turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement next_cardholder_certificate() to read successive cardholder certificates from the card.

Browse source
This commit is contained in:
Heiko Schaefer 2022-05-24 14:24:22 +02:00
parent abd61d5a15
commit 14143ee182
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
3 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
openpgp-card-sequoia/src/card.rs
View file

@ -271,6 +271,14 @@ impl<'a> Open<'a> {
self.opt.security_support_template() self.opt.security_support_template()
} }
/// "GET NEXT DATA" for the DO cardholder certificate.
///
/// Cardholder certificate data for multiple slots can be read from the card by first calling
/// cardholder_certificate(), followed by up to two calls to next_cardholder_certificate().
pub fn next_cardholder_certificate(&mut self) -> Result<Vec<u8>, Error> {
self.opt.next_cardholder_certificate()
}
// DO "Algorithm Information" (0xFA) // DO "Algorithm Information" (0xFA)
pub fn algorithm_information(&mut self) -> Result<Option<AlgoInfo>, Error> { pub fn algorithm_information(&mut self) -> Result<Option<AlgoInfo>, Error> {
// The DO "Algorithm Information" (Tag FA) shall be present if // The DO "Algorithm Information" (Tag FA) shall be present if

5
openpgp-card/src/apdu/commands.rs
View file

@ -62,6 +62,11 @@ pub(crate) fn cardholder_certificate() -> Command {
get_data(Tags::CardholderCertificate) get_data(Tags::CardholderCertificate)
} }
/// GET NEXT DATA for DO "Cardholder certificate"
pub(crate) fn get_next_cardholder_certificate() -> Command {
Command::new(0x00, 0xCC, 0x7f, 0x21, vec![])
}
/// GET DO "Algorithm Information" /// GET DO "Algorithm Information"
pub(crate) fn algo_info() -> Command { pub(crate) fn algo_info() -> Command {
get_data(Tags::AlgorithmInformation) get_data(Tags::AlgorithmInformation)

11
openpgp-card/src/openpgp.rs
View file

@ -149,6 +149,17 @@ impl<'a> OpenPgpTransaction<'a> {
apdu::send_command(self.tx(), cmd, true)?.try_into() apdu::send_command(self.tx(), cmd, true)?.try_into()
} }
/// Call "GET NEXT DATA" for the DO cardholder certificate.
///
/// Cardholder certificate data for multiple slots can be read from the card by first calling
/// cardholder_certificate(), followed by up to two calls to next_cardholder_certificate().
pub fn next_cardholder_certificate(&mut self) -> Result<Vec<u8>, Error> {
log::info!("OpenPgpTransaction: next_cardholder_certificate");
let cmd = commands::get_next_cardholder_certificate();
apdu::send_command(self.tx(), cmd, true)?.try_into()
}
/// Get "Algorithm Information" /// Get "Algorithm Information"
pub fn algorithm_information(&mut self) -> Result<Option<AlgoInfo>, Error> { pub fn algorithm_information(&mut self) -> Result<Option<AlgoInfo>, Error> {
log::info!("OpenPgpTransaction: algorithm_information"); log::info!("OpenPgpTransaction: algorithm_information");