[git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-140-gbf37c32
by NIIBE Yutaka
cvs at cvs.gnupg.org
Fri Dec 2 06:52:38 CET 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via bf37c32367ba149559385ee90b6435cef8bd6412 (commit)
from 29e96e6b9a8e68e6554dd48bc2ce68ae9525d29f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bf37c32367ba149559385ee90b6435cef8bd6412
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Dec 2 13:57:12 2011 +0900
Fix pinpad input support for passphrase modification.
* apdu.c (pcsc_keypad_verify): Have dummy Lc field with value 0.
(pcsc_keypad_modify): Likewise.
(pcsc_keypad_modify): It's only for ISO7816_CHANGE_REFERENCE_DATA.
bConfirmPIN value is determined by the parameter p0.
* app-openpgp.c (do_change_pin): The flag use_keypad should be 0 when
reset_mode is on, or resetcode is on. use_keypad only makes sense for
iso7816_change_reference_data_kp.
* iso7816.h (iso7816_put_data_kp): Remove.
(iso7816_reset_retry_counter_kp): Remove.
(iso7816_reset_retry_counter_with_rc_kp): Remove.
(iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
* iso7816.c (iso7816_put_data_kp): Remove.
(iso7816_reset_retry_counter_kp): Remove.
(iso7816_reset_retry_counter_with_rc_kp): Remove.
(iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
diff --git a/scd/apdu.c b/scd/apdu.c
index 4d11157..c130d89 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -2043,7 +2043,7 @@ check_pcsc_keypad (int slot, int command, int pin_mode,
}
-#define PIN_VERIFY_STRUCTURE_SIZE 23
+#define PIN_VERIFY_STRUCTURE_SIZE 24
static int
pcsc_keypad_verify (int slot, int class, int ins, int p0, int p1,
struct pininfo_s *pininfo)
@@ -2096,7 +2096,7 @@ pcsc_keypad_verify (int slot, int class, int ins, int p0, int p1,
pin_verify[12] = 0x00; /* bTeoPrologue[0] */
pin_verify[13] = 0x00; /* bTeoPrologue[1] */
pin_verify[14] = 0x00; /* bTeoPrologue[2] */
- pin_verify[15] = 0x04; /* ulDataLength */
+ pin_verify[15] = 0x05; /* ulDataLength */
pin_verify[16] = 0x00; /* ulDataLength */
pin_verify[17] = 0x00; /* ulDataLength */
pin_verify[18] = 0x00; /* ulDataLength */
@@ -2104,6 +2104,7 @@ pcsc_keypad_verify (int slot, int class, int ins, int p0, int p1,
pin_verify[20] = ins; /* abData[1] */
pin_verify[21] = p0; /* abData[2] */
pin_verify[22] = p1; /* abData[3] */
+ pin_verify[23] = 0x00; /* abData[4] */
sw = control_pcsc (slot, reader_table[slot].pcsc.verify_ioctl,
pin_verify, len, result, &resultlen);
@@ -2115,7 +2116,7 @@ pcsc_keypad_verify (int slot, int class, int ins, int p0, int p1,
}
-#define PIN_MODIFY_STRUCTURE_SIZE 28
+#define PIN_MODIFY_STRUCTURE_SIZE 29
static int
pcsc_keypad_modify (int slot, int class, int ins, int p0, int p1,
struct pininfo_s *pininfo)
@@ -2125,32 +2126,6 @@ pcsc_keypad_modify (int slot, int class, int ins, int p0, int p1,
unsigned long len = PIN_MODIFY_STRUCTURE_SIZE;
unsigned char result[2];
size_t resultlen = 2;
- unsigned char confirm_pin;
-
- /* bConfirmPIN
- * 0x00: new PIN once
- * 0x01: new PIN twice (confirmation)
- * 0x02: old PIN and new PIN once
- * 0x03: old PIN and new PIN twice (confirmation)
- */
- switch (ins)
- {
- case ISO7816_CHANGE_REFERENCE_DATA:
- confirm_pin = 0x03;
- break;
- case 0xDA: /* PUT_DATA */
- confirm_pin = 0x01;
- break;
- case ISO7816_RESET_RETRY_COUNTER:
- if (p0 == 0)
- confirm_pin = 0x03;
- else
- confirm_pin = 0x01;
- break;
- default:
- confirm_pin = 0x00;
- break;
- }
if (!reader_table[slot].atrlen
&& (sw = reset_pcsc_reader (slot)))
@@ -2186,7 +2161,13 @@ pcsc_keypad_modify (int slot, int class, int ins, int p0, int p1,
pin_modify[6] = 0x00; /* bInsertionOffsetNew */
pin_modify[7] = pininfo->maxlen; /* wPINMaxExtraDigit */
pin_modify[8] = pininfo->minlen; /* wPINMaxExtraDigit */
- pin_modify[9] = confirm_pin;
+ pin_modify[9] = (p0 == 0 ? 0x03 : 0x01);
+ /* bConfirmPIN
+ * 0x00: new PIN once
+ * 0x01: new PIN twice (confirmation)
+ * 0x02: old PIN and new PIN once
+ * 0x03: old PIN and new PIN twice (confirmation)
+ */
pin_modify[10] = 0x02; /* bEntryValidationCondition: Validation key pressed */
if (pininfo->minlen && pininfo->maxlen && pininfo->minlen == pininfo->maxlen)
pin_modify[10] |= 0x01; /* Max size reached. */
@@ -2199,7 +2180,7 @@ pcsc_keypad_modify (int slot, int class, int ins, int p0, int p1,
pin_modify[17] = 0x00; /* bTeoPrologue[0] */
pin_modify[18] = 0x00; /* bTeoPrologue[1] */
pin_modify[19] = 0x00; /* bTeoPrologue[2] */
- pin_modify[20] = 0x04; /* ulDataLength */
+ pin_modify[20] = 0x05; /* ulDataLength */
pin_modify[21] = 0x00; /* ulDataLength */
pin_modify[22] = 0x00; /* ulDataLength */
pin_modify[23] = 0x00; /* ulDataLength */
@@ -2207,6 +2188,7 @@ pcsc_keypad_modify (int slot, int class, int ins, int p0, int p1,
pin_modify[25] = ins; /* abData[1] */
pin_modify[26] = p0; /* abData[2] */
pin_modify[27] = p1; /* abData[3] */
+ pin_modify[28] = 0x00; /* abData[4] */
sw = control_pcsc (slot, reader_table[slot].pcsc.modify_ioctl,
pin_modify, len, result, &resultlen);
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index b51eb5b..e3a4484 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -1915,7 +1915,6 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
char *pinvalue = NULL;
int reset_mode = !!(flags & APP_CHANGE_FLAG_RESET);
int set_resetcode = 0;
- int with_resetcode = 0;
iso7816_pininfo_t pininfo;
int use_keypad = 0;
int minlen = 6;
@@ -1975,6 +1974,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
if (reset_mode)
{
/* To reset a PIN the Admin PIN is required. */
+ use_keypad = 0;
app->did_chv3 = 0;
rc = verify_chv3 (app, pincb, pincb_arg);
if (rc)
@@ -1983,37 +1983,40 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
if (chvno == 2)
set_resetcode = 1;
}
- else if (!use_keypad && (chvno == 1 || chvno == 3))
+ else if (chvno == 1 || chvno == 3)
{
- char *promptbuf = NULL;
- const char *prompt;
-
- if (chvno == 3)
+ if (!use_keypad)
{
- minlen = 8;
- rc = build_enter_admin_pin_prompt (app, &promptbuf);
+ char *promptbuf = NULL;
+ const char *prompt;
+
+ if (chvno == 3)
+ {
+ minlen = 8;
+ rc = build_enter_admin_pin_prompt (app, &promptbuf);
+ if (rc)
+ goto leave;
+ prompt = promptbuf;
+ }
+ else
+ prompt = _("||Please enter the PIN");
+ rc = pincb (pincb_arg, prompt, &oldpinvalue);
+ xfree (promptbuf);
+ promptbuf = NULL;
if (rc)
- goto leave;
- prompt = promptbuf;
- }
- else
- prompt = _("||Please enter the PIN");
- rc = pincb (pincb_arg, prompt, &oldpinvalue);
- xfree (promptbuf);
- promptbuf = NULL;
- if (rc)
- {
- log_info (_("PIN callback returned error: %s\n"),
- gpg_strerror (rc));
- goto leave;
- }
+ {
+ log_info (_("PIN callback returned error: %s\n"),
+ gpg_strerror (rc));
+ goto leave;
+ }
- if (strlen (oldpinvalue) < minlen)
- {
- log_info (_("PIN for CHV%d is too short;"
- " minimum length is %d\n"), chvno, minlen);
- rc = gpg_error (GPG_ERR_BAD_PIN);
- goto leave;
+ if (strlen (oldpinvalue) < minlen)
+ {
+ log_info (_("PIN for CHV%d is too short;"
+ " minimum length is %d\n"), chvno, minlen);
+ rc = gpg_error (GPG_ERR_BAD_PIN);
+ goto leave;
+ }
}
}
else if (chvno == 2)
@@ -2025,7 +2028,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
size_t valuelen;
int remaining;
- with_resetcode = 1;
+ use_keypad = 0;
minlen = 8;
relptr = get_one_do (app, 0x00C4, &value, &valuelen, NULL);
if (!relptr || valuelen < 7)
@@ -2044,24 +2047,21 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
goto leave;
}
- if (!use_keypad)
+ rc = pincb (pincb_arg,
+ _("||Please enter the Reset Code for the card"),
+ &resetcode);
+ if (rc)
{
- rc = pincb (pincb_arg,
- _("||Please enter the Reset Code for the card"),
- &resetcode);
- if (rc)
- {
- log_info (_("PIN callback returned error: %s\n"),
- gpg_strerror (rc));
- goto leave;
- }
- if (strlen (resetcode) < minlen)
- {
- log_info (_("Reset Code is too short; minimum length is %d\n"),
- minlen);
- rc = gpg_error (GPG_ERR_BAD_PIN);
- goto leave;
- }
+ log_info (_("PIN callback returned error: %s\n"),
+ gpg_strerror (rc));
+ goto leave;
+ }
+ if (strlen (resetcode) < minlen)
+ {
+ log_info (_("Reset Code is too short; minimum length is %d\n"),
+ minlen);
+ rc = gpg_error (GPG_ERR_BAD_PIN);
+ goto leave;
}
}
else
@@ -2093,86 +2093,40 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
}
- if (with_resetcode)
+ if (resetcode)
{
- if (use_keypad)
- {
- rc = pincb (pincb_arg,
- _("||Please enter the Reset Code for the card and New PIN"),
- NULL);
- if (rc)
- {
- log_info (_("PIN callback returned error: %s\n"),
- gpg_strerror (rc));
- goto leave;
- }
- rc = iso7816_reset_retry_counter_with_rc_kp (app->slot, 0x81,
- &pininfo);
- pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
- }
+ char *buffer;
+
+ buffer = xtrymalloc (strlen (resetcode) + strlen (pinvalue) + 1);
+ if (!buffer)
+ rc = gpg_error_from_syserror ();
else
{
- char *buffer;
-
- buffer = xtrymalloc (strlen (resetcode) + strlen (pinvalue) + 1);
- if (!buffer)
- rc = gpg_error_from_syserror ();
- else
- {
- strcpy (stpcpy (buffer, resetcode), pinvalue);
- rc = iso7816_reset_retry_counter_with_rc (app->slot, 0x81,
- buffer, strlen (buffer));
- wipememory (buffer, strlen (buffer));
- xfree (buffer);
- }
+ strcpy (stpcpy (buffer, resetcode), pinvalue);
+ rc = iso7816_reset_retry_counter_with_rc (app->slot, 0x81,
+ buffer, strlen (buffer));
+ wipememory (buffer, strlen (buffer));
+ xfree (buffer);
}
}
else if (set_resetcode)
{
- if (use_keypad)
+ if (strlen (pinvalue) < 8)
{
- rc = pincb (pincb_arg, _("|RN|New Reset Code"), NULL);
- if (rc)
- {
- log_info (_("PIN callback returned error: %s\n"),
- gpg_strerror (rc));
- goto leave;
- }
- rc = iso7816_put_data_kp (app->slot, 0xD3, &pininfo);
- pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
+ log_error (_("Reset Code is too short; minimum length is %d\n"), 8);
+ rc = gpg_error (GPG_ERR_BAD_PIN);
}
else
- if (strlen (pinvalue) < 8)
- {
- log_error (_("Reset Code is too short; minimum length is %d\n"), 8);
- rc = gpg_error (GPG_ERR_BAD_PIN);
- }
- else
- rc = iso7816_put_data (app->slot, 0, 0xD3,
- pinvalue, strlen (pinvalue));
+ rc = iso7816_put_data (app->slot, 0, 0xD3,
+ pinvalue, strlen (pinvalue));
}
else if (reset_mode)
{
- if (use_keypad)
- {
- rc = pincb (pincb_arg, _("|N|New PIN"), NULL);
- if (rc)
- {
- log_info (_("PIN callback returned error: %s\n"),
- gpg_strerror (rc));
- goto leave;
- }
- rc = iso7816_reset_retry_counter_kp (app->slot, 0x81, &pininfo);
- pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
- }
- else
- {
- rc = iso7816_reset_retry_counter (app->slot, 0x81,
- pinvalue, strlen (pinvalue));
- if (!rc && !app->app_local->extcap.is_v2)
- rc = iso7816_reset_retry_counter (app->slot, 0x82,
- pinvalue, strlen (pinvalue));
- }
+ rc = iso7816_reset_retry_counter (app->slot, 0x81,
+ pinvalue, strlen (pinvalue));
+ if (!rc && !app->app_local->extcap.is_v2)
+ rc = iso7816_reset_retry_counter (app->slot, 0x82,
+ pinvalue, strlen (pinvalue));
}
else if (!app->app_local->extcap.is_v2)
{
@@ -2208,7 +2162,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
gpg_strerror (rc));
goto leave;
}
- rc = iso7816_change_reference_data_kp (app->slot, 0x80 + chvno,
+ rc = iso7816_change_reference_data_kp (app->slot, 0x80 + chvno, 0,
&pininfo);
pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */
}
diff --git a/scd/iso7816.c b/scd/iso7816.c
index 8876b93..45f5e08 100644
--- a/scd/iso7816.c
+++ b/scd/iso7816.c
@@ -307,16 +307,18 @@ iso7816_verify (int slot, int chvno, const char *chv, size_t chvlen)
/* Perform a CHANGE_REFERENCE_DATA command on SLOT for the card holder
verification vector CHVNO. With PININFO non-NULL the keypad of the
- reader will be used. */
+ reader will be used. If IS_EXCHANGE is 0, a "change reference
+ data" is done, otherwise an "exchange reference data". */
gpg_error_t
-iso7816_change_reference_data_kp (int slot, int chvno,
+iso7816_change_reference_data_kp (int slot, int chvno, int is_exchange,
iso7816_pininfo_t *pininfo)
{
int sw;
- sw = apdu_keypad_modify (slot, 0x00, CMD_CHANGE_REFERENCE_DATA, 0, chvno,
- pininfo->mode, pininfo->minlen, pininfo->maxlen,
- pininfo->padlen);
+ sw = apdu_keypad_modify (slot, 0x00, CMD_CHANGE_REFERENCE_DATA,
+ is_exchange ? 1 : 0,
+ chvno, pininfo->mode, pininfo->minlen,
+ pininfo->maxlen, pininfo->padlen);
return map_sw (sw);
}
@@ -354,19 +356,6 @@ iso7816_change_reference_data (int slot, int chvno,
gpg_error_t
-iso7816_reset_retry_counter_with_rc_kp (int slot, int chvno,
- iso7816_pininfo_t *pininfo)
-{
- int sw;
-
- sw = apdu_keypad_modify (slot, 0x00, CMD_RESET_RETRY_COUNTER, 0, chvno,
- pininfo->mode, pininfo->minlen, pininfo->maxlen,
- pininfo->padlen);
- return map_sw (sw);
-}
-
-
-gpg_error_t
iso7816_reset_retry_counter_with_rc (int slot, int chvno,
const char *data, size_t datalen)
{
@@ -382,19 +371,6 @@ iso7816_reset_retry_counter_with_rc (int slot, int chvno,
gpg_error_t
-iso7816_reset_retry_counter_kp (int slot, int chvno,
- iso7816_pininfo_t *pininfo)
-{
- int sw;
-
- sw = apdu_keypad_modify (slot, 0x00, CMD_RESET_RETRY_COUNTER, 2, chvno,
- pininfo->mode, pininfo->minlen, pininfo->maxlen,
- pininfo->padlen);
- return map_sw (sw);
-}
-
-
-gpg_error_t
iso7816_reset_retry_counter (int slot, int chvno,
const char *newchv, size_t newchvlen)
{
@@ -445,19 +421,6 @@ iso7816_get_data (int slot, int extended_mode, int tag,
}
-gpg_error_t
-iso7816_put_data_kp (int slot, int tag, iso7816_pininfo_t *pininfo)
-{
- int sw;
-
- sw = apdu_keypad_modify (slot, 0x00, CMD_PUT_DATA,
- ((tag >> 8) & 0xff), (tag & 0xff),
- pininfo->mode, pininfo->minlen, pininfo->maxlen,
- pininfo->padlen);
- return map_sw (sw);
-}
-
-
/* Perform a PUT DATA command on card in SLOT. Write DATA of length
DATALEN to TAG. EXTENDED_MODE controls whether extended length
headers or command chaining is used instead of single length
diff --git a/scd/iso7816.h b/scd/iso7816.h
index 9ed7b21..336208a 100644
--- a/scd/iso7816.h
+++ b/scd/iso7816.h
@@ -68,19 +68,15 @@ gpg_error_t iso7816_change_reference_data (int slot, int chvno,
const char *oldchv, size_t oldchvlen,
const char *newchv, size_t newchvlen);
gpg_error_t iso7816_change_reference_data_kp (int slot, int chvno,
+ int is_exchange,
iso7816_pininfo_t *pininfo);
gpg_error_t iso7816_reset_retry_counter (int slot, int chvno,
const char *newchv, size_t newchvlen);
-gpg_error_t iso7816_reset_retry_counter_kp (int slot, int chvno,
- iso7816_pininfo_t *pininfo);
gpg_error_t iso7816_reset_retry_counter_with_rc (int slot, int chvno,
const char *data,
size_t datalen);
-gpg_error_t iso7816_reset_retry_counter_with_rc_kp (int slot, int chvno,
- iso7816_pininfo_t *pininfo);
gpg_error_t iso7816_get_data (int slot, int extended_mode, int tag,
unsigned char **result, size_t *resultlen);
-gpg_error_t iso7816_put_data_kp (int slot, int tag, iso7816_pininfo_t *pininfo);
gpg_error_t iso7816_put_data (int slot, int extended_mode, int tag,
const void *data, size_t datalen);
gpg_error_t iso7816_put_data_odd (int slot, int extended_mode, int tag,
-----------------------------------------------------------------------
Summary of changes:
scd/apdu.c | 44 ++++---------
scd/app-openpgp.c | 182 ++++++++++++++++++++---------------------------------
scd/iso7816.c | 51 ++-------------
scd/iso7816.h | 6 +--
4 files changed, 89 insertions(+), 194 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list