always enable keygen
This commit is contained in:
NIIBE Yutaka
10
ChangeLog
10
ChangeLog
@@ -1,3 +1,13 @@
|
||||
2015-07-18 Niibe Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/configure (keygen): It's always enabled.
|
||||
* src/openpgp-do.c (gpg_do_keygen): Support key generation.
|
||||
* src/openpgp.c (cmd_pgp_gakp): Likewise.
|
||||
* src/call-rsa.c (rsa_genkey): Likewise.
|
||||
* src/random.c (random_gen): Likewise.
|
||||
* src/Makefile.in (KEYGEN_SUPPORT): Remove.
|
||||
* polarssl/include/polarssl/config.h (POLARSSL_GENPRIME): Define.
|
||||
|
||||
2015-07-16 Niibe Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/configure (FLASH_PAGE_SIZE, FLASH_SIZE, MEMORY_SIZE)
|
||||
|
||||
@@ -209,9 +209,7 @@
|
||||
*
|
||||
* Enable the RSA prime-number generation code.
|
||||
*/
|
||||
#ifdef KEYGEN_SUPPORT
|
||||
#define POLARSSL_GENPRIME
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \def POLARSSL_FS_IO
|
||||
|
||||
@@ -55,7 +55,7 @@ OBJCOPY = $(CROSS)objcopy
|
||||
MCU = cortex-m3
|
||||
CWARN = -Wall -Wextra -Wstrict-prototypes
|
||||
# DEFS: Add
|
||||
DEFS = @KEYGEN_SUPPORT@ @HAVE_SYS_H@
|
||||
DEFS = @HAVE_SYS_H@
|
||||
OPT = -O3 -Os -g
|
||||
LIBS =
|
||||
|
||||
|
||||
@@ -204,7 +204,6 @@ rsa_verify (const uint8_t *pubkey, int pubkey_len,
|
||||
|
||||
#define RSA_EXPONENT 0x10001
|
||||
|
||||
#ifdef KEYGEN_SUPPORT
|
||||
uint8_t *
|
||||
rsa_genkey (int pubkey_len)
|
||||
{
|
||||
@@ -245,4 +244,3 @@ rsa_genkey (int pubkey_len)
|
||||
else
|
||||
return p_q_modulus;
|
||||
}
|
||||
#endif
|
||||
|
||||
20
src/configure
vendored
20
src/configure
vendored
@@ -30,7 +30,6 @@ debug=no
|
||||
sys1_compat=yes
|
||||
pinpad=no
|
||||
certdo=no
|
||||
keygen=no
|
||||
hid_card_change=no
|
||||
|
||||
# Revision number
|
||||
@@ -68,10 +67,6 @@ for option; do
|
||||
certdo=yes ;;
|
||||
--disable-certdo)
|
||||
certdo=no ;;
|
||||
--enable-keygen)
|
||||
keygen=yes ;;
|
||||
--disable-keygen)
|
||||
keygen=no ;;
|
||||
--enable-hid-card-change)
|
||||
hid_card_change=yes ;;
|
||||
--disable-hid-card-change)
|
||||
@@ -115,7 +110,6 @@ Configuration:
|
||||
--enable-pinpad=cir
|
||||
PIN entry support [no]
|
||||
--enable-certdo support CERT.3 data object [no]
|
||||
--enable-keygen support key generation [no]
|
||||
--enable-sys1-compat enable SYS 1.0 compatibility [yes]
|
||||
executable is target dependent
|
||||
--disable-sys1-compat disable SYS 1.0 compatibility [no]
|
||||
@@ -228,15 +222,6 @@ else
|
||||
echo "CERT.3 Data Object is NOT supported"
|
||||
fi
|
||||
|
||||
# --enable-keygen option
|
||||
if test "$keygen" = "yes"; then
|
||||
KEYGEN_SUPPORT="-DKEYGEN_SUPPORT"
|
||||
echo "Key generation on device is supported"
|
||||
else
|
||||
KEYGEN_SUPPORT=""
|
||||
echo "Key generation on device is NOT supported"
|
||||
fi
|
||||
|
||||
# --enable-hid-card-change option
|
||||
if test "$hid_card_change" = "yes"; then
|
||||
HID_CARD_CHANGE_DEFINE="#define HID_CARD_CHANGE_SUPPORT 1"
|
||||
@@ -253,7 +238,7 @@ SERIALNO_STR_LEN_DEFINE="#define SERIALNO_STR_LEN ${#SERIALNO}"
|
||||
|
||||
|
||||
if test "$sys1_compat" = "yes"; then
|
||||
CONFIG="$target:dfu=$with_dfu:debug=$debug:pinpad=$pinpad:certdo=$certdo:keygen=$keygen"
|
||||
CONFIG="$target:dfu=$with_dfu:debug=$debug:pinpad=$pinpad:certdo=$certdo"
|
||||
else
|
||||
if test "$with_dfu" = "yes"; then
|
||||
echo "Common binary can't support DFU loader, don't use --with-dfu."
|
||||
@@ -263,7 +248,7 @@ else
|
||||
FLASH_PAGE_SIZE=2048
|
||||
FLASH_SIZE=128
|
||||
MEMORY_SIZE=20
|
||||
CONFIG="common:debug=$debug:pinpad=$pinpad:certdo=$certdo:keygen=$keygen"
|
||||
CONFIG="common:debug=$debug:pinpad=$pinpad:certdo=$certdo"
|
||||
fi
|
||||
|
||||
output_vid_pid_version () {
|
||||
@@ -345,7 +330,6 @@ fi
|
||||
sed -e "s%@HAVE_SYS_H@%$have_sys_h%" \
|
||||
-e "s%@DEBUG_MAKE_OPTION@%$DEBUG_MAKE_OPTION%" \
|
||||
-e "s%@PINPAD_MAKE_OPTION@%$PINPAD_MAKE_OPTION%" \
|
||||
-e "s%@KEYGEN_SUPPORT@%$KEYGEN_SUPPORT%" \
|
||||
-e "s%@HEXOUTPUT_MAKE_OPTION@%$HEXOUTPUT_MAKE_OPTION%" \
|
||||
< Makefile.in > Makefile
|
||||
if test "$certdo" = "yes"; then
|
||||
|
||||
@@ -2030,7 +2030,6 @@ gpg_do_write_simple (uint8_t nr, const uint8_t *data, int size)
|
||||
*do_data_p = NULL;
|
||||
}
|
||||
|
||||
#ifdef KEYGEN_SUPPORT
|
||||
void
|
||||
gpg_do_keygen (uint8_t kk_byte)
|
||||
{
|
||||
@@ -2088,4 +2087,3 @@ gpg_do_keygen (uint8_t kk_byte)
|
||||
|
||||
gpg_do_public_key (kk_byte);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -620,12 +620,7 @@ cmd_pgp_gakp (void)
|
||||
{
|
||||
if (!ac_check_status (AC_ADMIN_AUTHORIZED))
|
||||
GPG_SECURITY_FAILURE ();
|
||||
#ifdef KEYGEN_SUPPORT
|
||||
/* Generate key pair */
|
||||
gpg_do_keygen (apdu.cmd_apdu_data[0]);
|
||||
#else
|
||||
GPG_FUNCTION_NOT_SUPPORTED ();
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
/*
|
||||
* random.c -- get random bytes
|
||||
*
|
||||
* Copyright (C) 2010, 2011, 2012, 2013 Free Software Initiative of Japan
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2015
|
||||
* Free Software Initiative of Japan
|
||||
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
||||
*
|
||||
* This file is a part of Gnuk, a GnuPG USB Token implementation.
|
||||
@@ -24,8 +25,6 @@
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include "gnuk.h"
|
||||
#include "neug.h"
|
||||
|
||||
@@ -85,7 +84,6 @@ random_get_salt (uint8_t *p)
|
||||
}
|
||||
|
||||
|
||||
#ifdef KEYGEN_SUPPORT
|
||||
/*
|
||||
* Random byte iterator
|
||||
*/
|
||||
@@ -120,4 +118,3 @@ random_gen (void *arg, unsigned char *out, size_t out_len)
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user