diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2022-05-11 11:16:26 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-05-11 11:16:26 +0900 |
| commit | 53eddf9b9ea01210f71b851b5cb92a5f1cdb6f7d (patch) | |
| tree | 0a9cc778a40ea29c6e73ff08c88a4a175c0877bf | |
| parent | 5e5df82b5f2875e839a5c18273527bc91e16174e (diff) | |
scd: Fail when no good algorithm attribute.
* scd/app-openpgp.c (parse_algorithm_attribute): Return the error.
(change_keyattr): Follow the change.
(app_select_openpgp): Handle the error of parse_algorithm_attribute.
--
This change allows following invocation of app_select_openpgp, which
may work well (if the problem is device side for initial connection).
GnuPG-bug-id: 5963
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
| -rw-r--r-- | scd/app-openpgp.c | 49 |
1 files changed, 30 insertions, 19 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 3cf2aacae..08c9d71ac 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -280,7 +280,7 @@ static gpg_error_t do_auth (app_t app, ctrl_t ctrl, const char *keyidstr, unsigned char **outdata, size_t *outdatalen); static const char *get_algorithm_attribute_string (const unsigned char *buffer, size_t buflen); -static void parse_algorithm_attribute (app_t app, int keyno); +static gpg_error_t parse_algorithm_attribute (app_t app, int keyno); static gpg_error_t change_keyattr_from_string (app_t app, ctrl_t ctrl, gpg_error_t (*pincb)(void*, const char *, char **), @@ -424,7 +424,7 @@ get_cached_data (app_t app, int tag, { p = xtrymalloc (c->length); if (!p) - return gpg_error (gpg_err_code_from_errno (errno)); + return gpg_error_from_syserror (); memcpy (p, c->data, c->length); *result = p; } @@ -3940,7 +3940,7 @@ change_keyattr (app_t app, ctrl_t ctrl, else log_info ("key attribute of OPENPGP.%d changed\n", keyno+1); flush_cache (app); - parse_algorithm_attribute (app, keyno); + err = parse_algorithm_attribute (app, keyno); app->did_chv1 = 0; app->did_chv2 = 0; app->did_chv3 = 0; @@ -6158,7 +6158,7 @@ get_algorithm_attribute_string (const unsigned char *buffer, /* Parse and optionally show the algorithm attributes for KEYNO. KEYNO must be in the range 0..2. */ -static void +static gpg_error_t parse_algorithm_attribute (app_t app, int keyno) { unsigned char *buffer; @@ -6168,6 +6168,7 @@ parse_algorithm_attribute (app_t app, int keyno) enum gcry_pk_algos galgo; unsigned int nbits; const char *curve; + gpg_error_t err = 0; log_assert (keyno >=0 && keyno <= 2); @@ -6178,13 +6179,13 @@ parse_algorithm_attribute (app_t app, int keyno) if (!relptr) { log_error ("error reading DO 0x%02X\n", 0xc1+keyno); - return; + return gpg_error (GPG_ERR_CARD); } if (buflen < 1) { log_error ("error reading DO 0x%02X\n", 0xc1+keyno); xfree (relptr); - return; + return gpg_error (GPG_ERR_CARD); } if (opt.verbose) @@ -6238,7 +6239,10 @@ parse_algorithm_attribute (app_t app, int keyno) curve = ecc_curve (buffer + 1, oidlen); if (!curve) - log_printhex (buffer+1, buflen-1, "Curve with OID not supported: "); + { + log_printhex (buffer+1, buflen-1, "Curve with OID not supported: "); + err = gpg_error (GPG_ERR_CARD); + } else { app->app_local->keyattr[keyno].key_type = KEY_TYPE_ECC; @@ -6268,6 +6272,7 @@ parse_algorithm_attribute (app_t app, int keyno) desc[keyno], app->app_local->keyattr[keyno].keyalgo); xfree (relptr); + return err; } @@ -6338,16 +6343,16 @@ gpg_error_t app_select_openpgp (app_t app) { int slot = app_get_slot (app); - int rc; + gpg_error_t err; unsigned char *buffer; size_t buflen; void *relptr; /* Note that the card can't cope with P2=0xCO, thus we need to pass a special flag value. */ - rc = iso7816_select_application (slot, - openpgp_aid, sizeof openpgp_aid, 0x0001); - if (!rc) + err = iso7816_select_application (slot, + openpgp_aid, sizeof openpgp_aid, 0x0001); + if (!err) { unsigned int manufacturer; @@ -6363,8 +6368,8 @@ app_select_openpgp (app_t app) replace a possibly already set one from a EF.GDO with this one. Note, that for current OpenPGP cards, no EF.GDO exists and thus it won't matter at all. */ - rc = iso7816_get_data (slot, 0, 0x004F, &buffer, &buflen); - if (rc) + err = iso7816_get_data (slot, 0, 0x004F, &buffer, &buflen); + if (err) goto leave; if (opt.verbose) { @@ -6398,7 +6403,7 @@ app_select_openpgp (app_t app) app->app_local = xtrycalloc (1, sizeof *app->app_local); if (!app->app_local) { - rc = gpg_error (gpg_err_code_from_errno (errno)); + err = gpg_error_from_syserror (); goto leave; } @@ -6432,6 +6437,7 @@ app_select_openpgp (app_t app) { log_error (_("can't access %s - invalid OpenPGP card?\n"), "CHV Status Bytes"); + err = gpg_error (GPG_ERR_CARD); goto leave; } app->force_chv1 = (buflen && *buffer == 0); @@ -6443,6 +6449,7 @@ app_select_openpgp (app_t app) { log_error (_("can't access %s - invalid OpenPGP card?\n"), "Extended Capability Flags" ); + err = gpg_error (GPG_ERR_CARD); goto leave; } if (buflen) @@ -6493,9 +6500,13 @@ app_select_openpgp (app_t app) if (opt.verbose) show_caps (app->app_local); - parse_algorithm_attribute (app, 0); - parse_algorithm_attribute (app, 1); - parse_algorithm_attribute (app, 2); + err = parse_algorithm_attribute (app, 0); + if (!err) + err = parse_algorithm_attribute (app, 1); + if (!err) + err = parse_algorithm_attribute (app, 2); + if (err) + goto leave; if (opt.verbose > 1) dump_all_do (slot); @@ -6524,7 +6535,7 @@ app_select_openpgp (app_t app) } leave: - if (rc) + if (err) do_deinit (app); - return rc; + return err; } |