214
212
const void *indata, size_t indatalen,
215
213
unsigned char **outdata, size_t *outdatalen);
214
static void parse_algorithm_attribute (app_t app, int keyno);
215
static gpg_error_t change_keyattr_from_string
217
gpg_error_t (*pincb)(void*, const char *, char **),
219
const void *value, size_t valuelen);
1119
1123
if (app->card_version > 0x0100)
1125
int exmode, le_value;
1121
1127
/* We may simply read the public key out of these cards. */
1128
if (app->app_local->cardcap.ext_lc_le)
1130
exmode = 1; /* Use extended length. */
1131
le_value = app->app_local->extcap.max_rsp_data;
1136
le_value = 256; /* Use legacy value. */
1122
1139
err = iso7816_read_public_key
1123
(app->slot, 0, (const unsigned char*)(keyno == 0? "\xB6" :
1124
keyno == 1? "\xB8" : "\xA4"), 2,
1141
(const unsigned char*)(keyno == 0? "\xB6" :
1142
keyno == 1? "\xB8" : "\xA4"), 2,
1126
1144
&buffer, &buflen);
1579
1597
char *pinvalue;
1581
1599
if (app->did_chv2)
1582
return 0; /* We already verified CHV2 (PW1 for v2 cards). */
1600
return 0; /* We already verified CHV2. */
1584
if (app->app_local->extcap.is_v2)
1586
/* Version two cards don't have a CHV2 anymore. We need to
1587
verify CHV1 (now called PW1) instead. */
1588
rc = verify_a_chv (app, pincb, pincb_arg, 1, 0, &pinvalue);
1595
/* Version 1 cards only. */
1596
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
1602
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
1601
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
1607
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
1609
/* For convenience we verify CHV1 here too. We do this only if
1610
the card is not configured to require a verification before
1611
each CHV1 controlled operation (force_chv1) and if we are not
1612
using the keypad (PINVALUE == NULL). */
1613
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
1614
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
1615
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
1603
/* For convenience we verify CHV1 here too. We do this only
1604
if the card is not configured to require a verification
1605
before each CHV1 controlled operation (force_chv1) and if
1606
we are not using the keypad (PINVALUE == NULL). */
1607
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
1608
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
1609
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
1612
log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc));
1613
flush_cache_after_error (app);
1618
log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc));
1619
flush_cache_after_error (app);
1619
1625
xfree (pinvalue);
1790
1796
{ "CERT-3", 0x7F21, 3, 0, 1 },
1791
1797
{ "SM-KEY-ENC", 0x00D1, 3, 0, 1 },
1792
1798
{ "SM-KEY-MAC", 0x00D2, 3, 0, 1 },
1799
{ "KEY-ATTR", 0, 0, 3, 1 },
2143
2153
/* Check whether a key already exists. KEYIDX is the index of the key
2144
2154
(0..2). If FORCE is TRUE a diagnositic will be printed but no
2145
error returned if the key already exists. */
2155
error returned if the key already exists. The flag GENERATING is
2156
only used to print correct messages. */
2146
2157
static gpg_error_t
2147
does_key_exist (app_t app, int keyidx, int force)
2158
does_key_exist (app_t app, int keyidx, int generating, int force)
2149
2160
const unsigned char *fpr;
2150
2161
unsigned char *buffer;
2354
/* Helper for do_writekley to change the size of a key. Not ethat
2355
this deletes the entire key without asking. */
2357
change_keyattr (app_t app, int keyno, unsigned int nbits,
2358
gpg_error_t (*pincb)(void*, const char *, char **),
2362
unsigned char *buffer;
2366
assert (keyno >=0 && keyno <= 2);
2369
return gpg_error (GPG_ERR_TOO_LARGE);
2371
/* Read the current attributes into a buffer. */
2372
relptr = get_one_do (app, 0xC1+keyno, &buffer, &buflen, NULL);
2374
return gpg_error (GPG_ERR_CARD);
2375
if (buflen < 6 || buffer[0] != 1)
2377
/* Attriutes too short or not an RSA key. */
2379
return gpg_error (GPG_ERR_CARD);
2382
/* We only change n_bits and don't touch anything else. Before we
2383
do so, we round up NBITS to a sensible way in the same way as
2384
gpg's key generation does it. This may help to sort out problems
2385
with a few bits too short keys. */
2386
nbits = ((nbits + 31) / 32) * 32;
2387
buffer[1] = (nbits >> 8);
2390
/* Prepare for storing the key. */
2391
err = verify_chv3 (app, pincb, pincb_arg);
2398
/* Change the attribute. */
2399
err = iso7816_put_data (app->slot, 0, 0xC1+keyno, buffer, buflen);
2402
log_error ("error changing size of key %d to %u bits\n", keyno+1, nbits);
2404
log_info ("size of key %d changed to %u bits\n", keyno+1, nbits);
2406
parse_algorithm_attribute (app, keyno);
2414
/* Helper to process an setattr command for name KEY-ATTR. It expects
2415
a string "--force <keyno> <algo> <nbits>" in (VALUE,VALUELEN). */
2417
change_keyattr_from_string (app_t app,
2418
gpg_error_t (*pincb)(void*, const char *, char **),
2420
const void *value, size_t valuelen)
2427
/* VALUE is expected to be a string but not guaranteed to be
2428
terminated. Thus copy it to an allocated buffer first. */
2429
string = xtrymalloc (valuelen+1);
2431
return gpg_error_from_syserror ();
2432
memcpy (string, value, valuelen);
2433
string[valuelen] = 0;
2435
/* Because this function deletes the key we require the string
2436
"--force" in the data to make clear that something serious might
2438
if (sscanf (string, " --force %d %d %u", &keyno, &algo, &nbits) != 3)
2439
err = gpg_error (GPG_ERR_INV_DATA);
2440
else if (keyno < 1 || keyno > 3)
2441
err = gpg_error (GPG_ERR_INV_ID);
2443
err = gpg_error (GPG_ERR_PUBKEY_ALGO); /* Not RSA. */
2444
else if (nbits < 1024)
2445
err = gpg_error (GPG_ERR_TOO_SHORT);
2447
err = change_keyattr (app, keyno-1, nbits, pincb, pincb_arg);
2342
2454
/* Handle the WRITEKEY command for OpenPGP. This function expects a
2343
2455
canonical encoded S-expression with the secret key in KEYDATA and
2513
2625
if (opt.verbose)
2514
2626
log_info ("RSA modulus size is %u bits (%u bytes)\n",
2515
2627
nbits, (unsigned int)rsa_n_len);
2628
if (nbits && nbits != maxbits
2629
&& app->app_local->extcap.algo_attr_change)
2631
/* Try to switch the key to a new length. */
2632
err = change_keyattr (app, keyno, nbits, pincb, pincb_arg);
2634
maxbits = app->app_local->keyattr[keyno].n_bits;
2516
2636
if (nbits != maxbits)
2518
2638
log_error (_("RSA modulus missing or not of size %d bits\n"),
3149
3282
rc = verify_chv2 (app, pincb, pincb_arg);
3151
rc = iso7816_internal_authenticate (app->slot, indata, indatalen,
3152
outdata, outdatalen);
3285
int exmode, le_value;
3287
if (app->app_local->cardcap.ext_lc_le)
3289
exmode = 1; /* Use extended length. */
3290
le_value = app->app_local->extcap.max_rsp_data;
3297
rc = iso7816_internal_authenticate (app->slot, exmode,
3298
indata, indatalen, le_value,
3299
outdata, outdatalen);
3249
3397
indatalen = fixuplen + indatalen;
3250
3398
padind = -1; /* Already padded. */
3253
3401
if (app->app_local->cardcap.ext_lc_le && indatalen > 254 )
3254
exmode = 1; /* Extended length w/o a limit. */
3403
exmode = 1; /* Extended length w/o a limit. */
3404
le_value = app->app_local->extcap.max_rsp_data;
3255
3406
else if (app->app_local->cardcap.cmd_chaining && indatalen > 254)
3256
exmode = -254; /* Command chaining with max. 254 bytes. */
3408
exmode = -254; /* Command chaining with max. 254 bytes. */
3412
exmode = le_value = 0;
3260
3414
rc = iso7816_decipher (app->slot, exmode,
3261
indata, indatalen, padind,
3415
indata, indatalen, le_value, padind,
3262
3416
outdata, outdatalen);
3263
3417
xfree (fixbuf);