[svn] GnuPG - r3913 - in trunk: doc g10
svn author wk
cvs at cvs.gnupg.org
Tue Oct 18 19:41:22 CEST 2005
Author: wk
Date: 2005-10-18 19:41:20 +0200 (Tue, 18 Oct 2005)
New Revision: 3913
Modified:
trunk/doc/DETAILS
trunk/g10/ChangeLog
trunk/g10/card-util.c
trunk/g10/cardglue.c
trunk/g10/cardglue.h
trunk/g10/keygen.c
Log:
Fixed minor card related bugs and enhanced status messages
Modified: trunk/doc/DETAILS
===================================================================
--- trunk/doc/DETAILS 2005-10-17 17:21:15 UTC (rev 3912)
+++ trunk/doc/DETAILS 2005-10-18 17:41:20 UTC (rev 3913)
@@ -330,7 +330,7 @@
NEED_PASSPHRASE_SYM <cipher_algo> <s2k_mode> <s2k_hash>
Issued whenever a passphrase for symmetric encryption is needed.
- NEED_PASSPHRASE_PIN <card_type> <chvno>
+ NEED_PASSPHRASE_PIN <card_type> <chvno> [<serialno>]
Issued whenever a PIN is requested to unlock a card.
MISSING_PASSPHRASE
@@ -572,10 +572,14 @@
This indicates that a signature subpacket was seen. The
format is the same as the "spk" record above.
- SC_OP_FAILURE
+ SC_OP_FAILURE [<code>]
An operation on a smartcard definitely failed. Currently
there is no indication of the actual error code, but
application should be prepared to later accept more arguments.
+ Defined values for CODE are:
+ 0 - unspecified error (identically to a missing CODE)
+ 1 - canceled
+ 2 - bad PIN
SC_OP_SUCCESS
A smart card operaion succeeded. This status is only printed
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2005-10-17 17:21:15 UTC (rev 3912)
+++ trunk/g10/ChangeLog 2005-10-18 17:41:20 UTC (rev 3913)
@@ -1,3 +1,19 @@
+2005-10-18 Werner Koch <wk at g10code.com>
+
+ * cardglue.c (pin_cb): Fixed prompt for repeated PIN. Return
+ G10ERR_CANCELED and not just -1.
+ (status_sc_op_failure): New. Use it where we issue that status.
+ (pin_cb): Append serial number to the need-pin status message.
+ (agent_scd_change_pin): Add arg SERIALNO. Changed all callers.
+ (agent_scd_writekey): Ditto.
+ (agent_scd_setattr): Ditto.
+ (agent_scd_genkey): Ditto.
+ (agent_scd_checkpin): Pass serialno to the pin_cb.
+
+ * keygen.c (parse_expire_string): Allow setting the expire
+ interval using a "seconds=<n>" syntax. This is useful for
+ debugging.
+
2005-10-17 Werner Koch <wk at g10code.com>
* export.c (do_export_stream): Factored some code out to ...
Modified: trunk/g10/card-util.c
===================================================================
--- trunk/g10/card-util.c 2005-10-17 17:21:15 UTC (rev 3912)
+++ trunk/g10/card-util.c 2005-10-18 17:41:20 UTC (rev 3913)
@@ -70,17 +70,16 @@
agent_clear_pin_cache (info.serialno);
- agent_release_card_info (&info);
-
if (opt.batch)
{
+ agent_release_card_info (&info);
log_error (_("can't do this in batch mode\n"));
return;
}
if(!allow_admin)
{
- rc = agent_scd_change_pin (1);
+ rc = agent_scd_change_pin (1, info.serialno);
if (rc)
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
else
@@ -109,7 +108,7 @@
rc = 0;
if (*answer == '1')
{
- rc = agent_scd_change_pin (1);
+ rc = agent_scd_change_pin (1, info.serialno);
if (rc)
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
else
@@ -120,7 +119,7 @@
}
else if (*answer == '2')
{
- rc = agent_scd_change_pin (101);
+ rc = agent_scd_change_pin (101, info.serialno);
if (rc)
tty_printf ("Error unblocking the PIN: %s\n", gpg_strerror (rc));
else
@@ -131,7 +130,7 @@
}
else if (*answer == '3')
{
- rc = agent_scd_change_pin (3);
+ rc = agent_scd_change_pin (3, info.serialno);
if (rc)
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
else
@@ -145,6 +144,8 @@
break;
}
}
+
+ agent_release_card_info (&info);
}
static const char *
@@ -561,7 +562,7 @@
return -1;
}
- rc = agent_scd_setattr ("DISP-NAME", isoname, strlen (isoname) );
+ rc = agent_scd_setattr ("DISP-NAME", isoname, strlen (isoname), NULL );
if (rc)
log_error ("error setting Name: %s\n", gpg_strerror (rc));
@@ -590,7 +591,7 @@
return -1;
}
- rc = agent_scd_setattr ("PUBKEY-URL", url, strlen (url) );
+ rc = agent_scd_setattr ("PUBKEY-URL", url, strlen (url), NULL );
if (rc)
log_error ("error setting URL: %s\n", gpg_strerror (rc));
xfree (url);
@@ -706,7 +707,7 @@
return -1;
}
- rc = agent_scd_setattr ("LOGIN-DATA", data, n );
+ rc = agent_scd_setattr ("LOGIN-DATA", data, n, NULL );
if (rc)
log_error ("error setting login data: %s\n", gpg_strerror (rc));
xfree (data);
@@ -775,7 +776,7 @@
return -1;
}
- rc = agent_scd_setattr (do_name, data, n );
+ rc = agent_scd_setattr (do_name, data, n, NULL );
if (rc)
log_error ("error setting private DO: %s\n", gpg_strerror (rc));
xfree (data);
@@ -811,7 +812,7 @@
return -1;
}
- rc = agent_scd_setattr ("DISP-LANG", data, strlen (data) );
+ rc = agent_scd_setattr ("DISP-LANG", data, strlen (data), NULL );
if (rc)
log_error ("error setting lang: %s\n", gpg_strerror (rc));
xfree (data);
@@ -846,7 +847,7 @@
return -1;
}
- rc = agent_scd_setattr ("DISP-SEX", str, 1 );
+ rc = agent_scd_setattr ("DISP-SEX", str, 1, NULL );
if (rc)
log_error ("error setting sex: %s\n", gpg_strerror (rc));
xfree (data);
@@ -891,7 +892,7 @@
rc = agent_scd_setattr (fprno==1?"CA-FPR-1":
fprno==2?"CA-FPR-2":
- fprno==3?"CA-FPR-3":"x", fpr, 20 );
+ fprno==3?"CA-FPR-3":"x", fpr, 20, NULL );
if (rc)
log_error ("error setting cafpr: %s\n", gpg_strerror (rc));
return rc;
@@ -916,7 +917,7 @@
newstate = !info.chv1_cached;
agent_release_card_info (&info);
- rc = agent_scd_setattr ("CHV-STATUS-1", newstate? "\x01":"", 1);
+ rc = agent_scd_setattr ("CHV-STATUS-1", newstate? "\x01":"", 1, NULL);
if (rc)
log_error ("error toggling signature PIN flag: %s\n", gpg_strerror (rc));
}
@@ -961,7 +962,7 @@
{ /* Switch of the forced mode so that during key generation we
don't get bothered with PIN queries for each
self-signature. */
- rc = agent_scd_setattr ("CHV-STATUS-1", "\x01", 1);
+ rc = agent_scd_setattr ("CHV-STATUS-1", "\x01", 1, info->serialno);
if (rc)
{
log_error ("error clearing forced signature PIN flag: %s\n",
@@ -989,7 +990,7 @@
if (*forced_chv1)
{ /* Switch back to forced state. */
- rc = agent_scd_setattr ("CHV-STATUS-1", "", 1);
+ rc = agent_scd_setattr ("CHV-STATUS-1", "", 1, NULL);
if (rc)
{
log_error ("error setting forced signature PIN flag: %s\n",
Modified: trunk/g10/cardglue.c
===================================================================
--- trunk/g10/cardglue.c 2005-10-17 17:21:15 UTC (rev 3912)
+++ trunk/g10/cardglue.c 2005-10-18 17:41:20 UTC (rev 3913)
@@ -520,6 +520,20 @@
return cacheid;
}
+
+/* If RC is not 0, write an appropriate status message. */
+static void
+status_sc_op_failure (int rc)
+{
+ if (rc == G10ERR_CANCELED)
+ write_status_text (STATUS_SC_OP_FAILURE, "1");
+ else if (rc == G10ERR_BAD_PASS)
+ write_status_text (STATUS_SC_OP_FAILURE, "2");
+ else if (rc)
+ write_status (STATUS_SC_OP_FAILURE);
+}
+
+
/* Check that the serial number of the current card (as described by
APP) matches SERIALNO. If there is no match and we are not in
batch mode, present a prompt to insert the desired card. The
@@ -880,8 +894,18 @@
again:
if (is_status_enabled())
- write_status_text (STATUS_NEED_PASSPHRASE_PIN,
- isadmin? "OPENPGP 3" : "OPENPGP 1");
+ {
+ if (parm && parm->sn && *parm->sn)
+ {
+ char *buf = xmalloc ( 10 + strlen (parm->sn) + 1);
+ strcpy (stpcpy (buf, isadmin? "OPENPGP 3 ":"OPENPGP 1 "), parm->sn);
+ write_status_text (STATUS_NEED_PASSPHRASE_PIN, buf);
+ xfree (buf);
+ }
+ else
+ write_status_text (STATUS_NEED_PASSPHRASE_PIN,
+ isadmin? "OPENPGP 3" : "OPENPGP 1");
+ }
value = ask_passphrase (info, again_text,
newpin && isadmin? "passphrase.adminpin.new.ask" :
@@ -898,7 +922,7 @@
cacheid = NULL;
again_text = NULL;
if (!value && canceled)
- return -1;
+ return G10ERR_CANCELED;
else if (!value)
return G10ERR_GENERAL;
@@ -906,16 +930,17 @@
{
char *value2;
- value2 = ask_passphrase (info, NULL, NULL,
+ value2 = ask_passphrase (info, NULL,
"passphrase.pin.repeat",
_("Repeat this PIN: "),
- &canceled);
- if (!value && canceled)
+ NULL,
+ &canceled);
+ if (!value2 && canceled)
{
xfree (value);
- return -1;
+ return G10ERR_CANCELED;
}
- else if (!value)
+ else if (!value2)
{
xfree (value);
return G10ERR_GENERAL;
@@ -940,11 +965,16 @@
/* Send a SETATTR command to the SCdaemon. */
int
agent_scd_setattr (const char *name,
- const unsigned char *value, size_t valuelen)
+ const unsigned char *value, size_t valuelen,
+ const char *serialno)
{
app_t app;
int rc;
+ struct pincb_parm_s parm;
+ memset (&parm, 0, sizeof parm);
+ parm.sn = serialno;
+
app = current_app? current_app : open_card ();
if (!app)
return gpg_error (GPG_ERR_CARD);
@@ -981,11 +1011,10 @@
}
else
{
- rc = app->fnc.setattr (app, name, pin_cb, NULL, value, valuelen);
+ rc = app->fnc.setattr (app, name, pin_cb, &parm, value, valuelen);
}
- if (rc)
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
return rc;
}
@@ -1003,11 +1032,17 @@
/* Send a WRITEKEY command to the SCdaemon. */
int
-agent_scd_writekey (int keyno, const unsigned char *keydata, size_t keydatalen)
+agent_scd_writekey (int keyno, const char *serialno,
+ const unsigned char *keydata, size_t keydatalen)
{
app_t app;
int rc;
char line[ASSUAN_LINELENGTH];
+ struct pincb_parm_s parm;
+
+ memset (&parm, 0, sizeof parm);
+ parm.sn = serialno;
+
app = current_app? current_app : open_card ();
if (!app)
return gpg_error (GPG_ERR_CARD);
@@ -1032,12 +1067,11 @@
snprintf (line, DIM(line)-1, "OPENPGP.%d", keyno);
line[DIM(line)-1] = 0;
rc = app->fnc.writekey (app, NULL, line, 0x0001,
- pin_cb, NULL,
+ pin_cb, &parm,
keydata, keydatalen);
}
- if (rc)
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
return rc;
}
@@ -1097,13 +1131,18 @@
/* Send a GENKEY command to the SCdaemon. */
int
-agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force)
+agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
+ const char *serialno)
{
app_t app;
char line[ASSUAN_LINELENGTH];
struct ctrl_ctx_s ctrl;
int rc;
+ struct pincb_parm_s parm;
+ memset (&parm, 0, sizeof parm);
+ parm.sn = serialno;
+
app = current_app? current_app : open_card ();
if (!app)
return gpg_error (GPG_ERR_CARD);
@@ -1127,11 +1166,10 @@
ctrl.status_cb_arg = info;
rc = app->fnc.genkey (app, &ctrl, line,
force? 1:0,
- pin_cb, NULL);
+ pin_cb, &parm);
}
- if (rc)
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
return rc;
}
@@ -1213,7 +1251,7 @@
if (rc)
{
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
if (!app->assuan_ctx)
agent_clear_pin_cache (serialno);
}
@@ -1287,21 +1325,27 @@
if (rc)
{
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
if (!app->assuan_ctx)
agent_clear_pin_cache (serialno);
}
return rc;
}
-/* Change the PIN of an OpenPGP card or reset the retry counter. */
+/* Change the PIN of an OpenPGP card or reset the retry
+ counter. SERIALNO may be NULL or a hex string finally passed to the
+ passphrase callback. */
int
-agent_scd_change_pin (int chvno)
+agent_scd_change_pin (int chvno, const char *serialno)
{
app_t app;
int reset = 0;
int rc;
+ struct pincb_parm_s parm;
+ memset (&parm, 0, sizeof parm);
+ parm.sn = serialno;
+
reset = (chvno >= 100);
chvno %= 100;
@@ -1326,11 +1370,10 @@
sprintf (chvnostr, "%d", chvno);
rc = app->fnc.change_pin (app, NULL, chvnostr, reset,
- pin_cb, NULL);
+ pin_cb, &parm);
}
- if (rc)
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
return rc;
}
@@ -1342,7 +1385,11 @@
{
app_t app;
int rc;
+ struct pincb_parm_s parm;
+ memset (&parm, 0, sizeof parm);
+ parm.sn = serialnobuf;
+
app = current_app? current_app : open_card ();
if (!app)
return gpg_error (GPG_ERR_CARD);
@@ -1360,11 +1407,10 @@
}
else
{
- rc = app->fnc.check_pin (app, serialnobuf, pin_cb, NULL);
+ rc = app->fnc.check_pin (app, serialnobuf, pin_cb, &parm);
}
- if (rc)
- write_status (STATUS_SC_OP_FAILURE);
+ status_sc_op_failure (rc);
return rc;
}
Modified: trunk/g10/cardglue.h
===================================================================
--- trunk/g10/cardglue.h 2005-10-17 17:21:15 UTC (rev 3912)
+++ trunk/g10/cardglue.h 2005-10-18 17:41:20 UTC (rev 3913)
@@ -82,7 +82,7 @@
#define GPG_ERR_GENERAL G10ERR_GENERAL
#define GPG_ERR_BAD_PIN G10ERR_BAD_PASS
-#define GPG_ERR_BAD_KEy G10ERR_BAD_KEY
+#define GPG_ERR_BAD_KEY G10ERR_BAD_KEY
#define GPG_ERR_CARD G10ERR_GENERAL
#define GPG_ERR_EEXIST G10ERR_FILE_EXISTS
#define GPG_ERR_ENOMEM G10ERR_RESOURCE_LIMIT
@@ -175,14 +175,16 @@
/* Send a SETATTR command to the SCdaemon. */
int agent_scd_setattr (const char *name,
- const unsigned char *value, size_t valuelen);
+ const unsigned char *value, size_t valuelen,
+ const char *serialno);
/* Send a WRITEKEY command to the SCdaemon. */
-int agent_scd_writekey (int keyno,
+int agent_scd_writekey (int keyno, const char *serialno,
const unsigned char *keydata, size_t keydatalen);
/* Send a GENKEY command to the SCdaemon. */
-int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force);
+int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
+ const char *serialno);
/* Send a PKSIGN command to the SCdaemon. */
int agent_scd_pksign (const char *keyid, int hashalgo,
@@ -195,7 +197,7 @@
unsigned char **r_buf, size_t *r_buflen);
/* Change the PIN of an OpenPGP card or reset the retry counter. */
-int agent_scd_change_pin (int chvno);
+int agent_scd_change_pin (int chvno, const char *serialno);
/* Send a CHECKPIN command. */
int agent_scd_checkpin (const char *serialnobuf);
Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c 2005-10-17 17:21:15 UTC (rev 3912)
+++ trunk/g10/keygen.c 2005-10-18 17:41:20 UTC (rev 3913)
@@ -1492,6 +1492,8 @@
if( !*string )
seconds = 0;
+ else if ( !strncmp (string, "seconds=", 8) )
+ seconds = atoi (string+8);
else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime )
seconds = abs_date - curtime;
else if( (mult=check_valid_days(string)) )
@@ -3274,8 +3276,8 @@
assert (algo == PUBKEY_ALGO_RSA);
-
- rc = agent_scd_genkey (&info, keyno, 1);
+ /* Fixme: We don't have the serialnumber available, thus passing NULL. */
+ rc = agent_scd_genkey (&info, keyno, 1, NULL);
/* if (gpg_err_code (rc) == GPG_ERR_EEXIST) */
/* { */
/* tty_printf ("\n"); */
@@ -3550,7 +3552,9 @@
sprintf (numbuf, "%lu:", (unsigned long)strlen (numbuf2));
p = stpcpy (stpcpy (stpcpy (p, numbuf), numbuf2), "))");
- rc = agent_scd_writekey (keyno, sexp, p - sexp);
+ /* Fixme: Unfortunately we don't have the serialnumber available -
+ thus we can't pass it down to the agent. */
+ rc = agent_scd_writekey (keyno, NULL, sexp, p - sexp);
leave:
xfree (sexp);
More information about the Gnupg-commits
mailing list