Change for firmware upgrade and ack-button.

ChangeLog

@@ -1,5 +1,11 @@
 2019-02-22  NIIBE Yutaka  <gniibe@fsij.org>
 
+	* tool/gnuk_get_random.py: New.
+
+	* src/openpgp.c (cmd_external_authenticate): move
+	ACKBTN_SUPPORT to...
+	(cmd_get_challenge): ... here.
+
 	* src/gnuk.h (EV_*): Change the values.
 
 	* src/usb-ccid.c (GPG_ACK_TIMEOUT): New.

src/openpgp.c

@@ -2,6 +2,7 @@
  * openpgp.c -- OpenPGP card protocol support
  *
  * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018
+ *               2019
  *               Free Software Initiative of Japan
  * Author: NIIBE Yutaka <gniibe@fsij.org>
  *
@@ -1388,13 +1389,6 @@ cmd_external_authenticate (struct eventflag *ccid_comm)
       return;
     }
 
-#ifdef ACKBTN_SUPPORT
-  if (gpg_do_get_uif (GPG_KEY_FOR_SIGNING)
-      || gpg_do_get_uif (GPG_KEY_FOR_DECRYPTION)
-      || gpg_do_get_uif (GPG_KEY_FOR_AUTHENTICATION))
-    eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED);
-#endif
-
   r = rsa_verify (pubkey, FIRMWARE_UPDATE_KEY_CONTENT_LEN,
 		  challenge, signature);
   random_bytes_free (challenge);
@@ -1432,6 +1426,13 @@ cmd_get_challenge (struct eventflag *ccid_comm)
   if (challenge)
     random_bytes_free (challenge);
 
+#ifdef ACKBTN_SUPPORT
+  if (gpg_do_get_uif (GPG_KEY_FOR_SIGNING)
+      || gpg_do_get_uif (GPG_KEY_FOR_DECRYPTION)
+      || gpg_do_get_uif (GPG_KEY_FOR_AUTHENTICATION))
+    eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED);
+#endif
+
   challenge = random_bytes_get ();
   memcpy (res_APDU, challenge, len);
   res_APDU_size = len;

tool/gnuk_get_random.py

@@ -0,0 +1,15 @@
+#! /usr/bin/python3
+
+from gnuk_token import get_gnuk_device, gnuk_token
+from binascii import hexlify
+import sys
+
+if __name__ == '__main__':
+    gnuk = get_gnuk_device()
+    gnuk.cmd_select_openpgp()
+    looping = (len(sys.argv) > 1)
+    while True:
+        challenge = gnuk.cmd_get_challenge().tostring()
+        print(hexlify(challenge))
+        if not looping:
+            break