diff options
| author | Werner Koch <[email protected]> | 2020-01-07 17:45:33 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-01-07 17:45:33 +0000 |
| commit | fbf97a7856bd2f80a1714f63417c59d6c604d333 (patch) | |
| tree | 00bd69ac489a0d3d8ff9e48b2e2c93b34ab1ab90 /scd/app-sc-hsm.c | |
| parent | agent: First changes to support a PIN cache for scdaemon. (diff) | |
| download | gnupg-fbf97a7856bd2f80a1714f63417c59d6c604d333.tar.gz gnupg-fbf97a7856bd2f80a1714f63417c59d6c604d333.zip | |
scd: First changes to implement a PIN cache.
* scd/command.c (pincache_put): New. Uses a dummy key for now.
(pincache_get): New.
* scd/app.c (select_application): Flush the PIN cache.
(scd_update_reader_status_file): Ditto.
(maybe_switch_app): Call the new prep_reselect function.
(app_write_learn_status): Ditto.
* scd/app-openpgp.c (cache_pin): New helper to cache a PIN.
(verify_chv2): Call it.
(verify_chv3): Call it.
(clear_chv_status): Call it.
(do_change_pin): Call it.
* scd/app-common.h (struct app_ctx_s): Add function 'prep_select'.
* scd/app-openpgp.c (do_prep_reselect): New stub function.
(app_select_openpgp): Set new stub function.
* scd/app-piv.c (do_prep_reselect): New stub function.
(app_select_piv): Set new stub function.
* scd/app-common.h (struct app_ctx_s): Add parameter ctrl to setattr,
sign, auth, decipher, and check_pin. Change all implementations and
callers to pass such a parameter.
--
This is work in progress.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'scd/app-sc-hsm.c')
| -rw-r--r-- | scd/app-sc-hsm.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/scd/app-sc-hsm.c b/scd/app-sc-hsm.c index 2f1ab2074..3f376f2e5 100644 --- a/scd/app-sc-hsm.c +++ b/scd/app-sc-hsm.c @@ -1773,7 +1773,7 @@ verify_pin (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), the ECDSA signature in X9.62 format (SEQ/INT(r)/INT(s)) */ static gpg_error_t -do_sign (app_t app, const char *keyidstr, int hashalgo, +do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const void *indata, size_t indatalen, @@ -1810,6 +1810,8 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, unsigned char algoid; int sw; + (void)ctrl; + if (!keyidstr || !*keyidstr) return gpg_error (GPG_ERR_INV_VALUE); @@ -1901,7 +1903,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, must match the criteria used for the attribute $AUTHKEYID. See do_sign for calling conventions; there is no HASHALGO, though. */ static gpg_error_t -do_auth (app_t app, const char *keyidstr, +do_auth (app_t app, ctrl_t ctrl, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const void *indata, size_t indatalen, @@ -1924,7 +1926,7 @@ do_auth (app_t app, const char *keyidstr, } algo = indatalen == 36? MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1; - return do_sign (app, keyidstr, algo, pincb, pincb_arg, + return do_sign (app, ctrl, keyidstr, algo, pincb, pincb_arg, indata, indatalen, outdata, outdatalen); } @@ -1973,7 +1975,7 @@ strip_PKCS15_padding(unsigned char *src, int srclen, unsigned char **dst, /* Decrypt a PKCS#1 V1.5 formatted cryptogram using the referenced key. */ static gpg_error_t -do_decipher (app_t app, const char *keyidstr, +do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const void *indata, size_t indatalen, @@ -1988,6 +1990,8 @@ do_decipher (app_t app, const char *keyidstr, size_t p1blklen; int sw; + (void)ctrl; + if (!keyidstr || !*keyidstr || !indatalen) return gpg_error (GPG_ERR_INV_VALUE); @@ -2069,6 +2073,7 @@ app_select_sc_hsm (app_t app) goto leave; app->fnc.deinit = do_deinit; + app->fnc.prep_reselect = NULL; app->fnc.reselect = NULL; app->fnc.learn_status = do_learn_status; app->fnc.readcert = do_readcert; |