From f7f7a1dd3cca5424b867325bcfd5b946e7778b76 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Tue, 29 Aug 2023 16:19:00 +0200 Subject: [PATCH] openpgp-card: rename AlgoInfo->AlgorithmInformation --- openpgp-card-sequoia/src/lib.rs | 4 ++-- openpgp-card/src/algorithm.rs | 15 +++++++------- openpgp-card/src/card_do/algo_info.rs | 28 ++++++++++++++------------- openpgp-card/src/keys.rs | 20 +++++++++++++------ openpgp-card/src/lib.rs | 6 +++--- 5 files changed, 42 insertions(+), 31 deletions(-) diff --git a/openpgp-card-sequoia/src/lib.rs b/openpgp-card-sequoia/src/lib.rs index abc92ef..12178f2 100644 --- a/openpgp-card-sequoia/src/lib.rs +++ b/openpgp-card-sequoia/src/lib.rs @@ -140,7 +140,7 @@ //! ``` use card_backend::{CardBackend, SmartcardError}; -use openpgp_card::algorithm::{AlgoInfo, AlgoSimple, AlgorithmAttributes}; +use openpgp_card::algorithm::{AlgoSimple, AlgorithmAttributes, AlgorithmInformation}; use openpgp_card::card_do::{ ApplicationIdentifier, CardholderRelatedData, ExtendedCapabilities, ExtendedLengthInfo, Fingerprint, HistoricalBytes, KeyGenerationTime, KeyInformation, KeySet, Lang, PWStatusBytes, @@ -581,7 +581,7 @@ impl<'a> Card> { } // DO "Algorithm Information" (0xFA) - pub fn algorithm_information(&mut self) -> Result, Error> { + pub fn algorithm_information(&mut self) -> Result, Error> { // The DO "Algorithm Information" (Tag FA) shall be present if // Algorithm attributes can be changed let ec = self.extended_capabilities()?; diff --git a/openpgp-card/src/algorithm.rs b/openpgp-card/src/algorithm.rs index 9be5a35..6a772c8 100644 --- a/openpgp-card/src/algorithm.rs +++ b/openpgp-card/src/algorithm.rs @@ -85,7 +85,7 @@ impl AlgoSimple { &self, key_type: KeyType, algorithm_attributes: AlgorithmAttributes, - algo_info: Option, + algo_info: Option, ) -> Result { let algo = match self { Self::RSA1k => AlgorithmAttributes::Rsa(keys::determine_rsa_attrs( @@ -142,15 +142,16 @@ impl AlgoSimple { } } -/// 4.4.3.11 Algorithm Information +/// Algorithm Information [Spec section 4.4.3.11] /// -/// Modern cards (since OpenPGP card v3.4) provide a list of supported -/// algorithms for each key type. This list specifies which "Algorithm -/// Attributes" can be set for key generation or key import. +/// Modern OpenPGP cards (starting with version v3.4) provide a list of +/// algorithms they support for each key slot. +/// The Algorithm Information list specifies which [`AlgorithmAttributes`] +/// can be used on that card (for key generation or key import). #[derive(Debug, Clone, Eq, PartialEq)] -pub struct AlgoInfo(pub(crate) Vec<(KeyType, AlgorithmAttributes)>); +pub struct AlgorithmInformation(pub(crate) Vec<(KeyType, AlgorithmAttributes)>); -/// 4.4.3.9 Algorithm Attributes +/// Algorithm Attributes [Spec section 4.4.3.9] /// /// An `Algo` describes the algorithm settings for a key on the card. /// diff --git a/openpgp-card/src/card_do/algo_info.rs b/openpgp-card/src/card_do/algo_info.rs index 5a1cee4..1014172 100644 --- a/openpgp-card/src/card_do/algo_info.rs +++ b/openpgp-card/src/card_do/algo_info.rs @@ -1,4 +1,4 @@ -// SPDX-FileCopyrightText: 2021 Heiko Schaefer +// SPDX-FileCopyrightText: 2021-2023 Heiko Schaefer // SPDX-License-Identifier: MIT OR Apache-2.0 //! 4.4.3.11 Algorithm Information @@ -10,11 +10,11 @@ use nom::branch::alt; use nom::combinator::map; use nom::{branch, bytes::complete as bytes, combinator, multi, sequence}; -use crate::algorithm::{AlgoInfo, AlgorithmAttributes}; +use crate::algorithm::{AlgorithmAttributes, AlgorithmInformation}; use crate::card_do::{algo_attrs, complete}; use crate::KeyType; -impl AlgoInfo { +impl AlgorithmInformation { pub fn filter_by_keytype(&self, kt: KeyType) -> Vec<&AlgorithmAttributes> { self.0 .iter() @@ -24,7 +24,7 @@ impl AlgoInfo { } } -impl fmt::Display for AlgoInfo { +impl fmt::Display for AlgorithmInformation { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { for (kt, a) in &self.0 { let kt = match kt { @@ -85,11 +85,11 @@ fn parse(input: &[u8]) -> nom::IResult<&[u8], Vec<(KeyType, AlgorithmAttributes) ))(input) } -impl TryFrom<&[u8]> for AlgoInfo { +impl TryFrom<&[u8]> for AlgorithmInformation { type Error = crate::Error; fn try_from(input: &[u8]) -> Result { - Ok(AlgoInfo(complete(parse(input))?)) + Ok(AlgorithmInformation(complete(parse(input))?)) } } @@ -99,7 +99,9 @@ impl TryFrom<&[u8]> for AlgoInfo { mod test { use std::convert::TryFrom; - use crate::algorithm::{AlgoInfo, AlgorithmAttributes::*, Curve::*, EccAttrs, RsaAttrs}; + use crate::algorithm::{ + AlgorithmAttributes::*, AlgorithmInformation, Curve::*, EccAttrs, RsaAttrs, + }; use crate::crypto_data::EccType::*; use crate::KeyType::*; @@ -118,11 +120,11 @@ mod test { 0x1, ]; - let ai = AlgoInfo::try_from(&data[..]).unwrap(); + let ai = AlgorithmInformation::try_from(&data[..]).unwrap(); assert_eq!( ai, - AlgoInfo(vec![ + AlgorithmInformation(vec![ (Signing, Rsa(RsaAttrs::new(2048, 32, 0))), (Signing, Rsa(RsaAttrs::new(4096, 32, 0))), (Signing, Ecc(EccAttrs::new(ECDSA, NistP256r1, None))), @@ -164,11 +166,11 @@ mod test { 0xa, 0x13, 0x2b, 0x24, 0x3, 0x3, 0x2, 0x8, 0x1, 0x1, 0xd, ]; - let ai = AlgoInfo::try_from(&data[..]).unwrap(); + let ai = AlgorithmInformation::try_from(&data[..]).unwrap(); assert_eq!( ai, - AlgoInfo(vec![ + AlgorithmInformation(vec![ (Signing, Rsa(RsaAttrs::new(2048, 32, 0))), (Signing, Rsa(RsaAttrs::new(3072, 32, 0))), (Signing, Rsa(RsaAttrs::new(4096, 32, 0))), @@ -245,11 +247,11 @@ mod test { 0xda, 0xb, 0x16, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x97, 0x55, 0x1, 0x5, 0x1, ]; - let ai = AlgoInfo::try_from(&data[..]).unwrap(); + let ai = AlgorithmInformation::try_from(&data[..]).unwrap(); assert_eq!( ai, - AlgoInfo(vec![ + AlgorithmInformation(vec![ (Signing, Rsa(RsaAttrs::new(2048, 17, 0))), (Signing, Rsa(RsaAttrs::new(3072, 17, 0))), (Signing, Rsa(RsaAttrs::new(4096, 17, 0))), diff --git a/openpgp-card/src/keys.rs b/openpgp-card/src/keys.rs index 8f58523..de6be27 100644 --- a/openpgp-card/src/keys.rs +++ b/openpgp-card/src/keys.rs @@ -6,7 +6,7 @@ use std::convert::TryFrom; use std::time::{SystemTime, UNIX_EPOCH}; -use crate::algorithm::{AlgoInfo, AlgorithmAttributes, Curve, EccAttrs, RsaAttrs}; +use crate::algorithm::{AlgorithmAttributes, AlgorithmInformation, Curve, EccAttrs, RsaAttrs}; use crate::apdu::command::Command; use crate::apdu::commands; use crate::card_do::{Fingerprint, KeyGenerationTime}; @@ -147,7 +147,7 @@ pub(crate) fn key_import( card_tx: &mut Transaction, key: Box, key_type: KeyType, - algo_info: Option, + algo_info: Option, ) -> Result<(), Error> { log::info!("OpenPgpTransaction: key_import"); @@ -206,7 +206,7 @@ pub(crate) fn determine_rsa_attrs( rsa_bits: u16, key_type: KeyType, algo_attr: AlgorithmAttributes, - algo_info: Option, + algo_info: Option, ) -> Result { // Figure out suitable RSA algorithm parameters: @@ -248,7 +248,7 @@ pub(crate) fn determine_ecc_attrs( oid: &[u8], ecc_type: EccType, key_type: KeyType, - algo_info: Option, + algo_info: Option, ) -> Result { // If we have an algo_info, refuse upload if oid is not listed if let Some(algo_info) = algo_info { @@ -284,7 +284,11 @@ pub(crate) fn determine_ecc_attrs( } /// Look up RsaAttrs parameters in algo_info based on key_type and rsa_bits -fn card_algo_rsa(algo_info: AlgoInfo, key_type: KeyType, rsa_bits: u16) -> Result { +fn card_algo_rsa( + algo_info: AlgorithmInformation, + key_type: KeyType, + rsa_bits: u16, +) -> Result { // Find suitable algorithm parameters (from card's list of algorithms). // Get Algos for this keytype @@ -322,7 +326,11 @@ fn card_algo_rsa(algo_info: AlgoInfo, key_type: KeyType, rsa_bits: u16) -> Resul } /// Get all entries from algo_info with matching `oid` and `key_type`. -fn check_card_algo_ecc(algo_info: AlgoInfo, key_type: KeyType, oid: &[u8]) -> Vec { +fn check_card_algo_ecc( + algo_info: AlgorithmInformation, + key_type: KeyType, + oid: &[u8], +) -> Vec { // Find suitable algorithm parameters (from card's list of algorithms). // Get Algos for this keytype diff --git a/openpgp-card/src/lib.rs b/openpgp-card/src/lib.rs index 31fbb81..93a7184 100644 --- a/openpgp-card/src/lib.rs +++ b/openpgp-card/src/lib.rs @@ -45,7 +45,7 @@ use std::convert::{TryFrom, TryInto}; use card_backend::{CardBackend, CardCaps, CardTransaction, PinType, SmartcardError}; use tags::{ShortTag, Tags}; -use crate::algorithm::{AlgoInfo, AlgoSimple, AlgorithmAttributes}; +use crate::algorithm::{AlgoSimple, AlgorithmAttributes, AlgorithmInformation}; use crate::apdu::command::Command; use crate::apdu::commands; use crate::apdu::response::RawResponse; @@ -433,13 +433,13 @@ impl<'a> Transaction<'a> { } /// Get "Algorithm Information" - pub fn algorithm_information(&mut self) -> Result, Error> { + pub fn algorithm_information(&mut self) -> Result, Error> { log::info!("OpenPgpTransaction: algorithm_information"); let resp = self.send_command(commands::algo_info(), true)?; resp.check_ok()?; - let ai = AlgoInfo::try_from(resp.data()?)?; + let ai = AlgorithmInformation::try_from(resp.data()?)?; Ok(Some(ai)) }