add action to set management key

This commit is contained in:
Klas Lindfors
2014-02-04 08:44:47 +01:00
parent 0bd1280a1a
commit 6e3d265d4c
2 changed files with 40 additions and 3 deletions
+2 -1
View File
@@ -27,6 +27,7 @@
option "verbose" v "Print more information" flag off option "verbose" v "Print more information" flag off
option "reader" r "Only use a matching reader" string optional option "reader" r "Only use a matching reader" string optional
option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708" option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708"
option "action" a "Action to take" values="version","generate" enum option "action" a "Action to take" values="version","generate","set-mgm-key" enum
option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional
option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256" enum optional default="RSA2048" option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256" enum optional default="RSA2048"
option "new-key" n "New authentication key to use" string optional
+38 -2
View File
@@ -280,6 +280,29 @@ static bool generate_key(SCARDHANDLE *card, const char *slot, enum enum_algorith
return true; return true;
} }
static bool set_mgm_key(SCARDHANDLE *card, unsigned const char *new_key, int verbose) {
APDU apdu;
unsigned char data[0xff];
unsigned long recv_len = sizeof(data);
int sw;
memset(apdu.raw, 0, sizeof(apdu));
apdu.st.ins = 0xff;
apdu.st.p1 = 0xff;
apdu.st.p2 = 0xff;
apdu.st.lc = KEY_LEN + 3;
apdu.st.data[0] = 0x03; // 3-DES
apdu.st.data[1] = 0x9b;
apdu.st.data[2] = KEY_LEN;
memcpy(apdu.st.data + 3, new_key, KEY_LEN);
sw = send_data(card, apdu, KEY_LEN + 8, data, &recv_len, verbose);
if(sw == 0x9000) {
return true;
}
return false;
}
int send_data(SCARDHANDLE *card, APDU apdu, unsigned int send_len, unsigned char *data, unsigned long *recv_len, int verbose) { int send_data(SCARDHANDLE *card, APDU apdu, unsigned int send_len, unsigned char *data, unsigned long *recv_len, int verbose) {
long rc; long rc;
int sw; int sw;
@@ -319,7 +342,7 @@ void dump_hex(const unsigned char *buf, unsigned int len) {
static bool parse_key(char *key_arg, unsigned char *key, int verbose) { static bool parse_key(char *key_arg, unsigned char *key, int verbose) {
int i; int i;
char key_part[2]; char key_part[4];
int key_len = strlen(key_arg); int key_len = strlen(key_arg);
if(key_len != KEY_LEN * 2) { if(key_len != KEY_LEN * 2) {
@@ -373,7 +396,20 @@ int main(int argc, char *argv[]) {
if(args_info.slot_arg != slot__NULL) { if(args_info.slot_arg != slot__NULL) {
generate_key(&card, args_info.slot_orig, args_info.algorithm_arg, args_info.verbose_flag); generate_key(&card, args_info.slot_orig, args_info.algorithm_arg, args_info.verbose_flag);
} else { } else {
fprintf(stderr, "The generate command needs a slot (-s) to operate on.\n"); fprintf(stderr, "The generate action needs a slot (-s) to operate on.\n");
return EXIT_FAILURE;
}
} else if(args_info.action_arg == action_arg_setMINUS_mgmMINUS_key) {
if(args_info.new_key_arg) {
unsigned char new_key[KEY_LEN];
if(parse_key(args_info.new_key_arg, new_key, args_info.verbose_flag) == false) {
return EXIT_FAILURE;
}
if(set_mgm_key(&card, new_key, args_info.verbose_flag) == false) {
return EXIT_FAILURE;
}
} else {
fprintf(stderr, "The set-mgm-key action needs the new-key (-n) argument.\n");
return EXIT_FAILURE; return EXIT_FAILURE;
} }
} }