[svn] GnuPG - r5007 - in trunk: g10 scd

svn author wk cvs at cvs.gnupg.org
Wed May 13 13:42:35 CEST 2009


Author: wk
Date: 2009-05-13 13:42:34 +0200 (Wed, 13 May 2009)
New Revision: 5007

Modified:
   trunk/g10/ChangeLog
   trunk/g10/keygen.c
   trunk/g10/parse-packet.c
   trunk/scd/ChangeLog
   trunk/scd/apdu.c
   trunk/scd/app-nks.c
Log:
Print keyid in gpg --list-packets.
Add some not yet code to app-nks.c
Changed batch mode expiration time computation


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/g10/ChangeLog	2009-05-13 11:42:34 UTC (rev 5007)
@@ -1,5 +1,12 @@
+2009-05-13  Werner Koch  <wk at g10code.com>
+
+	* keygen.c (parse_expire_string): Base ISO date string at noon.
+	Also allow full ISO timestamp.
+
 2009-05-11  Werner Koch  <wk at g10code.com>
 
+	* parse-packet.c (parse_key): Print the key id in list mode.
+
 	* skclist.c (build_sk_list): Use log_info for "duplicated entry".
 	Fixes bug#1045.
 

Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog	2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/scd/ChangeLog	2009-05-13 11:42:34 UTC (rev 5007)
@@ -1,3 +1,7 @@
+2009-05-11  Werner Koch  <wk at g10code.com>
+
+	* apdu.c (send_le): Replace log_error by log_info.
+
 2009-05-08  Werner Koch  <wk at g10code.com>
 
 	* app-openpgp.c (do_genkey): Allow larger key sizes.

Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c	2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/g10/keygen.c	2009-05-13 11:42:34 UTC (rev 5007)
@@ -1799,13 +1799,17 @@
   u32 seconds;
   u32 abs_date = 0;
   u32 curtime = make_timestamp ();
+  time_t tt;
   
   if (!*string)
     seconds = 0;
   else if (!strncmp (string, "seconds=", 8))
     seconds = atoi (string+8);
-  else if ((abs_date = scan_isodatestr(string)) && abs_date > curtime)
-    seconds = abs_date - curtime;
+  else if ((abs_date = scan_isodatestr(string))
+           && (abs_date+86400/2) > curtime)
+    seconds = (abs_date+86400/2) - curtime;
+  else if ((tt = isotime2epoch (string)) != (time_t)(-1))
+    seconds = (u32)tt - curtime;
   else if ((mult = check_valid_days (string)))
     seconds = atoi (string) * 86400L * mult;
   else

Modified: trunk/g10/parse-packet.c
===================================================================
--- trunk/g10/parse-packet.c	2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/g10/parse-packet.c	2009-05-13 11:42:34 UTC (rev 5007)
@@ -1672,6 +1672,7 @@
     int npkey, nskey;
     int is_v4=0;
     int rc=0;
+    u32 keyid[2];
 
     (void)hdr;
 
@@ -1997,6 +1998,9 @@
 		fprintf (listfp, "\tchecksum: %04hx\n", sk->csum);
 	    }
 	}
+
+        if (list_mode)
+          keyid_from_sk (sk, keyid);
     }
     else {
 	PKT_public_key *pk = pkt->pkt.public_key;
@@ -2021,8 +2025,14 @@
 	}
         if (rc)
             goto leave;
+        if (list_mode)
+          keyid_from_pk (pk, keyid);
     }
 
+    if (list_mode)
+      fprintf (listfp, "\tkeyid: %08lX%08lX\n", 
+               (ulong)keyid[0], (ulong)keyid[1]);
+
   leave:
     iobuf_skip_rest(inp, pktlen, 0);
     return rc;

Modified: trunk/scd/apdu.c
===================================================================
--- trunk/scd/apdu.c	2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/scd/apdu.c	2009-05-13 11:42:34 UTC (rev 5007)
@@ -3000,8 +3000,8 @@
       rc = send_apdu (slot, apdu, apdulen, result, &resultlen, pininfo);
       if (rc || resultlen < 2)
         {
-          log_error ("apdu_send_simple(%d) failed: %s\n",
-                     slot, apdu_strerror (rc));
+          log_info ("apdu_send_simple(%d) failed: %s\n",
+                    slot, apdu_strerror (rc));
           unlock_slot (slot);
           return rc? rc : SW_HOST_INCOMPLETE_CARD_RESPONSE;
         }

Modified: trunk/scd/app-nks.c
===================================================================
--- trunk/scd/app-nks.c	2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/scd/app-nks.c	2009-05-13 11:42:34 UTC (rev 5007)
@@ -666,7 +666,98 @@
 }
 
 
+/* Handle the WRITEKEY command for NKS.  This function expects a
+   canonical encoded S-expression with the public key in KEYDATA and
+   its length in KEYDATALEN.  The only supported KEYID is
+   "$IFDAUTHKEY" to store the terminal key on the card.  Bit 0 of
+   FLAGS indicates whether an existing key shall get overwritten.
+   PINCB and PINCB_ARG are the usual arguments for the pinentry
+   callback.  */
 static gpg_error_t
+do_writekey (app_t app, ctrl_t ctrl,
+             const char *keyid, unsigned int flags,
+             gpg_error_t (*pincb)(void*, const char *, char **),
+             void *pincb_arg,
+             const unsigned char *keydata, size_t keydatalen)
+{
+  gpg_error_t err;
+  int force = (flags & 1);
+  const unsigned char *rsa_n = NULL;
+  const unsigned char *rsa_e = NULL;
+  size_t rsa_n_len, rsa_e_len;
+  unsigned int nbits;
+
+  (void)ctrl;
+  (void)pincb;
+  (void)pincb_arg;
+
+  if (!strcmp (keyid, "$IFDAUTHKEY") && app->app_local->nks_version >= 3)
+    ;
+  else
+    return gpg_error (GPG_ERR_INV_ID);
+  
+  if (!force && !do_readkey (app, keyid, NULL, NULL))
+    return gpg_error (GPG_ERR_EEXIST);
+
+  /* Parse the S-expression.  */
+  err = get_rsa_pk_from_canon_sexp (keydata, keydatalen,
+                                    &rsa_n, &rsa_n_len, &rsa_e, &rsa_e_len);
+  if (err) 
+    goto leave;
+
+  /* Check that the parameters match the requirements.  */
+  nbits = app_help_count_bits (rsa_n, rsa_n_len);
+  if (nbits != 1024)
+    {
+      log_error (_("RSA modulus missing or not of size %d bits\n"), 1024);
+      err = gpg_error (GPG_ERR_BAD_PUBKEY);
+      goto leave;
+    }
+
+  nbits = app_help_count_bits (rsa_e, rsa_e_len);
+  if (nbits < 2 || nbits > 32)
+    {
+      log_error (_("RSA public exponent missing or larger than %d bits\n"),
+                 32);
+      err = gpg_error (GPG_ERR_BAD_PUBKEY);
+      goto leave;
+    }
+
+/*   /\* Store them.  *\/ */
+/*   err = verify_pin (app, 0, NULL, pincb, pincb_arg); */
+/*   if (err) */
+/*     goto leave; */
+
+  /* Send the MSE:Store_Public_Key.  */
+  err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+/*   mse = xtrymalloc (1000); */
+  
+/*   mse[0] = 0x80; /\* Algorithm reference.  *\/ */
+/*   mse[1] = 1; */
+/*   mse[2] = 0x17; */
+/*   mse[3] = 0x84; /\* Private key reference.  *\/ */
+/*   mse[4] = 1; */
+/*   mse[5] = 0x77; */
+/*   mse[6] = 0x7F; /\* Public key parameter.  *\/ */
+/*   mse[7] = 0x49; */
+/*   mse[8] = 0x81; */
+/*   mse[9] = 3 + 0x80 + 2 + rsa_e_len; */
+/*   mse[10] = 0x81; /\* RSA modulus of 128 byte.  *\/ */
+/*   mse[11] = 0x81; */
+/*   mse[12] = rsa_n_len; */
+/*   memcpy (mse+12, rsa_n, rsa_n_len); */
+/*   mse[10] = 0x82; /\* RSA public exponent of up to 4 bytes.  *\/ */
+/*   mse[12] = rsa_e_len; */
+/*   memcpy (mse+12, rsa_e, rsa_e_len); */
+/*   err = iso7816_manage_security_env (app->slot, 0x81, 0xB6, */
+/*                                      mse, sizeof mse); */
+
+ leave:
+  return err;
+}
+
+
+static gpg_error_t
 basic_pin_checks (const char *pinvalue, int minlen, int maxlen)
 {
   if (strlen (pinvalue) < minlen)
@@ -1309,7 +1400,7 @@
       app->fnc.readkey = do_readkey;
       app->fnc.getattr = do_getattr;
       app->fnc.setattr = NULL;
-      app->fnc.writekey = NULL;
+      app->fnc.writekey = do_writekey;
       app->fnc.genkey = NULL;
       app->fnc.sign = do_sign;
       app->fnc.auth = NULL;




More information about the Gnupg-commits mailing list