1 /* divert-scd.c - divert operations to the scdaemon
2 * Copyright (C) 2002, 2003, 2009 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <https://www.gnu.org/licenses/>.
31 #include "../common/i18n.h"
32 #include "../common/sexp-parse.h"
36 ask_for_card (ctrl_t ctrl, const unsigned char *shadow_info, char **r_kid)
42 char *want_sn, *want_kid, *want_sn_disp;
47 rc = parse_shadow_info (shadow_info, &want_sn, &want_kid, NULL);
50 want_sn_disp = xtrystrdup (want_sn);
53 rc = gpg_error_from_syserror ();
59 len = strlen (want_sn_disp);
60 if (len == 32 && !strncmp (want_sn_disp, "D27600012401", 12))
62 /* This is an OpenPGP card - reformat */
63 memmove (want_sn_disp, want_sn_disp+16, 4);
64 want_sn_disp[4] = ' ';
65 memmove (want_sn_disp+5, want_sn_disp+20, 8);
68 else if (len == 20 && want_sn_disp[19] == '0')
70 /* We assume that a 20 byte serial number is a standard one
71 * which has the property to have a zero in the last nibble (Due
72 * to BCD representation). We don't display this '0' because it
73 * may confuse the user. */
79 rc = agent_card_serialno (ctrl, &serialno, want_sn);
82 log_info ("detected card with S/N %s\n", serialno);
83 i = strcmp (serialno, want_sn);
91 return 0; /* yes, we have the correct card */
94 else if (gpg_err_code (rc) == GPG_ERR_ENODEV)
96 log_info ("no device present\n");
100 else if (gpg_err_code (rc) == GPG_ERR_CARD_NOT_PRESENT)
102 log_info ("no card present\n");
108 log_error ("error accessing card: %s\n", gpg_strerror (rc));
117 ? L_("Please insert the card with serial number")
118 : L_("Please remove the current card and "
119 "insert the one with serial number"),
126 rc = agent_get_confirmation (ctrl, desc, NULL, NULL, 0);
127 if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK &&
128 gpg_err_code (rc) == GPG_ERR_NO_PIN_ENTRY)
129 rc = gpg_error (GPG_ERR_CARD_NOT_PRESENT);
136 xfree (want_sn_disp);
145 /* Put the DIGEST into an DER encoded container and return it in R_VAL. */
147 encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
148 unsigned char **r_val, size_t *r_len)
150 unsigned char *frame;
151 unsigned char asn[100];
158 if (!algo || gcry_md_test_algo (algo))
159 return gpg_error (GPG_ERR_DIGEST_ALGO);
160 if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
162 log_error ("no object identifier for algo %d\n", algo);
163 return gpg_error (GPG_ERR_INTERNAL);
166 frame = xtrymalloc (asnlen + digestlen);
168 return out_of_core ();
169 memcpy (frame, asn, asnlen);
170 memcpy (frame+asnlen, digest, digestlen);
172 log_printhex (frame, asnlen+digestlen, "encoded hash:");
175 *r_len = asnlen+digestlen;
180 /* Return true if STRING ends in "%0A". */
182 has_percent0A_suffix (const char *string)
187 && (n = strlen (string)) >= 3
188 && !strcmp (string + n - 3, "%0A"));
192 /* Callback used to ask for the PIN which should be set into BUF. The
193 buf has been allocated by the caller and is of size MAXBUF which
194 includes the terminating null. The function should return an UTF-8
195 string with the passphrase, the buffer may optionally be padded
196 with arbitrary characters.
198 If DESC_TEXT is not NULL it can be used as further informtion shown
199 atop of the INFO message.
201 INFO gets displayed as part of a generic string. However if the
202 first character of INFO is a vertical bar all up to the next
203 verical bar are considered flags and only everything after the
204 second vertical bar gets displayed as the full prompt.
208 'N' = New PIN, this requests a second prompt to repeat the
209 PIN. If the PIN is not correctly repeated it starts from
211 'A' = The PIN is an Admin PIN, SO-PIN or alike.
212 'P' = The PIN is a PUK (Personal Unblocking Key).
213 'R' = The PIN is a Reset Code.
217 "|AN|Please enter the new security officer's PIN"
219 The text "Please ..." will get displayed and the flags 'A' and 'N'
223 getpin_cb (void *opaque, const char *desc_text, const char *info,
224 char *buf, size_t maxbuf)
226 struct pin_entry_info_s *pi;
228 ctrl_t ctrl = opaque;
229 const char *ends, *s;
234 const char *again_text = NULL;
235 const char *prompt = "PIN";
237 if (buf && maxbuf < 2)
238 return gpg_error (GPG_ERR_INV_VALUE);
240 /* Parse the flags. */
241 if (info && *info =='|' && (ends=strchr (info+1, '|')))
243 for (s=info+1; s < ends; s++)
246 prompt = L_("Admin PIN");
249 /* TRANSLATORS: A PUK is the Personal Unblocking Code
250 used to unblock a PIN. */
258 prompt = L_("Reset Code");
265 else if (info && *info == '|')
266 log_debug ("pin_cb called without proper PIN info hack\n");
268 /* If BUF has been passed as NULL, we are in pinpad mode: The
269 callback opens the popup and immediately returns. */
272 if (maxbuf == 0) /* Close the pinentry. */
274 agent_popup_message_stop (ctrl);
277 else if (maxbuf == 1) /* Open the pinentry. */
284 if (!strcmp (info, "--ack"))
286 desc2 = L_("Push ACK button on card/token.");
290 desc = strconcat (desc_text,
291 has_percent0A_suffix (desc_text)
304 desc = strconcat (desc_text,
305 has_percent0A_suffix (desc_text)
308 L_("Use the reader's pinpad for input."),
311 desc = strconcat (info, "%0A%0A",
312 L_("Use the reader's pinpad for input."),
317 rc = gpg_error_from_syserror ();
320 rc = agent_popup_message_start (ctrl,
321 desc2? desc2:desc, NULL);
326 rc = agent_popup_message_start (ctrl, desc_text, NULL);
329 rc = gpg_error (GPG_ERR_INV_VALUE);
333 /* FIXME: keep PI and TRIES in OPAQUE. Frankly this is a whole
334 mess because we should call the card's verify function from the
335 pinentry check pin CB. */
337 pi = gcry_calloc_secure (1, sizeof (*pi) + maxbuf + 10);
339 return gpg_error_from_syserror ();
340 pi->max_length = maxbuf-1;
341 pi->min_digits = 0; /* we want a real passphrase */
351 desc2 = strconcat (desc_text,
352 has_percent0A_suffix (desc_text)
357 rc = agent_askpin (ctrl, desc2? desc2 : info,
358 prompt, again_text, pi, NULL, 0);
364 struct pin_entry_info_s *pi2;
365 pi2 = gcry_calloc_secure (1, sizeof (*pi) + maxbuf + 10);
368 rc = gpg_error_from_syserror ();
372 pi2->max_length = maxbuf-1;
374 pi2->max_digits = 16;
376 rc = agent_askpin (ctrl,
378 L_("Repeat this Reset Code"):
380 L_("Repeat this PUK"):
381 L_("Repeat this PIN")),
382 prompt, NULL, pi2, NULL, 0);
383 if (!rc && strcmp (pi->pin, pi2->pin))
385 again_text = (resetcode?
386 L_("Reset Code not correctly repeated; try again"):
388 L_("PUK not correctly repeated; try again"):
389 L_("PIN not correctly repeated; try again"));
401 if ( asprintf (&desc,
402 L_("Please enter the PIN%s%s%s to unlock the card"),
408 desc2 = strconcat (desc_text,
409 has_percent0A_suffix (desc_text)
414 rc = agent_askpin (ctrl, desc2? desc2 : desc? desc : info,
415 prompt, NULL, pi, NULL, 0);
422 strncpy (buf, pi->pin, maxbuf-1);
431 /* This function is used when a sign operation has been diverted to a
432 * smartcard. DESC_TEXT is the original text for a prompt has send by
435 * FIXME: Explain the other args. */
437 divert_pksign (ctrl_t ctrl, const char *desc_text,
438 const unsigned char *digest, size_t digestlen, int algo,
439 const unsigned char *grip,
440 const unsigned char *shadow_info, unsigned char **r_sig,
446 unsigned char *sigval = NULL;
450 rc = ask_for_card (ctrl, shadow_info, &kid);
454 /* For OpenPGP cards we better use the keygrip as key reference.
455 * This has the advantage that app-openpgp can check that the stored
456 * key matches our expectation. This is important in case new keys
457 * have been created on the same card but the sub file has not been
458 * updated. In that case we would get a error from our final
459 * signature checking code or, if the pubkey algo is different,
460 * weird errors from the card (Conditions of use not satisfied). */
461 if (kid && grip && !strncmp (kid, "OPENPGP.", 8))
464 kid = bin2hex (grip, KEYGRIP_LEN, NULL);
466 return gpg_error_from_syserror ();
470 if (algo == MD_USER_TLS_MD5SHA1)
472 int save = ctrl->use_auth_call;
473 ctrl->use_auth_call = 1;
474 rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl, NULL,
475 algo, digest, digestlen, &sigval, &siglen);
476 ctrl->use_auth_call = save;
483 rc = encode_md_for_card (digest, digestlen, algo, &data, &ndata);
486 rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl, NULL,
487 algo, data, ndata, &sigval, &siglen);
504 /* Decrypt the value given asn an S-expression in CIPHER using the
505 key identified by SHADOW_INFO and return the plaintext in an
506 allocated buffer in R_BUF. The padding information is stored at
507 R_PADDING with -1 for not known. */
509 divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
510 const unsigned char *cipher,
511 const unsigned char *grip,
512 const unsigned char *shadow_info,
513 char **r_buf, size_t *r_len, int *r_padding)
517 const unsigned char *s;
520 const unsigned char *ciphertext;
521 size_t ciphertextlen;
530 return gpg_error (GPG_ERR_INV_SEXP);
534 return gpg_error (GPG_ERR_INV_SEXP);
535 if (!smatch (&s, n, "enc-val"))
536 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
538 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
542 return gpg_error (GPG_ERR_INV_SEXP);
544 /* First check whether we have a flags parameter and skip it. */
545 if (smatch (&s, n, "flags"))
548 if (sskip (&s, &depth) || depth)
549 return gpg_error (GPG_ERR_INV_SEXP);
551 return gpg_error (GPG_ERR_INV_SEXP);
555 return gpg_error (GPG_ERR_INV_SEXP);
558 if (smatch (&s, n, "rsa"))
561 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
565 return gpg_error (GPG_ERR_INV_SEXP);
566 if (!smatch (&s, n, "a"))
567 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
570 else if (smatch (&s, n, "ecdh"))
573 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
577 return gpg_error (GPG_ERR_INV_SEXP);
578 if (smatch (&s, n, "s"))
583 return gpg_error (GPG_ERR_INV_SEXP);
585 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
588 return gpg_error (GPG_ERR_INV_SEXP);
590 if (!smatch (&s, n, "e"))
591 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
595 return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
598 return gpg_error (GPG_ERR_UNKNOWN_SEXP);
602 rc = ask_for_card (ctrl, shadow_info, &kid);
606 /* For OpenPGP cards we better use the keygrip as key reference.
607 * This has the advantage that app-openpgp can check that the stored
608 * key matches our expectation. This is important in case new keys
609 * have been created on the same card but the sub file has not been
610 * updated. In that case we would get a error from our final
611 * signature checking code or, if the pubkey algo is different,
612 * weird errors from the card (Conditions of use not satisfied). */
613 if (kid && grip && !strncmp (kid, "OPENPGP.", 8))
616 kid = bin2hex (grip, KEYGRIP_LEN, NULL);
618 return gpg_error_from_syserror ();
621 rc = agent_card_pkdecrypt (ctrl, kid, getpin_cb, ctrl, NULL,
622 ciphertext, ciphertextlen,
623 &plaintext, &plaintextlen, r_padding);
627 *r_len = plaintextlen;
634 divert_writekey (ctrl_t ctrl, int force, const char *serialno,
635 const char *id, const char *keydata, size_t keydatalen)
637 return agent_card_writekey (ctrl, force, serialno, id, keydata, keydatalen,
642 divert_generic_cmd (ctrl_t ctrl, const char *cmdline, void *assuan_context)
644 return agent_card_scd (ctrl, cmdline, getpin_cb, ctrl, assuan_context);