[git] GnuPG - branch, master, updated. gnupg-2.1.18-121-g6488ffb
by Werner Koch
cvs at cvs.gnupg.org
Wed Feb 22 11:07:49 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 6488ffb767733a2cf92ca5ba3e61fc0c53e0f673 (commit)
via 78d875a0f83bc046279b951aea76cd74f3c44fd8 (commit)
from ef424353f342f80ca6d18ede8b63c1b02215d105 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6488ffb767733a2cf92ca5ba3e61fc0c53e0f673
Author: Werner Koch <wk at gnupg.org>
Date: Wed Feb 22 11:04:55 2017 +0100
agent: Prepend the description to a PIN prompt.
* agent/divert-scd.c (has_percent0A_suffix): New.
(getpin_cb): Prepend DESC_TEXT to the prompt.
* agent/findkey.c (modify_description): Rename to ...
(agent_modify_description): this. MAke global. Add kludge to remove
empty parentheses from the end.
(agent_key_from_file, agent_delete_key): Adjust for above change.
* agent/pksign.c (agent_pksign_do): Modify DESC_TEXT also when
diverting to a card.
--
Now that we have support for multiple tokens, it is important to show
information on which key has been requested. Without that it may
happen that the PIN for a wrong card is accidentally entered.
The texts are a bit ugly, because they talk about "passphrase" but
later about entering a PIN.
A quick hack would be to s/passphrase/PIN/ in the description but that
is complicated due to i18n. Another solution might be never to talk
about PINs in the description but always about "passphrase: and only
use "PIN" or "passphrase" on the left of the entry field.
diff --git a/agent/agent.h b/agent/agent.h
index 22a4d43..e98a246 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -381,6 +381,8 @@ gpg_error_t ssh_search_control_file (ssh_control_file_t cf,
void start_command_handler_ssh (ctrl_t, gnupg_fd_t);
/*-- findkey.c --*/
+gpg_error_t agent_modify_description (const char *in, const char *comment,
+ const gcry_sexp_t key, char **result);
int agent_write_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force);
gpg_error_t agent_key_from_file (ctrl_t ctrl,
diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 5ffb7ea..3164404 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -157,6 +157,18 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
}
+/* Return true if STRING ends in "%0A". */
+static int
+has_percent0A_suffix (const char *string)
+{
+ size_t n;
+
+ return (string
+ && (n = strlen (string)) >= 3
+ && !strcmp (string + n - 3, "%0A"));
+}
+
+
/* Callback used to ask for the PIN which should be set into BUF. The
buf has been allocated by the caller and is of size MAXBUF which
includes the terminating null. The function should return an UTF-8
@@ -246,7 +258,7 @@ getpin_cb (void *opaque, const char *desc_text, const char *info,
{
if (info)
{
- char *desc;
+ char *desc, *desc2;
if ( asprintf (&desc,
L_("%s%%0A%%0AUse the reader's pinpad for input."),
@@ -254,12 +266,22 @@ getpin_cb (void *opaque, const char *desc_text, const char *info,
rc = gpg_error_from_syserror ();
else
{
- rc = agent_popup_message_start (ctrl, desc, NULL);
+ /* Prepend DESC_TEXT to INFO. */
+ if (desc_text)
+ desc2 = strconcat (desc_text,
+ has_percent0A_suffix (desc_text)
+ ? "%0A" : "%0A%0A",
+ desc, NULL);
+ else
+ desc2 = NULL;
+ rc = agent_popup_message_start (ctrl,
+ desc2? desc2:desc, NULL);
+ xfree (desc2);
xfree (desc);
}
}
else
- rc = agent_popup_message_start (ctrl, NULL, NULL);
+ rc = agent_popup_message_start (ctrl, desc_text, NULL);
}
else
rc = gpg_error (GPG_ERR_INV_VALUE);
@@ -280,7 +302,19 @@ getpin_cb (void *opaque, const char *desc_text, const char *info,
if (any_flags)
{
- rc = agent_askpin (ctrl, info, prompt, again_text, pi, NULL, 0);
+ {
+ char *desc2;
+
+ if (desc_text)
+ desc2 = strconcat (desc_text,
+ has_percent0A_suffix (desc_text)
+ ? "%0A" : "%0A%0A",
+ info, NULL);
+ else
+ desc2 = NULL;
+ rc = agent_askpin (ctrl, desc2, prompt, again_text, pi, NULL, 0);
+ xfree (desc2);
+ }
again_text = NULL;
if (!rc && newpin)
{
@@ -319,14 +353,24 @@ getpin_cb (void *opaque, const char *desc_text, const char *info,
}
else
{
- char *desc;
+ char *desc, *desc2;
+
if ( asprintf (&desc,
L_("Please enter the PIN%s%s%s to unlock the card"),
info? " (":"",
info? info:"",
info? ")":"") < 0)
desc = NULL;
- rc = agent_askpin (ctrl, desc?desc:info, prompt, NULL, pi, NULL, 0);
+ if (desc_text)
+ desc2 = strconcat (desc_text,
+ has_percent0A_suffix (desc_text)
+ ? "%0A" : "%0A%0A",
+ desc, NULL);
+ else
+ desc2 = NULL;
+ rc = agent_askpin (ctrl, desc2? desc2 : desc? desc : info,
+ prompt, NULL, pi, NULL, 0);
+ xfree (desc2);
xfree (desc);
}
diff --git a/agent/findkey.c b/agent/findkey.c
index 698f765..ac74fa9 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -321,9 +321,9 @@ try_unprotect_cb (struct pin_entry_info_s *pi)
The functions returns 0 on success or an error code. On success a
newly allocated string is stored at the address of RESULT.
*/
-static gpg_error_t
-modify_description (const char *in, const char *comment, const gcry_sexp_t key,
- char **result)
+gpg_error_t
+agent_modify_description (const char *in, const char *comment,
+ const gcry_sexp_t key, char **result)
{
size_t comment_length;
size_t in_len;
@@ -332,12 +332,19 @@ modify_description (const char *in, const char *comment, const gcry_sexp_t key,
size_t i;
int special, pass;
char *ssh_fpr = NULL;
+ char *p;
+
+ *result = NULL;
+
+ if (!comment)
+ comment = "";
comment_length = strlen (comment);
in_len = strlen (in);
/* First pass calculates the length, second pass does the actual
copying. */
+ /* FIXME: This can be simplified by using es_fopenmem. */
out = NULL;
out_len = 0;
for (pass=0; pass < 2; pass++)
@@ -427,8 +434,23 @@ modify_description (const char *in, const char *comment, const gcry_sexp_t key,
}
*out = 0;
- assert (*result + out_len == out);
+ log_assert (*result + out_len == out);
xfree (ssh_fpr);
+
+ /* The ssh prompt may sometimes end in
+ * "...%0A ()"
+ * The empty parentheses doesn't look very good. We use this hack
+ * here to remove them as well as the indentation spaces. */
+ p = *result;
+ i = strlen (p);
+ if (i > 2 && !strcmp (p + i - 2, "()"))
+ {
+ p += i - 2;
+ *p-- = 0;
+ while (p > *result && spacep (p))
+ *p-- = 0;
+ }
+
return 0;
}
@@ -874,8 +896,8 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
desc_text_final = NULL;
if (desc_text)
- rc = modify_description (desc_text, comment? comment:"", s_skey,
- &desc_text_final);
+ rc = agent_modify_description (desc_text, comment, s_skey,
+ &desc_text_final);
gcry_free (comment);
if (!rc)
@@ -1453,8 +1475,8 @@ agent_delete_key (ctrl_t ctrl, const char *desc_text,
}
if (desc_text)
- err = modify_description (desc_text, comment? comment:"", s_skey,
- &desc_text_final);
+ err = agent_modify_description (desc_text, comment, s_skey,
+ &desc_text_final);
if (err)
goto leave;
diff --git a/agent/pksign.c b/agent/pksign.c
index 4a5daed..3b2fcc4 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -285,7 +285,8 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
cache_mode_t cache_mode, lookup_ttl_t lookup_ttl,
const void *overridedata, size_t overridedatalen)
{
- gcry_sexp_t s_skey = NULL, s_sig = NULL;
+ gcry_sexp_t s_skey = NULL;
+ gcry_sexp_t s_sig = NULL;
gcry_sexp_t s_hash = NULL;
gcry_sexp_t s_pkey = NULL;
unsigned char *shadow_info = NULL;
@@ -346,10 +347,18 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
is_ECDSA = 1;
}
- rc = divert_pksign (ctrl, desc_text,
- data, datalen,
- ctrl->digest.algo,
- shadow_info, &buf, &len);
+ {
+ char *desc2 = NULL;
+
+ if (desc_text)
+ agent_modify_description (desc_text, NULL, s_skey, &desc2);
+
+ rc = divert_pksign (ctrl, desc2? desc2 : desc_text,
+ data, datalen,
+ ctrl->digest.algo,
+ shadow_info, &buf, &len);
+ xfree (desc2);
+ }
if (rc)
{
log_error ("smartcard signing failed: %s\n", gpg_strerror (rc));
commit 78d875a0f83bc046279b951aea76cd74f3c44fd8
Author: Werner Koch <wk at gnupg.org>
Date: Wed Feb 22 09:40:50 2017 +0100
agent: Prepare to pass an additional parameter to the getpin callback.
* agent/call-scd.c (writekey_parm_s, inq_needpin_s): Merge into ...
(inq_needpin_parm_s): new struct. Add new field 'getpin_cb_desc'.
Change users to set all fields.
(inq_needpin): Pass GETPIN_CB_DESC to the GETPIN_CB.
(agent_card_pksign): Add arg 'desc_text' and change arg 'getpin_cb' to
take an additional arg 'desc_text'.
(agent_card_pkdecrypt): Ditto.
(agent_card_writekey): Change arg 'getpin_cb' to take an additional
arg 'desc_text'.
(agent_card_scd): Ditto.
* agent/divert-scd.c (getpin_cb): Add new arg 'desc_text'.
(divert_pksign): Add new arg 'desc_text' and pass is to
agent_card_pksign.
(divert_pkdecrypt): Add new arg 'desc_text' and pass is to
agent_card_pkdecrypt.
* agent/pkdecrypt.c (agent_pkdecrypt): Pass DESC_TEXT to
divert_pkdecrypt.
* agent/pksign.c (agent_pksign_do): Pass DESC_TEXT to
divert_pksign.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/agent/agent.h b/agent/agent.h
index 2a722fd..22a4d43 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -505,11 +505,11 @@ void agent_reload_trustlist (void);
/*-- divert-scd.c --*/
-int divert_pksign (ctrl_t ctrl,
+int divert_pksign (ctrl_t ctrl, const char *desc_text,
const unsigned char *digest, size_t digestlen, int algo,
const unsigned char *shadow_info, unsigned char **r_sig,
size_t *r_siglen);
-int divert_pkdecrypt (ctrl_t ctrl,
+int divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
const unsigned char *cipher,
const unsigned char *shadow_info,
char **r_buf, size_t *r_len, int *r_padding);
@@ -536,15 +536,19 @@ int agent_card_learn (ctrl_t ctrl,
int agent_card_serialno (ctrl_t ctrl, char **r_serialno, const char *demand);
int agent_card_pksign (ctrl_t ctrl,
const char *keyid,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg,
+ const char *desc_text,
int mdalgo,
const unsigned char *indata, size_t indatalen,
unsigned char **r_buf, size_t *r_buflen);
int agent_card_pkdecrypt (ctrl_t ctrl,
const char *keyid,
- int (*getpin_cb)(void *, const char *, char*,size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*,size_t),
void *getpin_cb_arg,
+ const char *desc_text,
const unsigned char *indata, size_t indatalen,
char **r_buf, size_t *r_buflen, int *r_padding);
int agent_card_readcert (ctrl_t ctrl,
@@ -553,12 +557,14 @@ int agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf);
int agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
const char *id, const char *keydata,
size_t keydatalen,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg);
gpg_error_t agent_card_getattr (ctrl_t ctrl, const char *name, char **result);
gpg_error_t agent_card_cardlist (ctrl_t ctrl, strlist_t *result);
int agent_card_scd (ctrl_t ctrl, const char *cmdline,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg, void *assuan_context);
diff --git a/agent/call-scd.c b/agent/call-scd.c
index 8d46b90..c86eb74 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -79,14 +79,21 @@ struct learn_parm_s
void *sinfo_cb_arg;
};
-struct inq_needpin_s
+
+/* Callback parameter used by inq_getpin and inq_writekey_parms. */
+struct inq_needpin_parm_s
{
assuan_context_t ctx;
- int (*getpin_cb)(void *, const char *, char*, size_t);
+ int (*getpin_cb)(void *, const char *, const char *, char*, size_t);
void *getpin_cb_arg;
+ const char *getpin_cb_desc;
assuan_context_t passthru; /* If not NULL, pass unknown inquiries
up to the caller. */
int any_inq_seen;
+
+ /* The next fields are used by inq_writekey_parm. */
+ const unsigned char *keydata;
+ size_t keydatalen;
};
@@ -714,7 +721,7 @@ agent_card_serialno (ctrl_t ctrl, char **r_serialno, const char *demand)
static gpg_error_t
inq_needpin (void *opaque, const char *line)
{
- struct inq_needpin_s *parm = opaque;
+ struct inq_needpin_parm_s *parm = opaque;
const char *s;
char *pin;
size_t pinlen;
@@ -729,18 +736,21 @@ inq_needpin (void *opaque, const char *line)
if (!pin)
return out_of_core ();
- rc = parm->getpin_cb (parm->getpin_cb_arg, line, pin, pinlen);
+ rc = parm->getpin_cb (parm->getpin_cb_arg, parm->getpin_cb_desc,
+ line, pin, pinlen);
if (!rc)
rc = assuan_send_data (parm->ctx, pin, pinlen);
xfree (pin);
}
else if ((s = has_leading_keyword (line, "POPUPPINPADPROMPT")))
{
- rc = parm->getpin_cb (parm->getpin_cb_arg, s, NULL, 1);
+ rc = parm->getpin_cb (parm->getpin_cb_arg, parm->getpin_cb_desc,
+ s, NULL, 1);
}
else if ((s = has_leading_keyword (line, "DISMISSPINPADPROMPT")))
{
- rc = parm->getpin_cb (parm->getpin_cb_arg, "", NULL, 0);
+ rc = parm->getpin_cb (parm->getpin_cb_arg, parm->getpin_cb_desc,
+ "", NULL, 0);
}
else if (parm->passthru)
{
@@ -824,13 +834,17 @@ cancel_inquire (ctrl_t ctrl, gpg_error_t rc)
return rc;
}
+
/* Create a signature using the current card. MDALGO is either 0 or
- gives the digest algorithm. */
+ * gives the digest algorithm. DESC_TEXT is an additional parameter
+ * passed to GETPIN_CB. */
int
agent_card_pksign (ctrl_t ctrl,
const char *keyid,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg,
+ const char *desc_text,
int mdalgo,
const unsigned char *indata, size_t indatalen,
unsigned char **r_buf, size_t *r_buflen)
@@ -838,7 +852,7 @@ agent_card_pksign (ctrl_t ctrl,
int rc;
char line[ASSUAN_LINELENGTH];
membuf_t data;
- struct inq_needpin_s inqparm;
+ struct inq_needpin_parm_s inqparm;
*r_buf = NULL;
rc = start_scd (ctrl);
@@ -859,8 +873,12 @@ agent_card_pksign (ctrl_t ctrl,
inqparm.ctx = ctrl->scd_local->ctx;
inqparm.getpin_cb = getpin_cb;
inqparm.getpin_cb_arg = getpin_cb_arg;
+ inqparm.getpin_cb_desc = desc_text;
inqparm.passthru = 0;
inqparm.any_inq_seen = 0;
+ inqparm.keydata = NULL;
+ inqparm.keydatalen = 0;
+
if (ctrl->use_auth_call)
snprintf (line, sizeof line, "PKAUTH %s", keyid);
else
@@ -906,21 +924,24 @@ padding_info_cb (void *opaque, const char *line)
/* Decipher INDATA using the current card. Note that the returned
- value is not an s-expression but the raw data as returned by
- scdaemon. The padding information is stored at R_PADDING with -1
- for not known. */
+ * value is not an s-expression but the raw data as returned by
+ * scdaemon. The padding information is stored at R_PADDING with -1
+ * for not known. DESC_TEXT is an additional parameter passed to
+ * GETPIN_CB. */
int
agent_card_pkdecrypt (ctrl_t ctrl,
const char *keyid,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg,
+ const char *desc_text,
const unsigned char *indata, size_t indatalen,
char **r_buf, size_t *r_buflen, int *r_padding)
{
int rc, i;
char *p, line[ASSUAN_LINELENGTH];
membuf_t data;
- struct inq_needpin_s inqparm;
+ struct inq_needpin_parm_s inqparm;
size_t len;
*r_buf = NULL;
@@ -951,8 +972,11 @@ agent_card_pkdecrypt (ctrl_t ctrl,
inqparm.ctx = ctrl->scd_local->ctx;
inqparm.getpin_cb = getpin_cb;
inqparm.getpin_cb_arg = getpin_cb_arg;
+ inqparm.getpin_cb_desc = desc_text;
inqparm.passthru = 0;
inqparm.any_inq_seen = 0;
+ inqparm.keydata = NULL;
+ inqparm.keydatalen = 0;
snprintf (line, DIM(line), "PKDECRYPT %s", keyid);
rc = assuan_transact (ctrl->scd_local->ctx, line,
put_membuf_cb, &data,
@@ -1051,24 +1075,12 @@ agent_card_readkey (ctrl_t ctrl, const char *id, unsigned char **r_buf)
}
-struct writekey_parm_s
-{
- assuan_context_t ctx;
- int (*getpin_cb)(void *, const char *, char*, size_t);
- void *getpin_cb_arg;
- assuan_context_t passthru;
- int any_inq_seen;
- /**/
- const unsigned char *keydata;
- size_t keydatalen;
-};
-
/* Handle a KEYDATA inquiry. Note, we only send the data,
assuan_transact takes care of flushing and writing the end */
static gpg_error_t
inq_writekey_parms (void *opaque, const char *line)
{
- struct writekey_parm_s *parm = opaque;
+ struct inq_needpin_parm_s *parm = opaque;
if (has_leading_keyword (line, "KEYDATA"))
return assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen);
@@ -1080,12 +1092,13 @@ inq_writekey_parms (void *opaque, const char *line)
int
agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
const char *id, const char *keydata, size_t keydatalen,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg)
{
int rc;
char line[ASSUAN_LINELENGTH];
- struct writekey_parm_s parms;
+ struct inq_needpin_parm_s parms;
(void)serialno;
rc = start_scd (ctrl);
@@ -1096,6 +1109,7 @@ agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
parms.ctx = ctrl->scd_local->ctx;
parms.getpin_cb = getpin_cb;
parms.getpin_cb_arg = getpin_cb_arg;
+ parms.getpin_cb_desc= NULL;
parms.passthru = 0;
parms.any_inq_seen = 0;
parms.keydata = keydata;
@@ -1108,6 +1122,8 @@ agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
rc = cancel_inquire (ctrl, rc);
return unlock_scd (ctrl, rc);
}
+
+
/* Type used with the card_getattr_cb. */
struct card_getattr_parm_s {
@@ -1190,6 +1206,8 @@ agent_card_getattr (ctrl_t ctrl, const char *name, char **result)
return unlock_scd (ctrl, err);
}
+
+
struct card_cardlist_parm_s {
int error;
@@ -1258,6 +1276,8 @@ agent_card_cardlist (ctrl_t ctrl, strlist_t *result)
return unlock_scd (ctrl, err);
}
+
+
static gpg_error_t
pass_status_thru (void *opaque, const char *line)
@@ -1307,11 +1327,12 @@ pass_data_thru (void *opaque, const void *buffer, size_t length)
inquiry is handled inside gpg-agent. */
int
agent_card_scd (ctrl_t ctrl, const char *cmdline,
- int (*getpin_cb)(void *, const char *, char*, size_t),
+ int (*getpin_cb)(void *, const char *,
+ const char *, char*, size_t),
void *getpin_cb_arg, void *assuan_context)
{
int rc;
- struct inq_needpin_s inqparm;
+ struct inq_needpin_parm_s inqparm;
int saveflag;
rc = start_scd (ctrl);
@@ -1321,8 +1342,12 @@ agent_card_scd (ctrl_t ctrl, const char *cmdline,
inqparm.ctx = ctrl->scd_local->ctx;
inqparm.getpin_cb = getpin_cb;
inqparm.getpin_cb_arg = getpin_cb_arg;
+ inqparm.getpin_cb_desc = NULL;
inqparm.passthru = assuan_context;
inqparm.any_inq_seen = 0;
+ inqparm.keydata = NULL;
+ inqparm.keydatalen = 0;
+
saveflag = assuan_get_flag (ctrl->scd_local->ctx, ASSUAN_CONVEY_COMMENTS);
assuan_set_flag (ctrl->scd_local->ctx, ASSUAN_CONVEY_COMMENTS, 1);
rc = assuan_transact (ctrl->scd_local->ctx, cmdline,
diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index c23c673..5ffb7ea 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -163,6 +163,9 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
string with the passphrase, the buffer may optionally be padded
with arbitrary characters.
+ If DESC_TEXT is not NULL it can be used as further informtion shown
+ atop of the INFO message.
+
INFO gets displayed as part of a generic string. However if the
first character of INFO is a vertical bar all up to the next
verical bar are considered flags and only everything after the
@@ -185,7 +188,8 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
are considered.
*/
static int
-getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
+getpin_cb (void *opaque, const char *desc_text, const char *info,
+ char *buf, size_t maxbuf)
{
struct pin_entry_info_s *pi;
int rc;
@@ -337,9 +341,13 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
-
+/* This function is used when a sign operation has been diverted to a
+ * smartcard. DESC_TEXT is the original text for a prompt has send by
+ * gpg to gpg-agent.
+ *
+ * FIXME: Explain the other args. */
int
-divert_pksign (ctrl_t ctrl,
+divert_pksign (ctrl_t ctrl, const char *desc_text,
const unsigned char *digest, size_t digestlen, int algo,
const unsigned char *shadow_info, unsigned char **r_sig,
size_t *r_siglen)
@@ -357,7 +365,7 @@ divert_pksign (ctrl_t ctrl,
{
int save = ctrl->use_auth_call;
ctrl->use_auth_call = 1;
- rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
+ rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl, desc_text,
algo, digest, digestlen, &sigval, &siglen);
ctrl->use_auth_call = save;
}
@@ -369,7 +377,7 @@ divert_pksign (ctrl_t ctrl,
rc = encode_md_for_card (digest, digestlen, algo, &data, &ndata);
if (!rc)
{
- rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
+ rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl, desc_text,
algo, data, ndata, &sigval, &siglen);
xfree (data);
}
@@ -392,7 +400,7 @@ divert_pksign (ctrl_t ctrl,
allocated buffer in R_BUF. The padding information is stored at
R_PADDING with -1 for not known. */
int
-divert_pkdecrypt (ctrl_t ctrl,
+divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
const unsigned char *cipher,
const unsigned char *shadow_info,
char **r_buf, size_t *r_len, int *r_padding)
@@ -471,7 +479,7 @@ divert_pkdecrypt (ctrl_t ctrl,
if (rc)
return rc;
- rc = agent_card_pkdecrypt (ctrl, kid, getpin_cb, ctrl,
+ rc = agent_card_pkdecrypt (ctrl, kid, getpin_cb, ctrl, desc_text,
ciphertext, ciphertextlen,
&plaintext, &plaintextlen, r_padding);
if (!rc)
diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c
index 3d0f5aa..f1023b4 100644
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@@ -86,7 +86,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
goto leave;
}
- rc = divert_pkdecrypt (ctrl, ciphertext, shadow_info,
+ rc = divert_pkdecrypt (ctrl, desc_text, ciphertext, shadow_info,
&buf, &len, r_padding);
if (rc)
{
diff --git a/agent/pksign.c b/agent/pksign.c
index b347608..4a5daed 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -346,7 +346,7 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
is_ECDSA = 1;
}
- rc = divert_pksign (ctrl,
+ rc = divert_pksign (ctrl, desc_text,
data, datalen,
ctrl->digest.algo,
shadow_info, &buf, &len);
-----------------------------------------------------------------------
Summary of changes:
agent/agent.h | 20 +++++++++----
agent/call-scd.c | 87 +++++++++++++++++++++++++++++++++++-------------------
agent/divert-scd.c | 78 ++++++++++++++++++++++++++++++++++++++++--------
agent/findkey.c | 38 +++++++++++++++++++-----
agent/pkdecrypt.c | 2 +-
agent/pksign.c | 19 ++++++++----
6 files changed, 180 insertions(+), 64 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list