aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--agent/ChangeLog5
-rw-r--r--agent/agent.h1
-rw-r--r--agent/call-scd.c30
-rw-r--r--agent/divert-scd.c4
-rw-r--r--g10/ChangeLog5
-rw-r--r--g10/call-agent.c138
-rw-r--r--g10/call-agent.h10
7 files changed, 39 insertions, 154 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog
index 783089e6b..7ec8789fd 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,3 +1,8 @@
+2011-03-02 Werner Koch <[email protected]>
+
+ * call-scd.c (hash_algo_option): New.
+ (agent_card_pksign): Use it with PKSIGN.
+
2011-03-02 Ben Kibbey <[email protected]> (wk)
* command.c (cmd_clear_passphrase): Add option --mode=normal.
diff --git a/agent/agent.h b/agent/agent.h
index 1ec736c55..3319c3684 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -365,6 +365,7 @@ int agent_card_pksign (ctrl_t ctrl,
const char *keyid,
int (*getpin_cb)(void *, const char *, char*, size_t),
void *getpin_cb_arg,
+ int mdalgo,
const unsigned char *indata, size_t indatalen,
unsigned char **r_buf, size_t *r_buflen);
int agent_card_pkdecrypt (ctrl_t ctrl,
diff --git a/agent/call-scd.c b/agent/call-scd.c
index 40770abae..710589f72 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -796,13 +796,33 @@ inq_needpin (void *opaque, const char *line)
}
+/* Helper returning a command option to describe the used hash
+ algorithm. See scd/command.c:cmd_pksign. */
+static const char *
+hash_algo_option (int algo)
+{
+ switch (algo)
+ {
+ case GCRY_MD_MD5 : return "--hash=md5";
+ case GCRY_MD_RMD160: return "--hash=rmd160";
+ case GCRY_MD_SHA1 : return "--hash=sha1";
+ case GCRY_MD_SHA224: return "--hash=sha224";
+ case GCRY_MD_SHA256: return "--hash=sha256";
+ case GCRY_MD_SHA384: return "--hash=sha384";
+ case GCRY_MD_SHA512: return "--hash=sha512";
+ default: return "";
+ }
+}
-/* Create a signature using the current card */
+
+/* Create a signature using the current card. MDALGO is either 0 or
+ gives the digest algorithm. */
int
agent_card_pksign (ctrl_t ctrl,
const char *keyid,
int (*getpin_cb)(void *, const char *, char*, size_t),
void *getpin_cb_arg,
+ int mdalgo,
const unsigned char *indata, size_t indatalen,
unsigned char **r_buf, size_t *r_buflen)
{
@@ -837,9 +857,11 @@ agent_card_pksign (ctrl_t ctrl,
inqparm.getpin_cb = getpin_cb;
inqparm.getpin_cb_arg = getpin_cb_arg;
inqparm.passthru = 0;
- snprintf (line, DIM(line)-1,
- ctrl->use_auth_call? "PKAUTH %s":"PKSIGN %s", keyid);
- line[DIM(line)-1] = 0;
+ if (ctrl->use_auth_call)
+ snprintf (line, sizeof line, "PKAUTH %s", keyid);
+ else
+ snprintf (line, sizeof line, "PKSIGN %s %s",
+ hash_algo_option (mdalgo), keyid);
rc = assuan_transact (ctrl->scd_local->ctx, line,
membuf_data_cb, &data,
inq_needpin, &inqparm,
diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index f4787b537..f176a6b94 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -347,7 +347,7 @@ divert_pksign (ctrl_t ctrl,
int save = ctrl->use_auth_call;
ctrl->use_auth_call = 1;
rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
- digest, digestlen, &sigval, &siglen);
+ algo, digest, digestlen, &sigval, &siglen);
ctrl->use_auth_call = save;
}
else
@@ -359,7 +359,7 @@ divert_pksign (ctrl_t ctrl,
if (!rc)
{
rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
- data, ndata, &sigval, &siglen);
+ algo, data, ndata, &sigval, &siglen);
xfree (data);
}
}
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 0eebbef78..65e97a9a4 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,8 @@
+2011-03-02 Werner Koch <[email protected]>
+
+ * call-agent.c (agent_scd_pksign, agent_scd_pkdecrypt)
+ (hash_algo_option): Remove these unused functions.
+
2011-02-10 Werner Koch <[email protected]>
* seskey.c (encode_md_value): Change last fix to avoid a
diff --git a/g10/call-agent.c b/g10/call-agent.c
index 6333586fb..03ea1685f 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -914,144 +914,6 @@ membuf_data_cb (void *opaque, const void *buffer, size_t length)
}
-/* Helper returning a command option to describe the used hash
- algorithm. See scd/command.c:cmd_pksign. */
-static const char *
-hash_algo_option (int algo)
-{
- switch (algo)
- {
- case GCRY_MD_RMD160: return "--hash=rmd160";
- case GCRY_MD_SHA1 : return "--hash=sha1";
- case GCRY_MD_SHA224: return "--hash=sha224";
- case GCRY_MD_SHA256: return "--hash=sha256";
- case GCRY_MD_SHA384: return "--hash=sha384";
- case GCRY_MD_SHA512: return "--hash=sha512";
- case GCRY_MD_MD5 : return "--hash=md5";
- default: return "";
- }
-}
-
-
-/* Send a sign command to the scdaemon via gpg-agent's pass thru
- mechanism. */
-int
-agent_scd_pksign (const char *serialno, int hashalgo,
- const unsigned char *indata, size_t indatalen,
- unsigned char **r_buf, size_t *r_buflen)
-{
- int rc;
- char line[ASSUAN_LINELENGTH];
- membuf_t data;
- size_t len;
-
- /* Note, hashalgo is not yet used but hardwired to SHA1 in SCdaemon. */
-
- *r_buf = NULL;
- *r_buflen = 0;
-
- rc = start_agent (NULL, 1);
- if (gpg_err_code (rc) == GPG_ERR_CARD_NOT_PRESENT
- || gpg_err_code (rc) == GPG_ERR_NOT_SUPPORTED)
- rc = 0; /* We check later. */
- if (rc)
- return rc;
-
- if (indatalen*2 + 50 > DIM(line))
- return gpg_error (GPG_ERR_GENERAL);
-
- rc = select_openpgp (serialno);
- if (rc)
- return rc;
-
- strcpy (line, "SCD SETDATA ");
- bin2hex (indata, indatalen, line + strlen (line));
-
- rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
- if (rc)
- return rc;
-
- init_membuf (&data, 1024);
- /* if (!hashalgo) /\* Temporary test hack. *\/ */
- /* snprintf (line, DIM(line)-1, "SCD PKAUTH %s", serialno); */
- /* else */
- snprintf (line, DIM(line)-1, "SCD PKSIGN %s %s",
- hash_algo_option (hashalgo), serialno);
- line[DIM(line)-1] = 0;
- rc = assuan_transact (agent_ctx, line, membuf_data_cb, &data,
- default_inq_cb, NULL, NULL, NULL);
- if (rc)
- {
- xfree (get_membuf (&data, &len));
- }
- else
- *r_buf = get_membuf (&data, r_buflen);
-
- status_sc_op_failure (rc);
- return rc;
-}
-
-
-/* Decrypt INDATA of length INDATALEN using the card identified by
- SERIALNO. Return the plaintext in a nwly allocated buffer stored
- at the address of R_BUF.
-
- Note, we currently support only RSA or more exactly algorithms
- taking one input data element. */
-int
-agent_scd_pkdecrypt (const char *serialno,
- const unsigned char *indata, size_t indatalen,
- unsigned char **r_buf, size_t *r_buflen)
-{
- int rc;
- char line[ASSUAN_LINELENGTH];
- membuf_t data;
- size_t len;
-
- *r_buf = NULL;
- rc = start_agent (NULL, 1);
- if (gpg_err_code (rc) == GPG_ERR_CARD_NOT_PRESENT
- || gpg_err_code (rc) == GPG_ERR_NOT_SUPPORTED)
- rc = 0; /* We check later. */
- if (rc)
- return rc;
-
- /* FIXME: use secure memory where appropriate */
- if (indatalen*2 + 50 > DIM(line))
- return gpg_error (GPG_ERR_GENERAL);
-
- rc = select_openpgp (serialno);
- if (rc)
- return rc;
-
- strcpy (line, "SCD SETDATA ");
- bin2hex (indata, indatalen, line + strlen (line));
-
- rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
- if (rc)
- return rc;
-
- init_membuf (&data, 1024);
- snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
- line[DIM(line)-1] = 0;
- rc = assuan_transact (agent_ctx, line,
- membuf_data_cb, &data,
- default_inq_cb, NULL, NULL, NULL);
- if (rc)
- {
- xfree (get_membuf (&data, &len));
- }
- else
- {
- *r_buf = get_membuf (&data, r_buflen);
- if (!*r_buf)
- rc = gpg_error (GPG_ERR_ENOMEM);
- }
-
- status_sc_op_failure (rc);
- return rc;
-}
-
/* Send a READCERT command to the SCdaemon. */
diff --git a/g10/call-agent.h b/g10/call-agent.h
index 337847dab..1e7e15abc 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -98,16 +98,6 @@ int agent_scd_writekey (int keyno, const char *serialno,
int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
const char *serialno, u32 createtime);
-/* Send a PKSIGN command to the SCdaemon. */
-int agent_scd_pksign (const char *keyid, int hashalgo,
- const unsigned char *indata, size_t indatalen,
- unsigned char **r_buf, size_t *r_buflen);
-
-/* Send a PKDECRYPT command to the SCdaemon. */
-int agent_scd_pkdecrypt (const char *serialno,
- const unsigned char *indata, size_t indatalen,
- unsigned char **r_buf, size_t *r_buflen);
-
/* Send a READKEY command to the SCdaemon. */
int agent_scd_readcert (const char *certidstr,
void **r_buf, size_t *r_buflen);
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 17:44:07 +0000