[git] GnuPG - branch, master, updated. gnupg-2.2.7-314-g405feca
by Werner Koch
cvs at cvs.gnupg.org
Thu Jan 3 15:19:27 CET 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 405feca2bdeeb620dc406667a702035a123ae848 (commit)
via cca2b87e79cda212a33c13efdd2b2830295d2efe (commit)
from 3d766924b412b36fc9481803447b93f7fa68b8f6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 405feca2bdeeb620dc406667a702035a123ae848
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jan 3 15:18:15 2019 +0100
scd: Add two variants to the set of ISO7816 functions.
* scd/iso7816.c (iso7816_select_application_ext): New.
(iso7816_get_data_odd): New.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/scd/iso7816.c b/scd/iso7816.c
index 01faca5..43c0bcd 100644
--- a/scd/iso7816.c
+++ b/scd/iso7816.c
@@ -138,6 +138,21 @@ iso7816_select_application (int slot, const char *aid, size_t aidlen,
}
+/* This is the same as iso7816_select_application but may return data
+ * at RESULT,RESULTLEN). */
+gpg_error_t
+iso7816_select_application_ext (int slot, const char *aid, size_t aidlen,
+ unsigned int flags,
+ unsigned char **result, size_t *resultlen)
+{
+ int sw;
+ sw = apdu_send (slot, 0, 0x00, CMD_SELECT_FILE, 4,
+ (flags&1)? 0:0x0c, aidlen, aid,
+ result, resultlen);
+ return map_sw (sw);
+}
+
+
gpg_error_t
iso7816_select_file (int slot, int tag, int is_dir)
{
@@ -396,6 +411,70 @@ iso7816_get_data (int slot, int extended_mode, int tag,
}
+/* Perform a GET DATA command requesting TAG and storing the result in
+ * a newly allocated buffer at the address passed by RESULT. Return
+ * the length of this data at the address of RESULTLEN. This variant
+ * is needed for long (3 octet) tags. */
+gpg_error_t
+iso7816_get_data_odd (int slot, int extended_mode, unsigned int tag,
+ unsigned char **result, size_t *resultlen)
+{
+ int sw;
+ int le;
+ int datalen;
+ unsigned char data[5];
+
+ if (!result || !resultlen)
+ return gpg_error (GPG_ERR_INV_VALUE);
+ *result = NULL;
+ *resultlen = 0;
+
+ if (extended_mode > 0 && extended_mode < 256)
+ le = 65534; /* Not 65535 in case it is used as some special flag. */
+ else if (extended_mode > 0)
+ le = extended_mode;
+ else
+ le = 256;
+
+ data[0] = 0x5c;
+ if (tag <= 0xff)
+ {
+ data[1] = 1;
+ data[2] = tag;
+ datalen = 3;
+ }
+ else if (tag <= 0xffff)
+ {
+ data[1] = 2;
+ data[2] = (tag >> 8);
+ data[3] = tag;
+ datalen = 4;
+ }
+ else
+ {
+ data[1] = 3;
+ data[2] = (tag >> 16);
+ data[3] = (tag >> 8);
+ data[4] = tag;
+ datalen = 5;
+ }
+
+ sw = apdu_send_le (slot, extended_mode, 0x00, CMD_GET_DATA + 1,
+ 0x3f, 0xff, datalen, data, le,
+ result, resultlen);
+ if (sw != SW_SUCCESS)
+ {
+ /* Make sure that pending buffers are released. */
+ xfree (*result);
+ *result = NULL;
+ *resultlen = 0;
+ return map_sw (sw);
+ }
+
+ return 0;
+}
+
+
/* Perform a PUT DATA command on card in SLOT. Write DATA of length
DATALEN to TAG. EXTENDED_MODE controls whether extended length
headers or command chaining is used instead of single length
diff --git a/scd/iso7816.h b/scd/iso7816.h
index 4c71bbd..332fc0e 100644
--- a/scd/iso7816.h
+++ b/scd/iso7816.h
@@ -51,6 +51,11 @@ gpg_error_t iso7816_map_sw (int sw);
gpg_error_t iso7816_select_application (int slot,
const char *aid, size_t aidlen,
unsigned int flags);
+gpg_error_t iso7816_select_application_ext (int slot,
+ const char *aid, size_t aidlen,
+ unsigned int flags,
+ unsigned char **result,
+ size_t *resultlen);
gpg_error_t iso7816_select_file (int slot, int tag, int is_dir);
gpg_error_t iso7816_select_path (int slot,
const unsigned short *path, size_t pathlen);
@@ -78,6 +83,8 @@ gpg_error_t iso7816_reset_retry_counter_with_rc (int slot, int chvno,
size_t datalen);
gpg_error_t iso7816_get_data (int slot, int extended_mode, int tag,
unsigned char **result, size_t *resultlen);
+gpg_error_t iso7816_get_data_odd (int slot, int extended_mode, unsigned int tag,
+ unsigned char **result, size_t *resultlen);
gpg_error_t iso7816_put_data (int slot, int extended_mode, int tag,
const void *data, size_t datalen);
gpg_error_t iso7816_put_data_odd (int slot, int extended_mode, int tag,
commit cca2b87e79cda212a33c13efdd2b2830295d2efe
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jan 3 15:17:04 2019 +0100
scd: Support "READKEY --advanced" for all cards.
* scd/command.c (cmd_readkey): Reformat for advanced mode.
--
The --advanced option used to work only if the driver supported that
but not if we extracted the public key from an x.509 certificate.
This patch fixes that.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/scd/command.c b/scd/command.c
index 0a96546..9df2611 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -465,7 +465,7 @@ cmd_learn (assuan_context_t ctx, char *line)
static const char hlp_readcert[] =
- "READCERT <hexified_certid>|<keyid>\n"
+ "READCERT <hexified_certid>|<keyid>|<oid>\n"
"\n"
"Note, that this function may even be used on a locked card.";
static gpg_error_t
@@ -498,7 +498,7 @@ cmd_readcert (assuan_context_t ctx, char *line)
static const char hlp_readkey[] =
- "READKEY [--advanced] <keyid>\n"
+ "READKEY [--advanced] <keyid>|<oid>\n"
"\n"
"Return the public key for the given cert or key ID as a standard\n"
"S-expression.\n"
@@ -514,7 +514,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
unsigned char *cert = NULL;
size_t ncert, n;
ksba_cert_t kc = NULL;
- ksba_sexp_t p;
+ ksba_sexp_t p = NULL;
unsigned char *pk;
size_t pklen;
@@ -570,13 +570,36 @@ cmd_readkey (assuan_context_t ctx, char *line)
rc = gpg_error (GPG_ERR_NO_PUBKEY);
goto leave;
}
-
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
- rc = assuan_send_data (ctx, p, n);
- xfree (p);
+ if (advanced)
+ {
+ gcry_sexp_t s_key;
+
+ rc = gcry_sexp_new (&s_key, (void*)p, n, 0);
+ if (rc)
+ goto leave;
+
+ pklen = gcry_sexp_sprint (s_key, GCRYSEXP_FMT_ADVANCED, NULL, 0);
+ pk = xtrymalloc (pklen);
+ if (!pk)
+ {
+ rc = gpg_error_from_syserror ();
+ goto leave;
+ }
+ log_assert (pklen);
+
+ gcry_sexp_sprint (s_key, GCRYSEXP_FMT_ADVANCED, pk, pklen);
+ gcry_sexp_release (s_key);
+ /* (One less to adjust for the trailing '\0') */
+ rc = assuan_send_data (ctx, pk, pklen-1);
+ xfree (pk);
+ }
+ else
+ rc = assuan_send_data (ctx, p, n);
leave:
+ xfree (p);
ksba_cert_release (kc);
xfree (cert);
return rc;
-----------------------------------------------------------------------
Summary of changes:
scd/command.c | 35 +++++++++++++++++++++-----
scd/iso7816.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
scd/iso7816.h | 7 ++++++
3 files changed, 115 insertions(+), 6 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list