From 08ec4b85e1d25ae83ccba6115549ab4be8db9dae Mon Sep 17 00:00:00 2001 From: Doug Engert Date: Tue, 17 Apr 2018 15:25:57 -0500 Subject: [PATCH] PIV Better Handling of Reset If a PIV card does not have or support a Discovery Object and is known to lose the login state when the PIV AID is selected, nothing was done in piv_card_reader_lock_obtained. If was_reset > 0 select the PIV AID to at least get the PIV AID selected. For other cards either reading the Discovery a object and/or selecting the PIV AID will make sure the PIV AID is selected. If multiple applications are using the card, this will allow the first one to select the AID, and any others that handle a reset will not cause interference wit the first. On branch History-fixes Changes to be committed: modified: card-piv.c --- src/libopensc/card-piv.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c index c8b39adf..01bc7939 100644 --- a/src/libopensc/card-piv.c +++ b/src/libopensc/card-piv.c @@ -3581,19 +3581,12 @@ static int piv_card_reader_lock_obtained(sc_card_t *card, int was_reset) goto err; } - /* can we detect and then select the PIV AID without losing the login state? */ - if ((priv->card_issues & CI_DISCOVERY_USELESS) - && (priv->card_issues & CI_PIV_AID_LOSE_STATE)) { - r = 0; /* do nothing, hope card was not interfered with */ - goto err; - } - /* make sure our application is active */ /* first see if AID is active AID by reading discovery object '7E' */ /* If not try selecting AID */ - /* but if x card does not support DISCOVERY object we can not use it */ + /* but if card does not support DISCOVERY object we can not use it */ if (priv->card_issues & CI_DISCOVERY_USELESS) { r = SC_ERROR_NO_CARD_SUPPORT; } else { @@ -3601,7 +3594,7 @@ static int piv_card_reader_lock_obtained(sc_card_t *card, int was_reset) } if (r < 0) { - if (!(priv->card_issues & CI_PIV_AID_LOSE_STATE)) { + if (was_reset > 0 || !(priv->card_issues & CI_PIV_AID_LOSE_STATE)) { r = piv_select_aid(card, piv_aids[0].value, piv_aids[0].len_short, temp, &templen); } else { r = 0; /* cant do anything with this card, hope there was no interference */