[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-16-g2c85e20
by NIIBE Yutaka
cvs at cvs.gnupg.org
Fri Mar 16 03:32:29 CET 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 2c85e202bc30231b9555100dec0c490c60d7b88c (commit)
from fd23a0524d8060ed12d87c679b7823686614aaee (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2c85e202bc30231b9555100dec0c490c60d7b88c
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Mar 16 11:27:33 2018 +0900
scd: Better user interaction for factory-reset.
* g10/card-util.c (factory_reset): Dummy PIN size is now 32-byte.
Connect the card again at the last step.
--
Before the change, a user has to quit the session to continue. Now,
it is possible to type RET in the session and see if it's really done.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/card-util.c b/g10/card-util.c
index bda4e83..7616dbb 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -659,7 +659,7 @@ current_card_status (ctrl_t ctrl, estream_t fp,
/* Print all available information for specific card with SERIALNO.
Print all available information for current card when SERIALNO is NULL.
- Or print llfor all cards when SERIALNO is "all". */
+ Or print for all cards when SERIALNO is "all". */
void
card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
{
@@ -1792,6 +1792,7 @@ factory_reset (void)
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 e6 00 00
scd apdu 00 44 00 00
+ scd reset
/echo Card has been reset to factory defaults
but tries to find out something about the card first.
@@ -1804,7 +1805,7 @@ factory_reset (void)
else if (err)
{
log_error (_("OpenPGP card not available: %s\n"), gpg_strerror (err));
- return;
+ goto leave;
}
if (!termstate)
@@ -1854,10 +1855,16 @@ factory_reset (void)
command because there is no machinery in scdaemon to catch
the verify command and ask for the PIN when the "APDU"
command is used. */
+ /* Here, the length of dummy wrong PIN is 32-byte, also
+ supporting authentication with KDF DO. */
for (i=0; i < 4; i++)
- send_apdu ("00200081084040404040404040", "VERIFY", 0xffff);
+ send_apdu ("0020008120"
+ "40404040404040404040404040404040"
+ "40404040404040404040404040404040", "VERIFY", 0xffff);
for (i=0; i < 4; i++)
- send_apdu ("00200083084040404040404040", "VERIFY", 0xffff);
+ send_apdu ("0020008320"
+ "40404040404040404040404040404040"
+ "40404040404040404040404040404040", "VERIFY", 0xffff);
/* Send terminate datafile command. */
err = send_apdu ("00e60000", "TERMINATE DF", 0x6985);
@@ -1873,8 +1880,16 @@ factory_reset (void)
/* Finally we reset the card reader once more. */
err = send_apdu (NULL, "RESET", 0);
- if (err)
- goto leave;
+
+ /* Then, connect the card again. */
+ if (!err)
+ {
+ char *serialno0;
+
+ err = agent_scd_serialno (&serialno0, NULL);
+ if (!err)
+ xfree (serialno0);
+ }
leave:
xfree (answer);
-----------------------------------------------------------------------
Summary of changes:
g10/card-util.c | 27 +++++++++++++++++++++------
1 file changed, 21 insertions(+), 6 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list