« back to all changes in this revision
Viewing changes to scd/app-openpgp.c
- browse files at revision 20
- compare with another revision
- download diff
- download tarball
- view history from revision 20
- Committer: Package Import Robot
- Author(s): Stéphane Graber
- Date: 2013-05-24 18:27:04 UTC
- mfrom: (18.1.2 ubuntu)
- Revision ID: package-import@ubuntu.com-20130524182704-d9uwh9lrj91elnm6
* Resynchronize on Debian, remaining changes:
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
. debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers.
- Add upstart user job for gpg-agent.
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
. debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers.
- Add upstart user job for gpg-agent.
- files added:
- agent/gpg-agent-w32info.rc
- files removed:
- .pc/02-cve-2012-6085.diff
- .pc/02-cve-2012-6085.diff/g10
- files modified:
- .pc/01-gnupg2-rename.diff/configure.ac
added
removed
scd/app-openpgp.c
1
1
/* app-openpgp.c - The OpenPGP card application.
2
2
* Copyright (C) 2003, 2004, 2005, 2007, 2008,
3
* 2009 Free Software Foundation, Inc.
3
* 2009, 2013 Free Software Foundation, Inc.
4
4
*
5
5
* This file is part of GnuPG.
6
6
*
118
118
119
119
/* The format of RSA private keys. */
120
120
typedef enum
121
{
121
{
122
122
RSA_UNKNOWN_FMT,
123
123
RSA_STD,
124
124
RSA_STD_N,
125
125
RSA_CRT,
126
126
RSA_CRT_N
127
}
127
}
128
128
rsa_key_format_t;
129
129
130
130
141
141
struct app_local_s {
142
142
/* A linked list with cached DOs. */
143
143
struct cache_s *cache;
144
144
145
145
/* Keep track of the public keys. */
146
146
struct
147
147
{
158
158
159
159
unsigned char status_indicator; /* The card status indicator. */
160
160
161
unsigned int manufacturer:16; /* Manufacturer ID from the s/n. */
162
161
163
/* Keep track of the ISO card capabilities. */
162
164
struct
163
165
{
166
168
} cardcap;
167
169
168
170
/* Keep track of extended card capabilities. */
169
struct
171
struct
170
172
{
171
173
unsigned int is_v2:1; /* This is a v2.0 compatible card. */
172
174
unsigned int get_challenge:1;
189
191
unsigned int def_chv2:1; /* Use 123456 for CHV2. */
190
192
} flags;
191
193
194
/* Pinpad request specified on card. */
195
struct
196
{
197
unsigned int specified:1;
198
int fixedlen_user;
199
int fixedlen_admin;
200
} pinpad;
201
192
202
struct
193
203
{
194
204
unsigned int n_bits; /* Size of the modulus in bits. The rest
195
205
of this strucuire is only valid if
196
206
this is not 0. */
197
207
unsigned int e_bits; /* Size of the public exponent in bits. */
198
rsa_key_format_t format;
208
rsa_key_format_t format;
199
209
} keyattr[3];
200
210
201
211
};
213
223
unsigned char **outdata, size_t *outdatalen);
214
224
static void parse_algorithm_attribute (app_t app, int keyno);
215
225
static gpg_error_t change_keyattr_from_string
216
(app_t app,
226
(app_t app,
217
227
gpg_error_t (*pincb)(void*, const char *, char **),
218
228
void *pincb_arg,
219
229
const void *value, size_t valuelen);
253
263
bypassed. With TRY_EXTLEN extended lengths APDUs are use if
254
264
supported by the card. */
255
265
static gpg_error_t
256
get_cached_data (app_t app, int tag,
266
get_cached_data (app_t app, int tag,
257
267
unsigned char **result, size_t *resultlen,
258
268
int get_immediate, int try_extlen)
259
269
{
280
290
memcpy (p, c->data, c->length);
281
291
*result = p;
282
292
}
283
293
284
294
*resultlen = c->length;
285
295
286
296
return 0;
287
297
}
288
298
}
289
299
290
300
if (try_extlen && app->app_local->cardcap.ext_lc_le)
291
301
exmode = app->app_local->extcap.max_rsp_data;
292
302
else
313
323
/* Okay, cache it. */
314
324
for (c=app->app_local->cache; c; c = c->next)
315
325
assert (c->tag != tag);
316
326
317
327
c = xtrymalloc (sizeof *c + len);
318
328
if (c)
319
329
{
439
449
{
440
450
rc = get_cached_data (app, data_objects[i].get_from,
441
451
&buffer, &buflen,
442
(data_objects[i].dont_cache
452
(data_objects[i].dont_cache
443
453
|| data_objects[i].get_immediate_in_v11),
444
454
data_objects[i].try_extlen);
445
455
if (!rc)
463
473
if (!value) /* Not in a constructed DO, try simple. */
464
474
{
465
475
rc = get_cached_data (app, tag, &buffer, &buflen,
466
(data_objects[i].dont_cache
476
(data_objects[i].dont_cache
467
477
|| data_objects[i].get_immediate_in_v11),
468
478
data_objects[i].try_extlen);
469
479
if (!rc)
490
500
int rc, i, j;
491
501
unsigned char *buffer;
492
502
size_t buflen;
493
503
494
504
for (i=0; data_objects[i].tag; i++)
495
505
{
496
506
if (data_objects[i].get_from)
501
511
rc = iso7816_get_data (slot, 0, data_objects[i].tag, &buffer, &buflen);
502
512
if (gpg_err_code (rc) == GPG_ERR_NO_OBJ)
503
513
;
504
else if (rc)
514
else if (rc)
505
515
log_info ("DO `%s' not available: %s\n",
506
516
data_objects[i].desc, gpg_strerror (rc));
507
517
else
522
532
{
523
533
const unsigned char *value;
524
534
size_t valuelen;
525
535
526
536
if (j==i || data_objects[i].tag != data_objects[j].get_from)
527
537
continue;
528
538
value = find_tlv_unchecked (buffer, buflen,
579
589
Everything up to a LF is considered a mailbox or account name. If
580
590
the first LF is followed by DC4 (0x14) control sequence are
581
591
expected up to the next LF. Control sequences are separated by FS
582
(0x18) and consist of key=value pairs. There is one key defined:
592
(0x18) and consist of key=value pairs. There are two keys defined:
583
593
584
594
F=<flags>
585
595
586
Were FLAGS is a plain hexadecimal number representing flag values.
596
Where FLAGS is a plain hexadecimal number representing flag values.
587
597
The lsb is here the rightmost bit. Defined flags bits are:
588
598
589
599
Bit 0 = CHV1 and CHV2 are not syncronized
590
600
Bit 1 = CHV2 has been been set to the default PIN of "123456"
591
601
(this implies that bit 0 is also set).
592
602
603
P=<pinpad-request>
604
605
Where PINPAD_REQUEST is in the format of: <n> or <n>,<m>.
606
N for user PIN, M for admin PIN. If M is missing it means M=N.
607
0 means to force not to use pinpad.
608
593
609
*/
594
610
static void
595
611
parse_login_data (app_t app)
601
617
/* Set defaults. */
602
618
app->app_local->flags.no_sync = 0;
603
619
app->app_local->flags.def_chv2 = 0;
620
app->app_local->pinpad.specified = 0;
621
app->app_local->pinpad.fixedlen_user = -1;
622
app->app_local->pinpad.fixedlen_admin = -1;
604
623
605
624
/* Read the DO. */
606
625
relptr = get_one_do (app, 0x005E, &buffer, &buflen, NULL);
626
645
any leading digits but bail out on invalid characters. */
627
646
for (p=buffer+2, len = buflen-2; len && hexdigitp (p); p++, len--)
628
647
lastdig = xtoi_1 (p);
648
buffer = p;
649
buflen = len;
629
650
if (len && !(*p == '\n' || *p == '\x18'))
630
651
goto next; /* Invalid characters in field. */
631
652
app->app_local->flags.no_sync = !!(lastdig & 1);
632
653
app->app_local->flags.def_chv2 = (lastdig & 3) == 3;
633
654
}
655
else if (buflen > 1 && *buffer == 'P' && buffer[1] == '=')
656
{
657
/* Pinpad request control sequence found. */
658
buffer += 2;
659
buflen -= 2;
660
661
if (buflen)
662
{
663
if (digitp (buffer))
664
{
665
char *q;
666
int n, m;
667
668
n = strtol (buffer, &q, 10);
669
if (q >= (char *)buffer + buflen
670
|| *q == '\x18' || *q == '\n')
671
m = n;
672
else
673
{
674
if (*q++ != ',' || !digitp (q))
675
goto next;
676
m = strtol (q, &q, 10);
677
}
678
679
buffer = q;
680
if (buflen < ((unsigned char *)q - buffer))
681
{
682
buflen = 0;
683
break;
684
}
685
else
686
buflen -= ((unsigned char *)q - buffer);
687
688
if (buflen && !(*buffer == '\n' || *buffer == '\x18'))
689
goto next;
690
app->app_local->pinpad.specified = 1;
691
app->app_local->pinpad.fixedlen_user = n;
692
app->app_local->pinpad.fixedlen_admin = m;
693
}
694
}
695
}
634
696
next:
635
697
for (; buflen && *buffer != '\x18'; buflen--, buffer++)
636
698
if (*buffer == '\n')
637
buflen = 1;
699
buflen = 1;
638
700
}
639
701
while (buflen);
640
702
642
704
}
643
705
644
706
/* Note, that FPR must be at least 20 bytes. */
645
static gpg_error_t
707
static gpg_error_t
646
708
store_fpr (app_t app, int keynumber, u32 timestamp,
647
709
const unsigned char *m, size_t mlen,
648
const unsigned char *e, size_t elen,
710
const unsigned char *e, size_t elen,
649
711
unsigned char *fpr, unsigned int card_version)
650
712
{
651
713
unsigned int n, nbits;
652
714
unsigned char *buffer, *p;
653
715
int tag, tag2;
654
716
int rc;
655
717
656
718
for (; mlen && !*m; mlen--, m++) /* strip leading zeroes */
657
719
;
658
720
for (; elen && !*e; elen--, e++) /* strip leading zeroes */
662
724
p = buffer = xtrymalloc (3 + n);
663
725
if (!buffer)
664
726
return gpg_error_from_syserror ();
665
727
666
728
*p++ = 0x99; /* ctb */
667
729
*p++ = n >> 8; /* 2 byte length header */
668
730
*p++ = n;
680
742
*p++ = nbits >> 8;
681
743
*p++ = nbits;
682
744
memcpy (p, e, elen); p += elen;
683
745
684
746
gcry_md_hash_buffer (GCRY_MD_SHA1, fpr, buffer, n+3);
685
747
686
748
xfree (buffer);
687
749
688
750
tag = (card_version > 0x0007? 0xC7 : 0xC6) + keynumber;
689
flush_cache_item (app, tag);
751
flush_cache_item (app, 0xC5);
690
752
tag2 = 0xCE + keynumber;
691
flush_cache_item (app, tag2);
753
flush_cache_item (app, 0xCD);
692
754
693
755
rc = iso7816_put_data (app->slot, 0, tag, fpr, 20);
694
756
if (rc)
712
774
return rc;
713
775
}
714
776
715
777
716
778
static void
717
779
send_fpr_if_not_null (ctrl_t ctrl, const char *keyword,
718
780
int number, const unsigned char *fpr)
719
{
781
{
720
782
int i;
721
783
char buf[41];
722
784
char numbuf[25];
738
800
static void
739
801
send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword,
740
802
int number, const unsigned char *stamp)
741
{
803
{
742
804
char numbuf1[50], numbuf2[50];
743
805
unsigned long value;
744
806
753
815
}
754
816
755
817
static void
756
send_key_data (ctrl_t ctrl, const char *name,
818
send_key_data (ctrl_t ctrl, const char *name,
757
819
const unsigned char *a, size_t alen)
758
820
{
759
821
char *buffer, *buf;
784
846
785
847
static void
786
848
send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number)
787
{
849
{
788
850
char buffer[200];
789
851
790
852
assert (number >=0 && number < DIM(app->app_local->keyattr));
801
863
802
864
/* Implement the GETATTR command. This is similar to the LEARN
803
865
command but returns just one value via the status interface. */
804
static gpg_error_t
866
static gpg_error_t
805
867
do_getattr (app_t app, ctrl_t ctrl, const char *name)
806
868
{
807
869
static struct {
818
880
{ "KEY-TIME", 0x00CD, 4 },
819
881
{ "KEY-ATTR", 0x0000, -5 },
820
882
{ "CA-FPR", 0x00C6, 3 },
821
{ "CHV-STATUS", 0x00C4, 1 },
883
{ "CHV-STATUS", 0x00C4, 1 },
822
884
{ "SIG-COUNTER", 0x0093, 2 },
823
885
{ "SERIALNO", 0x004F, -1 },
824
886
{ "AID", 0x004F },
839
901
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
840
902
;
841
903
if (!table[idx].name)
842
return gpg_error (GPG_ERR_INV_NAME);
843
904
return gpg_error (GPG_ERR_INV_NAME);
905
844
906
if (table[idx].special == -1)
845
907
{
846
908
/* The serial number is very special. We could have used the
868
930
char tmp[100];
869
931
870
932
snprintf (tmp, sizeof tmp,
871
"gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d",
933
"gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d",
872
934
app->app_local->extcap.get_challenge,
873
935
app->app_local->extcap.key_import,
874
936
app->app_local->extcap.change_force_chv,
891
953
{
892
954
char *serial;
893
955
time_t stamp;
894
956
895
957
if (!app_get_serial_and_stamp (app, &serial, &stamp))
896
958
{
897
959
if (strlen (serial) > 16+12)
902
964
}
903
965
xfree (serial);
904
966
}
905
return gpg_error (GPG_ERR_INV_NAME);
967
return gpg_error (GPG_ERR_INV_NAME);
906
968
}
907
969
if (table[idx].special == -5)
908
970
{
917
979
if (table[idx].special == 1)
918
980
{
919
981
char numbuf[7*23];
920
982
921
983
for (i=0,*numbuf=0; i < valuelen && i < 7; i++)
922
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
984
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
923
985
send_status_info (ctrl, table[idx].name,
924
986
numbuf, strlen (numbuf), NULL, 0);
925
987
}
1045
1107
found_key = 1;
1046
1108
continue;
1047
1109
}
1048
1110
1049
1111
if ( !strcmp (fields[0], "sub") || !strcmp (fields[0], "pub") )
1050
1112
break; /* Next key - stop. */
1051
1113
1058
1120
err = gpg_error (GPG_ERR_GENERAL);
1059
1121
goto leave; /* Error: Invalid key data record or not an RSA key. */
1060
1122
}
1061
1123
1062
1124
err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_HEX, fields[3], 0, NULL);
1063
1125
if (err)
1064
1126
mpi = NULL;
1070
1132
if (err)
1071
1133
goto leave;
1072
1134
}
1073
1135
1074
1136
if (m_new && e_new)
1075
1137
{
1076
1138
*m = m_new;
1145
1207
le_value = 256; /* Use legacy value. */
1146
1208
}
1147
1209
1148
err = iso7816_read_public_key
1210
err = iso7816_read_public_key
1149
1211
(app->slot, exmode,
1150
1212
(const unsigned char*)(keyno == 0? "\xB6" :
1151
keyno == 1? "\xB8" : "\xA4"), 2,
1213
keyno == 1? "\xB8" : "\xA4"), 2,
1152
1214
le_value,
1153
1215
&buffer, &buflen);
1154
1216
if (err)
1164
1226
log_error (_("response does not contain the public key data\n"));
1165
1227
goto leave;
1166
1228
}
1167
1229
1168
1230
m = find_tlv (keydata, keydatalen, 0x0081, &mlen);
1169
1231
if (!m)
1170
1232
{
1172
1234
log_error (_("response does not contain the RSA modulus\n"));
1173
1235
goto leave;
1174
1236
}
1175
1237
1176
1238
1177
1239
e = find_tlv (keydata, keydatalen, 0x0082, &elen);
1178
1240
if (!e)
1275
1337
err = gpg_error_from_syserror ();
1276
1338
goto leave;
1277
1339
}
1278
1340
1279
1341
sprintf (keybuf, "(10:public-key(3:rsa(1:n%u:", (unsigned int) mlen);
1280
1342
keybuf_p = keybuf + strlen (keybuf);
1281
1343
memcpy (keybuf_p, m, mlen);
1286
1348
keybuf_p += elen;
1287
1349
strcpy (keybuf_p, ")))");
1288
1350
keybuf_p += strlen (keybuf_p);
1289
1351
1290
1352
app->app_local->pk[keyno].key = (unsigned char*)keybuf;
1291
1353
app->app_local->pk[keyno].keylen = (keybuf_p - keybuf);
1292
1354
1319
1381
err = get_public_key (app, keyno);
1320
1382
if (err)
1321
1383
goto leave;
1322
1384
1323
1385
assert (keyno >= 1 && keyno <= 3);
1324
1386
if (!app->app_local->pk[keyno-1].key)
1325
1387
goto leave; /* No such key - ignore. */
1329
1391
grip);
1330
1392
if (err)
1331
1393
goto leave;
1332
1394
1333
1395
bin2hex (grip, 20, gripstr);
1334
1396
1335
1397
sprintf (idbuf, "OPENPGP.%d", keyno);
1336
send_status_info (ctrl, "KEYPAIRINFO",
1337
gripstr, 40,
1338
idbuf, strlen (idbuf),
1398
send_status_info (ctrl, "KEYPAIRINFO",
1399
gripstr, 40,
1400
idbuf, strlen (idbuf),
1339
1401
NULL, (size_t)0);
1340
1402
1341
1403
leave:
1342
1404
#endif /* GNUPG_MAJOR_VERSION > 1 */
1343
1405
1344
return err;
1406
return err;
1345
1407
}
1346
1408
1347
1409
1350
1412
do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
1351
1413
{
1352
1414
(void)flags;
1353
1415
1354
1416
do_getattr (app, ctrl, "EXTCAP");
1355
1417
do_getattr (app, ctrl, "DISP-NAME");
1356
1418
do_getattr (app, ctrl, "DISP-LANG");
1468
1530
}
1469
1531
1470
1532
1533
/* Decide if we use the pinpad of the reader for PIN input according
1534
to the user preference on the card, and the capability of the
1535
reader. This routine is only called when the reader has pinpad.
1536
Returns 0 if we use pinpad, 1 otherwise. */
1537
static int
1538
check_pinpad_request (app_t app, pininfo_t *pininfo, int admin_pin)
1539
{
1540
if (app->app_local->pinpad.specified == 0) /* No preference on card. */
1541
{
1542
if (pininfo->fixedlen == 0) /* Reader has varlen capability. */
1543
return 0; /* Then, use pinpad. */
1544
else
1545
/*
1546
* Reader has limited capability, and it may not match PIN of
1547
* the card.
1548
*/
1549
return 1;
1550
}
1551
1552
if (admin_pin)
1553
pininfo->fixedlen = app->app_local->pinpad.fixedlen_admin;
1554
else
1555
pininfo->fixedlen = app->app_local->pinpad.fixedlen_user;
1556
1557
if (pininfo->fixedlen == 0 /* User requests disable pinpad. */
1558
|| pininfo->fixedlen < pininfo->minlen
1559
|| pininfo->fixedlen > pininfo->maxlen
1560
/* Reader doesn't have the capability to input a PIN which
1561
* length is FIXEDLEN. */)
1562
return 1;
1563
1564
return 0;
1565
}
1566
1567
1471
1568
/* Verify a CHV either using using the pinentry or if possibile by
1472
using a keypad. PINCB and PINCB_ARG describe the usual callback
1569
using a pinpad. PINCB and PINCB_ARG describe the usual callback
1473
1570
for the pinentry. CHVNO must be either 1 or 2. SIGCOUNT is only
1474
1571
used with CHV1. PINVALUE is the address of a pointer which will
1475
1572
receive a newly allocated block with the actual PIN (this is useful
1476
1573
in case that PIN shall be used for another verify operation). The
1477
1574
caller needs to free this value. If the function returns with
1478
1575
success and NULL is stored at PINVALUE, the caller should take this
1479
as an indication that the keypad has been used.
1576
as an indication that the pinpad has been used.
1480
1577
*/
1481
1578
static gpg_error_t
1482
1579
verify_a_chv (app_t app,
1487
1584
int rc = 0;
1488
1585
char *prompt_buffer = NULL;
1489
1586
const char *prompt;
1490
iso7816_pininfo_t pininfo;
1587
pininfo_t pininfo;
1491
1588
int minlen = 6;
1492
1589
1493
1590
assert (chvno == 1 || chvno == 2);
1514
1611
}
1515
1612
1516
1613
memset (&pininfo, 0, sizeof pininfo);
1517
pininfo.mode = 1;
1614
pininfo.fixedlen = -1;
1518
1615
pininfo.minlen = minlen;
1519
1616
1520
1617
1533
1630
else
1534
1631
prompt = _("||Please enter the PIN");
1535
1632
1536
1537
if (!opt.disable_keypad
1538
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
1633
1634
if (!opt.disable_pinpad
1635
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo)
1636
&& !check_pinpad_request (app, &pininfo, 0))
1539
1637
{
1540
/* The reader supports the verify command through the keypad.
1638
/* The reader supports the verify command through the pinpad.
1541
1639
Note that the pincb appends a text to the prompt telling the
1542
user to use the keypad. */
1543
rc = pincb (pincb_arg, prompt, NULL);
1640
user to use the pinpad. */
1641
rc = pincb (pincb_arg, prompt, NULL);
1544
1642
prompt = NULL;
1545
xfree (prompt_buffer);
1643
xfree (prompt_buffer);
1546
1644
prompt_buffer = NULL;
1547
1645
if (rc)
1548
1646
{
1550
1648
gpg_strerror (rc));
1551
1649
return rc;
1552
1650
}
1553
rc = iso7816_verify_kp (app->slot, 0x80+chvno, "", 0, &pininfo);
1651
rc = iso7816_verify_kp (app->slot, 0x80+chvno, &pininfo);
1554
1652
/* Dismiss the prompt. */
1555
1653
pincb (pincb_arg, NULL, NULL);
1556
1654
1558
1656
}
1559
1657
else
1560
1658
{
1561
/* The reader has no keypad or we don't want to use it. */
1562
rc = pincb (pincb_arg, prompt, pinvalue);
1659
/* The reader has no pinpad or we don't want to use it. */
1660
rc = pincb (pincb_arg, prompt, pinvalue);
1563
1661
prompt = NULL;
1564
xfree (prompt_buffer);
1662
xfree (prompt_buffer);
1565
1663
prompt_buffer = NULL;
1566
1664
if (rc)
1567
1665
{
1569
1667
gpg_strerror (rc));
1570
1668
return rc;
1571
1669
}
1572
1670
1573
1671
if (strlen (*pinvalue) < minlen)
1574
1672
{
1575
1673
log_error (_("PIN for CHV%d is too short;"
1582
1680
rc = iso7816_verify (app->slot, 0x80+chvno,
1583
1681
*pinvalue, strlen (*pinvalue));
1584
1682
}
1585
1683
1586
1684
if (rc)
1587
1685
{
1588
1686
log_error (_("verify CHV%d failed: %s\n"), chvno, gpg_strerror (rc));
1605
1703
int rc;
1606
1704
char *pinvalue;
1607
1705
1608
if (app->did_chv2)
1706
if (app->did_chv2)
1609
1707
return 0; /* We already verified CHV2. */
1610
1708
1611
1709
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
1612
1710
if (rc)
1613
1711
return rc;
1614
1712
app->did_chv2 = 1;
1615
1713
1616
1714
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
1617
1715
{
1618
1716
/* For convenience we verify CHV1 here too. We do this only if
1619
1717
the card is not configured to require a verification before
1620
1718
each CHV1 controlled operation (force_chv1) and if we are not
1621
using the keypad (PINVALUE == NULL). */
1719
using the pinpad (PINVALUE == NULL). */
1622
1720
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
1623
1721
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
1624
1722
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
1639
1737
1640
1738
/* Build the prompt to enter the Admin PIN. The prompt depends on the
1641
1739
current sdtate of the card. */
1642
static gpg_error_t
1740
static gpg_error_t
1643
1741
build_enter_admin_pin_prompt (app_t app, char **r_prompt)
1644
1742
{
1645
1743
void *relptr;
1665
1763
}
1666
1764
remaining = value[6];
1667
1765
xfree (relptr);
1668
1766
1669
1767
log_info(_("%d Admin PIN attempts remaining before card"
1670
1768
" is permanently locked\n"), remaining);
1671
1769
1678
1776
}
1679
1777
else
1680
1778
prompt = xtrystrdup (_("|A|Please enter the Admin PIN"));
1681
1779
1682
1780
if (!prompt)
1683
1781
return gpg_error_from_syserror ();
1684
1782
1685
1783
*r_prompt = prompt;
1686
1784
return 0;
1687
1785
}
1702
1800
return gpg_error (GPG_ERR_EACCES);
1703
1801
}
1704
1802
#endif
1705
1706
if (!app->did_chv3)
1803
1804
if (!app->did_chv3)
1707
1805
{
1708
iso7816_pininfo_t pininfo;
1806
pininfo_t pininfo;
1709
1807
int minlen = 8;
1710
1808
char *prompt;
1711
1809
1712
1810
memset (&pininfo, 0, sizeof pininfo);
1713
pininfo.mode = 1;
1811
pininfo.fixedlen = -1;
1714
1812
pininfo.minlen = minlen;
1715
1813
1716
1814
rc = build_enter_admin_pin_prompt (app, &prompt);
1717
1815
if (rc)
1718
1816
return rc;
1719
1817
1720
if (!opt.disable_keypad
1721
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
1818
if (!opt.disable_pinpad
1819
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo)
1820
&& !check_pinpad_request (app, &pininfo, 1))
1722
1821
{
1723
/* The reader supports the verify command through the keypad. */
1724
rc = pincb (pincb_arg, prompt, NULL);
1822
/* The reader supports the verify command through the pinpad. */
1823
rc = pincb (pincb_arg, prompt, NULL);
1725
1824
xfree (prompt);
1726
1825
prompt = NULL;
1727
1826
if (rc)
1730
1829
gpg_strerror (rc));
1731
1830
return rc;
1732
1831
}
1733
rc = iso7816_verify_kp (app->slot, 0x83, "", 0, &pininfo);
1832
rc = iso7816_verify_kp (app->slot, 0x83, &pininfo);
1734
1833
/* Dismiss the prompt. */
1735
1834
pincb (pincb_arg, NULL, NULL);
1736
1835
}
1738
1837
{
1739
1838
char *pinvalue;
1740
1839
1741
rc = pincb (pincb_arg, prompt, &pinvalue);
1840
rc = pincb (pincb_arg, prompt, &pinvalue);
1742
1841
xfree (prompt);
1743
1842
prompt = NULL;
1744
1843
if (rc)
1747
1846
gpg_strerror (rc));
1748
1847
return rc;
1749
1848
}
1750
1849
1751
1850
if (strlen (pinvalue) < minlen)
1752
1851
{
1753
1852
log_error (_("PIN for CHV%d is too short;"
1755
1854
xfree (pinvalue);
1756
1855
return gpg_error (GPG_ERR_BAD_PIN);
1757
1856
}
1758
1857
1759
1858
rc = iso7816_verify (app->slot, 0x83, pinvalue, strlen (pinvalue));
1760
1859
xfree (pinvalue);
1761
1860
}
1762
1861
1763
1862
if (rc)
1764
1863
{
1765
1864
log_error (_("verify CHV%d failed: %s\n"), 3, gpg_strerror (rc));
1774
1873
1775
1874
/* Handle the SETATTR operation. All arguments are already basically
1776
1875
checked. */
1777
static gpg_error_t
1876
static gpg_error_t
1778
1877
do_setattr (app_t app, const char *name,
1779
1878
gpg_error_t (*pincb)(void*, const char *, char **),
1780
1879
void *pincb_arg,
1813
1912
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
1814
1913
;
1815
1914
if (!table[idx].name)
1816
return gpg_error (GPG_ERR_INV_NAME);
1915
return gpg_error (GPG_ERR_INV_NAME);
1817
1916
if (table[idx].need_v2 && !app->app_local->extcap.is_v2)
1818
1917
return gpg_error (GPG_ERR_NOT_SUPPORTED); /* Not yet supported. */
1819
1918
1864
1963
callback. */
1865
1964
static gpg_error_t
1866
1965
do_writecert (app_t app, ctrl_t ctrl,
1867
const char *certidstr,
1966
const char *certidstr,
1868
1967
gpg_error_t (*pincb)(void*, const char *, char **),
1869
1968
void *pincb_arg,
1870
1969
const unsigned char *certdata, size_t certdatalen)
1902
2001
- 2 2 Verify Reset Code and set a new PW1.
1903
2002
- 3 any Verify CHV3/PW3 and set a new CHV3/PW3.
1904
2003
*/
1905
static gpg_error_t
1906
do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
2004
static gpg_error_t
2005
do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
1907
2006
unsigned int flags,
1908
2007
gpg_error_t (*pincb)(void*, const char *, char **),
1909
2008
void *pincb_arg)
1912
2011
int chvno = atoi (chvnostr);
1913
2012
char *resetcode = NULL;
1914
2013
char *oldpinvalue = NULL;
1915
char *pinvalue;
2014
char *pinvalue = NULL;
1916
2015
int reset_mode = !!(flags & APP_CHANGE_FLAG_RESET);
1917
2016
int set_resetcode = 0;
2017
pininfo_t pininfo;
2018
int use_pinpad = 0;
2019
int minlen = 6;
1918
2020
1919
2021
(void)ctrl;
2022
memset (&pininfo, 0, sizeof pininfo);
2023
pininfo.fixedlen = -1;
2024
pininfo.minlen = minlen;
1920
2025
1921
2026
if (reset_mode && chvno == 3)
1922
2027
{
1941
2046
/* On a v1.x card CHV1 and CVH2 should always have the same
1942
2047
value, thus we enforce it here. */
1943
2048
int save_force = app->force_chv1;
1944
2049
1945
2050
app->force_chv1 = 0;
1946
2051
app->did_chv1 = 0;
1947
2052
app->did_chv2 = 0;
1960
2065
{
1961
2066
/* Version 2 cards. */
1962
2067
2068
if (!opt.disable_pinpad
2069
&& !iso7816_check_pinpad (app->slot,
2070
ISO7816_CHANGE_REFERENCE_DATA, &pininfo)
2071
&& !check_pinpad_request (app, &pininfo, chvno == 3))
2072
use_pinpad = 1;
2073
1963
2074
if (reset_mode)
1964
2075
{
1965
2076
/* To reset a PIN the Admin PIN is required. */
2077
use_pinpad = 0;
1966
2078
app->did_chv3 = 0;
1967
2079
rc = verify_chv3 (app, pincb, pincb_arg);
1968
2080
if (rc)
1969
2081
goto leave;
1970
2082
1971
2083
if (chvno == 2)
1972
2084
set_resetcode = 1;
1973
2085
}
1974
2086
else if (chvno == 1 || chvno == 3)
1975
2087
{
1976
int minlen = (chvno ==3)? 8 : 6;
1977
char *promptbuf = NULL;
1978
const char *prompt;
2088
if (!use_pinpad)
2089
{
2090
char *promptbuf = NULL;
2091
const char *prompt;
1979
2092
1980
if (chvno == 3)
1981
{
1982
rc = build_enter_admin_pin_prompt (app, &promptbuf);
2093
if (chvno == 3)
2094
{
2095
minlen = 8;
2096
rc = build_enter_admin_pin_prompt (app, &promptbuf);
2097
if (rc)
2098
goto leave;
2099
prompt = promptbuf;
2100
}
2101
else
2102
prompt = _("||Please enter the PIN");
2103
rc = pincb (pincb_arg, prompt, &oldpinvalue);
2104
xfree (promptbuf);
2105
promptbuf = NULL;
1983
2106
if (rc)
1984
goto leave;
1985
prompt = promptbuf;
1986
}
1987
else
1988
prompt = _("||Please enter the PIN");
1989
rc = pincb (pincb_arg, prompt, &oldpinvalue);
1990
xfree (promptbuf);
1991
promptbuf = NULL;
1992
if (rc)
1993
{
1994
log_info (_("PIN callback returned error: %s\n"),
1995
gpg_strerror (rc));
1996
goto leave;
1997
}
2107
{
2108
log_info (_("PIN callback returned error: %s\n"),
2109
gpg_strerror (rc));
2110
goto leave;
2111
}
1998
2112
1999
if (strlen (oldpinvalue) < minlen)
2000
{
2001
log_info (_("PIN for CHV%d is too short;"
2002
" minimum length is %d\n"), chvno, minlen);
2003
rc = gpg_error (GPG_ERR_BAD_PIN);
2004
goto leave;
2113
if (strlen (oldpinvalue) < minlen)
2114
{
2115
log_info (_("PIN for CHV%d is too short;"
2116
" minimum length is %d\n"), chvno, minlen);
2117
rc = gpg_error (GPG_ERR_BAD_PIN);
2118
goto leave;
2119
}
2005
2120
}
2006
2121
}
2007
2122
else if (chvno == 2)
2012
2127
unsigned char *value;
2013
2128
size_t valuelen;
2014
2129
int remaining;
2015
int minlen = 8;
2016
2130
2131
use_pinpad = 0;
2132
minlen = 8;
2017
2133
relptr = get_one_do (app, 0x00C4, &value, &valuelen, NULL);
2018
2134
if (!relptr || valuelen < 7)
2019
2135
{
2029
2145
log_error (_("Reset Code not or not anymore available\n"));
2030
2146
rc = gpg_error (GPG_ERR_BAD_PIN);
2031
2147
goto leave;
2032
}
2033
2148
}
2149
2034
2150
rc = pincb (pincb_arg,
2035
2151
_("||Please enter the Reset Code for the card"),
2036
&resetcode);
2152
&resetcode);
2037
2153
if (rc)
2038
2154
{
2039
log_info (_("PIN callback returned error: %s\n"),
2155
log_info (_("PIN callback returned error: %s\n"),
2040
2156
gpg_strerror (rc));
2041
2157
goto leave;
2042
2158
}
2060
2176
else
2061
2177
app->did_chv1 = app->did_chv2 = 0;
2062
2178
2063
/* TRANSLATORS: Do not translate the "|*|" prefixes but
2064
keep it at the start of the string. We need this elsewhere
2065
to get some infos on the string. */
2066
rc = pincb (pincb_arg,
2067
set_resetcode? _("|RN|New Reset Code") :
2068
chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"),
2069
&pinvalue);
2070
if (rc)
2179
if (!use_pinpad)
2071
2180
{
2072
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
2073
goto leave;
2181
/* TRANSLATORS: Do not translate the "|*|" prefixes but
2182
keep it at the start of the string. We need this elsewhere
2183
to get some infos on the string. */
2184
rc = pincb (pincb_arg, set_resetcode? _("|RN|New Reset Code") :
2185
chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"),
2186
&pinvalue);
2187
if (rc)
2188
{
2189
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
2190
goto leave;
2191
}
2074
2192
}
2075
2193
2076
2194
2130
2248
{
2131
2249
/* Version 2 cards. */
2132
2250
assert (chvno == 1 || chvno == 3);
2133
2134
rc = iso7816_change_reference_data (app->slot, 0x80 + chvno,
2135
oldpinvalue, strlen (oldpinvalue),
2136
pinvalue, strlen (pinvalue));
2251
2252
if (use_pinpad)
2253
{
2254
rc = pincb (pincb_arg,
2255
chvno == 3 ?
2256
_("||Please enter the Admin PIN and New Admin PIN") :
2257
_("||Please enter the PIN and New PIN"), NULL);
2258
if (rc)
2259
{
2260
log_info (_("PIN callback returned error: %s\n"),
2261
gpg_strerror (rc));
2262
goto leave;
2263
}
2264
rc = iso7816_change_reference_data_kp (app->slot, 0x80 + chvno, 0,
2265
&pininfo);
2266
/* Dismiss the prompt. */
2267
pincb (pincb_arg, NULL, NULL);
2268
}
2269
else
2270
rc = iso7816_change_reference_data (app->slot, 0x80 + chvno,
2271
oldpinvalue, strlen (oldpinvalue),
2272
pinvalue, strlen (pinvalue));
2137
2273
}
2138
2274
2139
2275
if (pinvalue)
2208
2344
of tag and length. A LENGTH greater than 65535 is truncated. */
2209
2345
static size_t
2210
2346
add_tlv (unsigned char *buffer, unsigned int tag, size_t length)
2211
{
2347
{
2212
2348
unsigned char *p = buffer;
2213
2349
2214
2350
assert (tag <= 0xffff);
2334
2470
/* Right justify E. */
2335
2471
memmove (tp + rsa_e_reqlen - rsa_e_len, tp, rsa_e_len);
2336
2472
memset (tp, 0, rsa_e_reqlen - rsa_e_len);
2337
}
2473
}
2338
2474
tp += rsa_e_reqlen;
2339
2475
2340
2476
memcpy (tp, rsa_p, rsa_p_len);
2341
2477
tp += rsa_p_len;
2342
2478
2343
2479
memcpy (tp, rsa_q, rsa_q_len);
2344
2480
tp += rsa_q_len;
2345
2481
2346
2482
if (app->app_local->keyattr[keyno].format == RSA_STD_N
2347
2483
|| app->app_local->keyattr[keyno].format == RSA_CRT_N)
2348
2484
{
2387
2523
xfree (relptr);
2388
2524
return gpg_error (GPG_ERR_CARD);
2389
2525
}
2390
2526
2391
2527
/* We only change n_bits and don't touch anything else. Before we
2392
2528
do so, we round up NBITS to a sensible way in the same way as
2393
2529
gpg's key generation does it. This may help to sort out problems
2422
2558
2423
2559
/* Helper to process an setattr command for name KEY-ATTR. It expects
2424
2560
a string "--force <keyno> <algo> <nbits>" in (VALUE,VALUELEN). */
2425
static gpg_error_t
2426
change_keyattr_from_string (app_t app,
2561
static gpg_error_t
2562
change_keyattr_from_string (app_t app,
2427
2563
gpg_error_t (*pincb)(void*, const char *, char **),
2428
2564
void *pincb_arg,
2429
2565
const void *value, size_t valuelen)
2503
2639
keyno = 2;
2504
2640
else
2505
2641
return gpg_error (GPG_ERR_INV_ID);
2506
2642
2507
2643
err = does_key_exist (app, keyno, 0, force);
2508
2644
if (err)
2509
2645
return err;
2510
2646
2511
2647
2512
/*
2648
/*
2513
2649
Parse the S-expression
2514
2650
*/
2515
2651
buf = keydata;
2557
2693
2558
2694
switch (*tok)
2559
2695
{
2560
case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break;
2561
case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break;
2562
case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break;
2563
case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break;
2696
case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break;
2697
case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break;
2698
case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break;
2699
case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break;
2564
2700
default: mpi = NULL; mpi_len = NULL; break;
2565
2701
}
2566
2702
if (mpi && *mpi)
2632
2768
maxbits = app->app_local->keyattr[keyno].n_bits;
2633
2769
nbits = rsa_n? count_bits (rsa_n, rsa_n_len) : 0;
2634
2770
if (opt.verbose)
2635
log_info ("RSA modulus size is %u bits (%u bytes)\n",
2771
log_info ("RSA modulus size is %u bits (%u bytes)\n",
2636
2772
nbits, (unsigned int)rsa_n_len);
2637
2773
if (nbits && nbits != maxbits
2638
2774
&& app->app_local->extcap.algo_attr_change)
2644
2780
}
2645
2781
if (nbits != maxbits)
2646
2782
{
2647
log_error (_("RSA modulus missing or not of size %d bits\n"),
2783
log_error (_("RSA modulus missing or not of size %d bits\n"),
2648
2784
(int)maxbits);
2649
2785
err = gpg_error (GPG_ERR_BAD_SECKEY);
2650
2786
goto leave;
2666
2802
nbits = rsa_p? count_bits (rsa_p, rsa_p_len) : 0;
2667
2803
if (nbits != maxbits)
2668
2804
{
2669
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2805
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2670
2806
"P", (int)maxbits);
2671
2807
err = gpg_error (GPG_ERR_BAD_SECKEY);
2672
2808
goto leave;
2674
2810
nbits = rsa_q? count_bits (rsa_q, rsa_q_len) : 0;
2675
2811
if (nbits != maxbits)
2676
2812
{
2677
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2813
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2678
2814
"Q", (int)maxbits);
2679
2815
err = gpg_error (GPG_ERR_BAD_SECKEY);
2680
2816
goto leave;
2681
2817
}
2682
2818
2683
2819
/* We need to remove the cached public key. */
2684
2820
xfree (app->app_local->pk[keyno].key);
2685
2821
app->app_local->pk[keyno].key = NULL;
2692
2828
/* Build the private key template as described in section 4.3.3.7 of
2693
2829
the OpenPGP card specs version 2.0. */
2694
2830
int exmode;
2695
2831
2696
2832
err = build_privkey_template (app, keyno,
2697
2833
rsa_n, rsa_n_len,
2698
2834
rsa_e, rsa_e_len,
2722
2858
/* Build the private key template as described in section 4.3.3.6 of
2723
2859
the OpenPGP card specs version 1.1:
2724
2860
0xC0 <length> public exponent
2725
0xC1 <length> prime p
2726
0xC2 <length> prime q
2861
0xC1 <length> prime p
2862
0xC2 <length> prime q
2727
2863
*/
2728
2864
assert (rsa_e_len <= 4);
2729
2865
template_len = (1 + 1 + 4
2743
2879
/* Right justify E. */
2744
2880
memmove (tp+4-rsa_e_len, tp, rsa_e_len);
2745
2881
memset (tp, 0, 4-rsa_e_len);
2746
}
2882
}
2747
2883
tp += 4;
2748
2884
2749
2885
*tp++ = 0xC1;
2750
2886
*tp++ = rsa_p_len;
2751
2887
memcpy (tp, rsa_p, rsa_p_len);
2752
2888
tp += rsa_p_len;
2753
2889
2754
2890
*tp++ = 0xC2;
2755
2891
*tp++ = rsa_q_len;
2756
2892
memcpy (tp, rsa_q, rsa_q_len);
2757
2893
tp += rsa_q_len;
2758
2894
2759
2895
assert (tp - template == template_len);
2760
2896
2761
2897
/* Prepare for storing the key. */
2762
2898
err = verify_chv3 (app, pincb, pincb_arg);
2763
2899
if (err)
2773
2909
log_error (_("failed to store the key: %s\n"), gpg_strerror (err));
2774
2910
goto leave;
2775
2911
}
2776
2912
2777
2913
err = store_fpr (app, keyno, created_at,
2778
2914
rsa_n, rsa_n_len, rsa_e, rsa_e_len,
2779
2915
fprbuf, app->card_version);
2788
2924
2789
2925
2790
2926
/* Handle the GENKEY command. */
2791
static gpg_error_t
2927
static gpg_error_t
2792
2928
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
2793
2929
time_t createtime,
2794
2930
gpg_error_t (*pincb)(void*, const char *, char **),
2806
2942
time_t start_at;
2807
2943
int exmode;
2808
2944
int le_value;
2809
unsigned int keybits;
2945
unsigned int keybits;
2810
2946
2811
2947
if (keyno < 1 || keyno > 3)
2812
2948
return gpg_error (GPG_ERR_INV_ID);
2830
2966
/* Because we send the key parameter back via status lines we need
2831
2967
to put a limit on the max. allowed keysize. 2048 bit will
2832
2968
already lead to a 527 byte long status line and thus a 4096 bit
2833
key would exceed the Assuan line length limit. */
2969
key would exceed the Assuan line length limit. */
2834
2970
keybits = app->app_local->keyattr[keyno].n_bits;
2835
2971
if (keybits > 4096)
2836
2972
return gpg_error (GPG_ERR_TOO_LARGE);
2848
2984
le_value = app->app_local->extcap.max_rsp_data;
2849
2985
/* No need to check le_value because it comes from a 16 bit
2850
2986
value and thus can't create an overflow on a 32 bit
2851
system. */
2987
system. */
2852
2988
}
2853
2989
else
2854
2990
{
2858
2994
2859
2995
log_info (_("please wait while key is being generated ...\n"));
2860
2996
start_at = time (NULL);
2861
rc = iso7816_generate_keypair
2997
rc = iso7816_generate_keypair
2862
2998
/* # warning key generation temporary replaced by reading an existing key. */
2863
2999
/* rc = iso7816_read_public_key */
2864
(app->slot, exmode,
3000
(app->slot, exmode,
2865
3001
(const unsigned char*)(keyno == 0? "\xB6" :
2866
3002
keyno == 1? "\xB8" : "\xA4"), 2,
2867
3003
le_value,
2882
3018
log_error (_("response does not contain the public key data\n"));
2883
3019
goto leave;
2884
3020
}
2885
3021
2886
3022
m = find_tlv (keydata, keydatalen, 0x0081, &mlen);
2887
3023
if (!m)
2888
3024
{
2959
3095
unsigned char *buffer;
2960
3096
size_t buflen, n;
2961
3097
int rc, i;
2962
3098
2963
3099
assert (keyno >= 1 && keyno <= 3);
2964
3100
2965
3101
rc = get_cached_data (app, 0x006E, &buffer, &buflen, 0, 0);
3023
3159
Note that this function may return the error code
3024
3160
GPG_ERR_WRONG_CARD to indicate that the card currently present does
3025
3161
not match the one required for the requested action (e.g. the
3026
serial number does not match).
3027
3162
serial number does not match).
3163
3028
3164
As a special feature a KEYIDSTR of "OPENPGP.3" redirects the
3029
3165
operation to the auth command.
3030
3166
*/
3031
static gpg_error_t
3167
static gpg_error_t
3032
3168
do_sign (app_t app, const char *keyidstr, int hashalgo,
3033
3169
gpg_error_t (*pincb)(void*, const char *, char **),
3034
3170
void *pincb_arg,
3080
3216
{ \
3081
3217
indata = (const char*)indata + sizeof b ## _prefix; \
3082
3218
indatalen -= sizeof b ## _prefix; \
3083
}
3219
}
3084
3220
3085
3221
if (indatalen == 20)
3086
3222
; /* Assume a plain SHA-1 or RMD160 digest has been given. */
3090
3226
else X(SHA256, sha256, 32, app->app_local->extcap.is_v2)
3091
3227
else X(SHA384, sha384, 48, app->app_local->extcap.is_v2)
3092
3228
else X(SHA512, sha512, 64, app->app_local->extcap.is_v2)
3093
else if ((indatalen == 28 || indatalen == 32
3229
else if ((indatalen == 28 || indatalen == 32
3094
3230
|| indatalen == 48 || indatalen ==64)
3095
3231
&& app->app_local->extcap.is_v2)
3096
3232
; /* Assume a plain SHA-3 digest has been given. */
3119
3255
else if (!*s)
3120
3256
; /* no fingerprint given: we allow this for now. */
3121
3257
else if (*s == '/')
3122
fpr = s + 1;
3258
fpr = s + 1;
3123
3259
else
3124
3260
return gpg_error (GPG_ERR_INV_ID);
3125
3261
3150
3286
assert (datalen <= sizeof data); \
3151
3287
memcpy (data, b ## _prefix, sizeof b ## _prefix); \
3152
3288
memcpy (data + sizeof b ## _prefix, indata, indatalen); \
3153
}
3289
}
3154
3290
3155
3291
X(SHA1, sha1, 1)
3156
3292
else X(RMD160, rmd160, 1)
3158
3294
else X(SHA256, sha256, app->app_local->extcap.is_v2)
3159
3295
else X(SHA384, sha384, app->app_local->extcap.is_v2)
3160
3296
else X(SHA512, sha512, app->app_local->extcap.is_v2)
3161
else
3297
else
3162
3298
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
3163
3299
#undef X
3164
3300
3175
3311
log_info (_("signatures created so far: %lu\n"), sigcount);
3176
3312
3177
3313
/* Check CHV if needed. */
3178
if (!app->did_chv1 || app->force_chv1 )
3314
if (!app->did_chv1 || app->force_chv1 )
3179
3315
{
3180
3316
char *pinvalue;
3181
3317
3189
3325
sync, thus we verify CHV2 here using the given PIN. Cards
3190
3326
with version2 to not have the need for a separate CHV2 and
3191
3327
internally use just one. Obviously we can't do that if the
3192
keypad has been used. */
3328
pinpad has been used. */
3193
3329
if (!app->did_chv2 && pinvalue && !app->app_local->extcap.is_v2)
3194
3330
{
3195
3331
rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue));
3216
3352
else
3217
3353
{
3218
3354
exmode = 0;
3219
le_value = 0;
3355
le_value = 0;
3220
3356
}
3221
3357
rc = iso7816_compute_ds (app->slot, exmode, data, datalen, le_value,
3222
3358
outdata, outdatalen);
3233
3369
GPG_ERR_WRONG_CARD to indicate that the card currently present does
3234
3370
not match the one required for the requested action (e.g. the
3235
3371
serial number does not match). */
3236
static gpg_error_t
3372
static gpg_error_t
3237
3373
do_auth (app_t app, const char *keyidstr,
3238
3374
gpg_error_t (*pincb)(void*, const char *, char **),
3239
3375
void *pincb_arg,
3265
3401
else if (!*s)
3266
3402
; /* no fingerprint given: we allow this for now. */
3267
3403
else if (*s == '/')
3268
fpr = s + 1;
3404
fpr = s + 1;
3269
3405
else
3270
3406
return gpg_error (GPG_ERR_INV_ID);
3271
3407
3272
3408
for (s=keyidstr, n=0; n < 16; s += 2, n++)
3273
3409
tmp_sn[n] = xtoi_2 (s);
3274
3410
3275
3411
if (app->serialnolen != 16)
3276
3412
return gpg_error (GPG_ERR_INV_CARD);
3277
3413
if (memcmp (app->serialno, tmp_sn, 16))
3301
3437
else
3302
3438
{
3303
3439
exmode = 0;
3304
le_value = 0;
3440
le_value = 0;
3305
3441
}
3306
3442
rc = iso7816_internal_authenticate (app->slot, exmode,
3307
3443
indata, indatalen, le_value,
3311
3447
}
3312
3448
3313
3449
3314
static gpg_error_t
3450
static gpg_error_t
3315
3451
do_decipher (app_t app, const char *keyidstr,
3316
3452
gpg_error_t (*pincb)(void*, const char *, char **),
3317
3453
void *pincb_arg,
3342
3478
else if (!*s)
3343
3479
; /* no fingerprint given: we allow this for now. */
3344
3480
else if (*s == '/')
3345
fpr = s + 1;
3481
fpr = s + 1;
3346
3482
else
3347
3483
return gpg_error (GPG_ERR_INV_ID);
3348
3484
3349
3485
for (s=keyidstr, n=0; n < 16; s += 2, n++)
3350
3486
tmp_sn[n] = xtoi_2 (s);
3351
3487
3352
3488
if (app->serialnolen != 16)
3353
3489
return gpg_error (GPG_ERR_INV_CARD);
3354
3490
if (memcmp (app->serialno, tmp_sn, 16))
3401
3537
fixbuf = xtrymalloc (fixuplen + indatalen);
3402
3538
if (!fixbuf)
3403
3539
return gpg_error_from_syserror ();
3404
3540
3405
3541
memset (fixbuf, 0, fixuplen);
3406
3542
memcpy (fixbuf+fixuplen, indata, indatalen);
3407
3543
indata = fixbuf;
3420
3556
le_value = 0;
3421
3557
}
3422
3558
else
3423
exmode = le_value = 0;
3559
exmode = le_value = 0;
3424
3560
3425
rc = iso7816_decipher (app->slot, exmode,
3561
rc = iso7816_decipher (app->slot, exmode,
3426
3562
indata, indatalen, le_value, padind,
3427
3563
outdata, outdatalen);
3428
3564
xfree (fixbuf);
3565
3566
if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */
3567
&& app->app_local->manufacturer == 5
3568
&& app->card_version == 0x0200)
3569
log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
3570
" do not work with encryption keys > 2048 bits\n");
3429
3571
}
3430
3572
3431
3573
return rc;
3442
3584
There is a special mode if the keyidstr is "<serialno>[CHV3]" with
3443
3585
the "[CHV3]" being a literal string: The Admin Pin is checked if
3444
3586
and only if the retry counter is still at 3. */
3445
static gpg_error_t
3587
static gpg_error_t
3446
3588
do_check_pin (app_t app, const char *keyidstr,
3447
3589
gpg_error_t (*pincb)(void*, const char *, char **),
3448
3590
void *pincb_arg)
3449
3591
{
3450
unsigned char tmp_sn[20];
3592
unsigned char tmp_sn[20];
3451
3593
const char *s;
3452
3594
int n;
3453
3595
int admin_pin = 0;
3458
3600
/* Check whether an OpenPGP card of any version has been requested. */
3459
3601
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
3460
3602
return gpg_error (GPG_ERR_INV_ID);
3461
3603
3462
3604
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
3463
3605
;
3464
3606
if (n != 32)
3491
3633
unsigned char *value;
3492
3634
size_t valuelen;
3493
3635
int count;
3494
3636
3495
3637
relptr = get_one_do (app, 0x00C4, &value, &valuelen, NULL);
3496
3638
if (!relptr || valuelen < 7)
3497
3639
{
3552
3694
/* Parse the historical bytes in BUFFER of BUFLEN and store them in
3553
3695
APPLOC. */
3554
3696
static void
3555
parse_historical (struct app_local_s *apploc,
3697
parse_historical (struct app_local_s *apploc,
3556
3698
const unsigned char * buffer, size_t buflen)
3557
3699
{
3558
3700
/* Example buffer: 00 31 C5 73 C0 01 80 00 90 00 */
3564
3706
if (*buffer)
3565
3707
{
3566
3708
log_error ("warning: bad category indicator in historical bytes\n");
3567
return;
3709
return;
3568
3710
}
3569
3711
3570
3712
/* Skip category indicator. */
3571
3713
buffer++;
3572
3714
buflen--;
3601
3743
3602
3744
/* Parse and optionally show the algorithm attributes for KEYNO.
3603
3745
KEYNO must be in the range 0..2. */
3604
static void
3746
static void
3605
3747
parse_algorithm_attribute (app_t app, int keyno)
3606
{
3748
{
3607
3749
unsigned char *buffer;
3608
3750
size_t buflen;
3609
3751
void *relptr;
3612
3754
assert (keyno >=0 && keyno <= 2);
3613
3755
3614
3756
app->app_local->keyattr[keyno].n_bits = 0;
3615
3757
3616
3758
relptr = get_one_do (app, 0xC1+keyno, &buffer, &buflen, NULL);
3617
3759
if (!relptr)
3618
3760
{
3639
3781
app->app_local->keyattr[keyno].format = (buffer[5] == 0? RSA_STD :
3640
3782
buffer[5] == 1? RSA_STD_N :
3641
3783
buffer[5] == 2? RSA_CRT :
3642
buffer[5] == 3? RSA_CRT_N :
3784
buffer[5] == 3? RSA_CRT_N :
3643
3785
RSA_UNKNOWN_FMT);
3644
3786
3645
3787
if (opt.verbose)
3669
3811
unsigned char *buffer;
3670
3812
size_t buflen;
3671
3813
void *relptr;
3672
3814
3673
3815
/* Note that the card can't cope with P2=0xCO, thus we need to pass a
3674
3816
special flag value. */
3675
3817
rc = iso7816_select_application (slot, aid, sizeof aid, 0x0001);
3713
3855
goto leave;
3714
3856
}
3715
3857
3858
app->app_local->manufacturer = manufacturer;
3859
3716
3860
if (app->card_version >= 0x0200)
3717
3861
app->app_local->extcap.is_v2 = 1;
3718
3862
3762
3906
{
3763
3907
/* Available with v2 cards. */
3764
3908
app->app_local->extcap.sm_aes128 = (buffer[1] == 1);
3765
app->app_local->extcap.max_get_challenge
3909
app->app_local->extcap.max_get_challenge
3766
3910
= (buffer[2] << 8 | buffer[3]);
3767
3911
app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]);
3768
3912
app->app_local->extcap.max_cmd_data = (buffer[6] << 8 | buffer[7]);
3783
3927
parse_algorithm_attribute (app, 0);
3784
3928
parse_algorithm_attribute (app, 1);
3785
3929
parse_algorithm_attribute (app, 2);
3786
3930
3787
3931
if (opt.verbose > 1)
3788
3932
dump_all_do (slot);
3789
3933
Loggerhead is a web-based interface for Breezy
Version: 2.0.1