minor change to external_authenticate

2013-01-30 16:50:19 +09:00
parent 9dde59867d
commit 62b4369d2c
4 changed files with 16 additions and 6 deletions
--- a/9
+++ b/9
@@ -1,3 +1,12 @@
+2013-01-30  Niibe Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp.c (cmd_external_authenticate): Fix off-by-one error.
+
+	* tool/gnuk_token.py (gnuk_token.cmd_external_authenticate): Add
+	KEYNO to the arguments.
+
+	* tool/upgrade_by_passwd.py (main): Explicitly say it's KEYNO.
+
 2013-01-28  Niibe Yutaka  <gniibe@fsij.org>

 	* src/openpgp-do.c (gpg_pw_get_retry_counter): New.
--- a/src/openpgp.c
+++ b/src/openpgp.c
@@ -1002,7 +1002,7 @@ cmd_external_authenticate (void)

  DEBUG_INFO (" - EXTERNAL AUTHENTICATE\r\n");

-  if (keyno > 4)
+  if (keyno >= 4)
    {
      GPG_CONDITION_NOT_SATISFIED ();
      return;
--- a/tool/gnuk_token.py
+++ b/tool/gnuk_token.py
@@ -432,14 +432,14 @@ class gnuk_token(object):
            raise ValueError("%02x%02x" % (sw[0], sw[1]))
        return self.cmd_get_response(sw[1])

-    def cmd_external_authenticate(self, signed):
-        cmd_data = iso7816_compose(0x82, 0x00, 0x00, signed[0:128], cls=0x10)
+    def cmd_external_authenticate(self, keyno, signed):
+        cmd_data = iso7816_compose(0x82, 0x00, keyno, signed[0:128], cls=0x10)
        sw = self.icc_send_cmd(cmd_data)
        if len(sw) != 2:
            raise ValueError(sw)
        if not (sw[0] == 0x90 and sw[1] == 0x00):
            raise ValueError("%02x%02x" % (sw[0], sw[1]))
-        cmd_data = iso7816_compose(0x82, 0x00, 0x00, signed[128:])
+        cmd_data = iso7816_compose(0x82, 0x00, keyno, signed[128:])
        sw = self.icc_send_cmd(cmd_data)
        if len(sw) != 2:
            raise ValueError(sw)
--- a/tool/upgrade_by_passwd.py
+++ b/tool/upgrade_by_passwd.py
@@ -45,14 +45,15 @@ def main(passwd, data_regnual, data_upgrade):

    gnuk = get_gnuk_device()
    gnuk.cmd_verify(BY_ADMIN, passwd)
-    gnuk.cmd_write_binary(1, rsa_raw_pubkey, False)
+    keyno = 0
+    gnuk.cmd_write_binary(1+keyno, rsa_raw_pubkey, False)

    gnuk.cmd_select_openpgp()
    challenge = gnuk.cmd_get_challenge()
    digestinfo = binascii.unhexlify(SHA256_OID_PREFIX) + challenge
    signed = rsa.compute_signature(rsa_key, digestinfo)
    signed_bytes = rsa.integer_to_bytes_256(signed)
-    gnuk.cmd_external_authenticate(signed_bytes)
+    gnuk.cmd_external_authenticate(keyno, signed_bytes)
    gnuk.stop_gnuk()
    mem_info = gnuk.mem_info()
    print "%08x:%08x" % mem_info