[git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.19-39-gab4ea45
by Werner Koch
cvs at cvs.gnupg.org
Tue Nov 6 16:07:32 CET 2012
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-0 has been updated
via ab4ea45f54006eba55db11263431c4c0c4f557dc (commit)
via c0a20d6124118a91e18aa707d2c1102c67d6798f (commit)
from d5c46ac6f447e92722fd7e904bf520b1265a0ce0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ab4ea45f54006eba55db11263431c4c0c4f557dc
Author: Werner Koch <wk at gnupg.org>
Date: Tue Nov 6 14:39:22 2012 +0100
Allow decryption with card keys > 3072 bit
* scd/command.c (MAXLEN_SETDATA): New.
(cmd_setdata): Add option --append.
* g10/call-agent.c (agent_scd_pkdecrypt): Use new option for long data
* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
(app_select_openpgp): Store manufacturer.
(do_decipher): Print a note for broken cards.
--
Please note that I was not able to run a full test because I only have
broken cards (S/N < 346) available.
diff --git a/g10/call-agent.c b/g10/call-agent.c
index cded773..373d8c9 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -1034,7 +1034,7 @@ agent_scd_pksign (const char *serialno, int hashalgo,
/* Decrypt INDATA of length INDATALEN using the card identified by
- SERIALNO. Return the plaintext in a nwly allocated buffer stored
+ SERIALNO. Return the plaintext in a newly allocated buffer stored
at the address of R_BUF.
Note, we currently support only RSA or more exactly algorithms
@@ -1058,20 +1058,26 @@ agent_scd_pkdecrypt (const char *serialno,
return rc;
/* FIXME: use secure memory where appropriate */
- if (indatalen*2 + 50 > DIM(line))
- return gpg_error (GPG_ERR_GENERAL);
rc = select_openpgp (serialno);
if (rc)
return rc;
- sprintf (line, "SCD SETDATA ");
- p = line + strlen (line);
- for (i=0; i < indatalen ; i++, p += 2 )
- sprintf (p, "%02X", indata[i]);
- rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
+ for (len = 0; len < indatalen;)
+ {
+ p = stpcpy (line, "SCD SETDATA ");
+ if (len)
+ p = stpcpy (p, "--append ");
+ for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++)
+ {
+ sprintf (p, "%02X", indata[len]);
+ p += 2;
+ }
+ rc = assuan_transact (agent_ctx, line,
+ NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
return rc;
+ }
init_membuf (&data, 1024);
snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index ff26b36..141b2b7 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -158,6 +158,8 @@ struct app_local_s {
unsigned char status_indicator; /* The card status indicator. */
+ unsigned int manufacturer:16; /* Manufacturer ID from the s/n. */
+
/* Keep track of the ISO card capabilities. */
struct
{
@@ -3462,6 +3464,12 @@ do_decipher (app_t app, const char *keyidstr,
indata, indatalen, le_value, padind,
outdata, outdatalen);
xfree (fixbuf);
+
+ if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */
+ && app->app_local->manufacturer == 5
+ && app->card_version == 0x0200)
+ log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
+ " do not work with encryption keys > 2048 bits\n");
}
return rc;
@@ -3749,6 +3757,8 @@ app_select_openpgp (app_t app)
goto leave;
}
+ app->app_local->manufacturer = manufacturer;
+
if (app->card_version >= 0x0200)
app->app_local->extcap.is_v2 = 1;
diff --git a/scd/command.c b/scd/command.c
index 6053fc6..3ce4a57 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -46,6 +46,9 @@
/* Maximum allowed size of key data as used in inquiries. */
#define MAXLEN_KEYDATA 4096
+/* Maximum allowed total data size for SETDATA. */
+#define MAXLEN_SETDATA 4096
+
/* Maximum allowed size of certificate data as used in inquiries. */
#define MAXLEN_CERTDATA 16384
@@ -820,17 +823,24 @@ cmd_readkey (assuan_context_t ctx, char *line)
�
static const char hlp_setdata[] =
- "SETDATA <hexstring> \n"
+ "SETDATA [--append] <hexstring>\n"
"\n"
- "The client should use this command to tell us the data he want to sign.";
+ "The client should use this command to tell us the data he want to sign.\n"
+ "With the option --append, the data is appended to the data set by a\n"
+ "previous SETDATA command.";
static gpg_error_t
cmd_setdata (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
- int n;
+ int append;
+ int n, i, off;
char *p;
unsigned char *buf;
+ append = (ctrl->in_data.value && has_option (line, "--append"));
+
+ line = skip_options (line);
+
if (locked_session && locked_session != ctrl->server_local)
return gpg_error (GPG_ERR_LOCKED);
@@ -844,14 +854,30 @@ cmd_setdata (assuan_context_t ctx, char *line)
if ((n&1))
return set_error (GPG_ERR_ASS_PARAMETER, "odd number of digits");
n /= 2;
+ if (append)
+ {
+ if (ctrl->in_data.valuelen + n > MAXLEN_SETDATA)
+ return set_error (GPG_ERR_TOO_LARGE,
+ "limit on total size of data reached");
+ buf = xtrymalloc (ctrl->in_data.valuelen + n);
+ }
+ else
buf = xtrymalloc (n);
if (!buf)
return out_of_core ();
+ if (append)
+ {
+ memcpy (buf, ctrl->in_data.value, ctrl->in_data.valuelen);
+ off = ctrl->in_data.valuelen;
+ }
+ else
+ off = 0;
+ for (p=line, i=0; i < n; p += 2, i++)
+ buf[off+i] = xtoi_2 (p);
+
ctrl->in_data.value = buf;
- ctrl->in_data.valuelen = n;
- for (p=line, n=0; n < ctrl->in_data.valuelen; p += 2, n++)
- buf[n] = xtoi_2 (p);
+ ctrl->in_data.valuelen = off + n;
return 0;
}
commit c0a20d6124118a91e18aa707d2c1102c67d6798f
Author: Werner Koch <wk at gnupg.org>
Date: Tue Nov 6 14:34:32 2012 +0100
Remove trailing white space from some files
--
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 2a85250..ff26b36 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -118,13 +118,13 @@ static struct {
/* The format of RSA private keys. */
typedef enum
- {
+ {
RSA_UNKNOWN_FMT,
RSA_STD,
RSA_STD_N,
RSA_CRT,
RSA_CRT_N
- }
+ }
rsa_key_format_t;
@@ -141,7 +141,7 @@ struct cache_s {
struct app_local_s {
/* A linked list with cached DOs. */
struct cache_s *cache;
-
+
/* Keep track of the public keys. */
struct
{
@@ -166,7 +166,7 @@ struct app_local_s {
} cardcap;
/* Keep track of extended card capabilities. */
- struct
+ struct
{
unsigned int is_v2:1; /* This is a v2.0 compatible card. */
unsigned int get_challenge:1;
@@ -195,7 +195,7 @@ struct app_local_s {
of this strucuire is only valid if
this is not 0. */
unsigned int e_bits; /* Size of the public exponent in bits. */
- rsa_key_format_t format;
+ rsa_key_format_t format;
} keyattr[3];
};
@@ -213,7 +213,7 @@ static gpg_error_t do_auth (app_t app, const char *keyidstr,
unsigned char **outdata, size_t *outdatalen);
static void parse_algorithm_attribute (app_t app, int keyno);
static gpg_error_t change_keyattr_from_string
- (app_t app,
+ (app_t app,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *value, size_t valuelen);
@@ -253,7 +253,7 @@ do_deinit (app_t app)
bypassed. With TRY_EXTLEN extended lengths APDUs are use if
supported by the card. */
static gpg_error_t
-get_cached_data (app_t app, int tag,
+get_cached_data (app_t app, int tag,
unsigned char **result, size_t *resultlen,
int get_immediate, int try_extlen)
{
@@ -280,13 +280,13 @@ get_cached_data (app_t app, int tag,
memcpy (p, c->data, c->length);
*result = p;
}
-
+
*resultlen = c->length;
-
+
return 0;
}
}
-
+
if (try_extlen && app->app_local->cardcap.ext_lc_le)
exmode = app->app_local->extcap.max_rsp_data;
else
@@ -313,7 +313,7 @@ get_cached_data (app_t app, int tag,
/* Okay, cache it. */
for (c=app->app_local->cache; c; c = c->next)
assert (c->tag != tag);
-
+
c = xtrymalloc (sizeof *c + len);
if (c)
{
@@ -439,7 +439,7 @@ get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes,
{
rc = get_cached_data (app, data_objects[i].get_from,
&buffer, &buflen,
- (data_objects[i].dont_cache
+ (data_objects[i].dont_cache
|| data_objects[i].get_immediate_in_v11),
data_objects[i].try_extlen);
if (!rc)
@@ -463,7 +463,7 @@ get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes,
if (!value) /* Not in a constructed DO, try simple. */
{
rc = get_cached_data (app, tag, &buffer, &buflen,
- (data_objects[i].dont_cache
+ (data_objects[i].dont_cache
|| data_objects[i].get_immediate_in_v11),
data_objects[i].try_extlen);
if (!rc)
@@ -490,7 +490,7 @@ dump_all_do (int slot)
int rc, i, j;
unsigned char *buffer;
size_t buflen;
-
+
for (i=0; data_objects[i].tag; i++)
{
if (data_objects[i].get_from)
@@ -501,7 +501,7 @@ dump_all_do (int slot)
rc = iso7816_get_data (slot, 0, data_objects[i].tag, &buffer, &buflen);
if (gpg_err_code (rc) == GPG_ERR_NO_OBJ)
;
- else if (rc)
+ else if (rc)
log_info ("DO `%s' not available: %s\n",
data_objects[i].desc, gpg_strerror (rc));
else
@@ -522,7 +522,7 @@ dump_all_do (int slot)
{
const unsigned char *value;
size_t valuelen;
-
+
if (j==i || data_objects[i].tag != data_objects[j].get_from)
continue;
value = find_tlv_unchecked (buffer, buflen,
@@ -634,7 +634,7 @@ parse_login_data (app_t app)
next:
for (; buflen && *buffer != '\x18'; buflen--, buffer++)
if (*buffer == '\n')
- buflen = 1;
+ buflen = 1;
}
while (buflen);
@@ -642,17 +642,17 @@ parse_login_data (app_t app)
}
/* Note, that FPR must be at least 20 bytes. */
-static gpg_error_t
+static gpg_error_t
store_fpr (app_t app, int keynumber, u32 timestamp,
const unsigned char *m, size_t mlen,
- const unsigned char *e, size_t elen,
+ const unsigned char *e, size_t elen,
unsigned char *fpr, unsigned int card_version)
{
unsigned int n, nbits;
unsigned char *buffer, *p;
int tag, tag2;
int rc;
-
+
for (; mlen && !*m; mlen--, m++) /* strip leading zeroes */
;
for (; elen && !*e; elen--, e++) /* strip leading zeroes */
@@ -662,7 +662,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp,
p = buffer = xtrymalloc (3 + n);
if (!buffer)
return gpg_error_from_syserror ();
-
+
*p++ = 0x99; /* ctb */
*p++ = n >> 8; /* 2 byte length header */
*p++ = n;
@@ -680,7 +680,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp,
*p++ = nbits >> 8;
*p++ = nbits;
memcpy (p, e, elen); p += elen;
-
+
gcry_md_hash_buffer (GCRY_MD_SHA1, fpr, buffer, n+3);
xfree (buffer);
@@ -712,11 +712,11 @@ store_fpr (app_t app, int keynumber, u32 timestamp,
return rc;
}
-
+
static void
send_fpr_if_not_null (ctrl_t ctrl, const char *keyword,
int number, const unsigned char *fpr)
-{
+{
int i;
char buf[41];
char numbuf[25];
@@ -738,7 +738,7 @@ send_fpr_if_not_null (ctrl_t ctrl, const char *keyword,
static void
send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword,
int number, const unsigned char *stamp)
-{
+{
char numbuf1[50], numbuf2[50];
unsigned long value;
@@ -753,7 +753,7 @@ send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword,
}
static void
-send_key_data (ctrl_t ctrl, const char *name,
+send_key_data (ctrl_t ctrl, const char *name,
const unsigned char *a, size_t alen)
{
char *buffer, *buf;
@@ -784,7 +784,7 @@ send_key_data (ctrl_t ctrl, const char *name,
static void
send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number)
-{
+{
char buffer[200];
assert (number >=0 && number < DIM(app->app_local->keyattr));
@@ -801,7 +801,7 @@ send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number)
/* Implement the GETATTR command. This is similar to the LEARN
command but returns just one value via the status interface. */
-static gpg_error_t
+static gpg_error_t
do_getattr (app_t app, ctrl_t ctrl, const char *name)
{
static struct {
@@ -818,7 +818,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
{ "KEY-TIME", 0x00CD, 4 },
{ "KEY-ATTR", 0x0000, -5 },
{ "CA-FPR", 0x00C6, 3 },
- { "CHV-STATUS", 0x00C4, 1 },
+ { "CHV-STATUS", 0x00C4, 1 },
{ "SIG-COUNTER", 0x0093, 2 },
{ "SERIALNO", 0x004F, -1 },
{ "AID", 0x004F },
@@ -839,8 +839,8 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
;
if (!table[idx].name)
- return gpg_error (GPG_ERR_INV_NAME);
-
+ return gpg_error (GPG_ERR_INV_NAME);
+
if (table[idx].special == -1)
{
/* The serial number is very special. We could have used the
@@ -868,7 +868,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
char tmp[100];
snprintf (tmp, sizeof tmp,
- "gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d",
+ "gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d",
app->app_local->extcap.get_challenge,
app->app_local->extcap.key_import,
app->app_local->extcap.change_force_chv,
@@ -891,7 +891,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
{
char *serial;
time_t stamp;
-
+
if (!app_get_serial_and_stamp (app, &serial, &stamp))
{
if (strlen (serial) > 16+12)
@@ -902,7 +902,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
}
xfree (serial);
}
- return gpg_error (GPG_ERR_INV_NAME);
+ return gpg_error (GPG_ERR_INV_NAME);
}
if (table[idx].special == -5)
{
@@ -917,9 +917,9 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
if (table[idx].special == 1)
{
char numbuf[7*23];
-
+
for (i=0,*numbuf=0; i < valuelen && i < 7; i++)
- sprintf (numbuf+strlen (numbuf), " %d", value[i]);
+ sprintf (numbuf+strlen (numbuf), " %d", value[i]);
send_status_info (ctrl, table[idx].name,
numbuf, strlen (numbuf), NULL, 0);
}
@@ -1045,7 +1045,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid,
found_key = 1;
continue;
}
-
+
if ( !strcmp (fields[0], "sub") || !strcmp (fields[0], "pub") )
break; /* Next key - stop. */
@@ -1058,7 +1058,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid,
err = gpg_error (GPG_ERR_GENERAL);
goto leave; /* Error: Invalid key data record or not an RSA key. */
}
-
+
err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_HEX, fields[3], 0, NULL);
if (err)
mpi = NULL;
@@ -1070,7 +1070,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid,
if (err)
goto leave;
}
-
+
if (m_new && e_new)
{
*m = m_new;
@@ -1145,10 +1145,10 @@ get_public_key (app_t app, int keyno)
le_value = 256; /* Use legacy value. */
}
- err = iso7816_read_public_key
+ err = iso7816_read_public_key
(app->slot, exmode,
(const unsigned char*)(keyno == 0? "\xB6" :
- keyno == 1? "\xB8" : "\xA4"), 2,
+ keyno == 1? "\xB8" : "\xA4"), 2,
le_value,
&buffer, &buflen);
if (err)
@@ -1164,7 +1164,7 @@ get_public_key (app_t app, int keyno)
log_error (_("response does not contain the public key data\n"));
goto leave;
}
-
+
m = find_tlv (keydata, keydatalen, 0x0081, &mlen);
if (!m)
{
@@ -1172,7 +1172,7 @@ get_public_key (app_t app, int keyno)
log_error (_("response does not contain the RSA modulus\n"));
goto leave;
}
-
+
e = find_tlv (keydata, keydatalen, 0x0082, &elen);
if (!e)
@@ -1275,7 +1275,7 @@ get_public_key (app_t app, int keyno)
err = gpg_error_from_syserror ();
goto leave;
}
-
+
sprintf (keybuf, "(10:public-key(3:rsa(1:n%u:", (unsigned int) mlen);
keybuf_p = keybuf + strlen (keybuf);
memcpy (keybuf_p, m, mlen);
@@ -1286,7 +1286,7 @@ get_public_key (app_t app, int keyno)
keybuf_p += elen;
strcpy (keybuf_p, ")))");
keybuf_p += strlen (keybuf_p);
-
+
app->app_local->pk[keyno].key = (unsigned char*)keybuf;
app->app_local->pk[keyno].keylen = (keybuf_p - keybuf);
@@ -1319,7 +1319,7 @@ send_keypair_info (app_t app, ctrl_t ctrl, int keyno)
err = get_public_key (app, keyno);
if (err)
goto leave;
-
+
assert (keyno >= 1 && keyno <= 3);
if (!app->app_local->pk[keyno-1].key)
goto leave; /* No such key - ignore. */
@@ -1329,19 +1329,19 @@ send_keypair_info (app_t app, ctrl_t ctrl, int keyno)
grip);
if (err)
goto leave;
-
+
bin2hex (grip, 20, gripstr);
sprintf (idbuf, "OPENPGP.%d", keyno);
- send_status_info (ctrl, "KEYPAIRINFO",
- gripstr, 40,
- idbuf, strlen (idbuf),
+ send_status_info (ctrl, "KEYPAIRINFO",
+ gripstr, 40,
+ idbuf, strlen (idbuf),
NULL, (size_t)0);
leave:
#endif /* GNUPG_MAJOR_VERSION > 1 */
- return err;
+ return err;
}
@@ -1350,7 +1350,7 @@ static gpg_error_t
do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
{
(void)flags;
-
+
do_getattr (app, ctrl, "EXTCAP");
do_getattr (app, ctrl, "DISP-NAME");
do_getattr (app, ctrl, "DISP-LANG");
@@ -1533,16 +1533,16 @@ verify_a_chv (app_t app,
else
prompt = _("||Please enter the PIN");
-
+
if (!opt.disable_keypad
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
{
/* The reader supports the verify command through the keypad.
Note that the pincb appends a text to the prompt telling the
user to use the keypad. */
- rc = pincb (pincb_arg, prompt, NULL);
+ rc = pincb (pincb_arg, prompt, NULL);
prompt = NULL;
- xfree (prompt_buffer);
+ xfree (prompt_buffer);
prompt_buffer = NULL;
if (rc)
{
@@ -1559,9 +1559,9 @@ verify_a_chv (app_t app,
else
{
/* The reader has no keypad or we don't want to use it. */
- rc = pincb (pincb_arg, prompt, pinvalue);
+ rc = pincb (pincb_arg, prompt, pinvalue);
prompt = NULL;
- xfree (prompt_buffer);
+ xfree (prompt_buffer);
prompt_buffer = NULL;
if (rc)
{
@@ -1569,7 +1569,7 @@ verify_a_chv (app_t app,
gpg_strerror (rc));
return rc;
}
-
+
if (strlen (*pinvalue) < minlen)
{
log_error (_("PIN for CHV%d is too short;"
@@ -1582,7 +1582,7 @@ verify_a_chv (app_t app,
rc = iso7816_verify (app->slot, 0x80+chvno,
*pinvalue, strlen (*pinvalue));
}
-
+
if (rc)
{
log_error (_("verify CHV%d failed: %s\n"), chvno, gpg_strerror (rc));
@@ -1605,14 +1605,14 @@ verify_chv2 (app_t app,
int rc;
char *pinvalue;
- if (app->did_chv2)
+ if (app->did_chv2)
return 0; /* We already verified CHV2. */
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
if (rc)
return rc;
app->did_chv2 = 1;
-
+
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
{
/* For convenience we verify CHV1 here too. We do this only if
@@ -1639,7 +1639,7 @@ verify_chv2 (app_t app,
/* Build the prompt to enter the Admin PIN. The prompt depends on the
current sdtate of the card. */
-static gpg_error_t
+static gpg_error_t
build_enter_admin_pin_prompt (app_t app, char **r_prompt)
{
void *relptr;
@@ -1665,7 +1665,7 @@ build_enter_admin_pin_prompt (app_t app, char **r_prompt)
}
remaining = value[6];
xfree (relptr);
-
+
log_info(_("%d Admin PIN attempts remaining before card"
" is permanently locked\n"), remaining);
@@ -1678,10 +1678,10 @@ build_enter_admin_pin_prompt (app_t app, char **r_prompt)
}
else
prompt = xtrystrdup (_("|A|Please enter the Admin PIN"));
-
+
if (!prompt)
return gpg_error_from_syserror ();
-
+
*r_prompt = prompt;
return 0;
}
@@ -1702,8 +1702,8 @@ verify_chv3 (app_t app,
return gpg_error (GPG_ERR_EACCES);
}
#endif
-
- if (!app->did_chv3)
+
+ if (!app->did_chv3)
{
iso7816_pininfo_t pininfo;
int minlen = 8;
@@ -1721,7 +1721,7 @@ verify_chv3 (app_t app,
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
{
/* The reader supports the verify command through the keypad. */
- rc = pincb (pincb_arg, prompt, NULL);
+ rc = pincb (pincb_arg, prompt, NULL);
xfree (prompt);
prompt = NULL;
if (rc)
@@ -1738,7 +1738,7 @@ verify_chv3 (app_t app,
{
char *pinvalue;
- rc = pincb (pincb_arg, prompt, &pinvalue);
+ rc = pincb (pincb_arg, prompt, &pinvalue);
xfree (prompt);
prompt = NULL;
if (rc)
@@ -1747,7 +1747,7 @@ verify_chv3 (app_t app,
gpg_strerror (rc));
return rc;
}
-
+
if (strlen (pinvalue) < minlen)
{
log_error (_("PIN for CHV%d is too short;"
@@ -1755,11 +1755,11 @@ verify_chv3 (app_t app,
xfree (pinvalue);
return gpg_error (GPG_ERR_BAD_PIN);
}
-
+
rc = iso7816_verify (app->slot, 0x83, pinvalue, strlen (pinvalue));
xfree (pinvalue);
}
-
+
if (rc)
{
log_error (_("verify CHV%d failed: %s\n"), 3, gpg_strerror (rc));
@@ -1774,7 +1774,7 @@ verify_chv3 (app_t app,
/* Handle the SETATTR operation. All arguments are already basically
checked. */
-static gpg_error_t
+static gpg_error_t
do_setattr (app_t app, const char *name,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
@@ -1813,7 +1813,7 @@ do_setattr (app_t app, const char *name,
for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++)
;
if (!table[idx].name)
- return gpg_error (GPG_ERR_INV_NAME);
+ return gpg_error (GPG_ERR_INV_NAME);
if (table[idx].need_v2 && !app->app_local->extcap.is_v2)
return gpg_error (GPG_ERR_NOT_SUPPORTED); /* Not yet supported. */
@@ -1864,7 +1864,7 @@ do_setattr (app_t app, const char *name,
callback. */
static gpg_error_t
do_writecert (app_t app, ctrl_t ctrl,
- const char *certidstr,
+ const char *certidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const unsigned char *certdata, size_t certdatalen)
@@ -1902,8 +1902,8 @@ do_writecert (app_t app, ctrl_t ctrl,
- 2 2 Verify Reset Code and set a new PW1.
- 3 any Verify CHV3/PW3 and set a new CHV3/PW3.
*/
-static gpg_error_t
-do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
+static gpg_error_t
+do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
unsigned int flags,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg)
@@ -1947,7 +1947,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
/* On a v1.x card CHV1 and CVH2 should always have the same
value, thus we enforce it here. */
int save_force = app->force_chv1;
-
+
app->force_chv1 = 0;
app->did_chv1 = 0;
app->did_chv2 = 0;
@@ -1979,7 +1979,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
rc = verify_chv3 (app, pincb, pincb_arg);
if (rc)
goto leave;
-
+
if (chvno == 2)
set_resetcode = 1;
}
@@ -2244,7 +2244,7 @@ does_key_exist (app_t app, int keyidx, int generating, int force)
of tag and length. A LENGTH greater than 65535 is truncated. */
static size_t
add_tlv (unsigned char *buffer, unsigned int tag, size_t length)
-{
+{
unsigned char *p = buffer;
assert (tag <= 0xffff);
@@ -2370,15 +2370,15 @@ build_privkey_template (app_t app, int keyno,
/* Right justify E. */
memmove (tp + rsa_e_reqlen - rsa_e_len, tp, rsa_e_len);
memset (tp, 0, rsa_e_reqlen - rsa_e_len);
- }
+ }
tp += rsa_e_reqlen;
-
+
memcpy (tp, rsa_p, rsa_p_len);
tp += rsa_p_len;
-
+
memcpy (tp, rsa_q, rsa_q_len);
tp += rsa_q_len;
-
+
if (app->app_local->keyattr[keyno].format == RSA_STD_N
|| app->app_local->keyattr[keyno].format == RSA_CRT_N)
{
@@ -2423,7 +2423,7 @@ change_keyattr (app_t app, int keyno, unsigned int nbits,
xfree (relptr);
return gpg_error (GPG_ERR_CARD);
}
-
+
/* We only change n_bits and don't touch anything else. Before we
do so, we round up NBITS to a sensible way in the same way as
gpg's key generation does it. This may help to sort out problems
@@ -2458,8 +2458,8 @@ change_keyattr (app_t app, int keyno, unsigned int nbits,
/* Helper to process an setattr command for name KEY-ATTR. It expects
a string "--force <keyno> <algo> <nbits>" in (VALUE,VALUELEN). */
-static gpg_error_t
-change_keyattr_from_string (app_t app,
+static gpg_error_t
+change_keyattr_from_string (app_t app,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
const void *value, size_t valuelen)
@@ -2539,13 +2539,13 @@ do_writekey (app_t app, ctrl_t ctrl,
keyno = 2;
else
return gpg_error (GPG_ERR_INV_ID);
-
+
err = does_key_exist (app, keyno, 0, force);
if (err)
return err;
- /*
+ /*
Parse the S-expression
*/
buf = keydata;
@@ -2593,10 +2593,10 @@ do_writekey (app_t app, ctrl_t ctrl,
switch (*tok)
{
- case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break;
- case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break;
- case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break;
- case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break;
+ case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break;
+ case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break;
+ case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break;
+ case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break;
default: mpi = NULL; mpi_len = NULL; break;
}
if (mpi && *mpi)
@@ -2668,7 +2668,7 @@ do_writekey (app_t app, ctrl_t ctrl,
maxbits = app->app_local->keyattr[keyno].n_bits;
nbits = rsa_n? count_bits (rsa_n, rsa_n_len) : 0;
if (opt.verbose)
- log_info ("RSA modulus size is %u bits (%u bytes)\n",
+ log_info ("RSA modulus size is %u bits (%u bytes)\n",
nbits, (unsigned int)rsa_n_len);
if (nbits && nbits != maxbits
&& app->app_local->extcap.algo_attr_change)
@@ -2680,7 +2680,7 @@ do_writekey (app_t app, ctrl_t ctrl,
}
if (nbits != maxbits)
{
- log_error (_("RSA modulus missing or not of size %d bits\n"),
+ log_error (_("RSA modulus missing or not of size %d bits\n"),
(int)maxbits);
err = gpg_error (GPG_ERR_BAD_SECKEY);
goto leave;
@@ -2702,7 +2702,7 @@ do_writekey (app_t app, ctrl_t ctrl,
nbits = rsa_p? count_bits (rsa_p, rsa_p_len) : 0;
if (nbits != maxbits)
{
- log_error (_("RSA prime %s missing or not of size %d bits\n"),
+ log_error (_("RSA prime %s missing or not of size %d bits\n"),
"P", (int)maxbits);
err = gpg_error (GPG_ERR_BAD_SECKEY);
goto leave;
@@ -2710,12 +2710,12 @@ do_writekey (app_t app, ctrl_t ctrl,
nbits = rsa_q? count_bits (rsa_q, rsa_q_len) : 0;
if (nbits != maxbits)
{
- log_error (_("RSA prime %s missing or not of size %d bits\n"),
+ log_error (_("RSA prime %s missing or not of size %d bits\n"),
"Q", (int)maxbits);
err = gpg_error (GPG_ERR_BAD_SECKEY);
goto leave;
}
-
+
/* We need to remove the cached public key. */
xfree (app->app_local->pk[keyno].key);
app->app_local->pk[keyno].key = NULL;
@@ -2728,7 +2728,7 @@ do_writekey (app_t app, ctrl_t ctrl,
/* Build the private key template as described in section 4.3.3.7 of
the OpenPGP card specs version 2.0. */
int exmode;
-
+
err = build_privkey_template (app, keyno,
rsa_n, rsa_n_len,
rsa_e, rsa_e_len,
@@ -2758,8 +2758,8 @@ do_writekey (app_t app, ctrl_t ctrl,
/* Build the private key template as described in section 4.3.3.6 of
the OpenPGP card specs version 1.1:
0xC0 <length> public exponent
- 0xC1 <length> prime p
- 0xC2 <length> prime q
+ 0xC1 <length> prime p
+ 0xC2 <length> prime q
*/
assert (rsa_e_len <= 4);
template_len = (1 + 1 + 4
@@ -2779,21 +2779,21 @@ do_writekey (app_t app, ctrl_t ctrl,
/* Right justify E. */
memmove (tp+4-rsa_e_len, tp, rsa_e_len);
memset (tp, 0, 4-rsa_e_len);
- }
+ }
tp += 4;
-
+
*tp++ = 0xC1;
*tp++ = rsa_p_len;
memcpy (tp, rsa_p, rsa_p_len);
tp += rsa_p_len;
-
+
*tp++ = 0xC2;
*tp++ = rsa_q_len;
memcpy (tp, rsa_q, rsa_q_len);
tp += rsa_q_len;
-
+
assert (tp - template == template_len);
-
+
/* Prepare for storing the key. */
err = verify_chv3 (app, pincb, pincb_arg);
if (err)
@@ -2809,7 +2809,7 @@ do_writekey (app_t app, ctrl_t ctrl,
log_error (_("failed to store the key: %s\n"), gpg_strerror (err));
goto leave;
}
-
+
err = store_fpr (app, keyno, created_at,
rsa_n, rsa_n_len, rsa_e, rsa_e_len,
fprbuf, app->card_version);
@@ -2824,7 +2824,7 @@ do_writekey (app_t app, ctrl_t ctrl,
/* Handle the GENKEY command. */
-static gpg_error_t
+static gpg_error_t
do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
time_t createtime,
gpg_error_t (*pincb)(void*, const char *, char **),
@@ -2842,7 +2842,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
time_t start_at;
int exmode;
int le_value;
- unsigned int keybits;
+ unsigned int keybits;
if (keyno < 1 || keyno > 3)
return gpg_error (GPG_ERR_INV_ID);
@@ -2866,7 +2866,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
/* Because we send the key parameter back via status lines we need
to put a limit on the max. allowed keysize. 2048 bit will
already lead to a 527 byte long status line and thus a 4096 bit
- key would exceed the Assuan line length limit. */
+ key would exceed the Assuan line length limit. */
keybits = app->app_local->keyattr[keyno].n_bits;
if (keybits > 4096)
return gpg_error (GPG_ERR_TOO_LARGE);
@@ -2884,7 +2884,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
le_value = app->app_local->extcap.max_rsp_data;
/* No need to check le_value because it comes from a 16 bit
value and thus can't create an overflow on a 32 bit
- system. */
+ system. */
}
else
{
@@ -2894,10 +2894,10 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
log_info (_("please wait while key is being generated ...\n"));
start_at = time (NULL);
- rc = iso7816_generate_keypair
+ rc = iso7816_generate_keypair
/* # warning key generation temporary replaced by reading an existing key. */
/* rc = iso7816_read_public_key */
- (app->slot, exmode,
+ (app->slot, exmode,
(const unsigned char*)(keyno == 0? "\xB6" :
keyno == 1? "\xB8" : "\xA4"), 2,
le_value,
@@ -2918,7 +2918,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
log_error (_("response does not contain the public key data\n"));
goto leave;
}
-
+
m = find_tlv (keydata, keydatalen, 0x0081, &mlen);
if (!m)
{
@@ -2995,7 +2995,7 @@ compare_fingerprint (app_t app, int keyno, unsigned char *sha1fpr)
unsigned char *buffer;
size_t buflen, n;
int rc, i;
-
+
assert (keyno >= 1 && keyno <= 3);
rc = get_cached_data (app, 0x006E, &buffer, &buflen, 0, 0);
@@ -3059,12 +3059,12 @@ check_against_given_fingerprint (app_t app, const char *fpr, int keyno)
Note that this function may return the error code
GPG_ERR_WRONG_CARD to indicate that the card currently present does
not match the one required for the requested action (e.g. the
- serial number does not match).
-
+ serial number does not match).
+
As a special feature a KEYIDSTR of "OPENPGP.3" redirects the
operation to the auth command.
*/
-static gpg_error_t
+static gpg_error_t
do_sign (app_t app, const char *keyidstr, int hashalgo,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
@@ -3116,7 +3116,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
{ \
indata = (const char*)indata + sizeof b ## _prefix; \
indatalen -= sizeof b ## _prefix; \
- }
+ }
if (indatalen == 20)
; /* Assume a plain SHA-1 or RMD160 digest has been given. */
@@ -3126,7 +3126,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
else X(SHA256, sha256, 32, app->app_local->extcap.is_v2)
else X(SHA384, sha384, 48, app->app_local->extcap.is_v2)
else X(SHA512, sha512, 64, app->app_local->extcap.is_v2)
- else if ((indatalen == 28 || indatalen == 32
+ else if ((indatalen == 28 || indatalen == 32
|| indatalen == 48 || indatalen ==64)
&& app->app_local->extcap.is_v2)
; /* Assume a plain SHA-3 digest has been given. */
@@ -3155,7 +3155,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
else if (!*s)
; /* no fingerprint given: we allow this for now. */
else if (*s == '/')
- fpr = s + 1;
+ fpr = s + 1;
else
return gpg_error (GPG_ERR_INV_ID);
@@ -3186,7 +3186,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
assert (datalen <= sizeof data); \
memcpy (data, b ## _prefix, sizeof b ## _prefix); \
memcpy (data + sizeof b ## _prefix, indata, indatalen); \
- }
+ }
X(SHA1, sha1, 1)
else X(RMD160, rmd160, 1)
@@ -3194,7 +3194,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
else X(SHA256, sha256, app->app_local->extcap.is_v2)
else X(SHA384, sha384, app->app_local->extcap.is_v2)
else X(SHA512, sha512, app->app_local->extcap.is_v2)
- else
+ else
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
#undef X
@@ -3211,7 +3211,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
log_info (_("signatures created so far: %lu\n"), sigcount);
/* Check CHV if needed. */
- if (!app->did_chv1 || app->force_chv1 )
+ if (!app->did_chv1 || app->force_chv1 )
{
char *pinvalue;
@@ -3252,7 +3252,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
else
{
exmode = 0;
- le_value = 0;
+ le_value = 0;
}
rc = iso7816_compute_ds (app->slot, exmode, data, datalen, le_value,
outdata, outdatalen);
@@ -3269,7 +3269,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
GPG_ERR_WRONG_CARD to indicate that the card currently present does
not match the one required for the requested action (e.g. the
serial number does not match). */
-static gpg_error_t
+static gpg_error_t
do_auth (app_t app, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
@@ -3301,13 +3301,13 @@ do_auth (app_t app, const char *keyidstr,
else if (!*s)
; /* no fingerprint given: we allow this for now. */
else if (*s == '/')
- fpr = s + 1;
+ fpr = s + 1;
else
return gpg_error (GPG_ERR_INV_ID);
for (s=keyidstr, n=0; n < 16; s += 2, n++)
tmp_sn[n] = xtoi_2 (s);
-
+
if (app->serialnolen != 16)
return gpg_error (GPG_ERR_INV_CARD);
if (memcmp (app->serialno, tmp_sn, 16))
@@ -3337,7 +3337,7 @@ do_auth (app_t app, const char *keyidstr,
else
{
exmode = 0;
- le_value = 0;
+ le_value = 0;
}
rc = iso7816_internal_authenticate (app->slot, exmode,
indata, indatalen, le_value,
@@ -3347,7 +3347,7 @@ do_auth (app_t app, const char *keyidstr,
}
-static gpg_error_t
+static gpg_error_t
do_decipher (app_t app, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg,
@@ -3378,13 +3378,13 @@ do_decipher (app_t app, const char *keyidstr,
else if (!*s)
; /* no fingerprint given: we allow this for now. */
else if (*s == '/')
- fpr = s + 1;
+ fpr = s + 1;
else
return gpg_error (GPG_ERR_INV_ID);
-
+
for (s=keyidstr, n=0; n < 16; s += 2, n++)
tmp_sn[n] = xtoi_2 (s);
-
+
if (app->serialnolen != 16)
return gpg_error (GPG_ERR_INV_CARD);
if (memcmp (app->serialno, tmp_sn, 16))
@@ -3437,7 +3437,7 @@ do_decipher (app_t app, const char *keyidstr,
fixbuf = xtrymalloc (fixuplen + indatalen);
if (!fixbuf)
return gpg_error_from_syserror ();
-
+
memset (fixbuf, 0, fixuplen);
memcpy (fixbuf+fixuplen, indata, indatalen);
indata = fixbuf;
@@ -3456,9 +3456,9 @@ do_decipher (app_t app, const char *keyidstr,
le_value = 0;
}
else
- exmode = le_value = 0;
+ exmode = le_value = 0;
- rc = iso7816_decipher (app->slot, exmode,
+ rc = iso7816_decipher (app->slot, exmode,
indata, indatalen, le_value, padind,
outdata, outdatalen);
xfree (fixbuf);
@@ -3478,12 +3478,12 @@ do_decipher (app_t app, const char *keyidstr,
There is a special mode if the keyidstr is "<serialno>[CHV3]" with
the "[CHV3]" being a literal string: The Admin Pin is checked if
and only if the retry counter is still at 3. */
-static gpg_error_t
+static gpg_error_t
do_check_pin (app_t app, const char *keyidstr,
gpg_error_t (*pincb)(void*, const char *, char **),
void *pincb_arg)
{
- unsigned char tmp_sn[20];
+ unsigned char tmp_sn[20];
const char *s;
int n;
int admin_pin = 0;
@@ -3494,7 +3494,7 @@ do_check_pin (app_t app, const char *keyidstr,
/* Check whether an OpenPGP card of any version has been requested. */
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
return gpg_error (GPG_ERR_INV_ID);
-
+
for (s=keyidstr, n=0; hexdigitp (s); s++, n++)
;
if (n != 32)
@@ -3527,7 +3527,7 @@ do_check_pin (app_t app, const char *keyidstr,
unsigned char *value;
size_t valuelen;
int count;
-
+
relptr = get_one_do (app, 0x00C4, &value, &valuelen, NULL);
if (!relptr || valuelen < 7)
{
@@ -3588,7 +3588,7 @@ show_caps (struct app_local_s *s)
/* Parse the historical bytes in BUFFER of BUFLEN and store them in
APPLOC. */
static void
-parse_historical (struct app_local_s *apploc,
+parse_historical (struct app_local_s *apploc,
const unsigned char * buffer, size_t buflen)
{
/* Example buffer: 00 31 C5 73 C0 01 80 00 90 00 */
@@ -3600,9 +3600,9 @@ parse_historical (struct app_local_s *apploc,
if (*buffer)
{
log_error ("warning: bad category indicator in historical bytes\n");
- return;
+ return;
}
-
+
/* Skip category indicator. */
buffer++;
buflen--;
@@ -3637,9 +3637,9 @@ parse_historical (struct app_local_s *apploc,
/* Parse and optionally show the algorithm attributes for KEYNO.
KEYNO must be in the range 0..2. */
-static void
+static void
parse_algorithm_attribute (app_t app, int keyno)
-{
+{
unsigned char *buffer;
size_t buflen;
void *relptr;
@@ -3648,7 +3648,7 @@ parse_algorithm_attribute (app_t app, int keyno)
assert (keyno >=0 && keyno <= 2);
app->app_local->keyattr[keyno].n_bits = 0;
-
+
relptr = get_one_do (app, 0xC1+keyno, &buffer, &buflen, NULL);
if (!relptr)
{
@@ -3675,7 +3675,7 @@ parse_algorithm_attribute (app_t app, int keyno)
app->app_local->keyattr[keyno].format = (buffer[5] == 0? RSA_STD :
buffer[5] == 1? RSA_STD_N :
buffer[5] == 2? RSA_CRT :
- buffer[5] == 3? RSA_CRT_N :
+ buffer[5] == 3? RSA_CRT_N :
RSA_UNKNOWN_FMT);
if (opt.verbose)
@@ -3705,7 +3705,7 @@ app_select_openpgp (app_t app)
unsigned char *buffer;
size_t buflen;
void *relptr;
-
+
/* Note that the card can't cope with P2=0xCO, thus we need to pass a
special flag value. */
rc = iso7816_select_application (slot, aid, sizeof aid, 0x0001);
@@ -3798,7 +3798,7 @@ app_select_openpgp (app_t app)
{
/* Available with v2 cards. */
app->app_local->extcap.sm_aes128 = (buffer[1] == 1);
- app->app_local->extcap.max_get_challenge
+ app->app_local->extcap.max_get_challenge
= (buffer[2] << 8 | buffer[3]);
app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]);
app->app_local->extcap.max_cmd_data = (buffer[6] << 8 | buffer[7]);
@@ -3819,7 +3819,7 @@ app_select_openpgp (app_t app)
parse_algorithm_attribute (app, 0);
parse_algorithm_attribute (app, 1);
parse_algorithm_attribute (app, 2);
-
+
if (opt.verbose > 1)
dump_all_do (slot);
diff --git a/scd/command.c b/scd/command.c
index 227057e..6053fc6 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -76,7 +76,7 @@ static int reader_disabled;
/* This structure is used to keep track of open readers (slots). */
-struct slot_status_s
+struct slot_status_s
{
int valid; /* True if the other objects are valid. */
int slot; /* Slot number of the reader or -1 if not open. */
@@ -93,11 +93,11 @@ struct slot_status_s
/* Data used to associate an Assuan context with local server data.
This object describes the local properties of one session. */
-struct server_local_s
+struct server_local_s
{
/* We keep a list of all active sessions with the anchor at
SESSION_LIST (see below). This field is used for linking. */
- struct server_local_s *next_session;
+ struct server_local_s *next_session;
/* This object is usually assigned to a CTRL object (which is
globally visible). While enumerating all sessions we sometimes
@@ -113,10 +113,10 @@ struct server_local_s
#else
int event_signal; /* Or 0 if not used. */
#endif
-
+
/* True if the card has been removed and a reset is required to
continue operation. */
- int card_removed;
+ int card_removed;
/* Flag indicating that the application context needs to be released
at the next opportunity. */
@@ -127,7 +127,7 @@ struct server_local_s
/* If set to true we will be terminate ourself at the end of the
this session. */
- int stopme;
+ int stopme;
};
@@ -260,7 +260,7 @@ hex_to_buffer (const char *string, size_t *r_length)
return NULL;
for (s=string, n=0; *s; s++)
{
- if (spacep (s) || *s == ':')
+ if (spacep (s) || *s == ':')
continue;
if (hexdigitp (s) && hexdigitp (s+1))
{
@@ -297,7 +297,7 @@ do_reset (ctrl_t ctrl, int send_reset)
if (send_reset)
{
struct server_local_s *sl;
-
+
for (sl=session_list; sl; sl = sl->next_session)
if (sl->ctrl_backlink
&& sl->ctrl_backlink->reader_slot == slot)
@@ -357,7 +357,7 @@ do_reset (ctrl_t ctrl, int send_reset)
static gpg_error_t
reset_notify (assuan_context_t ctx, char *line)
{
- ctrl_t ctrl = assuan_get_pointer (ctx);
+ ctrl_t ctrl = assuan_get_pointer (ctx);
(void) line;
@@ -503,7 +503,7 @@ open_card (ctrl_t ctrl, const char *apptype)
}
-static const char hlp_serialno[] =
+static const char hlp_serialno[] =
"SERIALNO [<apptype>]\n"
"\n"
"Return the serial number of the card using a status reponse. This\n"
@@ -565,7 +565,7 @@ cmd_serialno (assuan_context_t ctx, char *line)
}
-static const char hlp_learn[] =
+static const char hlp_learn[] =
"LEARN [--force] [--keypairinfo]\n"
"\n"
"Learn all useful information of the currently inserted card. When\n"
@@ -653,7 +653,7 @@ cmd_learn (assuan_context_t ctx, char *line)
char *serial_and_stamp;
char *serial;
time_t stamp;
-
+
rc = app_get_serial_and_stamp (ctrl->app_ctx, &serial, &stamp);
if (rc)
return rc;
@@ -664,11 +664,11 @@ cmd_learn (assuan_context_t ctx, char *line)
return out_of_core ();
rc = 0;
assuan_write_status (ctx, "SERIALNO", serial_and_stamp);
-
+
if (!has_option (line, "--force"))
{
char *command;
-
+
rc = estream_asprintf (&command, "KNOWNCARDP %s", serial_and_stamp);
if (rc < 0)
{
@@ -676,7 +676,7 @@ cmd_learn (assuan_context_t ctx, char *line)
return out_of_core ();
}
rc = 0;
- rc = assuan_inquire (ctx, command, NULL, NULL, 0);
+ rc = assuan_inquire (ctx, command, NULL, NULL, 0);
xfree (command);
if (rc)
{
@@ -684,13 +684,13 @@ cmd_learn (assuan_context_t ctx, char *line)
log_error ("inquire KNOWNCARDP failed: %s\n",
gpg_strerror (rc));
xfree (serial_and_stamp);
- return rc;
+ return rc;
}
/* Not canceled, so we have to proceeed. */
}
xfree (serial_and_stamp);
}
-
+
/* Let the application print out its collection of useful status
information. */
if (!rc)
@@ -736,7 +736,7 @@ cmd_readcert (assuan_context_t ctx, char *line)
}
-static const char hlp_readkey[] =
+static const char hlp_readkey[] =
"READKEY <keyid>\n"
"\n"
"Return the public key for the given cert or key ID as a standard\n"
@@ -774,7 +774,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
if (gpg_err_code (rc) != GPG_ERR_UNSUPPORTED_OPERATION)
log_error ("app_readkey failed: %s\n", gpg_strerror (rc));
- else
+ else
{
rc = app_readcert (ctrl->app_ctx, line, &cert, &ncert);
if (rc)
@@ -784,7 +784,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
line = NULL;
if (rc)
goto leave;
-
+
rc = ksba_cert_new (&kc);
if (rc)
{
@@ -819,7 +819,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
�
-static const char hlp_setdata[] =
+static const char hlp_setdata[] =
"SETDATA <hexstring> \n"
"\n"
"The client should use this command to tell us the data he want to sign.";
@@ -857,7 +857,7 @@ cmd_setdata (assuan_context_t ctx, char *line)
-static gpg_error_t
+static gpg_error_t
pin_cb (void *opaque, const char *info, char **retstr)
{
assuan_context_t ctx = opaque;
@@ -877,14 +877,14 @@ pin_cb (void *opaque, const char *info, char **retstr)
rc = estream_asprintf (&command, "POPUPKEYPADPROMPT %s", info);
if (rc < 0)
return gpg_error (gpg_err_code_from_errno (errno));
- rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
- xfree (command);
+ rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
+ xfree (command);
}
else
{
log_debug ("dismiss keypad entry prompt\n");
rc = assuan_inquire (ctx, "DISMISSKEYPADPROMPT",
- &value, &valuelen, MAXLEN_PIN);
+ &value, &valuelen, MAXLEN_PIN);
}
if (!rc)
xfree (value);
@@ -900,8 +900,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
/* Fixme: Write an inquire function which returns the result in
secure memory and check all further handling of the PIN. */
- rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
- xfree (command);
+ rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
+ xfree (command);
if (rc)
return rc;
@@ -916,7 +916,7 @@ pin_cb (void *opaque, const char *info, char **retstr)
}
-static const char hlp_pksign[] =
+static const char hlp_pksign[] =
"PKSIGN [--hash=[rmd160|sha{1,224,256,384,512}|md5]] <hexified_id>\n"
"\n"
"The --hash option is optional; the default is SHA1.";
@@ -945,7 +945,7 @@ cmd_pksign (assuan_context_t ctx, char *line)
else if (has_option (line, "--hash=md5"))
hash_algo = GCRY_MD_MD5;
else if (!strstr (line, "--"))
- hash_algo = GCRY_MD_SHA1;
+ hash_algo = GCRY_MD_SHA1;
else
return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm");
@@ -963,7 +963,7 @@ cmd_pksign (assuan_context_t ctx, char *line)
keyidstr = xtrystrdup (line);
if (!keyidstr)
return out_of_core ();
-
+
rc = app_sign (ctrl->app_ctx,
keyidstr, hash_algo,
pin_cb, ctx,
@@ -988,7 +988,7 @@ cmd_pksign (assuan_context_t ctx, char *line)
}
-static const char hlp_pkauth[] =
+static const char hlp_pkauth[] =
"PKAUTH <hexified_id>";
static gpg_error_t
cmd_pkauth (assuan_context_t ctx, char *line)
@@ -1014,7 +1014,7 @@ cmd_pkauth (assuan_context_t ctx, char *line)
keyidstr = xtrystrdup (line);
if (!keyidstr)
return out_of_core ();
-
+
rc = app_auth (ctrl->app_ctx,
keyidstr,
pin_cb, ctx,
@@ -1038,7 +1038,7 @@ cmd_pkauth (assuan_context_t ctx, char *line)
}
-static const char hlp_pkdecrypt[] =
+static const char hlp_pkdecrypt[] =
"PKDECRYPT <hexified_id>";
static gpg_error_t
cmd_pkdecrypt (assuan_context_t ctx, char *line)
@@ -1059,7 +1059,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
if (!keyidstr)
return out_of_core ();
rc = app_decipher (ctrl->app_ctx,
- keyidstr,
+ keyidstr,
pin_cb, ctx,
ctrl->in_data.value, ctrl->in_data.valuelen,
&outdata, &outdatalen);
@@ -1082,7 +1082,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
}
-static const char hlp_getattr[] =
+static const char hlp_getattr[] =
"GETATTR <name>\n"
"\n"
"This command is used to retrieve data from a smartcard. The\n"
@@ -1121,7 +1121,7 @@ cmd_getattr (assuan_context_t ctx, char *line)
}
-static const char hlp_setattr[] =
+static const char hlp_setattr[] =
"SETATTR <name> <value> \n"
"\n"
"This command is used to store data on a a smartcard. The allowed\n"
@@ -1174,7 +1174,7 @@ cmd_setattr (assuan_context_t ctx, char *orig_line)
}
-static const char hlp_writecert[] =
+static const char hlp_writecert[] =
"WRITECERT <hexified_certid>\n"
"\n"
"This command is used to store a certifciate on a smartcard. The\n"
@@ -1226,7 +1226,7 @@ cmd_writecert (assuan_context_t ctx, char *line)
}
/* Write the certificate to the card. */
- rc = app_writecert (ctrl->app_ctx, ctrl, certid,
+ rc = app_writecert (ctrl->app_ctx, ctrl, certid,
pin_cb, ctx, certdata, certdatalen);
xfree (certid);
xfree (certdata);
@@ -1236,7 +1236,7 @@ cmd_writecert (assuan_context_t ctx, char *line)
}
-static const char hlp_writekey[] =
+static const char hlp_writekey[] =
"WRITEKEY [--force] <keyid> \n"
"\n"
"This command is used to store a secret key on a a smartcard. The\n"
@@ -1303,7 +1303,7 @@ cmd_writekey (assuan_context_t ctx, char *line)
}
-static const char hlp_genkey[] =
+static const char hlp_genkey[] =
"GENKEY [--force] [--timestamp=<isodate>] <no>\n"
"\n"
"Generate a key on-card identified by NO, which is application\n"
@@ -1381,7 +1381,7 @@ cmd_genkey (assuan_context_t ctx, char *line)
}
-static const char hlp_random[] =
+static const char hlp_random[] =
"RANDOM <nbytes>\n"
"\n"
"Get NBYTES of random from the card and send them back as data.\n"
@@ -1398,7 +1398,7 @@ cmd_random (assuan_context_t ctx, char *line)
unsigned char *buffer;
if (!*line)
- return set_error (GPG_ERR_ASS_PARAMETER,
+ return set_error (GPG_ERR_ASS_PARAMETER,
"number of requested bytes missing");
nbytes = strtoul (line, NULL, 0);
@@ -1464,7 +1464,7 @@ cmd_passwd (assuan_context_t ctx, char *line)
if (!ctrl->app_ctx)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
-
+
chvnostr = xtrystrdup (chvnostr);
if (!chvnostr)
return out_of_core ();
@@ -1478,7 +1478,7 @@ cmd_passwd (assuan_context_t ctx, char *line)
}
-static const char hlp_checkpin[] =
+static const char hlp_checkpin[] =
"CHECKPIN <idstr>\n"
"\n"
"Perform a VERIFY operation without doing anything else. This may\n"
@@ -1532,7 +1532,7 @@ cmd_checkpin (assuan_context_t ctx, char *line)
idstr = xtrystrdup (line);
if (!idstr)
return out_of_core ();
-
+
rc = app_check_pin (ctrl->app_ctx, idstr, pin_cb, ctx);
xfree (idstr);
if (rc)
@@ -1543,7 +1543,7 @@ cmd_checkpin (assuan_context_t ctx, char *line)
}
-static const char hlp_lock[] =
+static const char hlp_lock[] =
"LOCK [--wait]\n"
"\n"
"Grant exclusive card access to this session. Note that there is\n"
@@ -1580,14 +1580,14 @@ cmd_lock (assuan_context_t ctx, char *line)
goto retry;
}
#endif /*USE_GNU_PTH*/
-
+
if (rc)
log_error ("cmd_lock failed: %s\n", gpg_strerror (rc));
return rc;
}
-static const char hlp_unlock[] =
+static const char hlp_unlock[] =
"UNLOCK\n"
"\n"
"Release exclusive card access.";
@@ -1615,7 +1615,7 @@ cmd_unlock (assuan_context_t ctx, char *line)
}
-static const char hlp_getinfo[] =
+static const char hlp_getinfo[] =
"GETINFO <what>\n"
"\n"
"Multi purpose command to return certain information. \n"
@@ -1677,7 +1677,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
if (!ctrl->server_local->card_removed && slot != -1)
{
struct slot_status_s *ss;
-
+
if (!(slot >= 0 && slot < DIM(slot_table)))
BUG ();
@@ -1695,7 +1695,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
#else
char *s = NULL;
#endif
-
+
if (s)
rc = assuan_send_data (ctx, s, strlen (s));
else
@@ -1719,7 +1719,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
}
-static const char hlp_restart[] =
+static const char hlp_restart[] =
"RESTART\n"
"\n"
"Restart the current connection; this is a kind of warm reset. It\n"
@@ -1750,7 +1750,7 @@ cmd_restart (assuan_context_t ctx, char *line)
}
-static const char hlp_disconnect[] =
+static const char hlp_disconnect[] =
"DISCONNECT\n"
"\n"
"Disconnect the card if it is not any longer used by other\n"
@@ -1761,14 +1761,14 @@ cmd_disconnect (assuan_context_t ctx, char *line)
ctrl_t ctrl = assuan_get_pointer (ctx);
(void)line;
-
+
ctrl->server_local->disconnect_allowed = 1;
return 0;
}
-static const char hlp_apdu[] =
+static const char hlp_apdu[] =
"APDU [--atr] [--more] [--exlen[=N]] [hexstring]\n"
"\n"
"Send an APDU to the current reader. This command bypasses the high\n"
@@ -1825,7 +1825,7 @@ cmd_apdu (assuan_context_t ctx, char *line)
unsigned char *atr;
size_t atrlen;
char hexbuf[400];
-
+
atr = apdu_get_atr (ctrl->reader_slot, &atrlen);
if (!atr || atrlen > sizeof hexbuf - 2 )
{
@@ -1867,7 +1867,7 @@ cmd_apdu (assuan_context_t ctx, char *line)
}
-static const char hlp_killscd[] =
+static const char hlp_killscd[] =
"KILLSCD\n"
"\n"
"Commit suicide.";
@@ -1901,8 +1901,8 @@ register_commands (assuan_context_t ctx)
{ "PKSIGN", cmd_pksign, hlp_pksign },
{ "PKAUTH", cmd_pkauth, hlp_pkauth },
{ "PKDECRYPT", cmd_pkdecrypt,hlp_pkdecrypt },
- { "INPUT", NULL },
- { "OUTPUT", NULL },
+ { "INPUT", NULL },
+ { "OUTPUT", NULL },
{ "GETATTR", cmd_getattr, hlp_getattr },
{ "SETATTR", cmd_setattr, hlp_setattr },
{ "WRITECERT", cmd_writecert,hlp_writecert },
@@ -1928,7 +1928,7 @@ register_commands (assuan_context_t ctx)
table[i].help);
if (rc)
return rc;
- }
+ }
assuan_set_hello_line (ctx, "GNU Privacy Guard's Smartcard server ready");
assuan_register_reset_notify (ctx, reset_notify);
@@ -1946,7 +1946,7 @@ scd_command_handler (ctrl_t ctrl, int fd)
int rc;
assuan_context_t ctx = NULL;
int stopme;
-
+
rc = assuan_new (&ctx);
if (rc)
{
@@ -2014,7 +2014,7 @@ scd_command_handler (ctrl_t ctrl, int fd)
log_info ("Assuan accept problem: %s\n", gpg_strerror (rc));
break;
}
-
+
rc = assuan_process (ctx);
if (rc)
{
@@ -2024,7 +2024,7 @@ scd_command_handler (ctrl_t ctrl, int fd)
}
/* Cleanup. We don't send an explicit reset to the card. */
- do_reset (ctrl, 0);
+ do_reset (ctrl, 0);
/* Release the server object. */
if (session_list == ctrl->server_local)
@@ -2032,7 +2032,7 @@ scd_command_handler (ctrl_t ctrl, int fd)
else
{
struct server_local_s *sl;
-
+
for (sl=session_list; sl->next_session; sl = sl->next_session)
if (sl->next_session == ctrl->server_local)
break;
@@ -2067,10 +2067,10 @@ send_status_info (ctrl_t ctrl, const char *keyword, ...)
char buf[950], *p;
size_t n;
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
-
+
va_start (arg_ptr, keyword);
- p = buf;
+ p = buf;
n = 0;
while ( (value = va_arg (arg_ptr, const unsigned char *)) )
{
@@ -2120,17 +2120,17 @@ static void
send_client_notifications (void)
{
struct {
- pid_t pid;
+ pid_t pid;
#ifdef HAVE_W32_SYSTEM
HANDLE handle;
#else
- int signo;
+ int signo;
#endif
} killed[50];
int killidx = 0;
int kidx;
struct server_local_s *sl;
-
+
for (sl=session_list; sl; sl = sl->next_session)
{
if (sl->event_signal && sl->assuan_ctx)
@@ -2138,9 +2138,9 @@ send_client_notifications (void)
pid_t pid = assuan_get_pid (sl->assuan_ctx);
#ifdef HAVE_W32_SYSTEM
HANDLE handle = (void *)sl->event_signal;
-
+
for (kidx=0; kidx < killidx; kidx++)
- if (killed[kidx].pid == pid
+ if (killed[kidx].pid == pid
&& killed[kidx].handle == handle)
break;
if (kidx < killidx)
@@ -2162,11 +2162,11 @@ send_client_notifications (void)
}
#else /*!HAVE_W32_SYSTEM*/
int signo = sl->event_signal;
-
+
if (pid != (pid_t)(-1) && pid && signo > 0)
{
for (kidx=0; kidx < killidx; kidx++)
- if (killed[kidx].pid == pid
+ if (killed[kidx].pid == pid
&& killed[kidx].signo == signo)
break;
if (kidx < killidx)
@@ -2217,7 +2217,7 @@ update_reader_status_file (int set_card_removed_flag)
if (!ss->valid || ss->slot == -1)
continue; /* Not valid or reader not yet open. */
-
+
sw_apdu = apdu_get_status (ss->slot, 0, &status, &changed);
if (sw_apdu == SW_HOST_NO_READER)
{
@@ -2231,7 +2231,7 @@ update_reader_status_file (int set_card_removed_flag)
else if (sw_apdu)
{
/* Get status failed. Ignore that. */
- continue;
+ continue;
}
if (!ss->any || ss->status != status || ss->changed != changed )
@@ -2260,14 +2260,14 @@ update_reader_status_file (int set_card_removed_flag)
fclose (fp);
}
xfree (fname);
-
+
/* If a status script is executable, run it. */
{
const char *args[9], *envs[2];
char numbuf1[30], numbuf2[30], numbuf3[30];
char *homestr, *envstr;
gpg_error_t err;
-
+
homestr = make_filename (opt.homedir, NULL);
if (estream_asprintf (&envstr, "GNUPGHOME=%s", homestr) < 0)
log_error ("out of core while building environment\n");
@@ -2280,16 +2280,16 @@ update_reader_status_file (int set_card_removed_flag)
sprintf (numbuf2, "0x%04X", ss->status);
sprintf (numbuf3, "0x%04X", status);
args[0] = "--reader-port";
- args[1] = numbuf1;
+ args[1] = numbuf1;
args[2] = "--old-code";
- args[3] = numbuf2;
+ args[3] = numbuf2;
args[4] = "--new-code";
- args[5] = numbuf3;
+ args[5] = numbuf3;
args[6] = "--status";
args[7] = ((status & 1)? "USABLE":
(status & 4)? "ACTIVE":
(status & 2)? "PRESENT": "NOCARD");
- args[8] = NULL;
+ args[8] = NULL;
fname = make_filename (opt.homedir, "scd-event", NULL);
err = gnupg_spawn_process_detached (fname, args, envs);
@@ -2307,19 +2307,19 @@ update_reader_status_file (int set_card_removed_flag)
SERIALNO request must be done in any case. */
if (ss->any && set_card_removed_flag)
update_card_removed (idx, 1);
-
+
ss->any = 1;
/* Send a signal to all clients who applied for it. */
send_client_notifications ();
}
-
+
/* Check whether a disconnect is pending. */
if (opt.card_timeout)
{
for (sl=session_list; sl; sl = sl->next_session)
if (!sl->disconnect_allowed)
- break;
+ break;
if (session_list && !sl)
{
/* FIXME: Use a real timeout. */
@@ -2328,7 +2328,7 @@ update_reader_status_file (int set_card_removed_flag)
apdu_disconnect (ss->slot);
}
}
-
+
}
}
-----------------------------------------------------------------------
Summary of changes:
g10/call-agent.c | 22 +++--
scd/app-openpgp.c | 310 +++++++++++++++++++++++++++--------------------------
scd/command.c | 208 ++++++++++++++++++++----------------
3 files changed, 291 insertions(+), 249 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list