- added defaults; full PKCS#15 parsing is no-longer required at startup
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@43 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
584f5e5cb8
commit
1194017d5a
|
@ -0,0 +1,135 @@
|
|||
|
||||
#include "sc.h"
|
||||
#include "sc-pkcs15.h"
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
static void format_path(struct sc_path *path, const char *str)
|
||||
{
|
||||
int len = 0;
|
||||
u8 *p = path->value;
|
||||
|
||||
while (str) {
|
||||
int byte;
|
||||
|
||||
if (sscanf(str, "%02X", &byte) != 1)
|
||||
break;
|
||||
*p++ = byte;
|
||||
len++;
|
||||
str += 2;
|
||||
}
|
||||
path->len = len;
|
||||
return;
|
||||
}
|
||||
|
||||
static void format_file_struct(struct sc_file *file, const char *path, int type)
|
||||
{
|
||||
format_path(&file->path, path);
|
||||
file->type = type;
|
||||
}
|
||||
|
||||
static void format_cert_struct(struct sc_pkcs15_cert_info *cert,
|
||||
const char *label, const u8 *id,
|
||||
int id_len, int CA, const char *path)
|
||||
{
|
||||
strcpy(cert->com_attr.label, label);
|
||||
memcpy(cert->id.value, id, id_len);
|
||||
cert->id.len = id_len;
|
||||
cert->authority = CA;
|
||||
format_path(&cert->path, path);
|
||||
}
|
||||
|
||||
static void format_prkey_struct(struct sc_pkcs15_prkey_info *prkey,
|
||||
const char *label, const u8 *id,
|
||||
int id_len, const u8 *pin_id,
|
||||
int pin_id_len, int usage, int access_flags,
|
||||
int mod_len, const char *file_id)
|
||||
{
|
||||
strcpy(prkey->com_attr.label, label);
|
||||
memcpy(prkey->id.value, id, id_len);
|
||||
prkey->id.len = id_len;
|
||||
memcpy(prkey->com_attr.auth_id.value, pin_id, pin_id_len);
|
||||
prkey->com_attr.auth_id.len = pin_id_len;
|
||||
prkey->usage = usage;
|
||||
prkey->access_flags = access_flags;
|
||||
prkey->modulus_length = mod_len;
|
||||
format_path(&prkey->file_id, file_id);
|
||||
}
|
||||
|
||||
static int fineid_defaults(void *arg)
|
||||
{
|
||||
struct sc_card *card = (struct sc_card *) arg;
|
||||
|
||||
card->class = 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int fineid_pkcs15_defaults(void *arg)
|
||||
{
|
||||
struct sc_pkcs15_card *card = (struct sc_pkcs15_card *) arg;
|
||||
struct sc_pkcs15_pin_info *pin;
|
||||
|
||||
card->label = strdup("FINEID S4-1");
|
||||
card->manufacturer_id = strdup("VRK-FINSIGN");
|
||||
card->flags = SC_PKCS15_CARD_FLAG_EID_COMPLIANT;
|
||||
card->version = 1;
|
||||
card->alg_info[0].reference = 0;
|
||||
card->alg_info[0].algorithm = 0;
|
||||
card->alg_info[0].supported_operations = 0xa2;
|
||||
|
||||
format_file_struct(&card->file_app, "5015", 7); /* 7 = DF, 0 = EF */
|
||||
format_file_struct(&card->file_aodf, "50154401", 0);
|
||||
format_file_struct(&card->file_prkdf, "50154402", 0);
|
||||
format_file_struct(&card->file_cdf1, "50154403", 0);
|
||||
format_file_struct(&card->file_cdf2, "50154404", 0);
|
||||
format_file_struct(&card->file_cdf3, "50154405", 0);
|
||||
format_file_struct(&card->file_dodf, "50154406", 0);
|
||||
format_file_struct(&card->file_odf, "50155031", 0);
|
||||
format_file_struct(&card->file_tokeninfo, "50155032", 0);
|
||||
format_file_struct(&card->file_dir, "2F00", 0);
|
||||
|
||||
card->pin_count = 2;
|
||||
pin = &card->pin_info[0];
|
||||
strcpy(pin->com_attr.label, "perustunnusluku");
|
||||
pin->flags = 0x30;
|
||||
pin->type = 1;
|
||||
pin->min_length = 4;
|
||||
pin->stored_length = 8;
|
||||
pin->pad_char = 0;
|
||||
format_path(&pin->path, "3F00");
|
||||
pin->auth_id.value[0] = 0x01;
|
||||
pin->auth_id.len = 1;
|
||||
pin->magic = SC_PKCS15_PIN_MAGIC;
|
||||
|
||||
pin = &card->pin_info[1];
|
||||
strcpy(pin->com_attr.label, "allekirjoitustunnusluku");
|
||||
pin->flags = 0x32;
|
||||
pin->type = 1;
|
||||
pin->min_length = 4;
|
||||
pin->stored_length = 8;
|
||||
pin->pad_char = 0;
|
||||
format_path(&pin->path, "5015");
|
||||
pin->auth_id.value[0] = 0x02;
|
||||
pin->auth_id.len = 1;
|
||||
pin->magic = SC_PKCS15_PIN_MAGIC;
|
||||
|
||||
card->cert_count = 3;
|
||||
format_cert_struct(&card->cert_info[0], "todentamis- ja salausvarmenne", "\x45", 1, 0, "50154331");
|
||||
format_cert_struct(&card->cert_info[1], "allekirjoitusvarmenne", "\x46", 1, 0, "50154332");
|
||||
format_cert_struct(&card->cert_info[2], "FINSIGN CA for Citizen", "\x47", 1, 1, "50154333");
|
||||
|
||||
card->prkey_count = 2;
|
||||
format_prkey_struct(&card->prkey_info[0], "todentamis- ja salausavain", "\x45", 1, "\x01", 1,
|
||||
0x26, 0x1d, 1024, "4B01");
|
||||
format_prkey_struct(&card->prkey_info[1], "allekirjoitusavain", "\x46", 1, "\x02", 1,
|
||||
0x200, 0x1d, 1024, "4B02");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
const struct sc_defaults sc_card_table[] = {
|
||||
{ "3B:9F:94:40:1E:00:67:11:43:46:49:53:45:10:52:66:FF:81:90:00", fineid_defaults, fineid_pkcs15_defaults },
|
||||
{ NULL, NULL, NULL }
|
||||
};
|
|
@ -129,13 +129,6 @@ struct sc_pkcs15_prkey_info {
|
|||
struct sc_pkcs15_card {
|
||||
struct sc_card *card;
|
||||
char *label;
|
||||
struct sc_file file_dir, file_ao1, file_app;
|
||||
/* in app DF */
|
||||
struct sc_file file_tokeninfo, file_odf;
|
||||
struct sc_file file_prkdf;
|
||||
struct sc_file file_aodf, file_ao2;
|
||||
struct sc_file file_cdf1, file_cdf2, file_cdf3;
|
||||
struct sc_file file_dodf;
|
||||
/* fields from TokenInfo: */
|
||||
int version;
|
||||
char *serial_number, *manufacturer_id;
|
||||
|
@ -147,6 +140,14 @@ struct sc_pkcs15_card {
|
|||
int prkey_count;
|
||||
struct sc_pkcs15_pin_info pin_info[SC_PKCS15_MAX_PINS];
|
||||
int pin_count;
|
||||
|
||||
struct sc_file file_dir, file_ao1, file_app;
|
||||
/* in app DF */
|
||||
struct sc_file file_tokeninfo, file_odf;
|
||||
struct sc_file file_prkdf;
|
||||
struct sc_file file_aodf, file_ao2;
|
||||
struct sc_file file_cdf1, file_cdf2, file_cdf3;
|
||||
struct sc_file file_dodf;
|
||||
};
|
||||
|
||||
#define SC_PKCS15_CARD_FLAG_READONLY 0x01
|
||||
|
|
|
@ -121,6 +121,8 @@ struct sc_card {
|
|||
const char *reader;
|
||||
char atr[SC_MAX_ATR_SIZE];
|
||||
int atr_len;
|
||||
|
||||
const struct sc_defaults *defaults;
|
||||
};
|
||||
|
||||
struct sc_context {
|
||||
|
@ -148,6 +150,12 @@ struct sc_security_env {
|
|||
int key_ref;
|
||||
};
|
||||
|
||||
struct sc_defaults {
|
||||
const char *atr;
|
||||
int (*defaults_func)(void *);
|
||||
int (*pkcs15_defaults_func)(void *);
|
||||
};
|
||||
|
||||
/* Base64 encoding/decoding functions */
|
||||
int sc_base64_encode(const u8 *in, int inlen, u8 *out, int outlen,
|
||||
int linelength);
|
||||
|
@ -199,4 +207,6 @@ void sc_print_binary(const u8 *buf, int len);
|
|||
int sc_debug;
|
||||
const char *sc_version;
|
||||
|
||||
extern const struct sc_defaults sc_card_table[];
|
||||
|
||||
#endif
|
||||
|
|
|
@ -273,8 +273,7 @@ static int get_certs_from_file(struct sc_pkcs15_card *card,
|
|||
tag = sc_asn1_skip_tag(&p, &left, 0x30, &taglen); /* SEQUENCE */
|
||||
if (tag == NULL)
|
||||
break;
|
||||
if (parse_x509_cert_info
|
||||
(&card->cert_info[card->cert_count], tag, taglen))
|
||||
if (parse_x509_cert_info(&card->cert_info[card->cert_count], tag, taglen))
|
||||
break;
|
||||
card->cert_count++;
|
||||
}
|
||||
|
@ -286,6 +285,9 @@ int sc_pkcs15_enum_certificates(struct sc_pkcs15_card *card)
|
|||
int r;
|
||||
assert(card != NULL);
|
||||
|
||||
if (card->cert_count)
|
||||
return card->cert_count; /* already enumerated */
|
||||
|
||||
card->cert_count = 0;
|
||||
r = get_certs_from_file(card, &card->file_cdf1);
|
||||
if (r != 0)
|
||||
|
|
|
@ -121,6 +121,15 @@ int sc_pkcs15_enum_pins(struct sc_pkcs15_card *p15card)
|
|||
|
||||
assert(p15card != NULL);
|
||||
|
||||
if (p15card->pin_count) {
|
||||
for (i = 0; i < p15card->pin_count; i++) {
|
||||
if (p15card->pin_info[i].magic != SC_PKCS15_PIN_MAGIC)
|
||||
break;
|
||||
}
|
||||
if (i == p15card->pin_count)
|
||||
return i; /* Already enumerated */
|
||||
}
|
||||
|
||||
r = sc_select_file(p15card->card, &p15card->file_aodf,
|
||||
&p15card->file_aodf.path,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
|
|
|
@ -124,6 +124,8 @@ int sc_pkcs15_enum_private_keys(struct sc_pkcs15_card *card)
|
|||
|
||||
assert(card != NULL);
|
||||
|
||||
if (card->prkey_count)
|
||||
return card->prkey_count; /* already enumerated */
|
||||
card->prkey_count = 0;
|
||||
r = sc_select_file(card->card, &card->file_prkdf,
|
||||
&card->file_prkdf.path, SC_SELECT_FILE_BY_PATH);
|
||||
|
|
|
@ -230,6 +230,26 @@ int sc_pkcs15_init(struct sc_card *card,
|
|||
memset(p15card, 0, sizeof(struct sc_pkcs15_card));
|
||||
p15card->card = card;
|
||||
|
||||
if (card->defaults != NULL && card->defaults->pkcs15_defaults_func != NULL) {
|
||||
card->defaults->pkcs15_defaults_func(p15card);
|
||||
err = sc_select_file(card, &p15card->file_tokeninfo,
|
||||
&p15card->file_tokeninfo.path,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
if (err)
|
||||
goto error;
|
||||
err = sc_read_binary(card, 0, buf, p15card->file_tokeninfo.size);
|
||||
if (err < 0)
|
||||
goto error;
|
||||
if (err <= 2) {
|
||||
err = SC_ERROR_PKCS15_CARD_NOT_FOUND;
|
||||
goto error;
|
||||
}
|
||||
parse_tokeninfo(p15card, buf, err);
|
||||
|
||||
*p15card_out = p15card;
|
||||
return 0;
|
||||
}
|
||||
|
||||
memcpy(tmppath.value, "\x2F\x00", 2);
|
||||
tmppath.len = 2;
|
||||
err = sc_select_file(card, &p15card->file_dir, &tmppath,
|
||||
|
@ -249,17 +269,14 @@ int sc_pkcs15_init(struct sc_card *card,
|
|||
goto error;
|
||||
}
|
||||
memcpy(&tmppath, &p15card->file_app.path, sizeof(struct sc_path));
|
||||
err =
|
||||
sc_select_file(card, &p15card->file_app,
|
||||
&p15card->file_app.path,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
err = sc_select_file(card, &p15card->file_app, &p15card->file_app.path,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
if (err)
|
||||
goto error;
|
||||
memcpy(tmppath.value + tmppath.len, "\x50\x31", 2);
|
||||
tmppath.len += 2;
|
||||
err =
|
||||
sc_select_file(card, &p15card->file_odf, &tmppath,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
err = sc_select_file(card, &p15card->file_odf, &tmppath,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
if (err)
|
||||
goto error;
|
||||
err = sc_read_binary(card, 0, buf, p15card->file_odf.size);
|
||||
|
@ -277,9 +294,8 @@ int sc_pkcs15_init(struct sc_card *card,
|
|||
tmppath.len -= 2;
|
||||
memcpy(tmppath.value + tmppath.len, "\x50\x32", 2);
|
||||
tmppath.len += 2;
|
||||
err =
|
||||
sc_select_file(card, &p15card->file_tokeninfo, &tmppath,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
err = sc_select_file(card, &p15card->file_tokeninfo, &tmppath,
|
||||
SC_SELECT_FILE_BY_PATH);
|
||||
if (err)
|
||||
goto error;
|
||||
err = sc_read_binary(card, 0, buf, p15card->file_tokeninfo.size);
|
||||
|
|
|
@ -129,13 +129,6 @@ struct sc_pkcs15_prkey_info {
|
|||
struct sc_pkcs15_card {
|
||||
struct sc_card *card;
|
||||
char *label;
|
||||
struct sc_file file_dir, file_ao1, file_app;
|
||||
/* in app DF */
|
||||
struct sc_file file_tokeninfo, file_odf;
|
||||
struct sc_file file_prkdf;
|
||||
struct sc_file file_aodf, file_ao2;
|
||||
struct sc_file file_cdf1, file_cdf2, file_cdf3;
|
||||
struct sc_file file_dodf;
|
||||
/* fields from TokenInfo: */
|
||||
int version;
|
||||
char *serial_number, *manufacturer_id;
|
||||
|
@ -147,6 +140,14 @@ struct sc_pkcs15_card {
|
|||
int prkey_count;
|
||||
struct sc_pkcs15_pin_info pin_info[SC_PKCS15_MAX_PINS];
|
||||
int pin_count;
|
||||
|
||||
struct sc_file file_dir, file_ao1, file_app;
|
||||
/* in app DF */
|
||||
struct sc_file file_tokeninfo, file_odf;
|
||||
struct sc_file file_prkdf;
|
||||
struct sc_file file_aodf, file_ao2;
|
||||
struct sc_file file_cdf1, file_cdf2, file_cdf3;
|
||||
struct sc_file file_dodf;
|
||||
};
|
||||
|
||||
#define SC_PKCS15_CARD_FLAG_READONLY 0x01
|
||||
|
|
|
@ -27,7 +27,7 @@
|
|||
#include <ctype.h>
|
||||
|
||||
const char *sc_version = LIBSC_VERSION;
|
||||
int sc_debug = 0;
|
||||
int sc_debug = 1;
|
||||
|
||||
static int convert_sw_to_errorcode(u8 * sw)
|
||||
{
|
||||
|
@ -167,7 +167,7 @@ static int sc_transceive_t0(struct sc_card *card, struct sc_apdu *apdu)
|
|||
|
||||
dwSendLength = data - s;
|
||||
dwRecvLength = apdu->resplen;
|
||||
if (sc_debug) {
|
||||
if (sc_debug > 2) {
|
||||
printf("Sending: ");
|
||||
sc_hex_dump(s, dwSendLength);
|
||||
}
|
||||
|
@ -194,7 +194,7 @@ int sc_transmit_apdu(struct sc_card *card, struct sc_apdu *apdu)
|
|||
r = sc_transceive_t0(card, apdu);
|
||||
if (r)
|
||||
return r;
|
||||
if (sc_debug) {
|
||||
if (sc_debug > 2) {
|
||||
printf("Received: ");
|
||||
sc_hex_dump(apdu->resp, apdu->resplen);
|
||||
}
|
||||
|
@ -209,15 +209,13 @@ int sc_transmit_apdu(struct sc_card *card, struct sc_apdu *apdu)
|
|||
rspapdu.le = apdu->resp[1];
|
||||
rspapdu.resp = rsp;
|
||||
rspapdu.resplen = apdu->resp[1] + 2;
|
||||
if (sc_debug)
|
||||
printf("Sending response request with %d bytes\n", rspapdu.resplen);
|
||||
r = sc_transceive_t0(card, &rspapdu);
|
||||
if (r) {
|
||||
fprintf(stderr, "Error %d when getting response\n",
|
||||
r);
|
||||
return r;
|
||||
}
|
||||
if (sc_debug) {
|
||||
if (sc_debug > 2) {
|
||||
printf("Response: ");
|
||||
sc_hex_dump(rspapdu.resp, rspapdu.resplen);
|
||||
}
|
||||
|
@ -236,14 +234,14 @@ static void process_fci(struct sc_file *file,
|
|||
tag = sc_asn1_find_tag(p, len, 0x83, &taglen);
|
||||
if (tag != NULL && taglen == 2) {
|
||||
file->id = (tag[0] << 8) | tag[1];
|
||||
if (sc_debug)
|
||||
if (sc_debug > 1)
|
||||
printf("File identifier: 0x%02X%02X\n", tag[0],
|
||||
tag[1]);
|
||||
}
|
||||
tag = sc_asn1_find_tag(p, len, 0x81, &taglen);
|
||||
if (tag != NULL && taglen >= 2) {
|
||||
int bytes = (tag[0] << 8) + tag[1];
|
||||
if (sc_debug)
|
||||
if (sc_debug > 1)
|
||||
printf("Bytes in file: %d\n", bytes);
|
||||
file->size = bytes;
|
||||
}
|
||||
|
@ -254,12 +252,12 @@ static void process_fci(struct sc_file *file,
|
|||
const char *type;
|
||||
|
||||
file->shareable = byte & 0x40 ? 1 : 0;
|
||||
if (sc_debug)
|
||||
if (sc_debug > 1)
|
||||
printf("\tShareable: %s\n",
|
||||
(byte & 0x40) ? "yes" : "no");
|
||||
file->type = (byte >> 3) & 7;
|
||||
file->ef_structure = byte & 0x07;
|
||||
if (sc_debug) {
|
||||
if (sc_debug > 1) {
|
||||
switch ((byte >> 3) & 7) {
|
||||
case 0:
|
||||
type = "working EF";
|
||||
|
@ -296,7 +294,7 @@ static void process_fci(struct sc_file *file,
|
|||
name[i] = '?';
|
||||
}
|
||||
name[taglen] = 0;
|
||||
if (sc_debug)
|
||||
if (sc_debug > 1)
|
||||
printf("\tFile name: %s\n", name);
|
||||
}
|
||||
tag = sc_asn1_find_tag(p, len, 0x85, &taglen);
|
||||
|
@ -364,32 +362,29 @@ int sc_select_file(struct sc_card *card,
|
|||
apdu.lc = pathlen;
|
||||
apdu.data = path;
|
||||
apdu.datalen = pathlen;
|
||||
r = sc_transmit_apdu(card, &apdu);
|
||||
/* FIXME: Some smarter way to do this... */
|
||||
if (file == NULL || sc_file_valid(file)) {
|
||||
r = sc_transceive_t0(card, &apdu); /* we don't need the response */
|
||||
if (apdu.resplen == 2 && apdu.resp[0] == 0x61) {
|
||||
apdu.resp[0] = 0x90;
|
||||
apdu.resp[1] = 0;
|
||||
}
|
||||
} else {
|
||||
memset(file, 0, sizeof(*file));
|
||||
r = sc_transmit_apdu(card, &apdu);
|
||||
}
|
||||
if (r)
|
||||
return r;
|
||||
if (apdu.resplen < 2)
|
||||
return SC_ERROR_UNKNOWN_RESPONSE;
|
||||
if (file != NULL)
|
||||
memset(file, 0, sizeof(*file));
|
||||
switch (apdu.resp[0]) {
|
||||
case 0x6A:
|
||||
switch (apdu.resp[1]) {
|
||||
case 0x82:
|
||||
return SC_ERROR_FILE_NOT_FOUND;
|
||||
default:
|
||||
return SC_ERROR_UNKNOWN_RESPONSE;
|
||||
}
|
||||
case 0x6F:
|
||||
break;
|
||||
case 0x90:
|
||||
case 0x00: /* proprietary coding */
|
||||
return 0;
|
||||
default:
|
||||
fprintf(stderr,
|
||||
"SELECT FILE returned SW1=%02X, SW2=%02X.\n",
|
||||
apdu.resp[0], apdu.resp[1]);
|
||||
/* FIXME */
|
||||
return SC_ERROR_UNKNOWN_RESPONSE;
|
||||
return convert_sw_to_errorcode(apdu.resp);
|
||||
}
|
||||
if (file == NULL)
|
||||
return 0;
|
||||
|
@ -456,7 +451,7 @@ int sc_read_binary(struct sc_card *card,
|
|||
if (apdu.resplen == count + 2)
|
||||
apdu.resplen = count;
|
||||
memcpy(buf, recvbuf, apdu.resplen);
|
||||
if (sc_debug == 2) {
|
||||
if (sc_debug > 3) {
|
||||
FILE *file = fopen("sc_recv", "w");
|
||||
if (file != NULL) {
|
||||
fwrite(buf, apdu.resplen, 1, file);
|
||||
|
@ -551,14 +546,17 @@ int sc_establish_context(struct sc_context **ctx_out)
|
|||
rv = SCardEstablishContext(SCARD_SCOPE_GLOBAL, "localhost", NULL,
|
||||
&ctx->pcsc_ctx);
|
||||
if (rv != SCARD_S_SUCCESS) {
|
||||
fprintf(stderr,
|
||||
"ERROR: Cannot connect to Resource Manager\n");
|
||||
if (sc_debug) {
|
||||
fprintf(stderr,
|
||||
"ERROR: Cannot connect to Resource Manager\n");
|
||||
}
|
||||
return SC_ERROR_CONNECTING_TO_RES_MGR;
|
||||
}
|
||||
SCardListReaders(ctx->pcsc_ctx, NULL, NULL,
|
||||
(LPDWORD) & reader_buf_size);
|
||||
if (reader_buf_size == 0) {
|
||||
fprintf(stderr, "No readers found!\n");
|
||||
if (sc_debug)
|
||||
fprintf(stderr, "No readers found!\n");
|
||||
free(ctx);
|
||||
return SC_ERROR_NO_READERS_FOUND;
|
||||
}
|
||||
|
@ -591,6 +589,42 @@ int sc_destroy_context(struct sc_context *ctx)
|
|||
return 0;
|
||||
}
|
||||
|
||||
const struct sc_defaults * find_defaults(const u8 *atr, int atrlen)
|
||||
{
|
||||
int i = 0;
|
||||
const struct sc_defaults *match = NULL;
|
||||
|
||||
while (sc_card_table[i].atr != NULL) {
|
||||
unsigned int byte;
|
||||
u8 defatr[SC_MAX_ATR_SIZE], *p = defatr;
|
||||
int len = 0;
|
||||
const struct sc_defaults *def = &sc_card_table[i];
|
||||
const char *atrp = def->atr;
|
||||
i++;
|
||||
|
||||
if (atrp == NULL)
|
||||
break;
|
||||
if (strlen(atrp)/3 > SC_MAX_ATR_SIZE)
|
||||
continue;
|
||||
while (*atrp) {
|
||||
if (sscanf(atrp, "%02X", (unsigned int *) &byte) != 1)
|
||||
break;
|
||||
*p++ = byte;
|
||||
atrp += 2;
|
||||
len++;
|
||||
if (*atrp++ != ':')
|
||||
break;
|
||||
}
|
||||
if (len != atrlen)
|
||||
continue;
|
||||
if (memcmp(atr, defatr, len) != 0)
|
||||
continue;
|
||||
match = def;
|
||||
break;
|
||||
}
|
||||
return match;
|
||||
}
|
||||
|
||||
int sc_connect_card(struct sc_context *ctx,
|
||||
int reader, struct sc_card **card_out)
|
||||
{
|
||||
|
@ -630,7 +664,13 @@ int sc_connect_card(struct sc_context *ctx,
|
|||
i = SC_MAX_ATR_SIZE;
|
||||
memcpy(card->atr, rgReaderStates[0].rgbAtr, i);
|
||||
card->atr_len = i;
|
||||
card->class = 0; /* FIXME */
|
||||
|
||||
card->defaults = find_defaults(card->atr, card->atr_len);
|
||||
if (card->defaults != NULL && card->defaults->defaults_func != NULL) {
|
||||
card->defaults->defaults_func(card);
|
||||
} else {
|
||||
card->class = 0; /* FIXME */
|
||||
}
|
||||
card->reader = ctx->readers[reader];
|
||||
*card_out = card;
|
||||
|
||||
|
@ -723,8 +763,9 @@ int sc_set_security_env(struct sc_card *card,
|
|||
if (r)
|
||||
return r;
|
||||
if (apdu.resp[0] != 0x90) {
|
||||
fprintf(stderr, "Set sec env: SWs=%02X%02X\n",
|
||||
apdu.resp[0], apdu.resp[1]);
|
||||
if (sc_debug)
|
||||
fprintf(stderr, "Set sec env: SWs=%02X%02X\n",
|
||||
apdu.resp[0], apdu.resp[1]);
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
|
@ -781,7 +822,8 @@ int sc_decipher(struct sc_card *card,
|
|||
memcpy(out, apdu.resp, len);
|
||||
return len;
|
||||
}
|
||||
fprintf(stderr, "sc_decipher(): SW1=%02X, SW2=%02X\n", p[0], p[1]);
|
||||
if (sc_debug)
|
||||
fprintf(stderr, "sc_decipher(): SW1=%02X, SW2=%02X\n", p[0], p[1]);
|
||||
return convert_sw_to_errorcode(p);
|
||||
}
|
||||
|
||||
|
@ -818,8 +860,9 @@ int sc_compute_signature(struct sc_card *card,
|
|||
memcpy(out, apdu.resp, len);
|
||||
return len;
|
||||
}
|
||||
fprintf(stderr, "sc_compute_signature(): SW1=%02X, SW2=%02X\n",
|
||||
p[0], p[1]);
|
||||
if (sc_debug)
|
||||
fprintf(stderr, "sc_compute_signature(): SW1=%02X, SW2=%02X\n",
|
||||
p[0], p[1]);
|
||||
return convert_sw_to_errorcode(p);
|
||||
}
|
||||
|
||||
|
|
|
@ -119,7 +119,7 @@ static int get_random(u8 *buf, int len)
|
|||
{
|
||||
int fd, r;
|
||||
|
||||
fd = open("/dev/random", O_RDONLY);
|
||||
fd = open("/dev/urandom", O_RDONLY);
|
||||
if (fd < 0)
|
||||
return PAM_SYSTEM_ERR;
|
||||
while (len) {
|
||||
|
@ -169,7 +169,7 @@ static int set_sec_env(struct sc_card *card, const struct sc_pkcs15_card *p15car
|
|||
{
|
||||
struct sc_security_env senv;
|
||||
int r;
|
||||
|
||||
|
||||
senv.signature = 0;
|
||||
senv.algorithm_ref = 0x02;
|
||||
senv.key_ref = 0;
|
||||
|
@ -223,6 +223,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con
|
|||
pubkey = X509_get_pubkey(cert);
|
||||
if (pubkey == NULL)
|
||||
goto end;
|
||||
DBG(printf("Getting random data...\n"));
|
||||
r = get_random(random_data, sizeof(random_data));
|
||||
if (r != PAM_SUCCESS)
|
||||
goto end;
|
||||
|
@ -250,6 +251,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con
|
|||
printf("SmartCard absent.\n");
|
||||
goto end;
|
||||
}
|
||||
DBG(printf("Locking card...\n"));
|
||||
sc_lock(card);
|
||||
locked = 1;
|
||||
|
||||
|
@ -259,7 +261,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con
|
|||
printf("PKCS#15 initialization failed: %s\n", sc_strerror(r));
|
||||
goto end;
|
||||
}
|
||||
DBG(printf("Enumerating stuff...\n"));
|
||||
DBG(printf("Enumerating certificates...\n"));
|
||||
r = sc_pkcs15_enum_certificates(p15card);
|
||||
if (r < 0) {
|
||||
printf("Cert enum failed: %s\n", sc_strerror(r));
|
||||
|
@ -270,6 +272,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con
|
|||
for (i = 0; i < p15card->cert_count; i++) {
|
||||
}
|
||||
cinfo = &p15card->cert_info[0]; /* FIXME */
|
||||
DBG(printf("Enumerating private keys...\n"));
|
||||
r = sc_pkcs15_enum_private_keys(p15card);
|
||||
if (r <= 0)
|
||||
goto end;
|
||||
|
@ -284,6 +287,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con
|
|||
if (prkinfo == NULL)
|
||||
goto end;
|
||||
/* FIXME: Determine if PIN code needed */
|
||||
DBG(printf("Enumerating PIN codes...\n"));
|
||||
r = sc_pkcs15_enum_pins(p15card);
|
||||
if (r < 0)
|
||||
goto end;
|
||||
|
|
|
@ -18,9 +18,7 @@ int enum_pins()
|
|||
{
|
||||
int i, c;
|
||||
|
||||
sc_lock(card);
|
||||
c = sc_pkcs15_enum_pins(p15card);
|
||||
sc_unlock(card);
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Error enumerating PIN codes: %s\n",
|
||||
sc_strerror(i));
|
||||
|
|
Loading…
Reference in New Issue