diff options
| author | Werner Koch <[email protected]> | 2020-11-24 17:02:05 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-11-25 09:23:55 +0000 |
| commit | 3a8250c02031080c6c8eebd5dea03f5f87f9ddd7 (patch) | |
| tree | 5d019056fed75c9ff42252e1e3e3196730c3ca3c /scd/app-piv.c | |
| parent | scd: Fix an error return for READKEY. (diff) | |
| download | gnupg-3a8250c02031080c6c8eebd5dea03f5f87f9ddd7.tar.gz gnupg-3a8250c02031080c6c8eebd5dea03f5f87f9ddd7.zip | |
scd: Rework the handling of the displayed serial number.
* scd/app.c (app_new_register): Call app_munge_serialno for Yubikeys.
(app_munge_serialno): Handle Yubikey serial numbers.
(card_get_serialno): Remove special Yubikey treatment. Drop arg
is_canonical.
(app_get_serialno): Clear ERRNO on error.
(card_get_dispserialno): New. Also change formatting of Yubikey and
OpenPGP numbers to match those printed on the card.
(app_get_dispserialno): New.
* scd/app-openpgp.c (do_getattr): Use app_get_dispserialno.
(yubikey_get_serialno): Remove.
* scd/app-piv.c (get_dispserialno): Remove.
(do_getattr): Use app_get_dispserialno.
--
This patch gets us back to a unique serial number for cards and
provides a stable serial number as printed for Yubikeys.
Because we use a slightly different serial number now for Yubikeys and
cards only supporting OpenPGP card we need to come up with another
change so that the version number of OpenPGP serial numbers are
ignored when comparing card serial numbers. This is so that existing
stub keys of gpg-agent will continue to work.
GnuPG-bug-id: 5100
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'scd/app-piv.c')
| -rw-r--r-- | scd/app-piv.c | 36 |
1 files changed, 2 insertions, 34 deletions
diff --git a/scd/app-piv.c b/scd/app-piv.c index 0288d8528..36324e630 100644 --- a/scd/app-piv.c +++ b/scd/app-piv.c @@ -746,38 +746,6 @@ parse_chv_keyref (const char *keyrefstr) } -/* Return an allocated string with the serial number in a format to be - * show to the user. With FAILMODE is true return NULL if such an - * abbreviated S/N is not available, else return the full serial - * number as a hex string. May return NULL on malloc problem. */ -static char * -get_dispserialno (app_t app, int failmode) -{ - char *result; - - if (app->card && app->card->serialno && app->card->serialnolen == 3+1+4 - && !memcmp (app->card->serialno, "\xff\x02\x00", 3)) - { - /* This is a 4 byte S/N of a Yubikey which seems to be printed - * on the token in decimal. Maybe they will print larger S/N - * also in decimal but we can't be sure, thus do it only for - * these 32 bit numbers. */ - unsigned long sn; - sn = app->card->serialno[4] * 16777216; - sn += app->card->serialno[5] * 65536; - sn += app->card->serialno[6] * 256; - sn += app->card->serialno[7]; - result = xtryasprintf ("yk-%lu", sn); - } - else if (failmode) - result = NULL; /* No Abbreviated S/N. */ - else - result = app_get_serialno (app); - - return result; -} - - /* The verify command can be used to retrieve the security status of * the card. Given the PIN name (e.g. "PIV.80" for the application * pin, a ISO7817_VERIFY_* code is returned or a non-negative number @@ -842,7 +810,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) } else if (table[idx].special == -3) { - char *tmp = get_dispserialno (app, 1); + char *tmp = app_get_dispserialno (app, 1); if (tmp) { @@ -1789,7 +1757,7 @@ make_prompt (app_t app, int remaining, const char *firstline) { char *serial, *tmpbuf, *result; - serial = get_dispserialno (app, 0); + serial = app_get_dispserialno (app, 0); if (!serial) return NULL; |