diff --git a/openpgp-card/src/apdu/commands.rs b/openpgp-card/src/apdu/commands.rs index d67400d..320c717 100644 --- a/openpgp-card/src/apdu/commands.rs +++ b/openpgp-card/src/apdu/commands.rs @@ -61,8 +61,8 @@ pub(crate) fn cardholder_certificate() -> Command { get_data(&[0x7F, 0x21]) } -/// GET DO "List of supported Algorithm attributes" -pub(crate) fn algo_list() -> Command { +/// GET DO "Algorithm Information" +pub(crate) fn algo_info() -> Command { get_data(&[0xFA]) } diff --git a/openpgp-card/src/card_app.rs b/openpgp-card/src/card_app.rs index 8e8638b..7125cb8 100644 --- a/openpgp-card/src/card_app.rs +++ b/openpgp-card/src/card_app.rs @@ -222,7 +222,7 @@ impl CardApp { pub fn algorithm_information(&mut self) -> Result> { let resp = apdu::send_command( self.card_client(), - commands::algo_list(), + commands::algo_info(), true, )?; resp.check_ok()?; @@ -798,13 +798,13 @@ impl CardApp { key: Box, key_type: KeyType, ) -> Result<(), Error> { - let algo_list = self.algorithm_information(); + let algo_info = self.algorithm_information(); // An error is ok - it's fine if a card doesn't offer a list of // supported algorithms - let algo_list = algo_list.unwrap_or(None); + let algo_info = algo_info.unwrap_or(None); - keys::key_import(self, key, key_type, algo_list) + keys::key_import(self, key, key_type, algo_info) } /// Generate a key on the card. diff --git a/openpgp-card/src/keys.rs b/openpgp-card/src/keys.rs index 9b7be8b..08c6dec 100644 --- a/openpgp-card/src/keys.rs +++ b/openpgp-card/src/keys.rs @@ -180,7 +180,7 @@ pub(crate) fn key_import( card_app: &mut CardApp, key: Box, key_type: KeyType, - algo_list: Option, + algo_info: Option, ) -> Result<(), Error> { // FIXME: caching? let ard = card_app.application_related_data()?; @@ -192,7 +192,7 @@ pub(crate) fn key_import( let rsa_bits = (((rsa_key.n().len() * 8 + 31) / 32) * 32) as u16; let rsa_attrs = - determine_rsa_attrs(rsa_bits, key_type, &ard, algo_list)?; + determine_rsa_attrs(rsa_bits, key_type, &ard, algo_info)?; let key_cmd = rsa_key_import_cmd(key_type, rsa_key, &rsa_attrs)?; @@ -203,7 +203,7 @@ pub(crate) fn key_import( ecc_key.oid(), ecc_key.ecc_type(), key_type, - algo_list, + algo_info, )?; let key_cmd = ecc_key_import_cmd(key_type, ecc_key, &ecc_attrs)?; @@ -232,22 +232,22 @@ pub(crate) fn key_import( /// Determine suitable RsaAttrs for the current card, for an `rsa_bits` /// sized key. /// -/// If available, via lookup in `algo_list`, otherwise the current +/// If available, via lookup in `algo_info`, otherwise the current /// algorithm attributes are checked. If neither method yields a /// result, we 'guess' the RsaAttrs setting. pub(crate) fn determine_rsa_attrs( rsa_bits: u16, key_type: KeyType, ard: &ApplicationRelatedData, - algo_list: Option, + algo_info: Option, ) -> Result { // Figure out suitable RSA algorithm parameters: // Does the card offer a list of algorithms? - let rsa_attrs = if let Some(algo_list) = algo_list { + let rsa_attrs = if let Some(algo_info) = algo_info { // Yes -> Look up the parameters for key_type and rsa_bits. // (Or error, if the list doesn't have an entry for rsa_bits) - card_algo_rsa(algo_list, key_type, rsa_bits)? + card_algo_rsa(algo_info, key_type, rsa_bits)? } else { // No -> Get the current algorithm attributes for key_type. @@ -278,20 +278,20 @@ pub(crate) fn determine_rsa_attrs( } /// Derive EccAttrs from `oid` and `ecc_type`, check if the OID is listed in -/// algo_list. +/// `algo_info`. pub(crate) fn determine_ecc_attrs( oid: &[u8], ecc_type: EccType, key_type: KeyType, - algo_list: Option, + algo_info: Option, ) -> Result { - // If we have an algo_list, refuse upload if oid is not listed - if let Some(algo_list) = algo_list { - let algos = check_card_algo_ecc(algo_list, key_type, oid); + // If we have an algo_info, refuse upload if oid is not listed + if let Some(algo_info) = algo_info { + let algos = check_card_algo_ecc(algo_info, key_type, oid); if algos.is_empty() { - // If oid is not in algo_list, return error. + // If oid is not in algo_info, return error. return Err(anyhow!( - "Oid {:?} unsupported according to algo_list", + "Oid {:?} unsupported according to algo_info", oid )); } @@ -313,22 +313,22 @@ pub(crate) fn determine_ecc_attrs( } } - // Return a default when we have no algo_list. - // (Do cards that support ecc but have no algo_list exist?) + // Return a default when we have no algo_info. + // (Do cards that support ecc but have no algo_info exist?) Ok(EccAttrs::new(ecc_type, Curve::try_from(oid)?, None)) } -/// Look up RsaAttrs parameters in algo_list based on key_type and rsa_bits +/// Look up RsaAttrs parameters in algo_info based on key_type and rsa_bits fn card_algo_rsa( - algo_list: AlgoInfo, + algo_info: AlgoInfo, key_type: KeyType, rsa_bits: u16, ) -> Result { // Find suitable algorithm parameters (from card's list of algorithms). // Get Algos for this keytype - let keytype_algos: Vec<_> = algo_list.filter_by_keytype(key_type); + let keytype_algos: Vec<_> = algo_info.filter_by_keytype(key_type); // Get RSA algo attributes let rsa_algos: Vec<_> = keytype_algos .iter() @@ -349,25 +349,25 @@ fn card_algo_rsa( // Using the last option happens to work better, in that case. Ok((**algo.last().unwrap()).clone()) } else { - // RSA with this bit length is not in algo_list + // RSA with this bit length is not in algo_info return Err(anyhow!( - "RSA {} unsupported according to algo_list", + "RSA {} unsupported according to algo_info", rsa_bits ) .into()); } } -/// Get all entries from algo_list with matching `oid` and `key_type`. +/// Get all entries from algo_info with matching `oid` and `key_type`. fn check_card_algo_ecc( - algo_list: AlgoInfo, + algo_info: AlgoInfo, key_type: KeyType, oid: &[u8], ) -> Vec { // Find suitable algorithm parameters (from card's list of algorithms). // Get Algos for this keytype - let keytype_algos: Vec<_> = algo_list.filter_by_keytype(key_type); + let keytype_algos: Vec<_> = algo_info.filter_by_keytype(key_type); // Get attributes let ecc_algos: Vec<_> = keytype_algos