Verified Commit 02ef04c2 authored by Ingo Klöcker's avatar Ingo Klöcker Committed by Ingo Klöcker
Browse files

Allow setting/retrieving supported algorithms of OpenPGP smart cards

This includes special handling for Curve25519 where, depending on the
card slot, the appropriate algorithm ID is returned.

GnuPG-bug-id: 4429
parent b3dcee27
......@@ -3,7 +3,7 @@
This file is part of Kleopatra, the KDE keymanager
SPDX-FileCopyrightText: 2017 Bundesamt für Sicherheit in der Informationstechnik
SPDX-FileContributor: Intevation GmbH
SPDX-FileCopyrightText: 2020 g10 Code GmbH
SPDX-FileCopyrightText: 2020, 2022 g10 Code GmbH
SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
SPDX-License-Identifier: GPL-2.0-or-later
......@@ -22,6 +22,10 @@
#include "openpgpcard.h"
#include "algorithminfo.h"
#include <Libkleo/Algorithm>
#include <KLocalizedString>
#include "kleopatra_debug.h"
......@@ -29,6 +33,11 @@
using namespace Kleo;
using namespace Kleo::SmartCard;
static QDebug operator<<(QDebug s, const std::string &string)
{
return s << QString::fromStdString(string);
}
// static
const std::string OpenPGPCard::AppName = "openpgp";
......@@ -99,7 +108,56 @@ QString OpenPGPCard::keyDisplayName(const std::string &keyRef)
return displayNames.value(keyRef);
}
void OpenPGPCard::setSupportedAlgorithms(const std::vector<std::string> &algorithms)
{
const static std::vector<std::string> allowedAlgorithms = {
"brainpoolP256r1",
"brainpoolP384r1",
"brainpoolP512r1",
"curve25519",
"nistp256",
"nistp384",
"nistp521",
"rsa2048",
"rsa3072",
"rsa4096",
};
mAlgorithms.clear();
std::copy_if(algorithms.begin(), algorithms.end(), std::back_inserter(mAlgorithms), [](const auto &algo) {
return Kleo::contains(allowedAlgorithms, algo);
});
if (mAlgorithms.size() < algorithms.size()) {
qWarning(KLEOPATRA_LOG).nospace() << "OpenPGPCard::" << __func__ << " Invalid algorithm in " << algorithms
<< " (allowed algorithms: " << allowedAlgorithms << ")";
}
}
std::string OpenPGPCard::pubkeyUrl() const
{
return cardInfo("PUBKEY-URL");
}
std::vector<AlgorithmInfo> OpenPGPCard::supportedAlgorithms(const std::string &keyRef)
{
const static std::map<std::string, QString> displayNames = {
{ "brainpoolP256r1", i18nc("@info", "ECC (Brainpool P-256)") },
{ "brainpoolP384r1", i18nc("@info", "ECC (Brainpool P-384)") },
{ "brainpoolP512r1", i18nc("@info", "ECC (Brainpool P-512)") },
{ "curve25519", i18nc("@info", "ECC (Curve 25519)") },
{ "nistp256", i18nc("@info", "ECC (NIST P-256)") },
{ "nistp384", i18nc("@info", "ECC (NIST P-384)") },
{ "nistp521", i18nc("@info", "ECC (NIST P-521)") },
{ "rsa2048", i18nc("@info", "RSA 2048") },
{ "rsa3072", i18nc("@info", "RSA 3072") },
{ "rsa4096", i18nc("@info", "RSA 4096") },
};
const std::string curve25519Algo = keyRef == OpenPGPCard::pgpEncKeyRef() ? "cv25519" : "ed25519";
std::vector<AlgorithmInfo> algos;
std::transform(mAlgorithms.cbegin(), mAlgorithms.cend(), std::back_inserter(algos), [curve25519Algo](const auto &algo) {
if (algo == "curve25519") {
return AlgorithmInfo{curve25519Algo, displayNames.at(algo)};
}
return AlgorithmInfo{algo, displayNames.at(algo)};
});
return algos;
}
......@@ -3,7 +3,7 @@
This file is part of Kleopatra, the KDE keymanager
SPDX-FileCopyrightText: 2017 Bundesamt für Sicherheit in der Informationstechnik
SPDX-FileContributor: Intevation GmbH
SPDX-FileCopyrightText: 2020 g10 Code GmbH
SPDX-FileCopyrightText: 2020, 2022 g10 Code GmbH
SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
SPDX-License-Identifier: GPL-2.0-or-later
......@@ -16,6 +16,7 @@ namespace Kleo
{
namespace SmartCard
{
struct AlgorithmInfo;
struct KeyPairInfo;
/** Class to work with OpenPGP smartcards or compatible tokens */
......@@ -37,7 +38,29 @@ public:
static const std::vector<KeyPairInfo> & supportedKeys();
static QString keyDisplayName(const std::string &keyRef);
/**
* Sets the algorithms supported by this smart card to \p algorithms.
* The following values for algorithms are allowed:
* brainpoolP256r1, brainpoolP384r1, brainpoolP512r1,
* curve25519,
* nistp256, nistp384, nistp521,
* rsa2048, rsa3072, rsa4096.
*/
void setSupportedAlgorithms(const std::vector<std::string> &algorithms);
std::string pubkeyUrl() const;
/**
* Returns a list of algorithm names and corresponding display names suitable
* for the card slot specified by \p keyRef.
*
* \note For Curve25519, depending on the given card slot, either "ed25519"
* or "cv25519" is returned as algorithm ID.
*/
std::vector<AlgorithmInfo> supportedAlgorithms(const std::string &keyRef);
private:
std::vector<std::string> mAlgorithms;
};
} // namespace Smartcard
} // namespace Kleopatra
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment