turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

openpgp-card: rename AlgoInfo->AlgorithmInformation

Browse source
This commit is contained in:
Heiko Schaefer 2023-08-29 16:19:00 +02:00
parent 32c59a15b1
commit f7f7a1dd3c
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
5 changed files with 42 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
openpgp-card-sequoia/src/lib.rs
View file

@ -140,7 +140,7 @@
//! ``` //! ```
use card_backend::{CardBackend, SmartcardError}; use card_backend::{CardBackend, SmartcardError};
use openpgp_card::algorithm::{AlgoInfo, AlgoSimple, AlgorithmAttributes}; use openpgp_card::algorithm::{AlgoSimple, AlgorithmAttributes, AlgorithmInformation};
use openpgp_card::card_do::{ use openpgp_card::card_do::{
ApplicationIdentifier, CardholderRelatedData, ExtendedCapabilities, ExtendedLengthInfo, ApplicationIdentifier, CardholderRelatedData, ExtendedCapabilities, ExtendedLengthInfo,
Fingerprint, HistoricalBytes, KeyGenerationTime, KeyInformation, KeySet, Lang, PWStatusBytes, Fingerprint, HistoricalBytes, KeyGenerationTime, KeyInformation, KeySet, Lang, PWStatusBytes,
@ -581,7 +581,7 @@ impl<'a> Card<Transaction<'a>> {
} }
// DO "Algorithm Information" (0xFA) // DO "Algorithm Information" (0xFA)
pub fn algorithm_information(&mut self) -> Result<Option<AlgoInfo>, Error> { pub fn algorithm_information(&mut self) -> Result<Option<AlgorithmInformation>, Error> {
// The DO "Algorithm Information" (Tag FA) shall be present if // The DO "Algorithm Information" (Tag FA) shall be present if
// Algorithm attributes can be changed // Algorithm attributes can be changed
let ec = self.extended_capabilities()?; let ec = self.extended_capabilities()?;

15
openpgp-card/src/algorithm.rs
View file

@ -85,7 +85,7 @@ impl AlgoSimple {
&self, &self,
key_type: KeyType, key_type: KeyType,
algorithm_attributes: AlgorithmAttributes, algorithm_attributes: AlgorithmAttributes,
algo_info: Option<AlgoInfo>, algo_info: Option<AlgorithmInformation>,
) -> Result<AlgorithmAttributes, Error> { ) -> Result<AlgorithmAttributes, Error> {
let algo = match self { let algo = match self {
Self::RSA1k => AlgorithmAttributes::Rsa(keys::determine_rsa_attrs( Self::RSA1k => AlgorithmAttributes::Rsa(keys::determine_rsa_attrs(
@ -142,15 +142,16 @@ impl AlgoSimple {
} }
} }
/// 4.4.3.11 Algorithm Information /// Algorithm Information [Spec section 4.4.3.11]
/// ///
/// Modern cards (since OpenPGP card v3.4) provide a list of supported /// Modern OpenPGP cards (starting with version v3.4) provide a list of
/// algorithms for each key type. This list specifies which "Algorithm /// algorithms they support for each key slot.
/// Attributes" can be set for key generation or key import. /// The Algorithm Information list specifies which [`AlgorithmAttributes`]
/// can be used on that card (for key generation or key import).
#[derive(Debug, Clone, Eq, PartialEq)] #[derive(Debug, Clone, Eq, PartialEq)]
pub struct AlgoInfo(pub(crate) Vec<(KeyType, AlgorithmAttributes)>); pub struct AlgorithmInformation(pub(crate) Vec<(KeyType, AlgorithmAttributes)>);
/// 4.4.3.9 Algorithm Attributes /// Algorithm Attributes [Spec section 4.4.3.9]
/// ///
/// An `Algo` describes the algorithm settings for a key on the card. /// An `Algo` describes the algorithm settings for a key on the card.
/// ///

28
openpgp-card/src/card_do/algo_info.rs
View file

@ -1,4 +1,4 @@
// SPDX-FileCopyrightText: 2021 Heiko Schaefer <heiko@schaefer.name> // SPDX-FileCopyrightText: 2021-2023 Heiko Schaefer <heiko@schaefer.name>
// SPDX-License-Identifier: MIT OR Apache-2.0 // SPDX-License-Identifier: MIT OR Apache-2.0
//! 4.4.3.11 Algorithm Information //! 4.4.3.11 Algorithm Information
@ -10,11 +10,11 @@ use nom::branch::alt;
use nom::combinator::map; use nom::combinator::map;
use nom::{branch, bytes::complete as bytes, combinator, multi, sequence}; use nom::{branch, bytes::complete as bytes, combinator, multi, sequence};
use crate::algorithm::{AlgoInfo, AlgorithmAttributes}; use crate::algorithm::{AlgorithmAttributes, AlgorithmInformation};
use crate::card_do::{algo_attrs, complete}; use crate::card_do::{algo_attrs, complete};
use crate::KeyType; use crate::KeyType;
impl AlgoInfo { impl AlgorithmInformation {
pub fn filter_by_keytype(&self, kt: KeyType) -> Vec<&AlgorithmAttributes> { pub fn filter_by_keytype(&self, kt: KeyType) -> Vec<&AlgorithmAttributes> {
self.0 self.0
.iter() .iter()
@ -24,7 +24,7 @@ impl AlgoInfo {
} }
} }
impl fmt::Display for AlgoInfo { impl fmt::Display for AlgorithmInformation {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
for (kt, a) in &self.0 { for (kt, a) in &self.0 {
let kt = match kt { let kt = match kt {
@ -85,11 +85,11 @@ fn parse(input: &[u8]) -> nom::IResult<&[u8], Vec<(KeyType, AlgorithmAttributes)
))(input) ))(input)
} }
impl TryFrom<&[u8]> for AlgoInfo { impl TryFrom<&[u8]> for AlgorithmInformation {
type Error = crate::Error; type Error = crate::Error;
fn try_from(input: &[u8]) -> Result<Self, Self::Error> { fn try_from(input: &[u8]) -> Result<Self, Self::Error> {
Ok(AlgoInfo(complete(parse(input))?)) Ok(AlgorithmInformation(complete(parse(input))?))
} }
} }
@ -99,7 +99,9 @@ impl TryFrom<&[u8]> for AlgoInfo {
mod test { mod test {
use std::convert::TryFrom; use std::convert::TryFrom;
use crate::algorithm::{AlgoInfo, AlgorithmAttributes::*, Curve::*, EccAttrs, RsaAttrs}; use crate::algorithm::{
AlgorithmAttributes::*, AlgorithmInformation, Curve::*, EccAttrs, RsaAttrs,
};
use crate::crypto_data::EccType::*; use crate::crypto_data::EccType::*;
use crate::KeyType::*; use crate::KeyType::*;
@ -118,11 +120,11 @@ mod test {
0x1, 0x1,
]; ];
let ai = AlgoInfo::try_from(&data[..]).unwrap(); let ai = AlgorithmInformation::try_from(&data[..]).unwrap();
assert_eq!( assert_eq!(
ai, ai,
AlgoInfo(vec![ AlgorithmInformation(vec![
(Signing, Rsa(RsaAttrs::new(2048, 32, 0))), (Signing, Rsa(RsaAttrs::new(2048, 32, 0))),
(Signing, Rsa(RsaAttrs::new(4096, 32, 0))), (Signing, Rsa(RsaAttrs::new(4096, 32, 0))),
(Signing, Ecc(EccAttrs::new(ECDSA, NistP256r1, None))), (Signing, Ecc(EccAttrs::new(ECDSA, NistP256r1, None))),
@ -164,11 +166,11 @@ mod test {
0xa, 0x13, 0x2b, 0x24, 0x3, 0x3, 0x2, 0x8, 0x1, 0x1, 0xd, 0xa, 0x13, 0x2b, 0x24, 0x3, 0x3, 0x2, 0x8, 0x1, 0x1, 0xd,
]; ];
let ai = AlgoInfo::try_from(&data[..]).unwrap(); let ai = AlgorithmInformation::try_from(&data[..]).unwrap();
assert_eq!( assert_eq!(
ai, ai,
AlgoInfo(vec![ AlgorithmInformation(vec![
(Signing, Rsa(RsaAttrs::new(2048, 32, 0))), (Signing, Rsa(RsaAttrs::new(2048, 32, 0))),
(Signing, Rsa(RsaAttrs::new(3072, 32, 0))), (Signing, Rsa(RsaAttrs::new(3072, 32, 0))),
(Signing, Rsa(RsaAttrs::new(4096, 32, 0))), (Signing, Rsa(RsaAttrs::new(4096, 32, 0))),
@ -245,11 +247,11 @@ mod test {
0xda, 0xb, 0x16, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x97, 0x55, 0x1, 0x5, 0x1, 0xda, 0xb, 0x16, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x97, 0x55, 0x1, 0x5, 0x1,
]; ];
let ai = AlgoInfo::try_from(&data[..]).unwrap(); let ai = AlgorithmInformation::try_from(&data[..]).unwrap();
assert_eq!( assert_eq!(
ai, ai,
AlgoInfo(vec![ AlgorithmInformation(vec![
(Signing, Rsa(RsaAttrs::new(2048, 17, 0))), (Signing, Rsa(RsaAttrs::new(2048, 17, 0))),
(Signing, Rsa(RsaAttrs::new(3072, 17, 0))), (Signing, Rsa(RsaAttrs::new(3072, 17, 0))),
(Signing, Rsa(RsaAttrs::new(4096, 17, 0))), (Signing, Rsa(RsaAttrs::new(4096, 17, 0))),

20
openpgp-card/src/keys.rs
View file

@ -6,7 +6,7 @@
use std::convert::TryFrom; use std::convert::TryFrom;
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use crate::algorithm::{AlgoInfo, AlgorithmAttributes, Curve, EccAttrs, RsaAttrs}; use crate::algorithm::{AlgorithmAttributes, AlgorithmInformation, Curve, EccAttrs, RsaAttrs};
use crate::apdu::command::Command; use crate::apdu::command::Command;
use crate::apdu::commands; use crate::apdu::commands;
use crate::card_do::{Fingerprint, KeyGenerationTime}; use crate::card_do::{Fingerprint, KeyGenerationTime};
@ -147,7 +147,7 @@ pub(crate) fn key_import(
card_tx: &mut Transaction, card_tx: &mut Transaction,
key: Box<dyn CardUploadableKey>, key: Box<dyn CardUploadableKey>,
key_type: KeyType, key_type: KeyType,
algo_info: Option<AlgoInfo>, algo_info: Option<AlgorithmInformation>,
) -> Result<(), Error> { ) -> Result<(), Error> {
log::info!("OpenPgpTransaction: key_import"); log::info!("OpenPgpTransaction: key_import");
@ -206,7 +206,7 @@ pub(crate) fn determine_rsa_attrs(
rsa_bits: u16, rsa_bits: u16,
key_type: KeyType, key_type: KeyType,
algo_attr: AlgorithmAttributes, algo_attr: AlgorithmAttributes,
algo_info: Option<AlgoInfo>, algo_info: Option<AlgorithmInformation>,
) -> Result<RsaAttrs, Error> { ) -> Result<RsaAttrs, Error> {
// Figure out suitable RSA algorithm parameters: // Figure out suitable RSA algorithm parameters:
@ -248,7 +248,7 @@ pub(crate) fn determine_ecc_attrs(
oid: &[u8], oid: &[u8],
ecc_type: EccType, ecc_type: EccType,
key_type: KeyType, key_type: KeyType,
algo_info: Option<AlgoInfo>, algo_info: Option<AlgorithmInformation>,
) -> Result<EccAttrs, crate::Error> { ) -> Result<EccAttrs, crate::Error> {
// If we have an algo_info, refuse upload if oid is not listed // If we have an algo_info, refuse upload if oid is not listed
if let Some(algo_info) = algo_info { if let Some(algo_info) = algo_info {
@ -284,7 +284,11 @@ pub(crate) fn determine_ecc_attrs(
} }
/// Look up RsaAttrs parameters in algo_info based on key_type and rsa_bits /// Look up RsaAttrs parameters in algo_info based on key_type and rsa_bits
fn card_algo_rsa(algo_info: AlgoInfo, key_type: KeyType, rsa_bits: u16) -> Result<RsaAttrs, Error> { fn card_algo_rsa(
algo_info: AlgorithmInformation,
key_type: KeyType,
rsa_bits: u16,
) -> Result<RsaAttrs, Error> {
// Find suitable algorithm parameters (from card's list of algorithms). // Find suitable algorithm parameters (from card's list of algorithms).
// Get Algos for this keytype // Get Algos for this keytype
@ -322,7 +326,11 @@ fn card_algo_rsa(algo_info: AlgoInfo, key_type: KeyType, rsa_bits: u16) -> Resul
} }
/// Get all entries from algo_info with matching `oid` and `key_type`. /// Get all entries from algo_info with matching `oid` and `key_type`.
fn check_card_algo_ecc(algo_info: AlgoInfo, key_type: KeyType, oid: &[u8]) -> Vec<EccAttrs> { fn check_card_algo_ecc(
algo_info: AlgorithmInformation,
key_type: KeyType,
oid: &[u8],
) -> Vec<EccAttrs> {
// Find suitable algorithm parameters (from card's list of algorithms). // Find suitable algorithm parameters (from card's list of algorithms).
// Get Algos for this keytype // Get Algos for this keytype

6
openpgp-card/src/lib.rs
View file

@ -45,7 +45,7 @@ use std::convert::{TryFrom, TryInto};
use card_backend::{CardBackend, CardCaps, CardTransaction, PinType, SmartcardError}; use card_backend::{CardBackend, CardCaps, CardTransaction, PinType, SmartcardError};
use tags::{ShortTag, Tags}; use tags::{ShortTag, Tags};
use crate::algorithm::{AlgoInfo, AlgoSimple, AlgorithmAttributes}; use crate::algorithm::{AlgoSimple, AlgorithmAttributes, AlgorithmInformation};
use crate::apdu::command::Command; use crate::apdu::command::Command;
use crate::apdu::commands; use crate::apdu::commands;
use crate::apdu::response::RawResponse; use crate::apdu::response::RawResponse;
@ -433,13 +433,13 @@ impl<'a> Transaction<'a> {
} }
/// Get "Algorithm Information" /// Get "Algorithm Information"
pub fn algorithm_information(&mut self) -> Result<Option<AlgoInfo>, Error> { pub fn algorithm_information(&mut self) -> Result<Option<AlgorithmInformation>, Error> {
log::info!("OpenPgpTransaction: algorithm_information"); log::info!("OpenPgpTransaction: algorithm_information");
let resp = self.send_command(commands::algo_info(), true)?; let resp = self.send_command(commands::algo_info(), true)?;
resp.check_ok()?; resp.check_ok()?;
let ai = AlgoInfo::try_from(resp.data()?)?; let ai = AlgorithmInformation::try_from(resp.data()?)?;
Ok(Some(ai)) Ok(Some(ai))
} }