diff --git a/tests/openpgp_card.py b/tests/openpgp_card.py index e413293..d92fd83 100644 --- a/tests/openpgp_card.py +++ b/tests/openpgp_card.py @@ -124,9 +124,14 @@ class OpenPGP_Card(object): def cmd_select_openpgp(self): cmd_data = iso7816_compose(0xa4, 0x04, 0x00, b"\xD2\x76\x00\x01\x24\x01") - sw = self.__reader.send_cmd(cmd_data) - if len(sw) != 2: - raise ValueError(sw) + r = self.__reader.send_cmd(cmd_data) + if len(r) < 2: + raise ValueError(r) + sw = r[-2:] + r = r[0:-2] + if sw[0] == 0x61: + self.cmd_get_response(sw[1]) + return True if not (sw[0] == 0x90 and sw[1] == 0x00): raise ValueError("%02x%02x" % (sw[0], sw[1])) return True @@ -192,17 +197,6 @@ class OpenPGP_Card(object): return True def cmd_pso(self, p1, p2, data): - cmd_data = iso7816_compose(0x2a, p1, p2, data) - sw = self.__reader.send_cmd(cmd_data) - if len(sw) != 2: - raise ValueError(sw) - if sw[0] == 0x90 and sw[1] == 0x00: - return b"" - elif sw[0] != 0x61: - raise ValueError("%02x%02x" % (sw[0], sw[1])) - return self.cmd_get_response(sw[1]) - - def cmd_pso_longdata(self, p1, p2, data): if self.__reader.is_tpdu_reader(): cmd_data = iso7816_compose(0x2a, p1, p2, data, le=256) r = self.__reader.send_cmd(cmd_data) @@ -217,22 +211,36 @@ class OpenPGP_Card(object): else: raise ValueError("%02x%02x" % (sw[0], sw[1])) else: - cmd_data0 = iso7816_compose(0x2a, p1, p2, data[:128], 0x10) - cmd_data1 = iso7816_compose(0x2a, p1, p2, data[128:]) - sw = self.__reader.send_cmd(cmd_data0) - if len(sw) != 2: - raise ValueError(sw) - if not (sw[0] == 0x90 and sw[1] == 0x00): - raise ValueError("%02x%02x" % (sw[0], sw[1])) - sw = self.__reader.send_cmd(cmd_data1) - if len(sw) != 2: - raise ValueError(sw) - elif sw[0] != 0x61: - raise ValueError("%02x%02x" % (sw[0], sw[1])) - return self.cmd_get_response(sw[1]) + if len(data) > 128: + cmd_data0 = iso7816_compose(0x2a, p1, p2, data[:128], 0x10) + cmd_data1 = iso7816_compose(0x2a, p1, p2, data[128:]) + sw = self.__reader.send_cmd(cmd_data0) + if len(sw) != 2: + raise ValueError(sw) + if not (sw[0] == 0x90 and sw[1] == 0x00): + raise ValueError("%02x%02x" % (sw[0], sw[1])) + sw = self.__reader.send_cmd(cmd_data1) + if len(sw) != 2: + raise ValueError(sw) + elif sw[0] != 0x61: + raise ValueError("%02x%02x" % (sw[0], sw[1])) + return self.cmd_get_response(sw[1]) + else: + cmd_data = iso7816_compose(0x2a, p1, p2, data) + sw = self.__reader.send_cmd(cmd_data) + if len(sw) != 2: + raise ValueError(sw) + if sw[0] == 0x90 and sw[1] == 0x00: + return b"" + elif sw[0] != 0x61: + raise ValueError("%02x%02x" % (sw[0], sw[1])) + return self.cmd_get_response(sw[1]) def cmd_internal_authenticate(self, data): - cmd_data = iso7816_compose(0x88, 0, 0, data, le=256) + if self.__reader.is_tpdu_reader(): + cmd_data = iso7816_compose(0x88, 0, 0, data, le=256) + else: + cmd_data = iso7816_compose(0x88, 0, 0, data) r = self.__reader.send_cmd(cmd_data) if len(r) < 2: raise ValueError(r) diff --git a/tests/test_personalize_card.py b/tests/test_personalize_card.py index 0a76199..6f472cb 100644 --- a/tests/test_personalize_card.py +++ b/tests/test_personalize_card.py @@ -121,17 +121,17 @@ def test_fingerprint_3_put(card): r = card.cmd_put_data(0x00, 0xc9, fpr3) assert r -def test_timestamp_1(card): +def test_timestamp_1_put(card): timestamp1 = rsa_keys.timestamp[0] r = card.cmd_put_data(0x00, 0xce, timestamp1) assert r -def test_timestamp_2(card): +def test_timestamp_2_put(card): timestamp2 = rsa_keys.timestamp[1] r = card.cmd_put_data(0x00, 0xcf, timestamp2) assert r -def test_timestamp_3(card): +def test_timestamp_3_put(card): timestamp3 = rsa_keys.timestamp[2] r = card.cmd_put_data(0x00, 0xd0, timestamp3) assert r @@ -222,14 +222,14 @@ PLAIN_TEXT2=b"This is another test message.\nMultiple lines.\n" def test_sign_0(card): digestinfo = rsa_keys.compute_digestinfo(PLAIN_TEXT0) - r = card.cmd_pso_longdata(0x9e, 0x9a, digestinfo) + r = card.cmd_pso(0x9e, 0x9a, digestinfo) sig = rsa_keys.compute_signature(0, digestinfo) sig_bytes = sig.to_bytes(int((sig.bit_length()+7)/8), byteorder='big') assert r == sig_bytes def test_sign_1(card): digestinfo = rsa_keys.compute_digestinfo(PLAIN_TEXT1) - r = card.cmd_pso_longdata(0x9e, 0x9a, digestinfo) + r = card.cmd_pso(0x9e, 0x9a, digestinfo) sig = rsa_keys.compute_signature(0, digestinfo) sig_bytes = sig.to_bytes(int((sig.bit_length()+7)/8), byteorder='big') assert r == sig_bytes @@ -250,10 +250,10 @@ def test_sign_auth_1(card): def test_decrypt_0(card): ciphertext = rsa_keys.encrypt(1, PLAIN_TEXT0) - r = card.cmd_pso_longdata(0x80, 0x86, ciphertext) + r = card.cmd_pso(0x80, 0x86, ciphertext) assert r == PLAIN_TEXT0 def test_decrypt_1(card): ciphertext = rsa_keys.encrypt(1, PLAIN_TEXT1) - r = card.cmd_pso_longdata(0x80, 0x86, ciphertext) + r = card.cmd_pso(0x80, 0x86, ciphertext) assert r == PLAIN_TEXT1 diff --git a/tests/test_personalize_reset_card.py b/tests/test_personalize_reset_card.py index bc5c986..6a1b91f 100644 --- a/tests/test_personalize_reset_card.py +++ b/tests/test_personalize_reset_card.py @@ -46,11 +46,12 @@ def test_name_put(card): assert r def test_lang_put(card): - r = card.cmd_put_data(0x5f, 0x2d, b"de") + r = card.cmd_put_data(0x5f, 0x2d, b"") assert r def test_sex_put(card): - r = card.cmd_put_data(0x5f, 0x35, b"0") + r = card.cmd_put_data(0x5f, 0x35, b"9") + # r = card.cmd_put_data(0x5f, 0x35, b"") assert r def test_url_put(card): diff --git a/tests/test_remove_keys_card.py b/tests/test_remove_keys_card.py new file mode 100644 index 0000000..c185a26 --- /dev/null +++ b/tests/test_remove_keys_card.py @@ -0,0 +1,44 @@ +""" +test_remove_keys_card.py - test removing keys on card + +Copyright (C) 2016 g10 Code GmbH +Author: NIIBE Yutaka + +This file is a part of Gnuk, a GnuPG USB Token implementation. + +Gnuk is free software: you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +Gnuk is distributed in the hope that it will be useful, but WITHOUT +ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public +License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . +""" + +# Remove a key material on card by changing algorithm attributes of the key + +KEY_ATTRIBUTES_RSA4K=b"\x01\x10\x00\x00\x20\x00" +KEY_ATTRIBUTES_RSA2K=b"\x01\x08\x00\x00\x20\x00" + +def test_rsa_import_key_1(card): + r = card.cmd_put_data(0x00, 0xc1, KEY_ATTRIBUTES_RSA4K) + if r: + r = card.cmd_put_data(0x00, 0xc1, KEY_ATTRIBUTES_RSA2K) + assert r + +def test_rsa_import_key_2(card): + r = card.cmd_put_data(0x00, 0xc2, KEY_ATTRIBUTES_RSA4K) + if r: + r = card.cmd_put_data(0x00, 0xc2, KEY_ATTRIBUTES_RSA2K) + assert r + +def test_rsa_import_key_3(card): + r = card.cmd_put_data(0x00, 0xc3, KEY_ATTRIBUTES_RSA4K) + if r: + r = card.cmd_put_data(0x00, 0xc3, KEY_ATTRIBUTES_RSA2K) + assert r