diff --git a/card-functionality/src/tests.rs b/card-functionality/src/tests.rs index 004625d..02c4b18 100644 --- a/card-functionality/src/tests.rs +++ b/card-functionality/src/tests.rs @@ -15,7 +15,7 @@ use sequoia_openpgp::Cert; use openpgp_card; use openpgp_card::algorithm::AlgoSimple; use openpgp_card::card_do::{KeyGenerationTime, Sex}; -use openpgp_card::{CardClient, Error, KeyType, StatusBytes}; +use openpgp_card::{CardTransaction, Error, KeyType, StatusBytes}; use openpgp_card_sequoia::card::Open; use openpgp_card_sequoia::util::{ make_cert, public_key_material_to_key, public_to_fingerprint, @@ -53,7 +53,7 @@ pub enum TestError { /// Run after each "upload keys", if key *was* uploaded (?) pub fn test_decrypt( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), param: &[&str], ) -> Result { assert_eq!( @@ -65,12 +65,12 @@ pub fn test_decrypt( let cert = Cert::from_str(param[0])?; let msg = param[1].to_string(); - card_client.verify_pw1("123456")?; + card_tx.verify_pw1("123456")?; let p = StandardPolicy::new(); let res = openpgp_card_sequoia::util::decrypt( - card_client, + card_tx, &cert, msg.into_bytes(), &p, @@ -84,21 +84,18 @@ pub fn test_decrypt( /// Run after each "upload keys", if key *was* uploaded (?) pub fn test_sign( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), param: &[&str], ) -> Result { assert_eq!(param.len(), 1, "test_sign needs a filename for 'cert'"); - card_client.verify_pw1_for_signing("123456")?; + card_tx.verify_pw1_for_signing("123456")?; let cert = Cert::from_str(param[0])?; let msg = "Hello world, I am signed."; - let sig = openpgp_card_sequoia::util::sign( - card_client, - &cert, - &mut msg.as_bytes(), - )?; + let sig = + openpgp_card_sequoia::util::sign(card_tx, &cert, &mut msg.as_bytes())?; // validate sig assert!(util::verify_sig(&cert, msg.as_bytes(), sig.as_bytes())?); @@ -107,10 +104,10 @@ pub fn test_sign( } fn check_key_upload_metadata( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), meta: &[(String, KeyGenerationTime)], ) -> Result<()> { - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; // check fingerprints let card_fp = ard.fingerprints()?; @@ -151,10 +148,10 @@ fn check_key_upload_algo_attrs() -> Result<()> { } pub fn test_print_caps( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let aid = ard.application_id()?; println!("aid: {:#x?}", aid); @@ -172,17 +169,17 @@ pub fn test_print_caps( } pub fn test_print_algo_info( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let dec = ard.algorithm_attributes(KeyType::Decryption)?; println!("Current algorithm for the decrypt slot: {}", dec); println!(); - let algo = card_client.algorithm_information(); + let algo = card_tx.algorithm_information(); if let Ok(Some(algo)) = algo { println!("Card algorithm list:\n{}", algo); } @@ -191,7 +188,7 @@ pub fn test_print_algo_info( } pub fn test_upload_keys( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), param: &[&str], ) -> Result { assert_eq!( @@ -200,16 +197,16 @@ pub fn test_upload_keys( "test_upload_keys needs a filename for 'cert'" ); - card_client.verify_pw3("12345678")?; + card_tx.verify_pw3("12345678")?; let cert = Cert::from_file(param[0])?; let p = StandardPolicy::new(); - let meta = util::upload_subkeys(card_client, &cert, &p) + let meta = util::upload_subkeys(card_tx, &cert, &p) .map_err(|e| TestError::KeyUploadError(param[0].to_string(), e))?; - check_key_upload_metadata(card_client, &meta)?; + check_key_upload_metadata(card_tx, &meta)?; // FIXME: implement check_key_upload_algo_attrs()?; @@ -219,10 +216,10 @@ pub fn test_upload_keys( /// Generate keys for each of the three KeyTypes pub fn test_keygen( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), param: &[&str], ) -> Result { - card_client.verify_pw3("12345678")?; + card_tx.verify_pw3("12345678")?; // Generate all three subkeys on card let algo = param[0]; @@ -230,7 +227,7 @@ pub fn test_keygen( let alg = AlgoSimple::try_from(algo)?; println!(" Generate subkey for Signing"); - let (pkm, ts) = card_client.generate_key_simple( + let (pkm, ts) = card_tx.generate_key_simple( public_to_fingerprint, KeyType::Signing, alg, @@ -238,7 +235,7 @@ pub fn test_keygen( let key_sig = public_key_material_to_key(&pkm, KeyType::Signing, ts)?; println!(" Generate subkey for Decryption"); - let (pkm, ts) = card_client.generate_key_simple( + let (pkm, ts) = card_tx.generate_key_simple( public_to_fingerprint, KeyType::Decryption, alg, @@ -246,7 +243,7 @@ pub fn test_keygen( let key_dec = public_key_material_to_key(&pkm, KeyType::Decryption, ts)?; println!(" Generate subkey for Authentication"); - let (pkm, ts) = card_client.generate_key_simple( + let (pkm, ts) = card_tx.generate_key_simple( public_to_fingerprint, KeyType::Authentication, alg, @@ -255,7 +252,7 @@ pub fn test_keygen( public_key_material_to_key(&pkm, KeyType::Authentication, ts)?; // Generate a Cert for this set of generated keys - let mut open = Open::new(card_client)?; + let mut open = Open::new(card_tx)?; let cert = make_cert( &mut open, key_sig, @@ -273,15 +270,15 @@ pub fn test_keygen( /// Construct public key based on data from the card pub fn test_get_pub( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let key_gen = ard.key_generation_times()?; // -- - let sig = card_client.public_key(KeyType::Signing)?; + let sig = card_tx.public_key(KeyType::Signing)?; let ts = key_gen.signature().unwrap().get().into(); let key = public_key_material_to_key(&sig, KeyType::Signing, ts)?; @@ -289,7 +286,7 @@ pub fn test_get_pub( // -- - let dec = card_client.public_key(KeyType::Decryption)?; + let dec = card_tx.public_key(KeyType::Decryption)?; let ts = key_gen.decryption().unwrap().get().into(); let key = public_key_material_to_key(&dec, KeyType::Decryption, ts)?; @@ -297,7 +294,7 @@ pub fn test_get_pub( // -- - let auth = card_client.public_key(KeyType::Authentication)?; + let auth = card_tx.public_key(KeyType::Authentication)?; let ts = key_gen.authentication().unwrap().get().into(); let key = public_key_material_to_key(&auth, KeyType::Authentication, ts)?; @@ -312,10 +309,10 @@ pub fn test_get_pub( } pub fn test_reset( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { - let _res = card_client.factory_reset()?; + let _res = card_tx.factory_reset()?; Ok(vec![]) } @@ -325,25 +322,25 @@ pub fn test_reset( /// Returns an empty TestOutput, throws errors for unexpected Status codes /// and for unequal field values. pub fn test_set_user_data( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { - card_client.verify_pw3("12345678")?; + card_tx.verify_pw3("12345678")?; // name - card_client.set_name(b"Bar< Result { let out = vec![]; println!(); - let d = card_client.private_use_do(1)?; + let d = card_tx.private_use_do(1)?; println!("data 1 {:?}", d); - card_client.verify_pw1("123456")?; + card_tx.verify_pw1("123456")?; - card_client.set_private_use_do(1, "Foo bar1!".as_bytes().to_vec())?; - card_client.set_private_use_do(3, "Foo bar3!".as_bytes().to_vec())?; + card_tx.set_private_use_do(1, "Foo bar1!".as_bytes().to_vec())?; + card_tx.set_private_use_do(3, "Foo bar3!".as_bytes().to_vec())?; - card_client.verify_pw3("12345678")?; + card_tx.verify_pw3("12345678")?; - card_client.set_private_use_do(2, "Foo bar2!".as_bytes().to_vec())?; - card_client.set_private_use_do(4, "Foo bar4!".as_bytes().to_vec())?; + card_tx.set_private_use_do(2, "Foo bar2!".as_bytes().to_vec())?; + card_tx.set_private_use_do(4, "Foo bar4!".as_bytes().to_vec())?; - let d = card_client.private_use_do(1)?; + let d = card_tx.private_use_do(1)?; println!("data 1 {:?}", d); - let d = card_client.private_use_do(2)?; + let d = card_tx.private_use_do(2)?; println!("data 2 {:?}", d); - let d = card_client.private_use_do(3)?; + let d = card_tx.private_use_do(3)?; println!("data 3 {:?}", d); - let d = card_client.private_use_do(4)?; + let d = card_tx.private_use_do(4)?; println!("data 4 {:?}", d); Ok(out) } // pub fn test_cardholder_cert( -// card_client: &mut (dyn CardClient + Send + Sync), +// card_tx: &mut (dyn CardTransaction + Send + Sync), // _param: &[&str], // ) -> Result { // let mut out = vec![]; // // println!(); // -// match card_client.cardholder_certificate() { +// match card_tx.cardholder_certificate() { // Ok(res) => { // out.push(TestResult::Text(format!("got cert {:x?}", res.data()))) // } @@ -412,11 +409,11 @@ pub fn test_private_data( // } // }; // -// card_client.verify_pw3("12345678")?; +// card_tx.verify_pw3("12345678")?; // // let data = "Foo bar baz!".as_bytes(); // -// match card_client.set_cardholder_certificate(data.to_vec()) { +// match card_tx.set_cardholder_certificate(data.to_vec()) { // Ok(_resp) => out.push(TestResult::Text("set cert ok".to_string())), // Err(e) => { // out.push(TestResult::Text(format!( @@ -427,7 +424,7 @@ pub fn test_private_data( // } // } // -// let res = card_client.cardholder_certificate()?; +// let res = card_tx.cardholder_certificate()?; // out.push(TestResult::Text("get cert ok".to_string())); // // if res.data() != data { @@ -440,7 +437,7 @@ pub fn test_private_data( // // // try using slot 2 // -// match card_client.select_data(2, &[0x7F, 0x21]) { +// match card_tx.select_data(2, &[0x7F, 0x21]) { // Ok(_res) => out.push(TestResult::Text("select_data ok".to_string())), // Err(e) => { // out.push(TestResult::Text(format!("select_data: {:?}", e))); @@ -452,24 +449,24 @@ pub fn test_private_data( // } pub fn test_pw_status( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { let out = vec![]; - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let mut pws = ard.pw_status_bytes()?; println!("pws {:?}", pws); - card_client.verify_pw3("12345678")?; + card_tx.verify_pw3("12345678")?; pws.set_pw1_cds_valid_once(false); pws.set_pw1_pin_block(true); - card_client.set_pw_status_bytes(&pws, false)?; + card_tx.set_pw_status_bytes(&pws, false)?; - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let pws = ard.pw_status_bytes()?; println!("pws {:?}", pws); @@ -480,7 +477,7 @@ pub fn test_pw_status( /// - verify pw3 (check) -> Status /// - verify pw1 (check) -> Status pub fn test_verify( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { // Steps: @@ -498,7 +495,7 @@ pub fn test_verify( let mut out = vec![]; // try to set name without verify, assert result is not ok! - let res = card_client.set_name("Notverified< { // e.g. yubikey5 returns an error status! out.push(TestResult::Status(s)); @@ -519,17 +516,17 @@ pub fn test_verify( Ok(_) => out.push(TestResult::StatusOk), } - card_client.set_name(b"Admin< { // e.g. yubikey5 returns an error status! out.push(TestResult::Status(s)); @@ -540,16 +537,16 @@ pub fn test_verify( Ok(_) => out.push(TestResult::StatusOk), } - card_client.set_name(b"There< Result { let out = vec![]; @@ -557,20 +554,20 @@ pub fn test_change_pw( // first do admin-less pw1 on gnuk // (NOTE: Gnuk requires a key to be loaded before allowing pw changes!) println!("change pw1"); - card_client.change_pw1("123456", "abcdef00")?; + card_tx.change_pw1("123456", "abcdef00")?; // also set admin pw, which means pw1 is now only user-pw again, on gnuk println!("change pw3"); // ca.change_pw3("abcdef00", "abcdefgh")?; // gnuk - card_client.change_pw3("12345678", "abcdefgh")?; + card_tx.change_pw3("12345678", "abcdefgh")?; println!("change pw1"); - card_client.change_pw1("abcdef00", "abcdef")?; // gnuk + card_tx.change_pw1("abcdef00", "abcdef")?; // gnuk // ca.change_pw1("123456", "abcdef")?; println!("verify bad pw1"); - match card_client.verify_pw1("123456ab") { + match card_tx.verify_pw1("123456ab") { Err(Error::CardStatus(StatusBytes::SecurityStatusNotSatisfied)) => { // this is expected } @@ -581,10 +578,10 @@ pub fn test_change_pw( } println!("verify good pw1"); - card_client.verify_pw1("abcdef")?; + card_tx.verify_pw1("abcdef")?; println!("verify bad pw3"); - match card_client.verify_pw3("00000000") { + match card_tx.verify_pw3("00000000") { Err(Error::CardStatus(StatusBytes::SecurityStatusNotSatisfied)) => { // this is expected } @@ -595,34 +592,34 @@ pub fn test_change_pw( } println!("verify good pw3"); - card_client.verify_pw3("abcdefgh")?; + card_tx.verify_pw3("abcdefgh")?; println!("change pw3 back to default"); - card_client.change_pw3("abcdefgh", "12345678")?; + card_tx.change_pw3("abcdefgh", "12345678")?; println!("change pw1 back to default"); - card_client.change_pw1("abcdef", "123456")?; + card_tx.change_pw1("abcdef", "123456")?; Ok(out) } pub fn test_reset_retry_counter( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), _param: &[&str], ) -> Result { let out = vec![]; // set pw3, then pw1 (to bring gnuk into non-admin mode) println!("set pw3"); - card_client.change_pw3("12345678", "12345678")?; + card_tx.change_pw3("12345678", "12345678")?; println!("set pw1"); - card_client.change_pw1("123456", "123456")?; + card_tx.change_pw1("123456", "123456")?; println!("break pw1"); - let _ = card_client.verify_pw1("wrong0"); - let _ = card_client.verify_pw1("wrong0"); - let _ = card_client.verify_pw1("wrong0"); - let res = card_client.verify_pw1("wrong0"); + let _ = card_tx.verify_pw1("wrong0"); + let _ = card_tx.verify_pw1("wrong0"); + let _ = card_tx.verify_pw1("wrong0"); + let res = card_tx.verify_pw1("wrong0"); match res { Err(Error::CardStatus(StatusBytes::AuthenticationMethodBlocked)) => { @@ -643,23 +640,23 @@ pub fn test_reset_retry_counter( } println!("verify pw3"); - card_client.verify_pw3("12345678")?; + card_tx.verify_pw3("12345678")?; println!("set resetting code"); - card_client.set_resetting_code("abcdefgh".as_bytes().to_vec())?; + card_tx.set_resetting_code("abcdefgh".as_bytes().to_vec())?; println!("reset retry counter"); // ca.reset_retry_counter_pw1("abcdef".as_bytes().to_vec(), None)?; - let _res = card_client.reset_retry_counter_pw1( + let _res = card_tx.reset_retry_counter_pw1( "abcdef".as_bytes().to_vec(), Some("abcdefgh".as_bytes().to_vec()), ); println!("verify good pw1"); - card_client.verify_pw1("abcdef")?; + card_tx.verify_pw1("abcdef")?; println!("verify bad pw1"); - match card_client.verify_pw1("00000000") { + match card_tx.verify_pw1("00000000") { Err(Error::CardStatus(StatusBytes::SecurityStatusNotSatisfied)) => { // this is expected } @@ -675,7 +672,7 @@ pub fn test_reset_retry_counter( pub fn run_test( tc: &mut TestCardData, t: fn( - &mut (dyn CardClient + Send + Sync), + &mut (dyn CardTransaction + Send + Sync), &[&str], ) -> Result, param: &[&str], diff --git a/card-functionality/src/util.rs b/card-functionality/src/util.rs index e9209c3..d351ccb 100644 --- a/card-functionality/src/util.rs +++ b/card-functionality/src/util.rs @@ -17,14 +17,14 @@ use sequoia_openpgp::serialize::stream::{ use sequoia_openpgp::Cert; use openpgp_card::card_do::KeyGenerationTime; -use openpgp_card::{CardClient, KeyType}; +use openpgp_card::{CardTransaction, KeyType}; use openpgp_card_sequoia::sq_util; use openpgp_card_sequoia::util::vka_as_uploadable_key; pub const SP: &StandardPolicy = &StandardPolicy::new(); pub(crate) fn upload_subkeys( - card_client: &mut dyn CardClient, + card_tx: &mut dyn CardTransaction, cert: &Cert, policy: &dyn Policy, ) -> Result> { @@ -49,7 +49,7 @@ pub(crate) fn upload_subkeys( // upload key let cuk = vka_as_uploadable_key(vka, None); - card_client.key_import(cuk, *kt)?; + card_tx.key_import(cuk, *kt)?; } } diff --git a/openpgp-card-sequoia/src/card.rs b/openpgp-card-sequoia/src/card.rs index 8eddd33..ecaf220 100644 --- a/openpgp-card-sequoia/src/card.rs +++ b/openpgp-card-sequoia/src/card.rs @@ -16,7 +16,7 @@ use openpgp_card::card_do::{ ExtendedCapabilities, ExtendedLengthInfo, Fingerprint, HistoricalBytes, KeyGenerationTime, Lang, PWStatusBytes, SecuritySupportTemplate, Sex, }; -use openpgp_card::{CardClient, Error, KeySet, KeyType, Response}; +use openpgp_card::{CardTransaction, Error, KeySet, KeyType, Response}; use crate::decryptor::CardDecryptor; use crate::signer::CardSigner; @@ -27,7 +27,7 @@ use openpgp_card::crypto_data::PublicKeyMaterial; /// Representation of an opened OpenPGP card in its base state (i.e. no /// passwords have been verified, default authorization applies). pub struct Open<'a> { - card_client: &'a mut (dyn CardClient + Send + Sync), + card_tx: &'a mut (dyn CardTransaction + Send + Sync), // Cache of "application related data". // @@ -47,12 +47,12 @@ pub struct Open<'a> { impl<'a> Open<'a> { pub fn new( - card_client: &'a mut (dyn CardClient + Send + Sync), + card_tx: &'a mut (dyn CardTransaction + Send + Sync), ) -> Result { - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; Ok(Self { - card_client, + card_tx, ard, pw1: false, pw1_sign: false, @@ -60,15 +60,15 @@ impl<'a> Open<'a> { }) } pub fn feature_pinpad_verify(&mut self) -> bool { - self.card_client.feature_pinpad_verify() + self.card_tx.feature_pinpad_verify() } pub fn feature_pinpad_modify(&mut self) -> bool { - self.card_client.feature_pinpad_modify() + self.card_tx.feature_pinpad_modify() } pub fn verify_user(&mut self, pin: &str) -> Result<(), Error> { - let _ = self.card_client.verify_pw1(pin)?; + let _ = self.card_tx.verify_pw1(pin)?; self.pw1 = true; Ok(()) } @@ -79,13 +79,13 @@ impl<'a> Open<'a> { ) -> Result<(), Error> { prompt(); - let _ = self.card_client.verify_pw1_pinpad()?; + let _ = self.card_tx.verify_pw1_pinpad()?; self.pw1 = true; Ok(()) } pub fn verify_user_for_signing(&mut self, pin: &str) -> Result<(), Error> { - let _ = self.card_client.verify_pw1_for_signing(pin)?; + let _ = self.card_tx.verify_pw1_for_signing(pin)?; // FIXME: depending on card mode, pw1_sign is only usable once @@ -99,7 +99,7 @@ impl<'a> Open<'a> { ) -> Result<(), Error> { prompt(); - let _ = self.card_client.verify_pw1_for_signing_pinpad()?; + let _ = self.card_tx.verify_pw1_for_signing_pinpad()?; // FIXME: depending on card mode, pw1_sign is only usable once @@ -108,7 +108,7 @@ impl<'a> Open<'a> { } pub fn verify_admin(&mut self, pin: &str) -> Result<(), Error> { - let _ = self.card_client.verify_pw3(pin)?; + let _ = self.card_tx.verify_pw3(pin)?; self.pw3 = true; Ok(()) } @@ -119,7 +119,7 @@ impl<'a> Open<'a> { ) -> Result<(), Error> { prompt(); - let _ = self.card_client.verify_pw3_pinpad()?; + let _ = self.card_tx.verify_pw3_pinpad()?; self.pw3 = true; Ok(()) } @@ -128,14 +128,14 @@ impl<'a> Open<'a> { /// /// NOTE: on some cards this functionality seems broken. pub fn check_user_verified(&mut self) -> Result { - self.card_client.check_pw1() + self.card_tx.check_pw1() } /// Ask the card if the admin password has been successfully verified. /// /// NOTE: on some cards this functionality seems broken. pub fn check_admin_verified(&mut self) -> Result { - self.card_client.check_pw3() + self.card_tx.check_pw3() } pub fn change_user_pin( @@ -143,7 +143,7 @@ impl<'a> Open<'a> { old: &str, new: &str, ) -> Result { - self.card_client.change_pw1(old, new) + self.card_tx.change_pw1(old, new) } pub fn change_user_pin_pinpad( @@ -151,7 +151,7 @@ impl<'a> Open<'a> { prompt: &dyn Fn(), ) -> Result { prompt(); - self.card_client.change_pw1_pinpad() + self.card_tx.change_pw1_pinpad() } pub fn reset_user_pin( @@ -159,7 +159,7 @@ impl<'a> Open<'a> { rst: &str, new: &str, ) -> Result { - self.card_client + self.card_tx .reset_retry_counter_pw1(new.into(), Some(rst.into())) } @@ -168,7 +168,7 @@ impl<'a> Open<'a> { old: &str, new: &str, ) -> Result { - self.card_client.change_pw3(old, new) + self.card_tx.change_pw3(old, new) } pub fn change_admin_pin_pinpad( @@ -176,7 +176,7 @@ impl<'a> Open<'a> { prompt: &dyn Fn(), ) -> Result { prompt(); - self.card_client.change_pw3_pinpad() + self.card_tx.change_pw3_pinpad() } /// Get a view of the card authenticated for "User" commands. @@ -296,21 +296,21 @@ impl<'a> Open<'a> { // --- URL (5f50) --- pub fn url(&mut self) -> Result { - Ok(String::from_utf8_lossy(&self.card_client.url()?).to_string()) + Ok(String::from_utf8_lossy(&self.card_tx.url()?).to_string()) } // --- cardholder related data (65) --- pub fn cardholder_related_data( &mut self, ) -> Result { - self.card_client.cardholder_related_data() + self.card_tx.cardholder_related_data() } // --- security support template (7a) --- pub fn security_support_template( &mut self, ) -> Result { - self.card_client.security_support_template() + self.card_tx.security_support_template() } // DO "Algorithm Information" (0xFA) @@ -324,12 +324,12 @@ impl<'a> Open<'a> { return Ok(None); } - self.card_client.algorithm_information() + self.card_tx.algorithm_information() } /// Firmware Version, YubiKey specific (?) pub fn firmware_version(&mut self) -> Result> { - self.card_client.firmware_version() + self.card_tx.firmware_version() } // ---------- @@ -338,14 +338,14 @@ impl<'a> Open<'a> { &mut self, key_type: KeyType, ) -> Result { - self.card_client.public_key(key_type).map_err(|e| e.into()) + self.card_tx.public_key(key_type).map_err(|e| e.into()) } // ---------- /// Delete all state on this OpenPGP card pub fn factory_reset(&mut self) -> Result<()> { - self.card_client.factory_reset() + self.card_tx.factory_reset() } } @@ -357,7 +357,7 @@ pub struct User<'app, 'open> { impl User<'_, '_> { pub fn decryptor(&mut self, cert: &Cert) -> Result { - CardDecryptor::new(self.oc.card_client, cert) + CardDecryptor::new(self.oc.card_tx, cert) } } @@ -375,14 +375,14 @@ impl Sign<'_, '_> { // FIXME: depending on the setting in "PW1 Status byte", only one // signature can be made after verification for signing - CardSigner::new(self.oc.card_client, cert) + CardSigner::new(self.oc.card_tx, cert) } pub fn signer_from_pubkey(&mut self, pubkey: PublicKey) -> CardSigner { // FIXME: depending on the setting in "PW1 Status byte", only one // signature can be made after verification for signing - CardSigner::with_pubkey(self.oc.card_client, pubkey) + CardSigner::with_pubkey(self.oc.card_tx, pubkey) } } @@ -408,7 +408,7 @@ impl Admin<'_, '_> { return Err(anyhow!("Invalid char in name").into()); }; - self.oc.card_client.set_name(name.as_bytes()) + self.oc.card_tx.set_name(name.as_bytes()) } pub fn set_lang(&mut self, lang: &[Lang]) -> Result { @@ -416,11 +416,11 @@ impl Admin<'_, '_> { return Err(anyhow!("lang too long").into()); } - self.oc.card_client.set_lang(lang) + self.oc.card_tx.set_lang(lang) } pub fn set_sex(&mut self, sex: Sex) -> Result { - self.oc.card_client.set_sex(sex) + self.oc.card_tx.set_sex(sex) } pub fn set_url(&mut self, url: &str) -> Result { @@ -438,7 +438,7 @@ impl Admin<'_, '_> { // or if it's within the acceptable length: // send the url update to the card. - self.oc.card_client.set_url(url.as_bytes()) + self.oc.card_tx.set_url(url.as_bytes()) } else { Err(anyhow!("URL too long").into()) } @@ -448,13 +448,11 @@ impl Admin<'_, '_> { &mut self, pin: &str, ) -> Result { - self.oc.card_client.set_resetting_code(pin.into()) + self.oc.card_tx.set_resetting_code(pin.into()) } pub fn reset_user_pin(&mut self, new: &str) -> Result { - self.oc - .card_client - .reset_retry_counter_pw1(new.into(), None) + self.oc.card_tx.reset_retry_counter_pw1(new.into(), None) } /// Upload a ValidErasedKeyAmalgamation to the card as a specific KeyType. @@ -467,7 +465,7 @@ impl Admin<'_, '_> { password: Option, ) -> Result<(), Error> { let key = vka_as_uploadable_key(vka, password); - self.oc.card_client.key_import(key, key_type) + self.oc.card_tx.key_import(key, key_type) } pub fn generate_key_simple( @@ -476,12 +474,12 @@ impl Admin<'_, '_> { algo: Option, ) -> Result<(PublicKeyMaterial, KeyGenerationTime), Error> { match algo { - Some(algo) => self.oc.card_client.generate_key_simple( + Some(algo) => self.oc.card_tx.generate_key_simple( public_to_fingerprint, key_type, algo, ), - None => self.oc.card_client.generate_key( + None => self.oc.card_tx.generate_key( public_to_fingerprint, key_type, None, diff --git a/openpgp-card-sequoia/src/decryptor.rs b/openpgp-card-sequoia/src/decryptor.rs index 54ef097..ab49fbd 100644 --- a/openpgp-card-sequoia/src/decryptor.rs +++ b/openpgp-card-sequoia/src/decryptor.rs @@ -15,14 +15,14 @@ use openpgp::Cert; use sequoia_openpgp as openpgp; use openpgp_card::crypto_data::Cryptogram; -use openpgp_card::{CardClient, Error}; +use openpgp_card::{CardTransaction, Error}; use crate::sq_util; use crate::PublicKey; pub struct CardDecryptor<'a> { /// The OpenPGP card (authenticated to allow decryption operations) - card_client: &'a mut dyn CardClient, + card_tx: &'a mut dyn CardTransaction, /// The matching public key for the card's decryption key public: PublicKey, @@ -34,11 +34,11 @@ impl<'a> CardDecryptor<'a> { /// An Error is returned if no match between the card's decryption /// key and a (sub)key of `cert` can be made. pub fn new( - card_client: &'a mut dyn CardClient, + card_tx: &'a mut dyn CardTransaction, cert: &Cert, ) -> Result, Error> { // Get the fingerprint for the decryption key from the card. - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let fps = ard.fingerprints()?; let fp = fps.decryption(); @@ -48,10 +48,7 @@ impl<'a> CardDecryptor<'a> { if let Some(eka) = sq_util::get_subkey_by_fingerprint(cert, &fp)? { let public = eka.key().clone(); - Ok(Self { - card_client, - public, - }) + Ok(Self { card_tx, public }) } else { Err(Error::InternalError(anyhow!( "Failed to find (sub)key {} in cert", @@ -85,7 +82,7 @@ impl<'a> crypto::Decryptor for CardDecryptor<'a> { match (ciphertext, self.public.mpis()) { (mpi::Ciphertext::RSA { c: ct }, mpi::PublicKey::RSA { .. }) => { let dm = Cryptogram::RSA(ct.value()); - let dec = self.card_client.decipher(dm)?; + let dec = self.card_tx.decipher(dm)?; let sk = openpgp::crypto::SessionKey::from(&dec[..]); Ok(sk) @@ -109,7 +106,7 @@ impl<'a> crypto::Decryptor for CardDecryptor<'a> { }; // Decryption operation on the card - let mut dec = self.card_client.decipher(dm)?; + let mut dec = self.card_tx.decipher(dm)?; // Specifically handle return value format like Gnuk's // (Gnuk returns a leading '0x04' byte and diff --git a/openpgp-card-sequoia/src/signer.rs b/openpgp-card-sequoia/src/signer.rs index 2dca650..3e9e55f 100644 --- a/openpgp-card-sequoia/src/signer.rs +++ b/openpgp-card-sequoia/src/signer.rs @@ -11,14 +11,14 @@ use openpgp::types::{Curve, PublicKeyAlgorithm}; use sequoia_openpgp as openpgp; use openpgp_card::crypto_data::Hash; -use openpgp_card::{CardClient, Error}; +use openpgp_card::{CardTransaction, Error}; use crate::sq_util; use crate::PublicKey; pub struct CardSigner<'a> { /// The OpenPGP card (authenticated to allow signing operations) - card_client: &'a mut (dyn CardClient + Send + Sync), + card_tx: &'a mut (dyn CardTransaction + Send + Sync), /// The matching public key for the card's signing key public: PublicKey, @@ -30,11 +30,11 @@ impl<'a> CardSigner<'a> { /// An Error is returned if no match between the card's signing /// key and a (sub)key of `cert` can be made. pub fn new( - card_client: &'a mut (dyn CardClient + Send + Sync), + card_tx: &'a mut (dyn CardTransaction + Send + Sync), cert: &openpgp::Cert, ) -> Result, Error> { // Get the fingerprint for the signing key from the card. - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let fps = ard.fingerprints()?; let fp = fps.signature(); @@ -44,7 +44,7 @@ impl<'a> CardSigner<'a> { if let Some(eka) = sq_util::get_subkey_by_fingerprint(cert, &fp)? { let key = eka.key().clone(); - Ok(Self::with_pubkey(card_client, key)) + Ok(Self::with_pubkey(card_tx, key)) } else { Err(Error::InternalError(anyhow!( "Failed to find (sub)key {} in cert", @@ -59,13 +59,10 @@ impl<'a> CardSigner<'a> { } pub(crate) fn with_pubkey( - card_client: &'a mut (dyn CardClient + Send + Sync), + card_tx: &'a mut (dyn CardTransaction + Send + Sync), public: PublicKey, ) -> CardSigner<'a> { - CardSigner { - card_client, - public, - } + CardSigner { card_tx, public } } } @@ -117,7 +114,7 @@ impl<'a> crypto::Signer for CardSigner<'a> { } }; - let sig = self.card_client.signature_for_hash(hash)?; + let sig = self.card_tx.signature_for_hash(hash)?; let mpi = mpi::MPI::new(&sig[..]); Ok(mpi::Signature::RSA { s: mpi }) @@ -125,7 +122,7 @@ impl<'a> crypto::Signer for CardSigner<'a> { (PublicKeyAlgorithm::EdDSA, mpi::PublicKey::EdDSA { .. }) => { let hash = Hash::EdDSA(digest); - let sig = self.card_client.signature_for_hash(hash)?; + let sig = self.card_tx.signature_for_hash(hash)?; let r = mpi::MPI::new(&sig[..32]); let s = mpi::MPI::new(&sig[32..]); @@ -143,7 +140,7 @@ impl<'a> crypto::Signer for CardSigner<'a> { _ => Hash::ECDSA(digest), }; - let sig = self.card_client.signature_for_hash(hash)?; + let sig = self.card_tx.signature_for_hash(hash)?; let len_2 = sig.len() / 2; let r = mpi::MPI::new(&sig[..len_2]); diff --git a/openpgp-card-sequoia/src/util.rs b/openpgp-card-sequoia/src/util.rs index 3623512..d6fa603 100644 --- a/openpgp-card-sequoia/src/util.rs +++ b/openpgp-card-sequoia/src/util.rs @@ -27,7 +27,7 @@ use sequoia_openpgp as openpgp; use openpgp_card::algorithm::{Algo, Curve}; use openpgp_card::card_do::{Fingerprint, KeyGenerationTime}; use openpgp_card::crypto_data::{CardUploadableKey, PublicKeyMaterial}; -use openpgp_card::{CardClient, Error, KeyType}; +use openpgp_card::{CardTransaction, Error, KeyType}; use crate::card::Open; use crate::privkey::SequoiaKey; @@ -294,13 +294,13 @@ pub fn vka_as_uploadable_key( /// FIXME: this fn is used in card_functionality, but should be removed pub fn sign( - card_client: &mut (dyn CardClient + Send + Sync), + card_tx: &mut (dyn CardTransaction + Send + Sync), cert: &Cert, input: &mut dyn io::Read, ) -> Result { let mut armorer = armor::Writer::new(vec![], armor::Kind::Signature)?; { - let s = signer::CardSigner::new(card_client, cert)?; + let s = signer::CardSigner::new(card_tx, cert)?; let message = Message::new(&mut armorer); let mut message = Signer::new(message, s).detached().build()?; @@ -318,7 +318,7 @@ pub fn sign( /// FIXME: this fn is used in card_functionality, but should be removed pub fn decrypt( - card_client: &mut dyn CardClient, + card_tx: &mut dyn CardTransaction, cert: &Cert, msg: Vec, p: &dyn Policy, @@ -327,7 +327,7 @@ pub fn decrypt( { let reader = io::BufReader::new(&msg[..]); - let d = decryptor::CardDecryptor::new(card_client, cert)?; + let d = decryptor::CardDecryptor::new(card_tx, cert)?; let db = DecryptorBuilder::from_reader(reader)?; let mut decryptor = db.with_policy(p, None, d)?; diff --git a/openpgp-card/src/apdu.rs b/openpgp-card/src/apdu.rs index d4a9cda..c9a3b37 100644 --- a/openpgp-card/src/apdu.rs +++ b/openpgp-card/src/apdu.rs @@ -13,7 +13,7 @@ use std::convert::TryFrom; use crate::apdu::command::Expect; use crate::apdu::{command::Command, response::RawResponse}; -use crate::{CardClient, Error, StatusBytes}; +use crate::{CardTransaction, Error, StatusBytes}; /// "Maximum amount of bytes in a short APDU command or response" (from pcsc) const MAX_BUFFER_SIZE: usize = 264; @@ -23,15 +23,15 @@ const MAX_BUFFER_SIZE: usize = 264; /// If the reply is truncated, this fn assembles all the parts and returns /// them as one aggregated Response. pub(crate) fn send_command( - card_client: &mut C, + card_tx: &mut C, cmd: Command, expect_reply: bool, ) -> Result where - C: CardClient, + C: CardTransaction, { let mut resp = RawResponse::try_from(send_command_low_level( - card_client, + card_tx, cmd.clone(), if expect_reply { Expect::Some @@ -42,7 +42,7 @@ where if let StatusBytes::UnknownStatus(0x6c, size) = resp.status() { resp = RawResponse::try_from(send_command_low_level( - card_client, + card_tx, cmd, Expect::Short(size), )?)?; @@ -54,7 +54,7 @@ where // Get next chunk of data let next = RawResponse::try_from(send_command_low_level( - card_client, + card_tx, commands::get_response(), Expect::Short(bytes), )?)?; @@ -85,15 +85,15 @@ where /// If the response is chained, this fn only returns one chunk, the caller /// needs to re-assemble the chained response-parts. fn send_command_low_level( - card_client: &mut C, + card_tx: &mut C, cmd: Command, expect_response: Expect, ) -> Result, Error> where - C: CardClient, + C: CardTransaction, { let (ext_support, chaining_support, mut max_cmd_bytes, max_rsp_bytes) = - if let Some(caps) = card_client.card_caps() { + if let Some(caps) = card_tx.card_caps() { log::debug!("found card caps data!"); ( @@ -109,13 +109,13 @@ where (false, false, 255, 255) }; - // If the CardClient implementation has an inherent limit for the cmd + // If the CardTransaction implementation has an inherent limit for the cmd // size, take that limit into account. - // (E.g. when using scdaemon as a CardClient backend, there is a + // (E.g. when using scdaemon as a CardTransaction backend, there is a // limitation to 1000 bytes length for Assuan commands, which // translates to maximum command length of a bit under 500 bytes) - if let Some(max_cardclient_cmd_bytes) = card_client.max_cmd_len() { - max_cmd_bytes = usize::min(max_cmd_bytes, max_cardclient_cmd_bytes); + if let Some(max_card_cmd_bytes) = card_tx.max_cmd_len() { + max_cmd_bytes = usize::min(max_cmd_bytes, max_card_cmd_bytes); } log::debug!( @@ -167,7 +167,7 @@ where log::debug!(" -> chained APDU command: {:x?}", &serialized); - let resp = card_client.transmit(&serialized, buf_size)?; + let resp = card_tx.transmit(&serialized, buf_size)?; log::debug!(" <- APDU response: {:x?}", &resp); @@ -210,7 +210,7 @@ where log::debug!(" -> APDU command: {:x?}", &serialized); - let resp = card_client.transmit(&serialized, buf_size)?; + let resp = card_tx.transmit(&serialized, buf_size)?; log::debug!(" <- APDU response: {:x?}", resp); diff --git a/openpgp-card/src/keys.rs b/openpgp-card/src/keys.rs index 366be75..160eaaa 100644 --- a/openpgp-card/src/keys.rs +++ b/openpgp-card/src/keys.rs @@ -17,7 +17,7 @@ use crate::crypto_data::{ }; use crate::tlv::{length::tlv_encode_length, value::Value, Tlv}; use crate::{apdu, KeyType}; -use crate::{CardClient, Error}; +use crate::{CardTransaction, Error}; /// Generate asymmetric key pair on the card. /// @@ -30,7 +30,7 @@ use crate::{CardClient, Error}; /// `fp_from_pub` calculates the fingerprint for a public key data object and /// creation timestamp pub(crate) fn gen_key_with_metadata( - card_client: &mut C, + card_tx: &mut C, fp_from_pub: fn( &PublicKeyMaterial, KeyGenerationTime, @@ -40,17 +40,17 @@ pub(crate) fn gen_key_with_metadata( algo: Option<&Algo>, ) -> Result<(PublicKeyMaterial, KeyGenerationTime), Error> where - C: CardClient, + C: CardTransaction, { // Set algo on card if it's Some if let Some(target_algo) = algo { // FIXME: caching - let ard = card_client.application_related_data()?; // no caching, here! + let ard = card_tx.application_related_data()?; // no caching, here! let ecap = ard.extended_capabilities()?; // Only set algo if card supports setting of algo attr if ecap.algo_attrs_changeable() { - card_client.set_algorithm_attributes(key_type, target_algo)?; + card_tx.set_algorithm_attributes(key_type, target_algo)?; } else { // Check if the current algo on the card is the one we want, if // not we return an error. @@ -67,11 +67,11 @@ where } // get current (possibly updated) state of algo - let ard = card_client.application_related_data()?; // no caching, here! + let ard = card_tx.application_related_data()?; // no caching, here! let cur_algo = ard.algorithm_attributes(key_type)?; // generate key - let tlv = generate_asymmetric_key_pair(card_client, key_type)?; + let tlv = generate_asymmetric_key_pair(card_tx, key_type)?; // derive pubkey let pubkey = tlv_to_pubkey(&tlv, &cur_algo)?; @@ -89,11 +89,11 @@ where let ts = ts.into(); - card_client.set_creation_time(ts, key_type)?; + card_tx.set_creation_time(ts, key_type)?; // calculate/store fingerprint let fp = fp_from_pub(&pubkey, ts, key_type)?; - card_client.set_fingerprint(fp, key_type)?; + card_tx.set_fingerprint(fp, key_type)?; Ok((pubkey, ts)) } @@ -130,17 +130,17 @@ fn tlv_to_pubkey(tlv: &Tlv, algo: &Algo) -> Result { /// This runs the low level key generation primitive on the card. /// (This does not set algorithm attributes, creation time or fingerprint) pub(crate) fn generate_asymmetric_key_pair( - card_client: &mut C, + card_tx: &mut C, key_type: KeyType, ) -> Result where - C: CardClient, + C: CardTransaction, { // generate key let crt = control_reference_template(key_type)?; let gen_key_cmd = commands::gen_key(crt.serialize().to_vec()); - let resp = apdu::send_command(card_client, gen_key_cmd, true)?; + let resp = apdu::send_command(card_tx, gen_key_cmd, true)?; resp.check_ok()?; let tlv = Tlv::try_from(resp.data()?)?; @@ -155,21 +155,21 @@ where /// /// (See 7.2.14 GENERATE ASYMMETRIC KEY PAIR) pub(crate) fn public_key( - card_client: &mut C, + card_tx: &mut C, key_type: KeyType, ) -> Result where - C: CardClient, + C: CardTransaction, { // get current algo - let ard = card_client.application_related_data()?; // FIXME: caching + let ard = card_tx.application_related_data()?; // FIXME: caching let algo = ard.algorithm_attributes(key_type)?; // get public key let crt = control_reference_template(key_type)?; let get_pub_key_cmd = commands::get_pub_key(crt.serialize().to_vec()); - let resp = apdu::send_command(card_client, get_pub_key_cmd, true)?; + let resp = apdu::send_command(card_tx, get_pub_key_cmd, true)?; resp.check_ok()?; let tlv = Tlv::try_from(resp.data()?)?; @@ -184,16 +184,16 @@ where /// caused by checks before attempting to upload the key to the card, or by /// an error that the card reports during an attempt to upload the key). pub(crate) fn key_import( - card_client: &mut C, + card_tx: &mut C, key: Box, key_type: KeyType, algo_info: Option, ) -> Result<(), Error> where - C: CardClient, + C: CardTransaction, { // FIXME: caching? - let ard = card_client.application_related_data()?; + let ard = card_tx.application_related_data()?; let (algo, key_cmd) = match key.private_key()? { PrivateKeyMaterial::R(rsa_key) => { @@ -229,12 +229,12 @@ where // Only set algo attrs if "Extended Capabilities" lists the feature if ard.extended_capabilities()?.algo_attrs_changeable() { - card_client.set_algorithm_attributes(key_type, &algo)?; + card_tx.set_algorithm_attributes(key_type, &algo)?; } - apdu::send_command(card_client, key_cmd, false)?.check_ok()?; - card_client.set_fingerprint(fp, key_type)?; - card_client.set_creation_time(key.timestamp(), key_type)?; + apdu::send_command(card_tx, key_cmd, false)?.check_ok()?; + card_tx.set_fingerprint(fp, key_type)?; + card_tx.set_creation_time(key.timestamp(), key_type)?; Ok(()) } diff --git a/openpgp-card/src/lib.rs b/openpgp-card/src/lib.rs index 4ed44d5..95dd0a7 100644 --- a/openpgp-card/src/lib.rs +++ b/openpgp-card/src/lib.rs @@ -13,8 +13,8 @@ //! [OpenPGP implementation](https://www.openpgp.org/software/developer/). //! //! This library can't directly access cards by itself. Instead, users -//! need to supply an implementation of the [`CardClient`] trait, to -//! access cards. +//! need to supply an implementation of the [`CardBackend`] +//! / [`CardTransaction`] traits, to access cards. //! //! The companion crate //! [openpgp-card-pcsc](https://crates.io/crates/openpgp-card-pcsc) @@ -55,12 +55,13 @@ use crate::tlv::tag::Tag; use crate::tlv::value::Value; use crate::tlv::Tlv; -/// The CardClient trait defines communication with an OpenPGP card via a +/// The CardTransaction trait defines communication with an OpenPGP card via a /// backend implementation (e.g. the pcsc backend in the crate -/// [openpgp-card-pcsc](https://crates.io/crates/openpgp-card-pcsc)). +/// [openpgp-card-pcsc](https://crates.io/crates/openpgp-card-pcsc)), +/// after opening a transaction from a CardBackend. /// -/// CardClient exposes low-level access to OpenPGP card functionality. -pub trait CardClient { +/// CardTransaction exposes low-level access to OpenPGP card functionality. +pub trait CardTransaction { /// Transmit the command data in `cmd` to the card. /// /// `buf_size` is a hint to the backend (the backend may ignore it) @@ -71,12 +72,12 @@ pub trait CardClient { buf_size: usize, ) -> Result, Error>; - /// Set the card capabilities in the CardClient. + /// Set the card capabilities in the CardTransaction. /// /// Setting these capabilities is typically part of a bootstrapping /// process: the information about the card's capabilities is typically - /// requested from the card using the same CardClient instance, before - /// the card's capabilities have been initialized. + /// requested from the card using the same CardTransaction instance, + /// before the card's capabilities have been initialized. fn init_card_caps(&mut self, caps: CardCaps); /// Request the card's capabilities @@ -85,7 +86,7 @@ pub trait CardClient { /// determine if extended length can be used) fn card_caps(&self) -> Option<&CardCaps>; - /// If a CardClient implementation introduces an additional, + /// If a CardTransaction implementation introduces an additional, /// backend-specific limit for maximum number of bytes per command, /// this fn can indicate that limit by returning `Some(max_cmd_len)`. fn max_cmd_len(&self) -> Option { @@ -110,7 +111,7 @@ pub trait CardClient { apdu::send_command(self, select_openpgp, false)?.try_into() } - /// Get a CardApp based on a CardClient. + /// Get a CardApp based on a CardTransaction. /// /// It is expected that SELECT has already been performed on the card /// beforehand. @@ -122,7 +123,7 @@ pub trait CardClient { let ard = self.application_related_data()?; // Determine chaining/extended length support from card - // metadata and cache this information in the CardClient + // metadata and cache this information in the CardTransaction // implementation (as a CardCaps) let mut ext_support = false; let mut chaining_support = false; @@ -877,14 +878,14 @@ pub trait CardClient { } } -impl<'a> Deref for dyn CardClient + Send + Sync + 'a { - type Target = dyn CardClient + 'a; +impl<'a> Deref for dyn CardTransaction + Send + Sync + 'a { + type Target = dyn CardTransaction + 'a; fn deref(&self) -> &Self::Target { self } } -impl<'a> DerefMut for dyn CardClient + Send + Sync + 'a { +impl<'a> DerefMut for dyn CardTransaction + Send + Sync + 'a { fn deref_mut(&mut self) -> &mut Self::Target { self } diff --git a/pcsc/src/lib.rs b/pcsc/src/lib.rs index 3fcf147..db2fd1a 100644 --- a/pcsc/src/lib.rs +++ b/pcsc/src/lib.rs @@ -1,8 +1,9 @@ // SPDX-FileCopyrightText: 2021-2022 Heiko Schaefer // SPDX-License-Identifier: MIT OR Apache-2.0 -//! This crate implements a `CardClient` backend for `openpgp-card`. It uses -//! the PCSC middleware to access the OpenPGP application on smart cards. +//! This crate implements a `CardBackend`/`CardTransaction` backend for +//! `openpgp-card`. It uses the PCSC middleware to access the OpenPGP +//! application on smart cards. use anyhow::{anyhow, Result}; use iso7816_tlv::simple::Tlv; @@ -11,7 +12,7 @@ use std::collections::HashMap; use std::convert::TryInto; use openpgp_card::card_do::ApplicationRelatedData; -use openpgp_card::{CardCaps, CardClient, Error, SmartcardError}; +use openpgp_card::{CardCaps, CardTransaction, Error, SmartcardError}; const FEATURE_VERIFY_PIN_DIRECT: u8 = 0x06; const FEATURE_MODIFY_PIN_DIRECT: u8 = 0x07; @@ -37,7 +38,7 @@ pub struct PcscCard { reader_caps: HashMap, } -/// An implementation of the CardClient trait that uses the PCSC lite +/// An implementation of the CardTransaction trait that uses the PCSC lite /// middleware to access the OpenPGP card application on smart cards, via a /// PCSC "transaction". /// @@ -146,8 +147,8 @@ impl<'b> TxClient<'b> { } /// Try to select the OpenPGP application on a card - pub fn select(card_client: &mut TxClient) -> Result<(), Error> { - if ::select(card_client).is_ok() { + pub fn select(card_tx: &mut TxClient) -> Result<(), Error> { + if ::select(card_tx).is_ok() { Ok(()) } else { Err(Error::Smartcard(SmartcardError::SelectOpenPGPCardFailed)) @@ -156,9 +157,9 @@ impl<'b> TxClient<'b> { /// Get application_related_data from card fn application_related_data( - card_client: &mut TxClient, + card_tx: &mut TxClient, ) -> Result { - ::application_related_data(card_client).map_err(|e| { + ::application_related_data(card_tx).map_err(|e| { Error::Smartcard(SmartcardError::Error(format!( "TxClient: failed to get application_related_data {:x?}", e @@ -207,7 +208,7 @@ impl<'b> TxClient<'b> { } } -impl CardClient for TxClient<'_> { +impl CardTransaction for TxClient<'_> { fn transmit( &mut self, cmd: &[u8], @@ -656,8 +657,8 @@ impl PcscCard { } } - // Initialize CardClient (set CardCaps from ARD) - ::initialize(&mut txc)?; + // Initialize CardTransaction (set CardCaps from ARD) + ::initialize(&mut txc)?; let cc = txc.card_caps().cloned(); diff --git a/scdc/src/lib.rs b/scdc/src/lib.rs index 2a89dfe..8a883bd 100644 --- a/scdc/src/lib.rs +++ b/scdc/src/lib.rs @@ -13,7 +13,7 @@ use sequoia_ipc::gnupg::{Agent, Context}; use std::sync::Mutex; use tokio::runtime::Runtime; -use openpgp_card::{CardCaps, CardClient, Error}; +use openpgp_card::{CardCaps, CardTransaction, Error}; lazy_static! { static ref RT: Mutex = @@ -48,7 +48,7 @@ const ASSUAN_LINELENGTH: usize = 1000; /// In particular, uploading rsa4096 keys fails via scdaemon, with such cards. const APDU_CMD_BYTES_MAX: usize = (ASSUAN_LINELENGTH - 25) / 2; -/// An implementation of the CardClient trait that uses GnuPG's scdaemon +/// An implementation of the CardTransaction trait that uses GnuPG's scdaemon /// (via GnuPG Agent) to access OpenPGP card devices. pub struct ScdClient { agent: Agent, @@ -65,7 +65,7 @@ impl ScdClient { let mut card = ScdClient::new(agent, true)?; card.select_card(serial)?; - ::initialize(&mut card)?; + ::initialize(&mut card)?; Ok(card) } @@ -79,7 +79,7 @@ impl ScdClient { pub fn open_yolo(agent: Option) -> Result { let mut card = ScdClient::new(agent, true)?; - ::initialize(&mut card)?; + ::initialize(&mut card)?; Ok(card) } @@ -199,7 +199,7 @@ impl ScdClient { } } -impl CardClient for ScdClient { +impl CardTransaction for ScdClient { fn transmit(&mut self, cmd: &[u8], _: usize) -> Result, Error> { log::trace!("SCDC cmd len {}", cmd.len()); diff --git a/tools/src/bin/opgpcard-pin/main.rs b/tools/src/bin/opgpcard-pin/main.rs index 8a6895b..d5075db 100644 --- a/tools/src/bin/opgpcard-pin/main.rs +++ b/tools/src/bin/opgpcard-pin/main.rs @@ -4,7 +4,7 @@ use anyhow::Result; use structopt::StructOpt; -use openpgp_card::{CardClient, Error, StatusBytes}; +use openpgp_card::{CardTransaction, Error, StatusBytes}; use openpgp_card_pcsc::PcscCard; use openpgp_card_sequoia::card::Open; diff --git a/tools/src/bin/opgpcard/main.rs b/tools/src/bin/opgpcard/main.rs index 935cdca..aaa1df4 100644 --- a/tools/src/bin/opgpcard/main.rs +++ b/tools/src/bin/opgpcard/main.rs @@ -12,7 +12,7 @@ use sequoia_openpgp::serialize::SerializeInto; use sequoia_openpgp::Cert; use openpgp_card::algorithm::AlgoSimple; -use openpgp_card::{card_do::Sex, CardClient, KeyType}; +use openpgp_card::{card_do::Sex, CardTransaction, KeyType}; use openpgp_card_sequoia::card::{Admin, Open}; use openpgp_card_sequoia::util::{make_cert, public_key_material_to_key}; @@ -156,7 +156,7 @@ fn set_identity( let mut card = util::open_card(ident)?; let mut txc = card.transaction()?; - ::set_identity(&mut txc, id)?; + ::set_identity(&mut txc, id)?; Ok(()) }