add touch tlv for generate and import-key
This commit is contained in:
+17
-5
@@ -86,8 +86,9 @@ static void print_version(ykpiv_state *state, const char *output_file_name) {
|
||||
|
||||
static bool generate_key(ykpiv_state *state, const char *slot,
|
||||
enum enum_algorithm algorithm, const char *output_file_name,
|
||||
enum enum_key_format key_format, enum enum_pin_policy pin_policy) {
|
||||
unsigned char in_data[8];
|
||||
enum enum_key_format key_format, enum enum_pin_policy pin_policy,
|
||||
enum enum_touch_policy touch_policy) {
|
||||
unsigned char in_data[11];
|
||||
unsigned char *in_ptr = in_data;
|
||||
unsigned char data[1024];
|
||||
unsigned char templ[] = {0, YKPIV_INS_GENERATE_ASYMMERTRIC, 0, 0};
|
||||
@@ -127,6 +128,12 @@ static bool generate_key(ykpiv_state *state, const char *slot,
|
||||
*in_ptr++ = 1;
|
||||
*in_ptr++ = get_pin_policy(pin_policy);
|
||||
}
|
||||
if(touch_policy != touch_policy__NULL) {
|
||||
in_data[1] += 3;
|
||||
*in_ptr++ = YKPIV_TOUCHPOLICY_TAG;
|
||||
*in_ptr++ = 1;
|
||||
*in_ptr++ = get_touch_policy(touch_policy);
|
||||
}
|
||||
if(ykpiv_transfer_data(state, templ, in_data, in_ptr - in_data, data,
|
||||
&recv_len, &sw) != YKPIV_OK) {
|
||||
fprintf(stderr, "Failed to communicate.\n");
|
||||
@@ -287,7 +294,7 @@ static bool set_pin_retries(ykpiv_state *state, int pin_retries, int puk_retries
|
||||
|
||||
static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
|
||||
const char *input_file_name, const char *slot, char *password,
|
||||
enum enum_pin_policy pin_policy) {
|
||||
enum enum_pin_policy pin_policy, enum enum_touch_policy touch_policy) {
|
||||
int key = 0;
|
||||
FILE *input_file = NULL;
|
||||
EVP_PKEY *private_key = NULL;
|
||||
@@ -405,6 +412,11 @@ static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
|
||||
*in_ptr++ = 1;
|
||||
*in_ptr++ = get_pin_policy(pin_policy);
|
||||
}
|
||||
if(touch_policy != touch_policy__NULL) {
|
||||
*in_ptr++ = YKPIV_TOUCHPOLICY_TAG;
|
||||
*in_ptr++ = 1;
|
||||
*in_ptr++ = get_touch_policy(touch_policy);
|
||||
}
|
||||
|
||||
if(ykpiv_transfer_data(state, templ, in_data, in_ptr - in_data, data,
|
||||
&recv_len, &sw) != YKPIV_OK) {
|
||||
@@ -1674,7 +1686,7 @@ int main(int argc, char *argv[]) {
|
||||
break;
|
||||
case action_arg_generate:
|
||||
if(generate_key(state, args_info.slot_orig, args_info.algorithm_arg, args_info.output_arg, args_info.key_format_arg,
|
||||
args_info.pin_policy_arg) == false) {
|
||||
args_info.pin_policy_arg, args_info.touch_policy_arg) == false) {
|
||||
ret = EXIT_FAILURE;
|
||||
} else {
|
||||
fprintf(stderr, "Successfully generated a new private key.\n");
|
||||
@@ -1716,7 +1728,7 @@ int main(int argc, char *argv[]) {
|
||||
break;
|
||||
case action_arg_importMINUS_key:
|
||||
if(import_key(state, args_info.key_format_arg, args_info.input_arg, args_info.slot_orig, args_info.password_arg,
|
||||
args_info.pin_policy_arg) == false) {
|
||||
args_info.pin_policy_arg, args_info.touch_policy_arg) == false) {
|
||||
ret = EXIT_FAILURE;
|
||||
} else {
|
||||
fprintf(stderr, "Successfully imported a new private key.\n");
|
||||
|
||||
Reference in New Issue
Block a user