Diffusion GnuPG 63bda3aad8ec

scd:openpgp: Implement PIN cache.

Authored by werner on Jan 9 2020, 12:14 PM.

Description

scd:openpgp: Implement PIN cache.

* scd/app-openpgp.c (wipe_and_free, wipe_and_free_string): Use them
everywere where we do a wipememory followed by a free.
(pin2hash_if_kdf): Change interface.  The input PIN is not anymore
changed.  Further there are no more assumptions about the length of
the provided buffer.
(cache_pin): Restructure.
(chvno_to_keyref): New.
(pin_from_cache): New.
(verify_a_chv): Add arg CTRL.  Adjust for changed pin2hash_if_kdf.
Chache and retrieve the PIN here.
(verify_chv2): Do not cache the PIN here.
(build_enter_admin_pin_prompt): Add arg 'r_remaining'.
(verify_chv3): Adjust for changed pin2hash_if_kdf.  Implement the PIN
cache.
(do_change_pin): Clear the PIN cache.  Do not change the PIN here.
Lots of adjustments to cope with the chnaged pin2hash_if_kdf.
(do_sign): Do not cache the PIN here.

Note that some of the changes are required because we can't rely that
the PIN is always cached in secure memory. Thus it is better to do an
explicit wipe.

Testing the PIN cache can currently only be done my modifying the
code to do a verification for each operation. Only some basic testing
has been done. Clearing the PIN cache is also not fully
implemented. With the forthcoming changes to app-piv we should be
enter able to test the PIN cache.

Missing stuff:

  • The agent should be able to selectively clear the cache on a per slot base.
  • We should replace AESWRAP by OCB.
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Committed
wernerJan 9 2020, 12:14 PM
Parents
rGce5a7fb72b59: scd: Use a scdaemon internal key to protect the PIN cache IPC.
Branches
Unknown
Tags
Unknown