From edf1a0cdd7da261e514c288c4675713a4343475b Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Sat, 18 Jul 2015 13:55:01 +0900 Subject: [PATCH] always enable keygen --- ChangeLog | 10 ++++++++++ polarssl/include/polarssl/config.h | 2 -- src/Makefile.in | 2 +- src/call-rsa.c | 2 -- src/configure | 20 ++------------------ src/openpgp-do.c | 2 -- src/openpgp.c | 5 ----- src/random.c | 7 ++----- 8 files changed, 15 insertions(+), 35 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6fa808e..d98e19c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2015-07-18 Niibe Yutaka + + * src/configure (keygen): It's always enabled. + * src/openpgp-do.c (gpg_do_keygen): Support key generation. + * src/openpgp.c (cmd_pgp_gakp): Likewise. + * src/call-rsa.c (rsa_genkey): Likewise. + * src/random.c (random_gen): Likewise. + * src/Makefile.in (KEYGEN_SUPPORT): Remove. + * polarssl/include/polarssl/config.h (POLARSSL_GENPRIME): Define. + 2015-07-16 Niibe Yutaka * src/configure (FLASH_PAGE_SIZE, FLASH_SIZE, MEMORY_SIZE) diff --git a/polarssl/include/polarssl/config.h b/polarssl/include/polarssl/config.h index 0ff3599..cf3cd2a 100644 --- a/polarssl/include/polarssl/config.h +++ b/polarssl/include/polarssl/config.h @@ -209,9 +209,7 @@ * * Enable the RSA prime-number generation code. */ -#ifdef KEYGEN_SUPPORT #define POLARSSL_GENPRIME -#endif /** * \def POLARSSL_FS_IO diff --git a/src/Makefile.in b/src/Makefile.in index 2dd3360..14894b6 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -55,7 +55,7 @@ OBJCOPY = $(CROSS)objcopy MCU = cortex-m3 CWARN = -Wall -Wextra -Wstrict-prototypes # DEFS: Add -DEFS = @KEYGEN_SUPPORT@ @HAVE_SYS_H@ +DEFS = @HAVE_SYS_H@ OPT = -O3 -Os -g LIBS = diff --git a/src/call-rsa.c b/src/call-rsa.c index 6632c07..43b6b26 100644 --- a/src/call-rsa.c +++ b/src/call-rsa.c @@ -204,7 +204,6 @@ rsa_verify (const uint8_t *pubkey, int pubkey_len, #define RSA_EXPONENT 0x10001 -#ifdef KEYGEN_SUPPORT uint8_t * rsa_genkey (int pubkey_len) { @@ -245,4 +244,3 @@ rsa_genkey (int pubkey_len) else return p_q_modulus; } -#endif diff --git a/src/configure b/src/configure index 3951c17..14127ac 100755 --- a/src/configure +++ b/src/configure @@ -30,7 +30,6 @@ debug=no sys1_compat=yes pinpad=no certdo=no -keygen=no hid_card_change=no # Revision number @@ -68,10 +67,6 @@ for option; do certdo=yes ;; --disable-certdo) certdo=no ;; - --enable-keygen) - keygen=yes ;; - --disable-keygen) - keygen=no ;; --enable-hid-card-change) hid_card_change=yes ;; --disable-hid-card-change) @@ -115,7 +110,6 @@ Configuration: --enable-pinpad=cir PIN entry support [no] --enable-certdo support CERT.3 data object [no] - --enable-keygen support key generation [no] --enable-sys1-compat enable SYS 1.0 compatibility [yes] executable is target dependent --disable-sys1-compat disable SYS 1.0 compatibility [no] @@ -228,15 +222,6 @@ else echo "CERT.3 Data Object is NOT supported" fi -# --enable-keygen option -if test "$keygen" = "yes"; then - KEYGEN_SUPPORT="-DKEYGEN_SUPPORT" - echo "Key generation on device is supported" -else - KEYGEN_SUPPORT="" - echo "Key generation on device is NOT supported" -fi - # --enable-hid-card-change option if test "$hid_card_change" = "yes"; then HID_CARD_CHANGE_DEFINE="#define HID_CARD_CHANGE_SUPPORT 1" @@ -253,7 +238,7 @@ SERIALNO_STR_LEN_DEFINE="#define SERIALNO_STR_LEN ${#SERIALNO}" if test "$sys1_compat" = "yes"; then - CONFIG="$target:dfu=$with_dfu:debug=$debug:pinpad=$pinpad:certdo=$certdo:keygen=$keygen" + CONFIG="$target:dfu=$with_dfu:debug=$debug:pinpad=$pinpad:certdo=$certdo" else if test "$with_dfu" = "yes"; then echo "Common binary can't support DFU loader, don't use --with-dfu." @@ -263,7 +248,7 @@ else FLASH_PAGE_SIZE=2048 FLASH_SIZE=128 MEMORY_SIZE=20 - CONFIG="common:debug=$debug:pinpad=$pinpad:certdo=$certdo:keygen=$keygen" + CONFIG="common:debug=$debug:pinpad=$pinpad:certdo=$certdo" fi output_vid_pid_version () { @@ -345,7 +330,6 @@ fi sed -e "s%@HAVE_SYS_H@%$have_sys_h%" \ -e "s%@DEBUG_MAKE_OPTION@%$DEBUG_MAKE_OPTION%" \ -e "s%@PINPAD_MAKE_OPTION@%$PINPAD_MAKE_OPTION%" \ - -e "s%@KEYGEN_SUPPORT@%$KEYGEN_SUPPORT%" \ -e "s%@HEXOUTPUT_MAKE_OPTION@%$HEXOUTPUT_MAKE_OPTION%" \ < Makefile.in > Makefile if test "$certdo" = "yes"; then diff --git a/src/openpgp-do.c b/src/openpgp-do.c index d9d4dc3..0781d9d 100644 --- a/src/openpgp-do.c +++ b/src/openpgp-do.c @@ -2030,7 +2030,6 @@ gpg_do_write_simple (uint8_t nr, const uint8_t *data, int size) *do_data_p = NULL; } -#ifdef KEYGEN_SUPPORT void gpg_do_keygen (uint8_t kk_byte) { @@ -2088,4 +2087,3 @@ gpg_do_keygen (uint8_t kk_byte) gpg_do_public_key (kk_byte); } -#endif diff --git a/src/openpgp.c b/src/openpgp.c index a89b540..52729ed 100644 --- a/src/openpgp.c +++ b/src/openpgp.c @@ -620,12 +620,7 @@ cmd_pgp_gakp (void) { if (!ac_check_status (AC_ADMIN_AUTHORIZED)) GPG_SECURITY_FAILURE (); -#ifdef KEYGEN_SUPPORT - /* Generate key pair */ gpg_do_keygen (apdu.cmd_apdu_data[0]); -#else - GPG_FUNCTION_NOT_SUPPORTED (); -#endif } } diff --git a/src/random.c b/src/random.c index 815dbbc..ec957a7 100644 --- a/src/random.c +++ b/src/random.c @@ -1,7 +1,8 @@ /* * random.c -- get random bytes * - * Copyright (C) 2010, 2011, 2012, 2013 Free Software Initiative of Japan + * Copyright (C) 2010, 2011, 2012, 2013, 2015 + * Free Software Initiative of Japan * Author: NIIBE Yutaka * * This file is a part of Gnuk, a GnuPG USB Token implementation. @@ -24,8 +25,6 @@ #include #include -#include "config.h" - #include "gnuk.h" #include "neug.h" @@ -85,7 +84,6 @@ random_get_salt (uint8_t *p) } -#ifdef KEYGEN_SUPPORT /* * Random byte iterator */ @@ -120,4 +118,3 @@ random_gen (void *arg, unsigned char *out, size_t out_len) return 0; } -#endif -- 2.20.1