mirror of
https://salsa.debian.org/gnuk-team/gnuk/gnuk.git
synced 2024-09-20 02:40:08 +00:00
Change for firmware upgrade and ack-button.
This commit is contained in:
parent
aedf8267ec
commit
940332c47f
@ -1,5 +1,11 @@
|
||||
2019-02-22 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* tool/gnuk_get_random.py: New.
|
||||
|
||||
* src/openpgp.c (cmd_external_authenticate): move
|
||||
ACKBTN_SUPPORT to...
|
||||
(cmd_get_challenge): ... here.
|
||||
|
||||
* src/gnuk.h (EV_*): Change the values.
|
||||
|
||||
* src/usb-ccid.c (GPG_ACK_TIMEOUT): New.
|
||||
|
@ -2,6 +2,7 @@
|
||||
* openpgp.c -- OpenPGP card protocol support
|
||||
*
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018
|
||||
* 2019
|
||||
* Free Software Initiative of Japan
|
||||
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
||||
*
|
||||
@ -1388,13 +1389,6 @@ cmd_external_authenticate (struct eventflag *ccid_comm)
|
||||
return;
|
||||
}
|
||||
|
||||
#ifdef ACKBTN_SUPPORT
|
||||
if (gpg_do_get_uif (GPG_KEY_FOR_SIGNING)
|
||||
|| gpg_do_get_uif (GPG_KEY_FOR_DECRYPTION)
|
||||
|| gpg_do_get_uif (GPG_KEY_FOR_AUTHENTICATION))
|
||||
eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED);
|
||||
#endif
|
||||
|
||||
r = rsa_verify (pubkey, FIRMWARE_UPDATE_KEY_CONTENT_LEN,
|
||||
challenge, signature);
|
||||
random_bytes_free (challenge);
|
||||
@ -1432,6 +1426,13 @@ cmd_get_challenge (struct eventflag *ccid_comm)
|
||||
if (challenge)
|
||||
random_bytes_free (challenge);
|
||||
|
||||
#ifdef ACKBTN_SUPPORT
|
||||
if (gpg_do_get_uif (GPG_KEY_FOR_SIGNING)
|
||||
|| gpg_do_get_uif (GPG_KEY_FOR_DECRYPTION)
|
||||
|| gpg_do_get_uif (GPG_KEY_FOR_AUTHENTICATION))
|
||||
eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED);
|
||||
#endif
|
||||
|
||||
challenge = random_bytes_get ();
|
||||
memcpy (res_APDU, challenge, len);
|
||||
res_APDU_size = len;
|
||||
|
15
tool/gnuk_get_random.py
Executable file
15
tool/gnuk_get_random.py
Executable file
@ -0,0 +1,15 @@
|
||||
#! /usr/bin/python3
|
||||
|
||||
from gnuk_token import get_gnuk_device, gnuk_token
|
||||
from binascii import hexlify
|
||||
import sys
|
||||
|
||||
if __name__ == '__main__':
|
||||
gnuk = get_gnuk_device()
|
||||
gnuk.cmd_select_openpgp()
|
||||
looping = (len(sys.argv) > 1)
|
||||
while True:
|
||||
challenge = gnuk.cmd_get_challenge().tostring()
|
||||
print(hexlify(challenge))
|
||||
if not looping:
|
||||
break
|
Loading…
Reference in New Issue
Block a user