[svn] GnuPG - r5007 - in trunk: g10 scd
svn author wk
cvs at cvs.gnupg.org
Wed May 13 13:42:35 CEST 2009
Author: wk
Date: 2009-05-13 13:42:34 +0200 (Wed, 13 May 2009)
New Revision: 5007
Modified:
trunk/g10/ChangeLog
trunk/g10/keygen.c
trunk/g10/parse-packet.c
trunk/scd/ChangeLog
trunk/scd/apdu.c
trunk/scd/app-nks.c
Log:
Print keyid in gpg --list-packets.
Add some not yet code to app-nks.c
Changed batch mode expiration time computation
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/g10/ChangeLog 2009-05-13 11:42:34 UTC (rev 5007)
@@ -1,5 +1,12 @@
+2009-05-13 Werner Koch <wk at g10code.com>
+
+ * keygen.c (parse_expire_string): Base ISO date string at noon.
+ Also allow full ISO timestamp.
+
2009-05-11 Werner Koch <wk at g10code.com>
+ * parse-packet.c (parse_key): Print the key id in list mode.
+
* skclist.c (build_sk_list): Use log_info for "duplicated entry".
Fixes bug#1045.
Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog 2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/scd/ChangeLog 2009-05-13 11:42:34 UTC (rev 5007)
@@ -1,3 +1,7 @@
+2009-05-11 Werner Koch <wk at g10code.com>
+
+ * apdu.c (send_le): Replace log_error by log_info.
+
2009-05-08 Werner Koch <wk at g10code.com>
* app-openpgp.c (do_genkey): Allow larger key sizes.
Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c 2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/g10/keygen.c 2009-05-13 11:42:34 UTC (rev 5007)
@@ -1799,13 +1799,17 @@
u32 seconds;
u32 abs_date = 0;
u32 curtime = make_timestamp ();
+ time_t tt;
if (!*string)
seconds = 0;
else if (!strncmp (string, "seconds=", 8))
seconds = atoi (string+8);
- else if ((abs_date = scan_isodatestr(string)) && abs_date > curtime)
- seconds = abs_date - curtime;
+ else if ((abs_date = scan_isodatestr(string))
+ && (abs_date+86400/2) > curtime)
+ seconds = (abs_date+86400/2) - curtime;
+ else if ((tt = isotime2epoch (string)) != (time_t)(-1))
+ seconds = (u32)tt - curtime;
else if ((mult = check_valid_days (string)))
seconds = atoi (string) * 86400L * mult;
else
Modified: trunk/g10/parse-packet.c
===================================================================
--- trunk/g10/parse-packet.c 2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/g10/parse-packet.c 2009-05-13 11:42:34 UTC (rev 5007)
@@ -1672,6 +1672,7 @@
int npkey, nskey;
int is_v4=0;
int rc=0;
+ u32 keyid[2];
(void)hdr;
@@ -1997,6 +1998,9 @@
fprintf (listfp, "\tchecksum: %04hx\n", sk->csum);
}
}
+
+ if (list_mode)
+ keyid_from_sk (sk, keyid);
}
else {
PKT_public_key *pk = pkt->pkt.public_key;
@@ -2021,8 +2025,14 @@
}
if (rc)
goto leave;
+ if (list_mode)
+ keyid_from_pk (pk, keyid);
}
+ if (list_mode)
+ fprintf (listfp, "\tkeyid: %08lX%08lX\n",
+ (ulong)keyid[0], (ulong)keyid[1]);
+
leave:
iobuf_skip_rest(inp, pktlen, 0);
return rc;
Modified: trunk/scd/apdu.c
===================================================================
--- trunk/scd/apdu.c 2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/scd/apdu.c 2009-05-13 11:42:34 UTC (rev 5007)
@@ -3000,8 +3000,8 @@
rc = send_apdu (slot, apdu, apdulen, result, &resultlen, pininfo);
if (rc || resultlen < 2)
{
- log_error ("apdu_send_simple(%d) failed: %s\n",
- slot, apdu_strerror (rc));
+ log_info ("apdu_send_simple(%d) failed: %s\n",
+ slot, apdu_strerror (rc));
unlock_slot (slot);
return rc? rc : SW_HOST_INCOMPLETE_CARD_RESPONSE;
}
Modified: trunk/scd/app-nks.c
===================================================================
--- trunk/scd/app-nks.c 2009-05-11 10:01:11 UTC (rev 5006)
+++ trunk/scd/app-nks.c 2009-05-13 11:42:34 UTC (rev 5007)
@@ -666,7 +666,98 @@
}
+/* Handle the WRITEKEY command for NKS. This function expects a
+ canonical encoded S-expression with the public key in KEYDATA and
+ its length in KEYDATALEN. The only supported KEYID is
+ "$IFDAUTHKEY" to store the terminal key on the card. Bit 0 of
+ FLAGS indicates whether an existing key shall get overwritten.
+ PINCB and PINCB_ARG are the usual arguments for the pinentry
+ callback. */
static gpg_error_t
+do_writekey (app_t app, ctrl_t ctrl,
+ const char *keyid, unsigned int flags,
+ gpg_error_t (*pincb)(void*, const char *, char **),
+ void *pincb_arg,
+ const unsigned char *keydata, size_t keydatalen)
+{
+ gpg_error_t err;
+ int force = (flags & 1);
+ const unsigned char *rsa_n = NULL;
+ const unsigned char *rsa_e = NULL;
+ size_t rsa_n_len, rsa_e_len;
+ unsigned int nbits;
+
+ (void)ctrl;
+ (void)pincb;
+ (void)pincb_arg;
+
+ if (!strcmp (keyid, "$IFDAUTHKEY") && app->app_local->nks_version >= 3)
+ ;
+ else
+ return gpg_error (GPG_ERR_INV_ID);
+
+ if (!force && !do_readkey (app, keyid, NULL, NULL))
+ return gpg_error (GPG_ERR_EEXIST);
+
+ /* Parse the S-expression. */
+ err = get_rsa_pk_from_canon_sexp (keydata, keydatalen,
+ &rsa_n, &rsa_n_len, &rsa_e, &rsa_e_len);
+ if (err)
+ goto leave;
+
+ /* Check that the parameters match the requirements. */
+ nbits = app_help_count_bits (rsa_n, rsa_n_len);
+ if (nbits != 1024)
+ {
+ log_error (_("RSA modulus missing or not of size %d bits\n"), 1024);
+ err = gpg_error (GPG_ERR_BAD_PUBKEY);
+ goto leave;
+ }
+
+ nbits = app_help_count_bits (rsa_e, rsa_e_len);
+ if (nbits < 2 || nbits > 32)
+ {
+ log_error (_("RSA public exponent missing or larger than %d bits\n"),
+ 32);
+ err = gpg_error (GPG_ERR_BAD_PUBKEY);
+ goto leave;
+ }
+
+/* /\* Store them. *\/ */
+/* err = verify_pin (app, 0, NULL, pincb, pincb_arg); */
+/* if (err) */
+/* goto leave; */
+
+ /* Send the MSE:Store_Public_Key. */
+ err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+/* mse = xtrymalloc (1000); */
+
+/* mse[0] = 0x80; /\* Algorithm reference. *\/ */
+/* mse[1] = 1; */
+/* mse[2] = 0x17; */
+/* mse[3] = 0x84; /\* Private key reference. *\/ */
+/* mse[4] = 1; */
+/* mse[5] = 0x77; */
+/* mse[6] = 0x7F; /\* Public key parameter. *\/ */
+/* mse[7] = 0x49; */
+/* mse[8] = 0x81; */
+/* mse[9] = 3 + 0x80 + 2 + rsa_e_len; */
+/* mse[10] = 0x81; /\* RSA modulus of 128 byte. *\/ */
+/* mse[11] = 0x81; */
+/* mse[12] = rsa_n_len; */
+/* memcpy (mse+12, rsa_n, rsa_n_len); */
+/* mse[10] = 0x82; /\* RSA public exponent of up to 4 bytes. *\/ */
+/* mse[12] = rsa_e_len; */
+/* memcpy (mse+12, rsa_e, rsa_e_len); */
+/* err = iso7816_manage_security_env (app->slot, 0x81, 0xB6, */
+/* mse, sizeof mse); */
+
+ leave:
+ return err;
+}
+
+
+static gpg_error_t
basic_pin_checks (const char *pinvalue, int minlen, int maxlen)
{
if (strlen (pinvalue) < minlen)
@@ -1309,7 +1400,7 @@
app->fnc.readkey = do_readkey;
app->fnc.getattr = do_getattr;
app->fnc.setattr = NULL;
- app->fnc.writekey = NULL;
+ app->fnc.writekey = do_writekey;
app->fnc.genkey = NULL;
app->fnc.sign = do_sign;
app->fnc.auth = NULL;
More information about the Gnupg-commits
mailing list