1
1
/* app-openpgp.c - The OpenPGP card application.
2
2
* Copyright (C) 2003, 2004, 2005, 2007, 2008,
3
* 2009 Free Software Foundation, Inc.
3
* 2009, 2013 Free Software Foundation, Inc.
5
5
* This file is part of GnuPG.
189
191
unsigned int def_chv2:1; /* Use 123456 for CHV2. */
194
/* Pinpad request specified on card. */
197
unsigned int specified:1;
194
204
unsigned int n_bits; /* Size of the modulus in bits. The rest
195
205
of this strucuire is only valid if
196
206
this is not 0. */
197
207
unsigned int e_bits; /* Size of the public exponent in bits. */
198
rsa_key_format_t format;
208
rsa_key_format_t format;
213
223
unsigned char **outdata, size_t *outdatalen);
214
224
static void parse_algorithm_attribute (app_t app, int keyno);
215
225
static gpg_error_t change_keyattr_from_string
217
227
gpg_error_t (*pincb)(void*, const char *, char **),
219
229
const void *value, size_t valuelen);
253
263
bypassed. With TRY_EXTLEN extended lengths APDUs are use if
254
264
supported by the card. */
255
265
static gpg_error_t
256
get_cached_data (app_t app, int tag,
266
get_cached_data (app_t app, int tag,
257
267
unsigned char **result, size_t *resultlen,
258
268
int get_immediate, int try_extlen)
440
450
rc = get_cached_data (app, data_objects[i].get_from,
441
451
&buffer, &buflen,
442
(data_objects[i].dont_cache
452
(data_objects[i].dont_cache
443
453
|| data_objects[i].get_immediate_in_v11),
444
454
data_objects[i].try_extlen);
463
473
if (!value) /* Not in a constructed DO, try simple. */
465
475
rc = get_cached_data (app, tag, &buffer, &buflen,
466
(data_objects[i].dont_cache
476
(data_objects[i].dont_cache
467
477
|| data_objects[i].get_immediate_in_v11),
468
478
data_objects[i].try_extlen);
501
511
rc = iso7816_get_data (slot, 0, data_objects[i].tag, &buffer, &buflen);
502
512
if (gpg_err_code (rc) == GPG_ERR_NO_OBJ)
505
515
log_info ("DO `%s' not available: %s\n",
506
516
data_objects[i].desc, gpg_strerror (rc));
579
589
Everything up to a LF is considered a mailbox or account name. If
580
590
the first LF is followed by DC4 (0x14) control sequence are
581
591
expected up to the next LF. Control sequences are separated by FS
582
(0x18) and consist of key=value pairs. There is one key defined:
592
(0x18) and consist of key=value pairs. There are two keys defined:
586
Were FLAGS is a plain hexadecimal number representing flag values.
596
Where FLAGS is a plain hexadecimal number representing flag values.
587
597
The lsb is here the rightmost bit. Defined flags bits are:
589
599
Bit 0 = CHV1 and CHV2 are not syncronized
590
600
Bit 1 = CHV2 has been been set to the default PIN of "123456"
591
601
(this implies that bit 0 is also set).
605
Where PINPAD_REQUEST is in the format of: <n> or <n>,<m>.
606
N for user PIN, M for admin PIN. If M is missing it means M=N.
607
0 means to force not to use pinpad.
595
611
parse_login_data (app_t app)
601
617
/* Set defaults. */
602
618
app->app_local->flags.no_sync = 0;
603
619
app->app_local->flags.def_chv2 = 0;
620
app->app_local->pinpad.specified = 0;
621
app->app_local->pinpad.fixedlen_user = -1;
622
app->app_local->pinpad.fixedlen_admin = -1;
605
624
/* Read the DO. */
606
625
relptr = get_one_do (app, 0x005E, &buffer, &buflen, NULL);
626
645
any leading digits but bail out on invalid characters. */
627
646
for (p=buffer+2, len = buflen-2; len && hexdigitp (p); p++, len--)
628
647
lastdig = xtoi_1 (p);
629
650
if (len && !(*p == '\n' || *p == '\x18'))
630
651
goto next; /* Invalid characters in field. */
631
652
app->app_local->flags.no_sync = !!(lastdig & 1);
632
653
app->app_local->flags.def_chv2 = (lastdig & 3) == 3;
655
else if (buflen > 1 && *buffer == 'P' && buffer[1] == '=')
657
/* Pinpad request control sequence found. */
668
n = strtol (buffer, &q, 10);
669
if (q >= (char *)buffer + buflen
670
|| *q == '\x18' || *q == '\n')
674
if (*q++ != ',' || !digitp (q))
676
m = strtol (q, &q, 10);
680
if (buflen < ((unsigned char *)q - buffer))
686
buflen -= ((unsigned char *)q - buffer);
688
if (buflen && !(*buffer == '\n' || *buffer == '\x18'))
690
app->app_local->pinpad.specified = 1;
691
app->app_local->pinpad.fixedlen_user = n;
692
app->app_local->pinpad.fixedlen_admin = m;
635
697
for (; buflen && *buffer != '\x18'; buflen--, buffer++)
636
698
if (*buffer == '\n')
644
706
/* Note, that FPR must be at least 20 bytes. */
646
708
store_fpr (app_t app, int keynumber, u32 timestamp,
647
709
const unsigned char *m, size_t mlen,
648
const unsigned char *e, size_t elen,
710
const unsigned char *e, size_t elen,
649
711
unsigned char *fpr, unsigned int card_version)
651
713
unsigned int n, nbits;
652
714
unsigned char *buffer, *p;
656
718
for (; mlen && !*m; mlen--, m++) /* strip leading zeroes */
658
720
for (; elen && !*e; elen--, e++) /* strip leading zeroes */
680
742
*p++ = nbits >> 8;
682
744
memcpy (p, e, elen); p += elen;
684
746
gcry_md_hash_buffer (GCRY_MD_SHA1, fpr, buffer, n+3);
688
750
tag = (card_version > 0x0007? 0xC7 : 0xC6) + keynumber;
689
flush_cache_item (app, tag);
751
flush_cache_item (app, 0xC5);
690
752
tag2 = 0xCE + keynumber;
691
flush_cache_item (app, tag2);
753
flush_cache_item (app, 0xCD);
693
755
rc = iso7816_put_data (app->slot, 0, tag, fpr, 20);
739
801
send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword,
740
802
int number, const unsigned char *stamp)
742
804
char numbuf1[50], numbuf2[50];
743
805
unsigned long value;
756
send_key_data (ctrl_t ctrl, const char *name,
818
send_key_data (ctrl_t ctrl, const char *name,
757
819
const unsigned char *a, size_t alen)
759
821
char *buffer, *buf;
818
880
{ "KEY-TIME", 0x00CD, 4 },
819
881
{ "KEY-ATTR", 0x0000, -5 },
820
882
{ "CA-FPR", 0x00C6, 3 },
821
{ "CHV-STATUS", 0x00C4, 1 },
883
{ "CHV-STATUS", 0x00C4, 1 },
822
884
{ "SIG-COUNTER", 0x0093, 2 },
823
885
{ "SERIALNO", 0x004F, -1 },
824
886
{ "AID", 0x004F },
839
901
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
841
903
if (!table[idx].name)
842
return gpg_error (GPG_ERR_INV_NAME);
904
return gpg_error (GPG_ERR_INV_NAME);
844
906
if (table[idx].special == -1)
846
908
/* The serial number is very special. We could have used the
870
932
snprintf (tmp, sizeof tmp,
871
"gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d",
933
"gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d",
872
934
app->app_local->extcap.get_challenge,
873
935
app->app_local->extcap.key_import,
874
936
app->app_local->extcap.change_force_chv,
917
979
if (table[idx].special == 1)
919
981
char numbuf[7*23];
921
983
for (i=0,*numbuf=0; i < valuelen && i < 7; i++)
922
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
984
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
923
985
send_status_info (ctrl, table[idx].name,
924
986
numbuf, strlen (numbuf), NULL, 0);
1058
1120
err = gpg_error (GPG_ERR_GENERAL);
1059
1121
goto leave; /* Error: Invalid key data record or not an RSA key. */
1062
1124
err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_HEX, fields[3], 0, NULL);
1145
1207
le_value = 256; /* Use legacy value. */
1148
err = iso7816_read_public_key
1210
err = iso7816_read_public_key
1149
1211
(app->slot, exmode,
1150
1212
(const unsigned char*)(keyno == 0? "\xB6" :
1151
keyno == 1? "\xB8" : "\xA4"), 2,
1213
keyno == 1? "\xB8" : "\xA4"), 2,
1153
1215
&buffer, &buflen);
1275
1337
err = gpg_error_from_syserror ();
1279
1341
sprintf (keybuf, "(10:public-key(3:rsa(1:n%u:", (unsigned int) mlen);
1280
1342
keybuf_p = keybuf + strlen (keybuf);
1281
1343
memcpy (keybuf_p, m, mlen);
1286
1348
keybuf_p += elen;
1287
1349
strcpy (keybuf_p, ")))");
1288
1350
keybuf_p += strlen (keybuf_p);
1290
1352
app->app_local->pk[keyno].key = (unsigned char*)keybuf;
1291
1353
app->app_local->pk[keyno].keylen = (keybuf_p - keybuf);
1319
1381
err = get_public_key (app, keyno);
1323
1385
assert (keyno >= 1 && keyno <= 3);
1324
1386
if (!app->app_local->pk[keyno-1].key)
1325
1387
goto leave; /* No such key - ignore. */
1333
1395
bin2hex (grip, 20, gripstr);
1335
1397
sprintf (idbuf, "OPENPGP.%d", keyno);
1336
send_status_info (ctrl, "KEYPAIRINFO",
1338
idbuf, strlen (idbuf),
1398
send_status_info (ctrl, "KEYPAIRINFO",
1400
idbuf, strlen (idbuf),
1339
1401
NULL, (size_t)0);
1342
1404
#endif /* GNUPG_MAJOR_VERSION > 1 */
1350
1412
do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
1354
1416
do_getattr (app, ctrl, "EXTCAP");
1355
1417
do_getattr (app, ctrl, "DISP-NAME");
1356
1418
do_getattr (app, ctrl, "DISP-LANG");
1533
/* Decide if we use the pinpad of the reader for PIN input according
1534
to the user preference on the card, and the capability of the
1535
reader. This routine is only called when the reader has pinpad.
1536
Returns 0 if we use pinpad, 1 otherwise. */
1538
check_pinpad_request (app_t app, pininfo_t *pininfo, int admin_pin)
1540
if (app->app_local->pinpad.specified == 0) /* No preference on card. */
1542
if (pininfo->fixedlen == 0) /* Reader has varlen capability. */
1543
return 0; /* Then, use pinpad. */
1546
* Reader has limited capability, and it may not match PIN of
1553
pininfo->fixedlen = app->app_local->pinpad.fixedlen_admin;
1555
pininfo->fixedlen = app->app_local->pinpad.fixedlen_user;
1557
if (pininfo->fixedlen == 0 /* User requests disable pinpad. */
1558
|| pininfo->fixedlen < pininfo->minlen
1559
|| pininfo->fixedlen > pininfo->maxlen
1560
/* Reader doesn't have the capability to input a PIN which
1561
* length is FIXEDLEN. */)
1471
1568
/* Verify a CHV either using using the pinentry or if possibile by
1472
using a keypad. PINCB and PINCB_ARG describe the usual callback
1569
using a pinpad. PINCB and PINCB_ARG describe the usual callback
1473
1570
for the pinentry. CHVNO must be either 1 or 2. SIGCOUNT is only
1474
1571
used with CHV1. PINVALUE is the address of a pointer which will
1475
1572
receive a newly allocated block with the actual PIN (this is useful
1476
1573
in case that PIN shall be used for another verify operation). The
1477
1574
caller needs to free this value. If the function returns with
1478
1575
success and NULL is stored at PINVALUE, the caller should take this
1479
as an indication that the keypad has been used.
1576
as an indication that the pinpad has been used.
1481
1578
static gpg_error_t
1482
1579
verify_a_chv (app_t app,
1534
1631
prompt = _("||Please enter the PIN");
1537
if (!opt.disable_keypad
1538
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
1634
if (!opt.disable_pinpad
1635
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo)
1636
&& !check_pinpad_request (app, &pininfo, 0))
1540
/* The reader supports the verify command through the keypad.
1638
/* The reader supports the verify command through the pinpad.
1541
1639
Note that the pincb appends a text to the prompt telling the
1542
user to use the keypad. */
1543
rc = pincb (pincb_arg, prompt, NULL);
1640
user to use the pinpad. */
1641
rc = pincb (pincb_arg, prompt, NULL);
1545
xfree (prompt_buffer);
1643
xfree (prompt_buffer);
1546
1644
prompt_buffer = NULL;
1550
1648
gpg_strerror (rc));
1553
rc = iso7816_verify_kp (app->slot, 0x80+chvno, "", 0, &pininfo);
1651
rc = iso7816_verify_kp (app->slot, 0x80+chvno, &pininfo);
1554
1652
/* Dismiss the prompt. */
1555
1653
pincb (pincb_arg, NULL, NULL);
1561
/* The reader has no keypad or we don't want to use it. */
1562
rc = pincb (pincb_arg, prompt, pinvalue);
1659
/* The reader has no pinpad or we don't want to use it. */
1660
rc = pincb (pincb_arg, prompt, pinvalue);
1564
xfree (prompt_buffer);
1662
xfree (prompt_buffer);
1565
1663
prompt_buffer = NULL;
1582
1680
rc = iso7816_verify (app->slot, 0x80+chvno,
1583
1681
*pinvalue, strlen (*pinvalue));
1588
1686
log_error (_("verify CHV%d failed: %s\n"), chvno, gpg_strerror (rc));
1606
1704
char *pinvalue;
1609
1707
return 0; /* We already verified CHV2. */
1611
1709
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
1614
1712
app->did_chv2 = 1;
1616
1714
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
1618
1716
/* For convenience we verify CHV1 here too. We do this only if
1619
1717
the card is not configured to require a verification before
1620
1718
each CHV1 controlled operation (force_chv1) and if we are not
1621
using the keypad (PINVALUE == NULL). */
1719
using the pinpad (PINVALUE == NULL). */
1622
1720
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
1623
1721
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
1624
1722
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
1702
1800
return gpg_error (GPG_ERR_EACCES);
1708
iso7816_pininfo_t pininfo;
1709
1807
int minlen = 8;
1712
1810
memset (&pininfo, 0, sizeof pininfo);
1811
pininfo.fixedlen = -1;
1714
1812
pininfo.minlen = minlen;
1716
1814
rc = build_enter_admin_pin_prompt (app, &prompt);
1720
if (!opt.disable_keypad
1721
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
1818
if (!opt.disable_pinpad
1819
&& !iso7816_check_pinpad (app->slot, ISO7816_VERIFY, &pininfo)
1820
&& !check_pinpad_request (app, &pininfo, 1))
1723
/* The reader supports the verify command through the keypad. */
1724
rc = pincb (pincb_arg, prompt, NULL);
1822
/* The reader supports the verify command through the pinpad. */
1823
rc = pincb (pincb_arg, prompt, NULL);
1725
1824
xfree (prompt);
1730
1829
gpg_strerror (rc));
1733
rc = iso7816_verify_kp (app->slot, 0x83, "", 0, &pininfo);
1832
rc = iso7816_verify_kp (app->slot, 0x83, &pininfo);
1734
1833
/* Dismiss the prompt. */
1735
1834
pincb (pincb_arg, NULL, NULL);
1755
1854
xfree (pinvalue);
1756
1855
return gpg_error (GPG_ERR_BAD_PIN);
1759
1858
rc = iso7816_verify (app->slot, 0x83, pinvalue, strlen (pinvalue));
1760
1859
xfree (pinvalue);
1765
1864
log_error (_("verify CHV%d failed: %s\n"), 3, gpg_strerror (rc));
1775
1874
/* Handle the SETATTR operation. All arguments are already basically
1778
1877
do_setattr (app_t app, const char *name,
1779
1878
gpg_error_t (*pincb)(void*, const char *, char **),
1780
1879
void *pincb_arg,
1813
1912
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
1815
1914
if (!table[idx].name)
1816
return gpg_error (GPG_ERR_INV_NAME);
1915
return gpg_error (GPG_ERR_INV_NAME);
1817
1916
if (table[idx].need_v2 && !app->app_local->extcap.is_v2)
1818
1917
return gpg_error (GPG_ERR_NOT_SUPPORTED); /* Not yet supported. */
1865
1964
static gpg_error_t
1866
1965
do_writecert (app_t app, ctrl_t ctrl,
1867
const char *certidstr,
1966
const char *certidstr,
1868
1967
gpg_error_t (*pincb)(void*, const char *, char **),
1869
1968
void *pincb_arg,
1870
1969
const unsigned char *certdata, size_t certdatalen)
1902
2001
- 2 2 Verify Reset Code and set a new PW1.
1903
2002
- 3 any Verify CHV3/PW3 and set a new CHV3/PW3.
1906
do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
2005
do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
1907
2006
unsigned int flags,
1908
2007
gpg_error_t (*pincb)(void*, const char *, char **),
1909
2008
void *pincb_arg)
1912
2011
int chvno = atoi (chvnostr);
1913
2012
char *resetcode = NULL;
1914
2013
char *oldpinvalue = NULL;
2014
char *pinvalue = NULL;
1916
2015
int reset_mode = !!(flags & APP_CHANGE_FLAG_RESET);
1917
2016
int set_resetcode = 0;
2022
memset (&pininfo, 0, sizeof pininfo);
2023
pininfo.fixedlen = -1;
2024
pininfo.minlen = minlen;
1921
2026
if (reset_mode && chvno == 3)
1961
2066
/* Version 2 cards. */
2068
if (!opt.disable_pinpad
2069
&& !iso7816_check_pinpad (app->slot,
2070
ISO7816_CHANGE_REFERENCE_DATA, &pininfo)
2071
&& !check_pinpad_request (app, &pininfo, chvno == 3))
1963
2074
if (reset_mode)
1965
2076
/* To reset a PIN the Admin PIN is required. */
1966
2078
app->did_chv3 = 0;
1967
2079
rc = verify_chv3 (app, pincb, pincb_arg);
1971
2083
if (chvno == 2)
1972
2084
set_resetcode = 1;
1974
2086
else if (chvno == 1 || chvno == 3)
1976
int minlen = (chvno ==3)? 8 : 6;
1977
char *promptbuf = NULL;
2090
char *promptbuf = NULL;
1982
rc = build_enter_admin_pin_prompt (app, &promptbuf);
2096
rc = build_enter_admin_pin_prompt (app, &promptbuf);
2102
prompt = _("||Please enter the PIN");
2103
rc = pincb (pincb_arg, prompt, &oldpinvalue);
1988
prompt = _("||Please enter the PIN");
1989
rc = pincb (pincb_arg, prompt, &oldpinvalue);
1994
log_info (_("PIN callback returned error: %s\n"),
2108
log_info (_("PIN callback returned error: %s\n"),
1999
if (strlen (oldpinvalue) < minlen)
2001
log_info (_("PIN for CHV%d is too short;"
2002
" minimum length is %d\n"), chvno, minlen);
2003
rc = gpg_error (GPG_ERR_BAD_PIN);
2113
if (strlen (oldpinvalue) < minlen)
2115
log_info (_("PIN for CHV%d is too short;"
2116
" minimum length is %d\n"), chvno, minlen);
2117
rc = gpg_error (GPG_ERR_BAD_PIN);
2007
2122
else if (chvno == 2)
2029
2145
log_error (_("Reset Code not or not anymore available\n"));
2030
2146
rc = gpg_error (GPG_ERR_BAD_PIN);
2034
2150
rc = pincb (pincb_arg,
2035
2151
_("||Please enter the Reset Code for the card"),
2039
log_info (_("PIN callback returned error: %s\n"),
2155
log_info (_("PIN callback returned error: %s\n"),
2040
2156
gpg_strerror (rc));
2061
2177
app->did_chv1 = app->did_chv2 = 0;
2063
/* TRANSLATORS: Do not translate the "|*|" prefixes but
2064
keep it at the start of the string. We need this elsewhere
2065
to get some infos on the string. */
2066
rc = pincb (pincb_arg,
2067
set_resetcode? _("|RN|New Reset Code") :
2068
chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"),
2072
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
2181
/* TRANSLATORS: Do not translate the "|*|" prefixes but
2182
keep it at the start of the string. We need this elsewhere
2183
to get some infos on the string. */
2184
rc = pincb (pincb_arg, set_resetcode? _("|RN|New Reset Code") :
2185
chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"),
2189
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
2131
2249
/* Version 2 cards. */
2132
2250
assert (chvno == 1 || chvno == 3);
2134
rc = iso7816_change_reference_data (app->slot, 0x80 + chvno,
2135
oldpinvalue, strlen (oldpinvalue),
2136
pinvalue, strlen (pinvalue));
2254
rc = pincb (pincb_arg,
2256
_("||Please enter the Admin PIN and New Admin PIN") :
2257
_("||Please enter the PIN and New PIN"), NULL);
2260
log_info (_("PIN callback returned error: %s\n"),
2264
rc = iso7816_change_reference_data_kp (app->slot, 0x80 + chvno, 0,
2266
/* Dismiss the prompt. */
2267
pincb (pincb_arg, NULL, NULL);
2270
rc = iso7816_change_reference_data (app->slot, 0x80 + chvno,
2271
oldpinvalue, strlen (oldpinvalue),
2272
pinvalue, strlen (pinvalue));
2334
2470
/* Right justify E. */
2335
2471
memmove (tp + rsa_e_reqlen - rsa_e_len, tp, rsa_e_len);
2336
2472
memset (tp, 0, rsa_e_reqlen - rsa_e_len);
2338
2474
tp += rsa_e_reqlen;
2340
2476
memcpy (tp, rsa_p, rsa_p_len);
2341
2477
tp += rsa_p_len;
2343
2479
memcpy (tp, rsa_q, rsa_q_len);
2344
2480
tp += rsa_q_len;
2346
2482
if (app->app_local->keyattr[keyno].format == RSA_STD_N
2347
2483
|| app->app_local->keyattr[keyno].format == RSA_CRT_N)
2387
2523
xfree (relptr);
2388
2524
return gpg_error (GPG_ERR_CARD);
2391
2527
/* We only change n_bits and don't touch anything else. Before we
2392
2528
do so, we round up NBITS to a sensible way in the same way as
2393
2529
gpg's key generation does it. This may help to sort out problems
2423
2559
/* Helper to process an setattr command for name KEY-ATTR. It expects
2424
2560
a string "--force <keyno> <algo> <nbits>" in (VALUE,VALUELEN). */
2426
change_keyattr_from_string (app_t app,
2562
change_keyattr_from_string (app_t app,
2427
2563
gpg_error_t (*pincb)(void*, const char *, char **),
2428
2564
void *pincb_arg,
2429
2565
const void *value, size_t valuelen)
2560
case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break;
2561
case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break;
2562
case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break;
2563
case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break;
2696
case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break;
2697
case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break;
2698
case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break;
2699
case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break;
2564
2700
default: mpi = NULL; mpi_len = NULL; break;
2566
2702
if (mpi && *mpi)
2632
2768
maxbits = app->app_local->keyattr[keyno].n_bits;
2633
2769
nbits = rsa_n? count_bits (rsa_n, rsa_n_len) : 0;
2634
2770
if (opt.verbose)
2635
log_info ("RSA modulus size is %u bits (%u bytes)\n",
2771
log_info ("RSA modulus size is %u bits (%u bytes)\n",
2636
2772
nbits, (unsigned int)rsa_n_len);
2637
2773
if (nbits && nbits != maxbits
2638
2774
&& app->app_local->extcap.algo_attr_change)
2666
2802
nbits = rsa_p? count_bits (rsa_p, rsa_p_len) : 0;
2667
2803
if (nbits != maxbits)
2669
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2805
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2670
2806
"P", (int)maxbits);
2671
2807
err = gpg_error (GPG_ERR_BAD_SECKEY);
2674
2810
nbits = rsa_q? count_bits (rsa_q, rsa_q_len) : 0;
2675
2811
if (nbits != maxbits)
2677
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2813
log_error (_("RSA prime %s missing or not of size %d bits\n"),
2678
2814
"Q", (int)maxbits);
2679
2815
err = gpg_error (GPG_ERR_BAD_SECKEY);
2683
2819
/* We need to remove the cached public key. */
2684
2820
xfree (app->app_local->pk[keyno].key);
2685
2821
app->app_local->pk[keyno].key = NULL;
2743
2879
/* Right justify E. */
2744
2880
memmove (tp+4-rsa_e_len, tp, rsa_e_len);
2745
2881
memset (tp, 0, 4-rsa_e_len);
2750
2886
*tp++ = rsa_p_len;
2751
2887
memcpy (tp, rsa_p, rsa_p_len);
2752
2888
tp += rsa_p_len;
2755
2891
*tp++ = rsa_q_len;
2756
2892
memcpy (tp, rsa_q, rsa_q_len);
2757
2893
tp += rsa_q_len;
2759
2895
assert (tp - template == template_len);
2761
2897
/* Prepare for storing the key. */
2762
2898
err = verify_chv3 (app, pincb, pincb_arg);
2773
2909
log_error (_("failed to store the key: %s\n"), gpg_strerror (err));
2777
2913
err = store_fpr (app, keyno, created_at,
2778
2914
rsa_n, rsa_n_len, rsa_e, rsa_e_len,
2779
2915
fprbuf, app->card_version);
2790
2926
/* Handle the GENKEY command. */
2792
2928
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
2793
2929
time_t createtime,
2794
2930
gpg_error_t (*pincb)(void*, const char *, char **),
2830
2966
/* Because we send the key parameter back via status lines we need
2831
2967
to put a limit on the max. allowed keysize. 2048 bit will
2832
2968
already lead to a 527 byte long status line and thus a 4096 bit
2833
key would exceed the Assuan line length limit. */
2969
key would exceed the Assuan line length limit. */
2834
2970
keybits = app->app_local->keyattr[keyno].n_bits;
2835
2971
if (keybits > 4096)
2836
2972
return gpg_error (GPG_ERR_TOO_LARGE);
2859
2995
log_info (_("please wait while key is being generated ...\n"));
2860
2996
start_at = time (NULL);
2861
rc = iso7816_generate_keypair
2997
rc = iso7816_generate_keypair
2862
2998
/* # warning key generation temporary replaced by reading an existing key. */
2863
2999
/* rc = iso7816_read_public_key */
2865
3001
(const unsigned char*)(keyno == 0? "\xB6" :
2866
3002
keyno == 1? "\xB8" : "\xA4"), 2,
3023
3159
Note that this function may return the error code
3024
3160
GPG_ERR_WRONG_CARD to indicate that the card currently present does
3025
3161
not match the one required for the requested action (e.g. the
3026
serial number does not match).
3162
serial number does not match).
3028
3164
As a special feature a KEYIDSTR of "OPENPGP.3" redirects the
3029
3165
operation to the auth command.
3032
3168
do_sign (app_t app, const char *keyidstr, int hashalgo,
3033
3169
gpg_error_t (*pincb)(void*, const char *, char **),
3034
3170
void *pincb_arg,
3090
3226
else X(SHA256, sha256, 32, app->app_local->extcap.is_v2)
3091
3227
else X(SHA384, sha384, 48, app->app_local->extcap.is_v2)
3092
3228
else X(SHA512, sha512, 64, app->app_local->extcap.is_v2)
3093
else if ((indatalen == 28 || indatalen == 32
3229
else if ((indatalen == 28 || indatalen == 32
3094
3230
|| indatalen == 48 || indatalen ==64)
3095
3231
&& app->app_local->extcap.is_v2)
3096
3232
; /* Assume a plain SHA-3 digest has been given. */
3150
3286
assert (datalen <= sizeof data); \
3151
3287
memcpy (data, b ## _prefix, sizeof b ## _prefix); \
3152
3288
memcpy (data + sizeof b ## _prefix, indata, indatalen); \
3155
3291
X(SHA1, sha1, 1)
3156
3292
else X(RMD160, rmd160, 1)
3158
3294
else X(SHA256, sha256, app->app_local->extcap.is_v2)
3159
3295
else X(SHA384, sha384, app->app_local->extcap.is_v2)
3160
3296
else X(SHA512, sha512, app->app_local->extcap.is_v2)
3162
3298
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
3175
3311
log_info (_("signatures created so far: %lu\n"), sigcount);
3177
3313
/* Check CHV if needed. */
3178
if (!app->did_chv1 || app->force_chv1 )
3314
if (!app->did_chv1 || app->force_chv1 )
3180
3316
char *pinvalue;
3189
3325
sync, thus we verify CHV2 here using the given PIN. Cards
3190
3326
with version2 to not have the need for a separate CHV2 and
3191
3327
internally use just one. Obviously we can't do that if the
3192
keypad has been used. */
3328
pinpad has been used. */
3193
3329
if (!app->did_chv2 && pinvalue && !app->app_local->extcap.is_v2)
3195
3331
rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue));
3233
3369
GPG_ERR_WRONG_CARD to indicate that the card currently present does
3234
3370
not match the one required for the requested action (e.g. the
3235
3371
serial number does not match). */
3237
3373
do_auth (app_t app, const char *keyidstr,
3238
3374
gpg_error_t (*pincb)(void*, const char *, char **),
3239
3375
void *pincb_arg,
3266
3402
; /* no fingerprint given: we allow this for now. */
3267
3403
else if (*s == '/')
3270
3406
return gpg_error (GPG_ERR_INV_ID);
3272
3408
for (s=keyidstr, n=0; n < 16; s += 2, n++)
3273
3409
tmp_sn[n] = xtoi_2 (s);
3275
3411
if (app->serialnolen != 16)
3276
3412
return gpg_error (GPG_ERR_INV_CARD);
3277
3413
if (memcmp (app->serialno, tmp_sn, 16))
3343
3479
; /* no fingerprint given: we allow this for now. */
3344
3480
else if (*s == '/')
3347
3483
return gpg_error (GPG_ERR_INV_ID);
3349
3485
for (s=keyidstr, n=0; n < 16; s += 2, n++)
3350
3486
tmp_sn[n] = xtoi_2 (s);
3352
3488
if (app->serialnolen != 16)
3353
3489
return gpg_error (GPG_ERR_INV_CARD);
3354
3490
if (memcmp (app->serialno, tmp_sn, 16))
3401
3537
fixbuf = xtrymalloc (fixuplen + indatalen);
3403
3539
return gpg_error_from_syserror ();
3405
3541
memset (fixbuf, 0, fixuplen);
3406
3542
memcpy (fixbuf+fixuplen, indata, indatalen);
3407
3543
indata = fixbuf;
3423
exmode = le_value = 0;
3559
exmode = le_value = 0;
3425
rc = iso7816_decipher (app->slot, exmode,
3561
rc = iso7816_decipher (app->slot, exmode,
3426
3562
indata, indatalen, le_value, padind,
3427
3563
outdata, outdatalen);
3428
3564
xfree (fixbuf);
3566
if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */
3567
&& app->app_local->manufacturer == 5
3568
&& app->card_version == 0x0200)
3569
log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
3570
" do not work with encryption keys > 2048 bits\n");
3442
3584
There is a special mode if the keyidstr is "<serialno>[CHV3]" with
3443
3585
the "[CHV3]" being a literal string: The Admin Pin is checked if
3444
3586
and only if the retry counter is still at 3. */
3446
3588
do_check_pin (app_t app, const char *keyidstr,
3447
3589
gpg_error_t (*pincb)(void*, const char *, char **),
3448
3590
void *pincb_arg)
3450
unsigned char tmp_sn[20];
3592
unsigned char tmp_sn[20];
3453
3595
int admin_pin = 0;
3458
3600
/* Check whether an OpenPGP card of any version has been requested. */
3459
3601
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
3460
3602
return gpg_error (GPG_ERR_INV_ID);
3462
3604
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
3552
3694
/* Parse the historical bytes in BUFFER of BUFLEN and store them in
3555
parse_historical (struct app_local_s *apploc,
3697
parse_historical (struct app_local_s *apploc,
3556
3698
const unsigned char * buffer, size_t buflen)
3558
3700
/* Example buffer: 00 31 C5 73 C0 01 80 00 90 00 */
3612
3754
assert (keyno >=0 && keyno <= 2);
3614
3756
app->app_local->keyattr[keyno].n_bits = 0;
3616
3758
relptr = get_one_do (app, 0xC1+keyno, &buffer, &buflen, NULL);
3639
3781
app->app_local->keyattr[keyno].format = (buffer[5] == 0? RSA_STD :
3640
3782
buffer[5] == 1? RSA_STD_N :
3641
3783
buffer[5] == 2? RSA_CRT :
3642
buffer[5] == 3? RSA_CRT_N :
3784
buffer[5] == 3? RSA_CRT_N :
3643
3785
RSA_UNKNOWN_FMT);
3645
3787
if (opt.verbose)
3763
3907
/* Available with v2 cards. */
3764
3908
app->app_local->extcap.sm_aes128 = (buffer[1] == 1);
3765
app->app_local->extcap.max_get_challenge
3909
app->app_local->extcap.max_get_challenge
3766
3910
= (buffer[2] << 8 | buffer[3]);
3767
3911
app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]);
3768
3912
app->app_local->extcap.max_cmd_data = (buffer[6] << 8 | buffer[7]);
3783
3927
parse_algorithm_attribute (app, 0);
3784
3928
parse_algorithm_attribute (app, 1);
3785
3929
parse_algorithm_attribute (app, 2);
3787
3931
if (opt.verbose > 1)
3788
3932
dump_all_do (slot);