1
/* app-openpgp.c - The OpenPGP card application.
2
* Copyright (C) 2003, 2004 Free Software Foundation, Inc.
4
* This file is part of GnuPG.
6
* GnuPG is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
9
* (at your option) any later version.
11
* GnuPG is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
20
* $Id: app-openpgp.c,v 1.21 2004/12/09 16:57:30 wk Exp $
31
#if GNUPG_MAJOR_VERSION == 1
32
/* This is used with GnuPG version < 1.9. The code has been source
33
copied from the current GnuPG >= 1.9 and is maintained over
40
#else /* GNUPG_MAJOR_VERSION != 1 */
42
#endif /* GNUPG_MAJOR_VERSION != 1 */
46
#include "app-common.h"
53
int get_from; /* Constructed DO with this DO or 0 for direct access. */
57
int get_immediate_in_v11; /* Enable a hack to bypass the cache of
58
this data object if it is used in 1.1
59
and later versions of the card. This
60
does not work with composite DO and is
61
currently only useful for the CHV
65
{ 0x005E, 0, 0, 1, 0, 0, 0, "Login Data" },
66
{ 0x5F50, 0, 0, 0, 0, 0, 0, "URL" },
67
{ 0x0065, 1, 0, 1, 0, 0, 0, "Cardholder Related Data"},
68
{ 0x005B, 0, 0x65, 0, 0, 0, 0, "Name" },
69
{ 0x5F2D, 0, 0x65, 0, 0, 0, 0, "Language preferences" },
70
{ 0x5F35, 0, 0x65, 0, 0, 0, 0, "Sex" },
71
{ 0x006E, 1, 0, 1, 0, 0, 0, "Application Related Data" },
72
{ 0x004F, 0, 0x6E, 1, 0, 0, 0, "AID" },
73
{ 0x0073, 1, 0, 1, 0, 0, 0, "Discretionary Data Objects" },
74
{ 0x0047, 0, 0x6E, 1, 1, 0, 0, "Card Capabilities" },
75
{ 0x00C0, 0, 0x6E, 1, 1, 0, 0, "Extended Card Capabilities" },
76
{ 0x00C1, 0, 0x6E, 1, 1, 0, 0, "Algorithm Attributes Signature" },
77
{ 0x00C2, 0, 0x6E, 1, 1, 0, 0, "Algorithm Attributes Decryption" },
78
{ 0x00C3, 0, 0x6E, 1, 1, 0, 0, "Algorithm Attributes Authentication" },
79
{ 0x00C4, 0, 0x6E, 1, 0, 1, 1, "CHV Status Bytes" },
80
{ 0x00C5, 0, 0x6E, 1, 0, 0, 0, "Fingerprints" },
81
{ 0x00C6, 0, 0x6E, 1, 0, 0, 0, "CA Fingerprints" },
82
{ 0x00CD, 0, 0x6E, 1, 0, 0, 0, "Generation time" },
83
{ 0x007A, 1, 0, 1, 0, 0, 0, "Security Support Template" },
84
{ 0x0093, 0, 0x7A, 1, 1, 0, 0, "Digital Signature Counter" },
85
{ 0x0101, 0, 0, 0, 0, 0, 0, "Private DO 1"},
86
{ 0x0102, 0, 0, 0, 0, 0, 0, "Private DO 2"},
87
{ 0x0103, 0, 0, 0, 0, 0, 0, "Private DO 3"},
88
{ 0x0104, 0, 0, 0, 0, 0, 0, "Private DO 4"},
97
unsigned char data[1];
101
struct cache_s *cache;
104
unsigned int get_challenge:1;
105
unsigned int key_import:1;
106
unsigned int change_force_chv:1;
107
unsigned int private_dos:1;
111
unsigned int no_sync:1; /* Do not sync CHV1 and CHV2 */
112
unsigned int def_chv2:1; /* Use 123456 for CHV2. */
117
static unsigned long convert_sig_counter_value (const unsigned char *value,
119
static unsigned long get_sig_counter (APP app);
123
do_deinit (app_t app)
125
if (app && app->app_local)
127
struct cache_s *c, *c2;
129
for (c = app->app_local->cache; c; c = c2)
134
xfree (app->app_local);
135
app->app_local = NULL;
140
/* Wrapper around iso7816_get_data which first tries to get the data
143
get_cached_data (app_t app, int tag,
144
unsigned char **result, size_t *resultlen)
155
for (c=app->app_local->cache; c; c = c->next)
160
p = xtrymalloc (c->length);
162
return gpg_error (gpg_err_code_from_errno (errno));
163
memcpy (p, c->data, c->length);
167
*resultlen = c->length;
173
err = iso7816_get_data (app->slot, tag, &p, &len);
179
/* Check whether we should cache this object. */
180
for (i=0; data_objects[i].tag; i++)
181
if (data_objects[i].tag == tag)
183
if (data_objects[i].dont_cache)
190
for (c=app->app_local->cache; c; c = c->next)
191
assert (c->tag != tag);
193
c = xtrymalloc (sizeof *c + len);
196
memcpy (c->data, p, len);
199
c->next = app->app_local->cache;
200
app->app_local->cache = c;
206
/* Remove DO at TAG from the cache. */
208
flush_cache_item (app_t app, int tag)
210
struct cache_s *c, *cprev;
216
for (c=app->app_local->cache, cprev=NULL; c ; cprev=c, c = c->next)
220
cprev->next = c->next;
222
app->app_local->cache = c->next;
225
for (c=app->app_local->cache; c ; c = c->next)
227
assert (c->tag != tag); /* Oops: duplicated entry. */
232
/* Try again if we have an outer tag. */
233
for (i=0; data_objects[i].tag; i++)
234
if (data_objects[i].tag == tag && data_objects[i].get_from
235
&& data_objects[i].get_from != tag)
236
flush_cache_item (app, data_objects[i].get_from);
239
/* Flush all entries from the cache which might be out of sync after
242
flush_cache_after_error (app_t app)
246
for (i=0; data_objects[i].tag; i++)
247
if (data_objects[i].flush_on_error)
248
flush_cache_item (app, data_objects[i].tag);
252
/* Flush the entire cache. */
254
flush_cache (app_t app)
256
if (app && app->app_local)
258
struct cache_s *c, *c2;
260
for (c = app->app_local->cache; c; c = c2)
265
app->app_local->cache = NULL;
270
/* Get the DO identified by TAG from the card in SLOT and return a
271
buffer with its content in RESULT and NBYTES. The return value is
272
NULL if not found or a pointer which must be used to release the
273
buffer holding value. */
275
get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes)
278
unsigned char *buffer;
280
unsigned char *value;
285
for (i=0; data_objects[i].tag && data_objects[i].tag != tag; i++)
288
if (app->card_version > 0x0100 && data_objects[i].get_immediate_in_v11)
290
if( iso7816_get_data (app->slot, tag, &buffer, &buflen))
299
if (data_objects[i].tag && data_objects[i].get_from)
301
rc = get_cached_data (app, data_objects[i].get_from,
305
const unsigned char *s;
307
s = find_tlv (buffer, buflen, tag, &valuelen);
309
value = NULL; /* not found */
310
else if (valuelen > buflen - (s - buffer))
312
log_error ("warning: constructed DO too short\n");
314
xfree (buffer); buffer = NULL;
317
value = buffer + (s - buffer);
321
if (!value) /* Not in a constructed DO, try simple. */
323
rc = get_cached_data (app, tag, &buffer, &buflen);
342
dump_all_do (int slot)
345
unsigned char *buffer;
348
for (i=0; data_objects[i].tag; i++)
350
if (data_objects[i].get_from)
353
rc = iso7816_get_data (slot, data_objects[i].tag, &buffer, &buflen);
354
if (gpg_err_code (rc) == GPG_ERR_NO_OBJ)
357
log_info ("DO `%s' not available: %s\n",
358
data_objects[i].desc, gpg_strerror (rc));
361
if (data_objects[i].binary)
363
log_info ("DO `%s': ", data_objects[i].desc);
364
log_printhex ("", buffer, buflen);
367
log_info ("DO `%s': `%.*s'\n",
368
data_objects[i].desc,
369
(int)buflen, buffer); /* FIXME: sanitize */
371
if (data_objects[i].constructed)
373
for (j=0; data_objects[j].tag; j++)
375
const unsigned char *value;
378
if (j==i || data_objects[i].tag != data_objects[j].get_from)
380
value = find_tlv (buffer, buflen,
381
data_objects[j].tag, &valuelen);
384
else if (valuelen > buflen - (value - buffer))
385
log_error ("warning: constructed DO too short\n");
388
if (data_objects[j].binary)
390
log_info ("DO `%s': ", data_objects[j].desc);
391
log_printhex ("", value, valuelen);
394
log_info ("DO `%s': `%.*s'\n",
395
data_objects[j].desc,
396
(int)valuelen, value); /* FIXME: sanitize */
401
xfree (buffer); buffer = NULL;
406
/* Count the number of bits, assuming the A represents an unsigned big
407
integer of length LEN bytes. */
409
count_bits (const unsigned char *a, size_t len)
411
unsigned int n = len * 8;
414
for (; len && !*a; len--, a++, n -=8)
418
for (i=7; i && !(*a & (1<<i)); i--)
424
/* GnuPG makes special use of the login-data DO, this fucntion parses
425
the login data to store the flags for later use. It may be called
426
at any time and should be called after changing the login-data DO.
428
Everything up to a LF is considered a mailbox or account name. If
429
the first LF is follewed by DC4 (0x14) control sequence are
430
expected up to the next LF. Control sequences are separated by FS
431
(0x28) and consist of key=value pairs. There is one key defined:
435
Were FLAGS is a plain hexadecimal number representing flag values.
436
The lsb is here the rightmost bit. Defined flags bits are:
438
Bit 0 = CHV1 and CHV2 are not syncronized
439
Bit 1 = CHV2 has been been set to the default PIN of "123456"
440
(this implies that bit 0 is also set).
444
parse_login_data (app_t app)
446
unsigned char *buffer, *p;
451
app->app_local->flags.no_sync = 0;
452
app->app_local->flags.def_chv2 = 0;
455
relptr = get_one_do (app, 0x005E, &buffer, &buflen);
458
for (; buflen; buflen--, buffer++)
461
if (buflen < 2 || buffer[1] != '\x14')
462
return; /* No control sequences. */
469
if (buflen > 1 && *buffer == 'F' && buffer[1] == '=')
471
/* Flags control sequence found. */
474
/* For now we are only interested in the last digit, so skip
475
any leading digits but bail out on invalid characters. */
476
for (p=buffer+2, len = buflen-2; len && hexdigitp (p); p++, len--)
477
lastdig = xtoi_1 (p);
478
if (len && !(*p == '\n' || *p == '\x18'))
479
goto next; /* Invalid characters in field. */
480
app->app_local->flags.no_sync = !!(lastdig & 1);
481
app->app_local->flags.def_chv2 = (lastdig & 3) == 3;
484
for (; buflen && *buffer != '\x18'; buflen--, buffer++)
493
/* Note, that FPR must be at least 20 bytes. */
495
store_fpr (int slot, int keynumber, u32 timestamp,
496
const unsigned char *m, size_t mlen,
497
const unsigned char *e, size_t elen,
498
unsigned char *fpr, unsigned int card_version)
500
unsigned int n, nbits;
501
unsigned char *buffer, *p;
504
for (; mlen && !*m; mlen--, m++) /* strip leading zeroes */
506
for (; elen && !*e; elen--, e++) /* strip leading zeroes */
509
n = 6 + 2 + mlen + 2 + elen;
510
p = buffer = xtrymalloc (3 + n);
512
return gpg_error (gpg_err_code_from_errno (errno));
514
*p++ = 0x99; /* ctb */
515
*p++ = n >> 8; /* 2 byte length header */
517
*p++ = 4; /* key packet version */
518
*p++ = timestamp >> 24;
519
*p++ = timestamp >> 16;
520
*p++ = timestamp >> 8;
523
nbits = count_bits (m, mlen);
526
memcpy (p, m, mlen); p += mlen;
527
nbits = count_bits (e, elen);
530
memcpy (p, e, elen); p += elen;
532
gcry_md_hash_buffer (GCRY_MD_SHA1, fpr, buffer, n+3);
536
rc = iso7816_put_data (slot, (card_version > 0x0007? 0xC7 : 0xC6)
537
+ keynumber, fpr, 20);
539
log_error (_("failed to store the fingerprint: %s\n"),gpg_strerror (rc));
541
if (!rc && card_version > 0x0100)
543
unsigned char buf[4];
545
buf[0] = timestamp >> 24;
546
buf[1] = timestamp >> 16;
547
buf[2] = timestamp >> 8;
550
rc = iso7816_put_data (slot, 0xCE + keynumber, buf, 4);
552
log_error (_("failed to store the creation date: %s\n"),
561
send_fpr_if_not_null (ctrl_t ctrl, const char *keyword,
562
int number, const unsigned char *fpr)
568
for (i=0; i < 20 && !fpr[i]; i++)
571
return; /* All zero. */
572
for (i=0; i< 20; i++)
573
sprintf (buf+2*i, "%02X", fpr[i]);
575
*numbuf = 0; /* Don't print the key number */
577
sprintf (numbuf, "%d", number);
578
send_status_info (ctrl, keyword,
579
numbuf, (size_t)strlen(numbuf),
580
buf, (size_t)strlen (buf), NULL, 0);
584
send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword,
585
int number, const unsigned char *stamp)
587
char numbuf1[50], numbuf2[50];
590
value = (stamp[0] << 24) | (stamp[1]<<16) | (stamp[2]<<8) | stamp[3];
593
sprintf (numbuf1, "%d", number);
594
sprintf (numbuf2, "%lu", value);
595
send_status_info (ctrl, keyword,
596
numbuf1, (size_t)strlen(numbuf1),
597
numbuf2, (size_t)strlen(numbuf2), NULL, 0);
601
send_key_data (ctrl_t ctrl, const char *name,
602
const unsigned char *a, size_t alen)
604
char *p, *buf = xmalloc (alen*2+1);
606
for (p=buf; alen; a++, alen--, p += 2)
607
sprintf (p, "%02X", *a);
609
send_status_info (ctrl, "KEY-DATA",
610
name, (size_t)strlen(name),
611
buf, (size_t)strlen (buf),
616
/* Implement the GETATTR command. This is similar to the LEARN
617
command but returns just one value via the status interface. */
619
do_getattr (app_t app, ctrl_t ctrl, const char *name)
626
{ "DISP-NAME", 0x005B },
627
{ "LOGIN-DATA", 0x005E },
628
{ "DISP-LANG", 0x5F2D },
629
{ "DISP-SEX", 0x5F35 },
630
{ "PUBKEY-URL", 0x5F50 },
631
{ "KEY-FPR", 0x00C5, 3 },
632
{ "KEY-TIME", 0x00CD, 4 },
633
{ "CA-FPR", 0x00C6, 3 },
634
{ "CHV-STATUS", 0x00C4, 1 },
635
{ "SIG-COUNTER", 0x0093, 2 },
636
{ "SERIALNO", 0x004F, -1 },
638
{ "EXTCAP", 0x0000, -2 },
639
{ "PRIVATE-DO-1", 0x0101 },
640
{ "PRIVATE-DO-2", 0x0102 },
641
{ "PRIVATE-DO-3", 0x0103 },
642
{ "PRIVATE-DO-4", 0x0104 },
647
unsigned char *value;
650
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
652
if (!table[idx].name)
653
return gpg_error (GPG_ERR_INV_NAME);
655
if (table[idx].special == -1)
657
/* The serial number is very special. We could have used the
658
AID DO to retrieve it, but we have it already in the app
659
context and the stamp argument is required anyway which we
660
can't by other means. The AID DO is available anyway but not
666
if (!app_get_serial_and_stamp (app, &serial, &stamp))
668
sprintf (tmp, "%lu", (unsigned long)stamp);
669
send_status_info (ctrl, "SERIALNO",
670
serial, strlen (serial),
677
if (table[idx].special == -2)
681
sprintf (tmp, "gc=%d ki=%d fc=%d pd=%d",
682
app->app_local->extcap.get_challenge,
683
app->app_local->extcap.key_import,
684
app->app_local->extcap.change_force_chv,
685
app->app_local->extcap.private_dos);
686
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
690
relptr = get_one_do (app, table[idx].tag, &value, &valuelen);
693
if (table[idx].special == 1)
697
for (i=0,*numbuf=0; i < valuelen && i < 7; i++)
698
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
699
send_status_info (ctrl, table[idx].name,
700
numbuf, strlen (numbuf), NULL, 0);
702
else if (table[idx].special == 2)
706
sprintf (numbuf, "%lu", convert_sig_counter_value (value, valuelen));
707
send_status_info (ctrl, table[idx].name,
708
numbuf, strlen (numbuf), NULL, 0);
710
else if (table[idx].special == 3)
713
for (i=0; i < 3; i++)
714
send_fpr_if_not_null (ctrl, table[idx].name, i+1, value+i*20);
716
else if (table[idx].special == 4)
719
for (i=0; i < 3; i++)
720
send_fprtime_if_not_null (ctrl, table[idx].name, i+1, value+i*4);
723
send_status_info (ctrl, table[idx].name, value, valuelen, NULL, 0);
732
do_learn_status (app_t app, ctrl_t ctrl)
734
do_getattr (app, ctrl, "EXTCAP");
735
do_getattr (app, ctrl, "DISP-NAME");
736
do_getattr (app, ctrl, "DISP-LANG");
737
do_getattr (app, ctrl, "DISP-SEX");
738
do_getattr (app, ctrl, "PUBKEY-URL");
739
do_getattr (app, ctrl, "LOGIN-DATA");
740
do_getattr (app, ctrl, "KEY-FPR");
741
if (app->card_version > 0x0100)
742
do_getattr (app, ctrl, "KEY-TIME");
743
do_getattr (app, ctrl, "CA-FPR");
744
do_getattr (app, ctrl, "CHV-STATUS");
745
do_getattr (app, ctrl, "SIG-COUNTER");
746
if (app->app_local->extcap.private_dos)
748
do_getattr (app, ctrl, "PRIVATE-DO-1");
749
do_getattr (app, ctrl, "PRIVATE-DO-2");
751
do_getattr (app, ctrl, "PRIVATE-DO-3");
753
do_getattr (app, ctrl, "PRIVATE-DO-4");
760
/* Verify CHV2 if required. Depending on the configuration of the
761
card CHV1 will also be verified. */
763
verify_chv2 (app_t app,
764
int (*pincb)(void*, const char *, char **),
773
rc = pincb (pincb_arg, "PIN", &pinvalue);
776
log_info (_("PIN callback returned error: %s\n"), gpg_strerror (rc));
780
if (strlen (pinvalue) < 6)
782
log_error (_("PIN for CHV%d is too short;"
783
" minimum length is %d\n"), 2, 6);
785
return gpg_error (GPG_ERR_BAD_PIN);
788
rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue));
791
log_error (_("verify CHV%d failed: %s\n"), 2, gpg_strerror (rc));
793
flush_cache_after_error (app);
798
if (!app->did_chv1 && !app->force_chv1)
800
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
801
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
802
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
805
log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc));
807
flush_cache_after_error (app);
817
/* Verify CHV3 if required. */
819
verify_chv3 (app_t app,
820
int (*pincb)(void*, const char *, char **),
825
#if GNUPG_MAJOR_VERSION != 1
826
if (!opt.allow_admin)
828
log_info (_("access to admin commands is not configured\n"));
829
return gpg_error (GPG_ERR_EACCES);
837
unsigned char *value;
839
int reread_chv_status;
842
relptr = get_one_do (app, 0x00C4, &value, &valuelen);
843
if (!relptr || valuelen < 7)
845
log_error (_("error retrieving CHV status from card\n"));
847
return gpg_error (GPG_ERR_CARD);
851
log_info (_("card is permanently locked!\n"));
853
return gpg_error (GPG_ERR_BAD_PIN);
856
reread_chv_status = (value[6] < 3);
858
log_info(_("%d Admin PIN attempts remaining before card"
859
" is permanently locked\n"), value[6]);
862
/* Note to translators: Do not translate the "|A|" prefix but
863
keep it at the start of the string. We need this elsewhere
864
to get some infos on the string. */
865
rc = pincb (pincb_arg, _("|A|Admin PIN"), &pinvalue);
868
log_info (_("PIN callback returned error: %s\n"), gpg_strerror (rc));
872
if (strlen (pinvalue) < 8)
874
log_error (_("PIN for CHV%d is too short;"
875
" minimum length is %d\n"), 3, 8);
877
return gpg_error (GPG_ERR_BAD_PIN);
880
rc = iso7816_verify (app->slot, 0x83, pinvalue, strlen (pinvalue));
884
log_error (_("verify CHV%d failed: %s\n"), 3, gpg_strerror (rc));
885
flush_cache_after_error (app);
889
/* If the PIN has been entered wrongly before, we need to flush
890
the cached value so that the next read correctly reflects the
891
resetted retry counter. Note that version 1.1 of the specs
892
allow direct reading of that DO, so that we could actually
893
flush it in all cases. */
894
if (reread_chv_status)
895
flush_cache_item (app, 0x00C4);
901
/* Handle the SETATTR operation. All arguments are already basically
904
do_setattr (app_t app, const char *name,
905
int (*pincb)(void*, const char *, char **),
907
const unsigned char *value, size_t valuelen)
917
{ "DISP-NAME", 0x005B, 3 },
918
{ "LOGIN-DATA", 0x005E, 3, 2 },
919
{ "DISP-LANG", 0x5F2D, 3 },
920
{ "DISP-SEX", 0x5F35, 3 },
921
{ "PUBKEY-URL", 0x5F50, 3 },
922
{ "CHV-STATUS-1", 0x00C4, 3, 1 },
923
{ "CA-FPR-1", 0x00CA, 3 },
924
{ "CA-FPR-2", 0x00CB, 3 },
925
{ "CA-FPR-3", 0x00CC, 3 },
926
{ "PRIVATE-DO-1", 0x0101, 2 },
927
{ "PRIVATE-DO-2", 0x0102, 3 },
928
{ "PRIVATE-DO-3", 0x0103, 2 },
929
{ "PRIVATE-DO-4", 0x0104, 3 },
934
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
936
if (!table[idx].name)
937
return gpg_error (GPG_ERR_INV_NAME);
939
switch (table[idx].need_chv)
942
rc = verify_chv2 (app, pincb, pincb_arg);
945
rc = verify_chv3 (app, pincb, pincb_arg);
953
/* Flush the cache before writing it, so that the next get operation
954
will reread the data from the card and thus get synced in case of
955
errors (e.g. data truncated by the card). */
956
flush_cache_item (app, table[idx].tag);
957
rc = iso7816_put_data (app->slot, table[idx].tag, value, valuelen);
959
log_error ("failed to set `%s': %s\n", table[idx].name, gpg_strerror (rc));
961
if (table[idx].special == 1)
962
app->force_chv1 = (valuelen && *value == 0);
963
else if (table[idx].special == 2)
964
parse_login_data (app);
970
/* Handle the PASSWD command. */
972
do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, int reset_mode,
973
int (*pincb)(void*, const char *, char **),
977
int chvno = atoi (chvnostr);
980
if (reset_mode && chvno == 3)
982
rc = gpg_error (GPG_ERR_INV_ID);
985
else if (reset_mode || chvno == 3)
987
/* we always require that the PIN is entered. */
989
rc = verify_chv3 (app, pincb, pincb_arg);
993
else if (chvno == 1 || chvno == 2)
995
/* CHV1 and CVH2 should always have the same value, thus we
997
int save_force = app->force_chv1;
1002
rc = verify_chv2 (app, pincb, pincb_arg);
1003
app->force_chv1 = save_force;
1009
rc = gpg_error (GPG_ERR_INV_ID);
1016
app->did_chv1 = app->did_chv2 = 0;
1018
/* Note to translators: Do not translate the "|*|" prefixes but
1019
keep it at the start of the string. We need this elsewhere
1020
to get some infos on the string. */
1021
rc = pincb (pincb_arg, chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"),
1025
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
1031
rc = iso7816_reset_retry_counter (app->slot, 0x81,
1032
pinvalue, strlen (pinvalue));
1034
rc = iso7816_reset_retry_counter (app->slot, 0x82,
1035
pinvalue, strlen (pinvalue));
1039
if (chvno == 1 || chvno == 2)
1041
rc = iso7816_change_reference_data (app->slot, 0x81, NULL, 0,
1042
pinvalue, strlen (pinvalue));
1044
rc = iso7816_change_reference_data (app->slot, 0x82, NULL, 0,
1045
pinvalue, strlen (pinvalue));
1048
rc = iso7816_change_reference_data (app->slot, 0x80 + chvno, NULL, 0,
1049
pinvalue, strlen (pinvalue));
1053
flush_cache_after_error (app);
1061
/* Handle the GENKEY command. */
1063
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
1064
int (*pincb)(void*, const char *, char **),
1070
unsigned char fprbuf[20];
1071
const unsigned char *fpr;
1072
const unsigned char *keydata, *m, *e;
1073
unsigned char *buffer;
1074
size_t buflen, keydatalen, n, mlen, elen;
1076
int keyno = atoi (keynostr);
1077
int force = (flags & 1);
1080
if (keyno < 1 || keyno > 3)
1081
return gpg_error (GPG_ERR_INV_ID);
1084
/* We flush the cache to increase the traffic before a key
1085
generation. This _might_ help a card to gather more entropy. */
1088
rc = iso7816_get_data (app->slot, 0x006E, &buffer, &buflen);
1091
log_error (_("error reading application data\n"));
1092
return gpg_error (GPG_ERR_GENERAL);
1094
fpr = find_tlv (buffer, buflen, 0x00C5, &n);
1095
if (!fpr || n != 60)
1097
rc = gpg_error (GPG_ERR_GENERAL);
1098
log_error (_("error reading fingerprint DO\n"));
1102
for (i=0; i < 20 && !fpr[i]; i++)
1104
if (i!=20 && !force)
1106
rc = gpg_error (GPG_ERR_EEXIST);
1107
log_error (_("key already exists\n"));
1111
log_info (_("existing key will be replaced\n"));
1113
log_info (_("generating new key\n"));
1116
rc = verify_chv3 (app, pincb, pincb_arg);
1120
xfree (buffer); buffer = NULL;
1123
log_info (_("please wait while key is being generated ...\n"));
1124
start_at = time (NULL);
1125
rc = iso7816_generate_keypair
1127
#warning key generation temporary replaced by reading an existing key.
1128
rc = iso7816_read_public_key
1131
keyno == 0? "\xB6" :
1132
keyno == 1? "\xB8" : "\xA4",
1137
rc = gpg_error (GPG_ERR_CARD);
1138
log_error (_("generating key failed\n"));
1141
log_info (_("key generation completed (%d seconds)\n"),
1142
(int)(time (NULL) - start_at));
1143
keydata = find_tlv (buffer, buflen, 0x7F49, &keydatalen);
1146
rc = gpg_error (GPG_ERR_CARD);
1147
log_error (_("response does not contain the public key data\n"));
1151
m = find_tlv (keydata, keydatalen, 0x0081, &mlen);
1154
rc = gpg_error (GPG_ERR_CARD);
1155
log_error (_("response does not contain the RSA modulus\n"));
1158
/* log_printhex ("RSA n:", m, mlen); */
1159
send_key_data (ctrl, "n", m, mlen);
1161
e = find_tlv (keydata, keydatalen, 0x0082, &elen);
1164
rc = gpg_error (GPG_ERR_CARD);
1165
log_error (_("response does not contain the RSA public exponent\n"));
1168
/* log_printhex ("RSA e:", e, elen); */
1169
send_key_data (ctrl, "e", e, elen);
1171
created_at = gnupg_get_time ();
1172
sprintf (numbuf, "%lu", (unsigned long)created_at);
1173
send_status_info (ctrl, "KEY-CREATED-AT",
1174
numbuf, (size_t)strlen(numbuf), NULL, 0);
1176
rc = store_fpr (app->slot, keyno, (u32)created_at,
1177
m, mlen, e, elen, fprbuf, app->card_version);
1180
send_fpr_if_not_null (ctrl, "KEY-FPR", -1, fprbuf);
1189
static unsigned long
1190
convert_sig_counter_value (const unsigned char *value, size_t valuelen)
1195
ul = (value[0] << 16) | (value[1] << 8) | value[2];
1198
log_error (_("invalid structure of OpenPGP card (DO 0x93)\n"));
1204
static unsigned long
1205
get_sig_counter (app_t app)
1208
unsigned char *value;
1212
relptr = get_one_do (app, 0x0093, &value, &valuelen);
1215
ul = convert_sig_counter_value (value, valuelen);
1221
compare_fingerprint (app_t app, int keyno, unsigned char *sha1fpr)
1223
const unsigned char *fpr;
1224
unsigned char *buffer;
1228
assert (keyno >= 1 && keyno <= 3);
1230
rc = get_cached_data (app, 0x006E, &buffer, &buflen);
1233
log_error (_("error reading application data\n"));
1234
return gpg_error (GPG_ERR_GENERAL);
1236
fpr = find_tlv (buffer, buflen, 0x00C5, &n);
1237
if (!fpr || n != 60)
1240
log_error (_("error reading fingerprint DO\n"));
1241
return gpg_error (GPG_ERR_GENERAL);
1243
fpr += (keyno-1)*20;
1244
for (i=0; i < 20; i++)
1245
if (sha1fpr[i] != fpr[i])
1248
return gpg_error (GPG_ERR_WRONG_SECKEY);
1255
/* If a fingerprint has been specified check it against the one on
1256
the card. This is allows for a meaningful error message in case
1257
the key on the card has been replaced but the shadow information
1258
known to gpg was not updated. If there is no fingerprint we
1259
assume that this is okay. */
1261
check_against_given_fingerprint (app_t app, const char *fpr, int keyno)
1263
unsigned char tmp[20];
1267
for (s=fpr, n=0; hexdigitp (s); s++, n++)
1270
return gpg_error (GPG_ERR_INV_ID);
1274
return gpg_error (GPG_ERR_INV_ID);
1276
for (s=fpr, n=0; n < 20; s += 2, n++)
1277
tmp[n] = xtoi_2 (s);
1278
return compare_fingerprint (app, keyno, tmp);
1283
/* Compute a digital signature on INDATA which is expected to be the
1284
raw message digest. For this application the KEYIDSTR consists of
1285
the serialnumber and the fingerprint delimited by a slash.
1287
Note that this fucntion may return the error code
1288
GPG_ERR_WRONG_CARD to indicate that the card currently present does
1289
not match the one required for the requested action (e.g. the
1290
serial number does not match). */
1292
do_sign (app_t app, const char *keyidstr, int hashalgo,
1293
int (*pincb)(void*, const char *, char **),
1295
const void *indata, size_t indatalen,
1296
unsigned char **outdata, size_t *outdatalen )
1298
static unsigned char sha1_prefix[15] = /* Object ID is 1.3.14.3.2.26 */
1299
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
1300
0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 };
1301
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
1302
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
1303
0x02, 0x01, 0x05, 0x00, 0x04, 0x14 };
1305
unsigned char data[35];
1306
unsigned char tmp_sn[20]; /* actually 16 but we use it also for the fpr. */
1309
const char *fpr = NULL;
1310
unsigned long sigcount;
1312
if (!keyidstr || !*keyidstr)
1313
return gpg_error (GPG_ERR_INV_VALUE);
1314
if (indatalen != 20)
1315
return gpg_error (GPG_ERR_INV_VALUE);
1317
/* Check whether an OpenPGP card of any version has been requested. */
1318
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
1319
return gpg_error (GPG_ERR_INV_ID);
1321
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
1324
return gpg_error (GPG_ERR_INV_ID);
1326
; /* no fingerprint given: we allow this for now. */
1330
return gpg_error (GPG_ERR_INV_ID);
1332
for (s=keyidstr, n=0; n < 16; s += 2, n++)
1333
tmp_sn[n] = xtoi_2 (s);
1335
if (app->serialnolen != 16)
1336
return gpg_error (GPG_ERR_INV_CARD);
1337
if (memcmp (app->serialno, tmp_sn, 16))
1338
return gpg_error (GPG_ERR_WRONG_CARD);
1340
/* If a fingerprint has been specified check it against the one on
1341
the card. This is allows for a meaningful error message in case
1342
the key on the card has been replaced but the shadow information
1343
known to gpg was not updated. If there is no fingerprint, gpg
1344
will detect a bogus signature anyway due to the
1345
verify-after-signing feature. */
1346
rc = fpr? check_against_given_fingerprint (app, fpr, 1) : 0;
1350
if (hashalgo == GCRY_MD_SHA1)
1351
memcpy (data, sha1_prefix, 15);
1352
else if (hashalgo == GCRY_MD_RMD160)
1353
memcpy (data, rmd160_prefix, 15);
1355
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
1356
memcpy (data+15, indata, indatalen);
1358
sigcount = get_sig_counter (app);
1359
log_info (_("signatures created so far: %lu\n"), sigcount);
1361
if (!app->did_chv1 || app->force_chv1 )
1367
#define PROMPTSTRING _("PIN [sigs done: %lu]")
1369
prompt = malloc (strlen (PROMPTSTRING) + 50);
1371
return gpg_error_from_errno (errno);
1372
sprintf (prompt, PROMPTSTRING, sigcount);
1373
rc = pincb (pincb_arg, prompt, &pinvalue);
1379
log_info (_("PIN callback returned error: %s\n"), gpg_strerror (rc));
1383
if (strlen (pinvalue) < 6)
1385
log_error (_("PIN for CHV%d is too short;"
1386
" minimum length is %d\n"), 1, 6);
1388
return gpg_error (GPG_ERR_BAD_PIN);
1391
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
1394
log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc));
1396
flush_cache_after_error (app);
1402
/* We should also verify CHV2. */
1403
rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue));
1404
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
1405
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
1408
log_error (_("verify CHV%d failed: %s\n"), 2, gpg_strerror (rc));
1410
flush_cache_after_error (app);
1418
rc = iso7816_compute_ds (app->slot, data, 35, outdata, outdatalen);
1422
/* Compute a digital signature using the INTERNAL AUTHENTICATE command
1423
on INDATA which is expected to be the raw message digest. For this
1424
application the KEYIDSTR consists of the serialnumber and the
1425
fingerprint delimited by a slash.
1427
Note that this fucntion may return the error code
1428
GPG_ERR_WRONG_CARD to indicate that the card currently present does
1429
not match the one required for the requested action (e.g. the
1430
serial number does not match). */
1432
do_auth (app_t app, const char *keyidstr,
1433
int (*pincb)(void*, const char *, char **),
1435
const void *indata, size_t indatalen,
1436
unsigned char **outdata, size_t *outdatalen )
1439
unsigned char tmp_sn[20]; /* actually 16 but we use it also for the fpr. */
1442
const char *fpr = NULL;
1444
if (!keyidstr || !*keyidstr)
1445
return gpg_error (GPG_ERR_INV_VALUE);
1446
if (indatalen > 50) /* For a 1024 bit key. */
1447
return gpg_error (GPG_ERR_INV_VALUE);
1449
/* Check whether an OpenPGP card of any version has been requested. */
1450
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
1451
return gpg_error (GPG_ERR_INV_ID);
1453
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
1456
return gpg_error (GPG_ERR_INV_ID);
1458
; /* no fingerprint given: we allow this for now. */
1462
return gpg_error (GPG_ERR_INV_ID);
1464
for (s=keyidstr, n=0; n < 16; s += 2, n++)
1465
tmp_sn[n] = xtoi_2 (s);
1467
if (app->serialnolen != 16)
1468
return gpg_error (GPG_ERR_INV_CARD);
1469
if (memcmp (app->serialno, tmp_sn, 16))
1470
return gpg_error (GPG_ERR_WRONG_CARD);
1472
/* If a fingerprint has been specified check it against the one on
1473
the card. This is allows for a meaningful error message in case
1474
the key on the card has been replaced but the shadow information
1475
known to gpg was not updated. If there is no fingerprint, gpg
1476
will detect a bogus signature anyway due to the
1477
verify-after-signing feature. */
1478
rc = fpr? check_against_given_fingerprint (app, fpr, 3) : 0;
1482
rc = verify_chv2 (app, pincb, pincb_arg);
1484
rc = iso7816_internal_authenticate (app->slot, indata, indatalen,
1485
outdata, outdatalen);
1491
do_decipher (app_t app, const char *keyidstr,
1492
int (pincb)(void*, const char *, char **),
1494
const void *indata, size_t indatalen,
1495
unsigned char **outdata, size_t *outdatalen )
1498
unsigned char tmp_sn[20]; /* actually 16 but we use it also for the fpr. */
1501
const char *fpr = NULL;
1503
if (!keyidstr || !*keyidstr || !indatalen)
1504
return gpg_error (GPG_ERR_INV_VALUE);
1506
/* Check whether an OpenPGP card of any version has been requested. */
1507
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
1508
return gpg_error (GPG_ERR_INV_ID);
1510
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
1513
return gpg_error (GPG_ERR_INV_ID);
1515
; /* no fingerprint given: we allow this for now. */
1519
return gpg_error (GPG_ERR_INV_ID);
1521
for (s=keyidstr, n=0; n < 16; s += 2, n++)
1522
tmp_sn[n] = xtoi_2 (s);
1524
if (app->serialnolen != 16)
1525
return gpg_error (GPG_ERR_INV_CARD);
1526
if (memcmp (app->serialno, tmp_sn, 16))
1527
return gpg_error (GPG_ERR_WRONG_CARD);
1529
/* If a fingerprint has been specified check it against the one on
1530
the card. This is allows for a meaningful error message in case
1531
the key on the card has been replaced but the shadow information
1532
known to gpg was not updated. If there is no fingerprint, the
1533
decryption will won't produce the right plaintext anyway. */
1534
rc = fpr? check_against_given_fingerprint (app, fpr, 2) : 0;
1538
rc = verify_chv2 (app, pincb, pincb_arg);
1540
rc = iso7816_decipher (app->slot, indata, indatalen, 0,
1541
outdata, outdatalen);
1546
/* Perform a simple verify operation for CHV1 and CHV2, so that
1547
further operations won't ask for CHV2 and it is possible to do a
1548
cheap check on the PIN: If there is something wrong with the PIN
1549
entry system, only the regular CHV will get blocked and not the
1550
dangerous CHV3. KEYIDSTR is the usual card's serial number; an
1551
optional fingerprint part will be ignored. */
1553
do_check_pin (app_t app, const char *keyidstr,
1554
int (pincb)(void*, const char *, char **),
1557
unsigned char tmp_sn[20];
1561
if (!keyidstr || !*keyidstr)
1562
return gpg_error (GPG_ERR_INV_VALUE);
1564
/* Check whether an OpenPGP card of any version has been requested. */
1565
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
1566
return gpg_error (GPG_ERR_INV_ID);
1568
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
1571
return gpg_error (GPG_ERR_INV_ID);
1573
; /* No fingerprint given: we allow this for now. */
1575
; /* We ignore a fingerprint. */
1577
return gpg_error (GPG_ERR_INV_ID);
1579
for (s=keyidstr, n=0; n < 16; s += 2, n++)
1580
tmp_sn[n] = xtoi_2 (s);
1582
if (app->serialnolen != 16)
1583
return gpg_error (GPG_ERR_INV_CARD);
1584
if (memcmp (app->serialno, tmp_sn, 16))
1585
return gpg_error (GPG_ERR_WRONG_CARD);
1586
/* Yes, there is a race conditions: The user might pull the card
1587
right here and we won't notice that. However this is not a
1588
problem and the check above is merely for a graceful failure
1589
between operations. */
1591
return verify_chv2 (app, pincb, pincb_arg);
1597
/* Select the OpenPGP application on the card in SLOT. This function
1598
must be used before any other OpenPGP application functions. */
1600
app_select_openpgp (app_t app)
1602
static char const aid[] = { 0xD2, 0x76, 0x00, 0x01, 0x24, 0x01 };
1603
int slot = app->slot;
1605
unsigned char *buffer;
1609
rc = iso7816_select_application (slot, aid, sizeof aid);
1612
unsigned int manufacturer;
1614
app->apptype = "OPENPGP";
1619
app->app_local = NULL;
1621
/* The OpenPGP card returns the serial number as part of the
1622
AID; because we prefer to use OpenPGP serial numbers, we
1623
replace a possibly already set one from a EF.GDO with this
1624
one. Note, that for current OpenPGP cards, no EF.GDO exists
1625
and thus it won't matter at all. */
1626
rc = iso7816_get_data (slot, 0x004F, &buffer, &buflen);
1632
log_printhex ("", buffer, buflen);
1635
app->card_version = buffer[6] << 8;
1636
app->card_version |= buffer[7];
1637
manufacturer = (buffer[8]<<8 | buffer[9]);
1639
xfree (app->serialno);
1640
app->serialno = buffer;
1641
app->serialnolen = buflen;
1643
app->app_local = xtrycalloc (1, sizeof *app->app_local);
1644
if (!app->app_local)
1646
rc = gpg_error (gpg_err_code_from_errno (errno));
1650
relptr = get_one_do (app, 0x00C4, &buffer, &buflen);
1653
log_error (_("can't access %s - invalid OpenPGP card?\n"),
1654
"CHV Status Bytes");
1657
app->force_chv1 = (buflen && *buffer == 0);
1660
relptr = get_one_do (app, 0x00C0, &buffer, &buflen);
1663
log_error (_("can't access %s - invalid OpenPGP card?\n"),
1664
"Extended Capability Flags" );
1669
app->app_local->extcap.get_challenge = !!(*buffer & 0x40);
1670
app->app_local->extcap.key_import = !!(*buffer & 0x20);
1671
app->app_local->extcap.change_force_chv = !!(*buffer & 0x10);
1672
app->app_local->extcap.private_dos = !!(*buffer & 0x08);
1676
/* Some of the first cards accidently don't set the
1677
CHANGE_FORCE_CHV bit but allow it anyway. */
1678
if (app->card_version <= 0x0100 && manufacturer == 1)
1679
app->app_local->extcap.change_force_chv = 1;
1681
parse_login_data (app);
1683
if (opt.verbose > 1)
1686
app->fnc.deinit = do_deinit;
1687
app->fnc.learn_status = do_learn_status;
1688
app->fnc.readcert = NULL;
1689
app->fnc.getattr = do_getattr;
1690
app->fnc.setattr = do_setattr;
1691
app->fnc.genkey = do_genkey;
1692
app->fnc.sign = do_sign;
1693
app->fnc.auth = do_auth;
1694
app->fnc.decipher = do_decipher;
1695
app->fnc.change_pin = do_change_pin;
1696
app->fnc.check_pin = do_check_pin;
1707
/* This function is a hack to retrieve essential information about the
1708
card to be displayed by simple tools. It mostly resembles what the
1709
LEARN command returns. All parameters return allocated strings or
1710
buffers or NULL if the data object is not available. All returned
1711
values are sanitized. */
1713
app_openpgp_cardinfo (app_t app,
1717
unsigned char **fpr1,
1718
unsigned char **fpr2,
1719
unsigned char **fpr3)
1723
unsigned char *value;
1731
rc = app_get_serial_and_stamp (app, serialno, &dummy);
1734
log_error (_("error getting serial number: %s\n"),
1743
relptr = get_one_do (app, 0x005B, &value, &valuelen);
1746
*disp_name = make_printable_string (value, valuelen, 0);
1754
relptr = get_one_do (app, 0x5F50, &value, &valuelen);
1757
*pubkey_url = make_printable_string (value, valuelen, 0);
1768
relptr = get_one_do (app, 0x00C5, &value, &valuelen);
1769
if (relptr && valuelen >= 60)
1773
*fpr1 = xmalloc (20);
1774
memcpy (*fpr1, value + 0, 20);
1778
*fpr2 = xmalloc (20);
1779
memcpy (*fpr2, value + 20, 20);
1783
*fpr3 = xmalloc (20);
1784
memcpy (*fpr3, value + 40, 20);
1794
/* This function is currently only used by the sc-copykeys program to
1795
store a key on the smartcard. app_t ist the application handle,
1796
KEYNO is the number of the key and PINCB, PINCB_ARG are used to ask
1797
for the SO PIN. TEMPLATE and TEMPLATE_LEN describe a buffer with
1798
the key template to store. CREATED_AT is the timestamp used to
1799
create the fingerprint. M, MLEN is the RSA modulus and E, ELEN the
1800
RSA public exponent. This function silently overwrites an existing
1803
app_openpgp_storekey (app_t app, int keyno,
1804
unsigned char *template, size_t template_len,
1806
const unsigned char *m, size_t mlen,
1807
const unsigned char *e, size_t elen,
1808
int (*pincb)(void*, const char *, char **),
1812
unsigned char fprbuf[20];
1814
if (keyno < 1 || keyno > 3)
1815
return gpg_error (GPG_ERR_INV_ID);
1818
rc = verify_chv3 (app, pincb, pincb_arg);
1824
rc = iso7816_put_data (app->slot,
1825
(app->card_version > 0x0007? 0xE0 : 0xE9) + keyno,
1826
template, template_len);
1829
log_error (_("failed to store the key: %s\n"), gpg_strerror (rc));
1830
rc = gpg_error (GPG_ERR_CARD);
1834
/* log_printhex ("RSA n:", m, mlen); */
1835
/* log_printhex ("RSA e:", e, elen); */
1837
rc = store_fpr (app->slot, keyno, (u32)created_at,
1838
m, mlen, e, elen, fprbuf, app->card_version);
1845
/* Utility function for external tools: Read the public RSA key at
1846
KEYNO and return modulus and exponent in (M,MLEN) and (E,ELEN). */
1848
app_openpgp_readkey (app_t app, int keyno, unsigned char **m, size_t *mlen,
1849
unsigned char **e, size_t *elen)
1852
const unsigned char *keydata, *a;
1853
unsigned char *buffer;
1854
size_t buflen, keydatalen, alen;
1859
if (keyno < 1 || keyno > 3)
1860
return gpg_error (GPG_ERR_INV_ID);
1863
rc = iso7816_read_public_key(app->slot,
1864
keyno == 0? "\xB6" :
1865
keyno == 1? "\xB8" : "\xA4",
1870
rc = gpg_error (GPG_ERR_CARD);
1871
log_error (_("reading the key failed\n"));
1875
keydata = find_tlv (buffer, buflen, 0x7F49, &keydatalen);
1878
log_error (_("response does not contain the public key data\n"));
1879
rc = gpg_error (GPG_ERR_CARD);
1883
a = find_tlv (keydata, keydatalen, 0x0081, &alen);
1886
log_error (_("response does not contain the RSA modulus\n"));
1887
rc = gpg_error (GPG_ERR_CARD);
1891
*m = xmalloc (alen);
1892
memcpy (*m, a, alen);
1894
a = find_tlv (keydata, keydatalen, 0x0082, &alen);
1897
log_error (_("response does not contain the RSA public exponent\n"));
1898
rc = gpg_error (GPG_ERR_CARD);
1902
*e = xmalloc (alen);
1903
memcpy (*e, a, alen);
1909
xfree (*m); *m = NULL;
1910
xfree (*e); *e = NULL;