deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

minor change to external_authenticate

Browse Source
This commit is contained in:
NIIBE Yutaka
2013-01-30 16:50:19 +09:00
parent 9dde59867d
commit 62b4369d2c
4 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@@ -1,3 +1,12 @@
2013-01-30 Niibe Yutaka <gniibe@fsij.org>
* src/openpgp.c (cmd_external_authenticate): Fix off-by-one error.
* tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Add
KEYNO to the arguments.
* tool/upgrade_by_passwd.py (main): Explicitly say it's KEYNO.
2013-01-28 Niibe Yutaka <gniibe@fsij.org> 2013-01-28 Niibe Yutaka <gniibe@fsij.org>
* src/openpgp-do.c (gpg_pw_get_retry_counter): New. * src/openpgp-do.c (gpg_pw_get_retry_counter): New.

2
src/openpgp.c
View File

@@ -1002,7 +1002,7 @@ cmd_external_authenticate (void)
DEBUG_INFO (" - EXTERNAL AUTHENTICATE\r\n"); DEBUG_INFO (" - EXTERNAL AUTHENTICATE\r\n");
if (keyno > 4) if (keyno >= 4)
{ {
GPG_CONDITION_NOT_SATISFIED (); GPG_CONDITION_NOT_SATISFIED ();
return; return;

6
tool/gnuk_token.py
View File

@@ -432,14 +432,14 @@ class gnuk_token(object):
raise ValueError("%02x%02x" % (sw[0], sw[1])) raise ValueError("%02x%02x" % (sw[0], sw[1]))
return self.cmd_get_response(sw[1]) return self.cmd_get_response(sw[1])
def cmd_external_authenticate(self, signed): def cmd_external_authenticate(self, keyno, signed):
cmd_data = iso7816_compose(0x82, 0x00, 0x00, signed[0:128], cls=0x10) cmd_data = iso7816_compose(0x82, 0x00, keyno, signed[0:128], cls=0x10)
sw = self.icc_send_cmd(cmd_data) sw = self.icc_send_cmd(cmd_data)
if len(sw) != 2: if len(sw) != 2:
raise ValueError(sw) raise ValueError(sw)
if not (sw[0] == 0x90 and sw[1] == 0x00): if not (sw[0] == 0x90 and sw[1] == 0x00):
raise ValueError("%02x%02x" % (sw[0], sw[1])) raise ValueError("%02x%02x" % (sw[0], sw[1]))
cmd_data = iso7816_compose(0x82, 0x00, 0x00, signed[128:]) cmd_data = iso7816_compose(0x82, 0x00, keyno, signed[128:])
sw = self.icc_send_cmd(cmd_data) sw = self.icc_send_cmd(cmd_data)
if len(sw) != 2: if len(sw) != 2:
raise ValueError(sw) raise ValueError(sw)

5
tool/upgrade_by_passwd.py
View File

@@ -45,14 +45,15 @@ def main(passwd, data_regnual, data_upgrade):
gnuk = get_gnuk_device() gnuk = get_gnuk_device()
gnuk.cmd_verify(BY_ADMIN, passwd) gnuk.cmd_verify(BY_ADMIN, passwd)
gnuk.cmd_write_binary(1, rsa_raw_pubkey, False) keyno = 0
gnuk.cmd_write_binary(1+keyno, rsa_raw_pubkey, False)
gnuk.cmd_select_openpgp() gnuk.cmd_select_openpgp()
challenge = gnuk.cmd_get_challenge() challenge = gnuk.cmd_get_challenge()
digestinfo = binascii.unhexlify(SHA256_OID_PREFIX) + challenge digestinfo = binascii.unhexlify(SHA256_OID_PREFIX) + challenge
signed = rsa.compute_signature(rsa_key, digestinfo) signed = rsa.compute_signature(rsa_key, digestinfo)
signed_bytes = rsa.integer_to_bytes_256(signed) signed_bytes = rsa.integer_to_bytes_256(signed)
gnuk.cmd_external_authenticate(signed_bytes) gnuk.cmd_external_authenticate(keyno, signed_bytes)
gnuk.stop_gnuk() gnuk.stop_gnuk()
mem_info = gnuk.mem_info() mem_info = gnuk.mem_info()
print "%08x:%08x" % mem_info print "%08x:%08x" % mem_info