diff --git a/ChangeLog b/ChangeLog index 0c5011e..74d4008 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,12 @@ 2010-12-08 NIIBE Yutaka + * src/gnuk.h (AC_OTHER_AUTHORIZED): Renamed (was: + AC_PSO_OTHER_AUTHORIZED). + * src/ac.c (ac_reset_other): Renamed (was: ac_reset_pso_other). + (verify_other): Renamed (was: verify_pso_other). + (ac_reset_admin): New. + * src/openpgp.c (cmd_change_password): Call ac_reset_admin. + * src/main.c (main): Don't create GPGThread here. * src/usb-icc.c (icc_power_on): But create here, when requested. (icc_power_off): Terminate GPGThread. diff --git a/src/ac.c b/src/ac.c index 4dd7357..6f8c0fe 100644 --- a/src/ac.c +++ b/src/ac.c @@ -49,11 +49,11 @@ ac_reset_pso_cds (void) } void -ac_reset_pso_other (void) +ac_reset_other (void) { gpg_do_clear_prvkey (GPG_KEY_FOR_DECRYPTION); gpg_do_clear_prvkey (GPG_KEY_FOR_AUTHENTICATION); - auth_status &= ~AC_PSO_OTHER_AUTHORIZED; + auth_status &= ~AC_OTHER_AUTHORIZED; } /* @@ -86,12 +86,12 @@ verify_pso_cds (const uint8_t *pw, int pw_len) } int -verify_pso_other (const uint8_t *pw, int pw_len) +verify_other (const uint8_t *pw, int pw_len) { const uint8_t *ks_pw1; uint8_t pw1_keystring[KEYSTRING_SIZE_PW1]; - DEBUG_INFO ("verify_pso_other\r\n"); + DEBUG_INFO ("verify_other\r\n"); if (gpg_passwd_locked (PW_ERR_PW1)) return 0; @@ -112,7 +112,7 @@ verify_pso_other (const uint8_t *pw, int pw_len) /* Reset counter as it's success now */ gpg_reset_pw_err_counter (PW_ERR_PW1); - auth_status |= AC_PSO_OTHER_AUTHORIZED; + auth_status |= AC_OTHER_AUTHORIZED; return 1; } else @@ -198,7 +198,8 @@ verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known) else /* For empty PW3, pass phrase should be OPENPGP_CARD_INITIAL_PW3 */ { - if ((pw_len_known >=0 && pw_len_known != strlen (OPENPGP_CARD_INITIAL_PW3)) + if ((pw_len_known >=0 + && pw_len_known != strlen (OPENPGP_CARD_INITIAL_PW3)) || buf_len < (int)strlen (OPENPGP_CARD_INITIAL_PW3) || strncmp ((const char *)pw, OPENPGP_CARD_INITIAL_PW3, strlen (OPENPGP_CARD_INITIAL_PW3)) != 0) @@ -244,9 +245,18 @@ verify_admin (const uint8_t *pw, int pw_len) return 1; } +void +ac_reset_admin (void) +{ + memset (keystring_md_pw3, 0, KEYSTRING_MD_SIZE); + auth_status &= ~AC_ADMIN_AUTHORIZED; +} + void ac_fini (void) { auth_status = AC_NONE_AUTHORIZED; - memset (keystring_md_pw3, 0, KEYSTRING_MD_SIZE); + gpg_do_clear_prvkey (GPG_KEY_FOR_SIGNING); + gpg_do_clear_prvkey (GPG_KEY_FOR_DECRYPTION); + gpg_do_clear_prvkey (GPG_KEY_FOR_AUTHENTICATION); } diff --git a/src/gnuk.h b/src/gnuk.h index 4078b28..12b0cc0 100644 --- a/src/gnuk.h +++ b/src/gnuk.h @@ -53,7 +53,7 @@ extern uint8_t icc_buffer[USB_BUF_SIZE]; #define AC_NONE_AUTHORIZED 0x00 #define AC_PSO_CDS_AUTHORIZED 0x01 /* PW1 with 0x81 verified */ -#define AC_PSO_OTHER_AUTHORIZED 0x02 /* PW1 with 0x82 verified */ +#define AC_OTHER_AUTHORIZED 0x02 /* PW1 with 0x82 verified */ #define AC_ADMIN_AUTHORIZED 0x04 /* PW3 verified */ #define AC_NEVER 0x80 #define AC_ALWAYS 0xFF @@ -67,12 +67,13 @@ extern void gpg_increment_pw_err_counter (uint8_t which); extern int ac_check_status (uint8_t ac_flag); extern int verify_pso_cds (const uint8_t *pw, int pw_len); -extern int verify_pso_other (const uint8_t *pw, int pw_len); +extern int verify_other (const uint8_t *pw, int pw_len); extern int verify_admin (const uint8_t *pw, int pw_len); extern int verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known); extern void ac_reset_pso_cds (void); -extern void ac_reset_pso_other (void); +extern void ac_reset_other (void); +extern void ac_reset_admin (void); extern void ac_fini (void); diff --git a/src/main.c b/src/main.c index 70319e8..6a668a4 100644 --- a/src/main.c +++ b/src/main.c @@ -188,10 +188,12 @@ main (int argc, char **argv) /* * Creates 'stdout' thread. */ - chThdCreateStatic (waSTDOUTthread, sizeof(waSTDOUTthread), NORMALPRIO, STDOUTthread, NULL); + chThdCreateStatic (waSTDOUTthread, sizeof(waSTDOUTthread), + NORMALPRIO, STDOUTthread, NULL); #endif - chThdCreateStatic (waUSBthread, sizeof(waUSBthread), NORMALPRIO, USBthread, NULL); + chThdCreateStatic (waUSBthread, sizeof(waUSBthread), + NORMALPRIO, USBthread, NULL); while (1) { diff --git a/src/openpgp-do.c b/src/openpgp-do.c index aa0cb04..abb481e 100644 --- a/src/openpgp-do.c +++ b/src/openpgp-do.c @@ -154,8 +154,10 @@ static const uint8_t extended_capabilities[] __attribute__ ((aligned (1))) = { 0, /* Secure Messaging Algorithm: N/A (TDES=0, AES=1) */ 0x00, 0x00, /* Max get challenge */ 0x00, 0x00, /* max. length of cardholder certificate */ - (MAX_CMD_APDU_SIZE>>8), (MAX_CMD_APDU_SIZE&0xff), /* Max. length of command data */ - (MAX_RES_APDU_SIZE>>8), (MAX_RES_APDU_SIZE&0xff), /* Max. length of response data */ + /* Max. length of command data */ + (MAX_CMD_APDU_SIZE>>8), (MAX_CMD_APDU_SIZE&0xff), + /* Max. length of response data */ + (MAX_RES_APDU_SIZE>>8), (MAX_RES_APDU_SIZE&0xff), }; /* Algorithm Attributes */ @@ -694,7 +696,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len, if (kk == GPG_KEY_FOR_SIGNING) ac_reset_pso_cds (); else - ac_reset_pso_other (); + ac_reset_other (); if (ks_pw1) encrypt (ks_pw1+1, pd->dek_encrypted_1, DATA_ENCRYPTION_KEY_SIZE); @@ -762,7 +764,8 @@ gpg_do_chks_prvkey (enum kind_of_key kk, return -1; memcpy (pd, &(do_data)[1], sizeof (struct prvkey_data)); - dek_p = ((uint8_t *)pd) + 4 + ADDITIONAL_DATA_SIZE + DATA_ENCRYPTION_KEY_SIZE * (who_old - 1); + dek_p = ((uint8_t *)pd) + 4 + ADDITIONAL_DATA_SIZE + + DATA_ENCRYPTION_KEY_SIZE * (who_old - 1); memcpy (dek, dek_p, DATA_ENCRYPTION_KEY_SIZE); decrypt (old_ks, dek, DATA_ENCRYPTION_KEY_SIZE); encrypt (new_ks, dek, DATA_ENCRYPTION_KEY_SIZE); @@ -904,7 +907,8 @@ gpg_do_table[] = { { GPG_DO_CH_CERTIFICATE, DO_PROC_READWRITE, AC_NEVER, AC_NEVER, NULL }, }; -#define NUM_DO_ENTRIES (int)(sizeof (gpg_do_table) / sizeof (struct do_table_entry)) +#define NUM_DO_ENTRIES (int)(sizeof (gpg_do_table) \ + / sizeof (struct do_table_entry)) /* * Reading data from Flash ROM, initialize DO_PTR, PW_ERR_COUNTERS, etc. diff --git a/src/openpgp.c b/src/openpgp.c index a7ed79a..3ea6c29 100644 --- a/src/openpgp.c +++ b/src/openpgp.c @@ -91,7 +91,6 @@ static void gpg_fini (void) { ac_fini (); - memset ((void *)kd, 0, sizeof (struct key_data)*3); } static void @@ -115,7 +114,7 @@ cmd_verify (void) if (p2 == 0x81) r = verify_pso_cds (&cmd_APDU[data_start], len); else if (p2 == 0x82) - r = verify_pso_other (&cmd_APDU[data_start], len); + r = verify_other (&cmd_APDU[data_start], len); else r = verify_admin (&cmd_APDU[data_start], len); @@ -275,7 +274,7 @@ cmd_change_password (void) { gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); ac_reset_pso_cds (); - ac_reset_pso_other (); + ac_reset_other (); gpg_reset_pw_err_counter (PW_ERR_PW1); DEBUG_INFO ("Changed DO_KEYSTRING_PW1.\r\n"); GPG_SUCCESS (); @@ -284,7 +283,7 @@ cmd_change_password (void) { gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, 1); ac_reset_pso_cds (); - ac_reset_pso_other (); + ac_reset_other (); gpg_reset_pw_err_counter (PW_ERR_PW1); DEBUG_INFO ("Changed length of DO_KEYSTRING_PW1.\r\n"); GPG_SUCCESS (); @@ -292,6 +291,7 @@ cmd_change_password (void) else /* r >= 0 && who == BY_ADMIN */ { DEBUG_INFO ("done.\r\n"); + ac_reset_admin (); gpg_reset_pw_err_counter (PW_ERR_PW3); GPG_SUCCESS (); } @@ -361,9 +361,10 @@ cmd_reset_user_password (void) if (memcmp (ks_rc+1, old_ks, KEYSTRING_MD_SIZE) != 0) goto sec_fail; DEBUG_INFO ("done (no prvkey).\r\n"); - gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); + gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, + KEYSTRING_SIZE_PW1); ac_reset_pso_cds (); - ac_reset_pso_other (); + ac_reset_other (); gpg_reset_pw_err_counter (PW_ERR_RC); gpg_reset_pw_err_counter (PW_ERR_PW1); GPG_SUCCESS (); @@ -372,7 +373,7 @@ cmd_reset_user_password (void) { DEBUG_INFO ("done.\r\n"); ac_reset_pso_cds (); - ac_reset_pso_other (); + ac_reset_other (); gpg_reset_pw_err_counter (PW_ERR_RC); gpg_reset_pw_err_counter (PW_ERR_PW1); GPG_SUCCESS (); @@ -407,9 +408,10 @@ cmd_reset_user_password (void) else if (r == 0) { DEBUG_INFO ("done (no privkey).\r\n"); - gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, KEYSTRING_SIZE_PW1); + gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, + KEYSTRING_SIZE_PW1); ac_reset_pso_cds (); - ac_reset_pso_other (); + ac_reset_other (); gpg_reset_pw_err_counter (PW_ERR_PW1); GPG_SUCCESS (); } @@ -417,7 +419,7 @@ cmd_reset_user_password (void) { DEBUG_INFO ("done.\r\n"); ac_reset_pso_cds (); - ac_reset_pso_other (); + ac_reset_other (); gpg_reset_pw_err_counter (PW_ERR_PW1); GPG_SUCCESS (); } @@ -583,12 +585,12 @@ cmd_pso (void) return; } - if ((cmd_APDU_size != 8 + 35 && cmd_APDU_size != 8 + 35 + 1) /* SHA1 / RIPEMD-160 */ - && (cmd_APDU_size != 8 + 47 && cmd_APDU_size != 8 + 47 + 1) /* SHA224 */ - && (cmd_APDU_size != 8 + 51 && cmd_APDU_size != 8 + 51 + 1) /* SHA256 */ - && (cmd_APDU_size != 8 + 67 && cmd_APDU_size != 8 + 67 + 1) /* SHA384 */ - && (cmd_APDU_size != 8 + 83 && cmd_APDU_size != 8 + 83 + 1) /* SHA512 */) - /* Extended Lc: 3-byte */ + if (cmd_APDU_size != 7 + 35 + 2 /* SHA1 / RIPEMD-160 */ + /* Header (with Extended Lc)=7, size of digestInfo, and Le=2-byte */ + && cmd_APDU_size != 7 + 47 + 2 /* SHA224 */ + && cmd_APDU_size != 7 + 51 + 2 /* SHA256 */ + && cmd_APDU_size != 7 + 67 + 2 /* SHA384 */ + && cmd_APDU_size != 7 + 83 + 2) /* SHA512 */ { DEBUG_INFO (" wrong length: "); DEBUG_SHORT (cmd_APDU_size); @@ -619,7 +621,7 @@ cmd_pso (void) DEBUG_SHORT (len); if (gpg_passwd_locked (PW_ERR_PW1) - || !ac_check_status (AC_PSO_OTHER_AUTHORIZED)) + || !ac_check_status (AC_OTHER_AUTHORIZED)) { DEBUG_INFO ("security error."); GPG_SECURITY_FAILURE (); @@ -666,7 +668,7 @@ cmd_internal_authenticate (void) DEBUG_SHORT (len); if (gpg_passwd_locked (PW_ERR_PW1) - || !ac_check_status (AC_PSO_OTHER_AUTHORIZED)) + || !ac_check_status (AC_OTHER_AUTHORIZED)) { DEBUG_INFO ("security error."); GPG_SECURITY_FAILURE (); diff --git a/src/usb-icc.c b/src/usb-icc.c index 1b2ca56..e02dfc5 100644 --- a/src/usb-icc.c +++ b/src/usb-icc.c @@ -229,9 +229,9 @@ enum icc_state ICC_STATE_WAIT, /* Waiting APDU */ /* Busy1, Busy2, Busy3, Busy5 */ ICC_STATE_EXECUTE, /* Busy4 */ - ICC_STATE_RECEIVE, /* APDU Received Partially */ - - ICC_STATE_SEND, /* APDU Sent Partially */ /* Not used */ + ICC_STATE_RECEIVE, /* APDU Received Partially */ + /* Not used */ + ICC_STATE_SEND, /* APDU Sent Partially */ }; static enum icc_state icc_state;