scd:openpgp: Implement PIN cache.
* scd/app-openpgp.c (wipe_and_free, wipe_and_free_string): Use them everywere where we do a wipememory followed by a free. (pin2hash_if_kdf): Change interface. The input PIN is not anymore changed. Further there are no more assumptions about the length of the provided buffer. (cache_pin): Restructure. (chvno_to_keyref): New. (pin_from_cache): New. (verify_a_chv): Add arg CTRL. Adjust for changed pin2hash_if_kdf. Chache and retrieve the PIN here. (verify_chv2): Do not cache the PIN here. (build_enter_admin_pin_prompt): Add arg 'r_remaining'. (verify_chv3): Adjust for changed pin2hash_if_kdf. Implement the PIN cache. (do_change_pin): Clear the PIN cache. Do not change the PIN here. Lots of adjustments to cope with the chnaged pin2hash_if_kdf. (do_sign): Do not cache the PIN here.
Note that some of the changes are required because we can't rely that
the PIN is always cached in secure memory. Thus it is better to do an
explicit wipe.
Testing the PIN cache can currently only be done my modifying the
code to do a verification for each operation. Only some basic testing
has been done. Clearing the PIN cache is also not fully
implemented. With the forthcoming changes to app-piv we should be
enter able to test the PIN cache.
Missing stuff:
- The agent should be able to selectively clear the cache on a per slot base.
- We should replace AESWRAP by OCB.
- Signed-off-by: Werner Koch <wk@gnupg.org>