cache.

* scd/command.c (pincache_put): New.  Uses a dummy key for now.
(pincache_get): New.
* scd/app.c (select_application): Flush the PIN cache.
(scd_update_reader_status_file): Ditto.
(maybe_switch_app): Call the new prep_reselect function.
(app_write_learn_status): Ditto.
* scd/app-openpgp.c (cache_pin): New helper to cache a PIN.
(verify_chv2): Call it.
(verify_chv3): Call it.
(clear_chv_status): Call it.
(do_change_pin): Call it.

* scd/app-common.h (struct app_ctx_s): Add function 'prep_select'.
* scd/app-openpgp.c (do_prep_reselect): New stub function.
(app_select_openpgp): Set new stub function.
* scd/app-piv.c (do_prep_reselect): New stub function.
(app_select_piv): Set new stub function.

* scd/app-common.h (struct app_ctx_s): Add parameter ctrl to setattr,
sign, auth, decipher, and check_pin.  Change all implementations and
callers to pass such a parameter.
--

This is work in progress.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 9 insertions, 3 deletions

diff --git a/scd/app-nks.c b/scd/app-nks.c
index bb5329bfe..bdf065145 100644
--- a/scd/app-nks.c
+++ b/scd/app-nks.c
@@ -887,7 +887,7 @@ verify_pin (app_t app, int pwid, const char *desc,
    that callback should return the PIN in an allocated buffer and
    store that in the 3rd argument.  */
 static gpg_error_t
-do_sign (app_t app, const char *keyidstr, int hashalgo,
+do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
          gpg_error_t (*pincb)(void*, const char *, char **),
          void *pincb_arg,
          const void *indata, size_t indatalen,
@@ -907,6 +907,8 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
                                + the largest OID prefix. */
   size_t datalen;
 
+  (void)ctrl;
+
   if (!keyidstr || !*keyidstr)
     return gpg_error (GPG_ERR_INV_VALUE);
   switch (indatalen)
@@ -1022,7 +1024,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
    If a PIN is required the PINCB will be used to ask for the PIN; it
    should return the PIN in an allocated buffer and put it into PIN.  */
 static gpg_error_t
-do_decipher (app_t app, const char *keyidstr,
+do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
              gpg_error_t (*pincb)(void*, const char *, char **),
              void *pincb_arg,
              const void *indata, size_t indatalen,
@@ -1034,6 +1036,7 @@ do_decipher (app_t app, const char *keyidstr,
   int fid;
   int kid;
 
+  (void)ctrl;
   (void)r_info;
 
   if (!keyidstr || !*keyidstr || !indatalen)
@@ -1310,7 +1313,7 @@ do_change_pin (app_t app, ctrl_t ctrl,  const char *pwidstr,
 
 /* Perform a simple verify operation.  KEYIDSTR should be NULL or empty.  */
 static gpg_error_t
-do_check_pin (app_t app, const char *pwidstr,
+do_check_pin (app_t app, ctrl_t ctrl, const char *pwidstr,
               gpg_error_t (*pincb)(void*, const char *, char **),
               void *pincb_arg)
 {
@@ -1319,6 +1322,8 @@ do_check_pin (app_t app, const char *pwidstr,
   int is_sigg;
   const char *desc;
 
+  (void)ctrl;
+
   desc = parse_pwidstr (pwidstr, 0, &is_sigg, &pwid);
   if (!desc)
     return gpg_error (GPG_ERR_INV_ID);
@@ -1451,6 +1456,7 @@ app_select_nks (app_t app)
         log_info ("Detected NKS version: %d\n", app->app_local->nks_version);
 
       app->fnc.deinit = do_deinit;
+      app->fnc.prep_reselect = NULL;
       app->fnc.reselect = NULL;
       app->fnc.learn_status = do_learn_status;
       app->fnc.readcert = do_readcert;