From 6478ebc37da2f13ccfb7e83339ac8a73961c7984 Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Mon, 3 Feb 2014 16:02:59 +0100 Subject: [PATCH] implement generate --- cmdline.ggo | 3 ++- yubico-piv-tool.c | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/cmdline.ggo b/cmdline.ggo index 270688d..f7c1fcc 100644 --- a/cmdline.ggo +++ b/cmdline.ggo @@ -27,4 +27,5 @@ option "verbose" v "Print more information" flag off option "reader" r "Only use a matching reader" string optional option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708" -option "action" a "Action to take" values="version" enum +option "action" a "Action to take" values="version","generate" enum +option "slot" s "What key slot to operate on" values="9a","9b","9c","9d","9e" enum optional diff --git a/yubico-piv-tool.c b/yubico-piv-tool.c index 4839c45..fabc4ba 100644 --- a/yubico-piv-tool.c +++ b/yubico-piv-tool.c @@ -231,6 +231,30 @@ static void print_version(SCARDHANDLE *card, int verbose) { } } +static bool generate_key(SCARDHANDLE *card, const char *slot, int verbose) { + APDU apdu; + unsigned char data[0xff]; + unsigned long recv_len = sizeof(data); + int sw; + int key = 0; + + sscanf(slot, "%hhx", &key); + printf("slot: %x\n", key); + + memset(apdu.raw, 0, sizeof(apdu)); + apdu.st.ins = 0x47; + apdu.st.p2 = key; + apdu.st.lc = 5; + apdu.st.data[0] = 0xac; + apdu.st.data[1] = 3; + apdu.st.data[2] = 0x80; + apdu.st.data[3] = 1; + apdu.st.data[4] = 0x07; /* rsa 2048 TODO: implement more */ + sw = send_data(card, apdu, 10, data, &recv_len, verbose); + + return true; +} + int send_data(SCARDHANDLE *card, APDU apdu, unsigned int send_len, unsigned char *data, unsigned long *recv_len, int verbose) { long rc; int sw; @@ -320,6 +344,13 @@ int main(int argc, char *argv[]) { if(args_info.action_arg == action_arg_version) { print_version(&card, args_info.verbose_flag); + } else if(args_info.action_arg == action_arg_generate) { + if(args_info.slot_arg != slot__NULL) { + generate_key(&card, args_info.slot_orig, args_info.verbose_flag); + } else { + fprintf(stderr, "The generate command needs a slot (-s) to operate on.\n"); + return EXIT_FAILURE; + } } return EXIT_SUCCESS;