summaryrefslogtreecommitdiffstats
path: root/g10
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2008-09-25 12:06:02 +0200
committerWerner Koch <wk@gnupg.org>2008-09-25 12:06:02 +0200
commit96f16f736e97992c985f01c5e93bf825fdcd5707 (patch)
tree2db9d0ade98d7ca89ffb8aa17e65a0cb6bf2c8e4 /g10
parent* pkclist.c (select_algo_from_prefs): Redo function to rank prefs and (diff)
downloadgnupg2-96f16f736e97992c985f01c5e93bf825fdcd5707.tar.xz
gnupg2-96f16f736e97992c985f01c5e93bf825fdcd5707.zip
Finished support for v2 cards with the exception of secure messaging.
Diffstat (limited to 'g10')
-rw-r--r--g10/ChangeLog13
-rw-r--r--g10/call-agent.c8
-rw-r--r--g10/call-agent.h1
-rw-r--r--g10/card-util.c47
4 files changed, 65 insertions, 4 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 3780be777..28a6cd9ce 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,16 @@
+2008-09-25 Werner Koch <wk@g10code.com>
+
+ * card-util.c (change_pin): Support setting of the reset code.
+
+2008-09-24 Werner Koch <wk@g10code.com>
+
+ * call-agent.h (struct agent_card_info_s): Add field IS_V2.
+ * call-agent.c (learn_status_cb): That that field.
+
+ * card-util.c (change_pin): Rename first arg to UNBLOCK_v2 and use
+ it this way.
+ (card_edit): Add new command UNBLOCK.
+
2008-09-23 David Shaw <dshaw@jabberwocky.com>
* pkclist.c (select_algo_from_prefs): Redo function to rank prefs
diff --git a/g10/call-agent.c b/g10/call-agent.c
index 9767f040f..29d75a59e 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -264,6 +264,8 @@ learn_status_cb (void *opaque, const char *line)
{
xfree (parm->serialno);
parm->serialno = store_serialno (line);
+ parm->is_v2 = (strlen (parm->serialno) >= 16
+ && xtoi_2 (parm->serialno+12) >= 2 );
}
else if (keywordlen == 9 && !memcmp (keyword, "DISP-NAME", keywordlen))
{
@@ -758,10 +760,12 @@ agent_scd_pkdecrypt (const char *serialno,
/* Change the PIN of an OpenPGP card or reset the retry counter.
CHVNO 1: Change the PIN
- 2: Same as 1
+ 2: For v1 cards: Same as 1.
+ For v2 cards: Reset the PIN using the Reset Code.
3: Change the admin PIN
101: Set a new PIN and reset the retry counter
- 102: Same as 101
+ 102: For v1 cars: Same as 101.
+ For v2 cards: Set a new Reset Code.
SERIALNO is not used.
*/
int
diff --git a/g10/call-agent.h b/g10/call-agent.h
index 63b460a90..ee69793fa 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -49,6 +49,7 @@ struct agent_card_info_s
int chv1_cached; /* True if a PIN is not required for each
signing. Note that the gpg-agent might cache
it anyway. */
+ int is_v2; /* True if this is a v2 card. */
int chvmaxlen[3]; /* Maximum allowed length of a CHV. */
int chvretry[3]; /* Allowed retries for the CHV; 0 = blocked. */
};
diff --git a/g10/card-util.c b/g10/card-util.c
index 2d00bb3ac..afde4cb68 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -51,7 +51,7 @@
/* Change the PIN of a an OpenPGP card. This is an interactive
function. */
void
-change_pin (int chvno, int allow_admin)
+change_pin (int unblock_v2, int allow_admin)
{
struct agent_card_info_s info;
int rc;
@@ -76,7 +76,26 @@ change_pin (int chvno, int allow_admin)
return;
}
- if(!allow_admin)
+
+ if (unblock_v2)
+ {
+ if (!info.is_v2)
+ log_error (_("This command is only available for version 2 cards\n"));
+ else if (!info.chvretry[1])
+ log_error (_("Reset Code not or not anymore available\n"));
+ else
+ {
+ rc = agent_scd_change_pin (2, info.serialno);
+ if (rc)
+ tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
+ else
+ {
+ write_status (STATUS_SC_OP_SUCCESS);
+ tty_printf ("PIN changed.\n");
+ }
+ }
+ }
+ else if (!allow_admin)
{
rc = agent_scd_change_pin (1, info.serialno);
if (rc)
@@ -96,6 +115,7 @@ change_pin (int chvno, int allow_admin)
tty_printf ("1 - change PIN\n"
"2 - unblock PIN\n"
"3 - change Admin PIN\n"
+ "4 - set the Reset Code\n"
"Q - quit\n");
tty_printf ("\n");
@@ -107,6 +127,7 @@ change_pin (int chvno, int allow_admin)
rc = 0;
if (*answer == '1')
{
+ /* Change PIN. */
rc = agent_scd_change_pin (1, info.serialno);
if (rc)
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
@@ -118,6 +139,7 @@ change_pin (int chvno, int allow_admin)
}
else if (*answer == '2')
{
+ /* Unblock PIN. */
rc = agent_scd_change_pin (101, info.serialno);
if (rc)
tty_printf ("Error unblocking the PIN: %s\n", gpg_strerror (rc));
@@ -129,6 +151,7 @@ change_pin (int chvno, int allow_admin)
}
else if (*answer == '3')
{
+ /* Change Admin PIN. */
rc = agent_scd_change_pin (3, info.serialno);
if (rc)
tty_printf ("Error changing the PIN: %s\n", gpg_strerror (rc));
@@ -138,6 +161,19 @@ change_pin (int chvno, int allow_admin)
tty_printf ("PIN changed.\n");
}
}
+ else if (*answer == '4')
+ {
+ /* Set a new Reset Code. */
+ rc = agent_scd_change_pin (102, info.serialno);
+ if (rc)
+ tty_printf ("Error setting the Reset Code: %s\n",
+ gpg_strerror (rc));
+ else
+ {
+ write_status (STATUS_SC_OP_SUCCESS);
+ tty_printf ("Reset Code set.\n");
+ }
+ }
else if (*answer == 'q' || *answer == 'Q')
{
break;
@@ -1345,6 +1381,7 @@ enum cmdids
cmdQUIT, cmdADMIN, cmdHELP, cmdLIST, cmdDEBUG, cmdVERIFY,
cmdNAME, cmdURL, cmdFETCH, cmdLOGIN, cmdLANG, cmdSEX, cmdCAFPR,
cmdFORCESIG, cmdGENERATE, cmdPASSWD, cmdPRIVATEDO, cmdWRITECERT,
+ cmdUNBLOCK,
cmdINVCMD
};
@@ -1375,6 +1412,7 @@ static struct
{ "generate", cmdGENERATE, 1, N_("generate new keys")},
{ "passwd" , cmdPASSWD, 0, N_("menu to change or unblock the PIN")},
{ "verify" , cmdVERIFY, 0, N_("verify the PIN and list all data")},
+ { "unblock" , cmdUNBLOCK,0, N_("unblock the PIN using a Reset Code") },
/* Note, that we do not announce these command yet. */
{ "privatedo", cmdPRIVATEDO, 0, NULL },
{ "writecert", cmdWRITECERT, 1, NULL },
@@ -1644,6 +1682,11 @@ card_edit (strlist_t commands)
did_checkpin = 0; /* Need to reset it of course. */
break;
+ case cmdUNBLOCK:
+ change_pin (1, allow_admin);
+ did_checkpin = 0; /* Need to reset it of course. */
+ break;
+
case cmdQUIT:
goto leave;