From 1194017d5a6a9f7656a8e5ace6fd2d6419ceb079 Mon Sep 17 00:00:00 2001 From: jey Date: Sat, 17 Nov 2001 14:55:41 +0000 Subject: [PATCH] - added defaults; full PKCS#15 parsing is no-longer required at startup git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@43 c6295689-39f2-0310-b995-f0e70906c6a9 --- src/libopensc/defaults.c | 135 ++++++++++++++++++++++++++++++++++ src/libopensc/opensc-pkcs15.h | 15 ++-- src/libopensc/opensc.h | 10 +++ src/libopensc/pkcs15-cert.c | 6 +- src/libopensc/pkcs15-pin.c | 9 +++ src/libopensc/pkcs15-prkey.c | 2 + src/libopensc/pkcs15.c | 36 ++++++--- src/libopensc/pkcs15.h | 15 ++-- src/libopensc/sc.c | 115 ++++++++++++++++++++--------- src/pam/pam_pkcs15.c | 10 ++- src/tests/p15dump.c | 2 - 11 files changed, 288 insertions(+), 67 deletions(-) create mode 100644 src/libopensc/defaults.c diff --git a/src/libopensc/defaults.c b/src/libopensc/defaults.c new file mode 100644 index 00000000..5914ad2b --- /dev/null +++ b/src/libopensc/defaults.c @@ -0,0 +1,135 @@ + +#include "sc.h" +#include "sc-pkcs15.h" +#include +#include +#include + +static void format_path(struct sc_path *path, const char *str) +{ + int len = 0; + u8 *p = path->value; + + while (str) { + int byte; + + if (sscanf(str, "%02X", &byte) != 1) + break; + *p++ = byte; + len++; + str += 2; + } + path->len = len; + return; +} + +static void format_file_struct(struct sc_file *file, const char *path, int type) +{ + format_path(&file->path, path); + file->type = type; +} + +static void format_cert_struct(struct sc_pkcs15_cert_info *cert, + const char *label, const u8 *id, + int id_len, int CA, const char *path) +{ + strcpy(cert->com_attr.label, label); + memcpy(cert->id.value, id, id_len); + cert->id.len = id_len; + cert->authority = CA; + format_path(&cert->path, path); +} + +static void format_prkey_struct(struct sc_pkcs15_prkey_info *prkey, + const char *label, const u8 *id, + int id_len, const u8 *pin_id, + int pin_id_len, int usage, int access_flags, + int mod_len, const char *file_id) +{ + strcpy(prkey->com_attr.label, label); + memcpy(prkey->id.value, id, id_len); + prkey->id.len = id_len; + memcpy(prkey->com_attr.auth_id.value, pin_id, pin_id_len); + prkey->com_attr.auth_id.len = pin_id_len; + prkey->usage = usage; + prkey->access_flags = access_flags; + prkey->modulus_length = mod_len; + format_path(&prkey->file_id, file_id); +} + +static int fineid_defaults(void *arg) +{ + struct sc_card *card = (struct sc_card *) arg; + + card->class = 0; + + return 0; +} + +static int fineid_pkcs15_defaults(void *arg) +{ + struct sc_pkcs15_card *card = (struct sc_pkcs15_card *) arg; + struct sc_pkcs15_pin_info *pin; + + card->label = strdup("FINEID S4-1"); + card->manufacturer_id = strdup("VRK-FINSIGN"); + card->flags = SC_PKCS15_CARD_FLAG_EID_COMPLIANT; + card->version = 1; + card->alg_info[0].reference = 0; + card->alg_info[0].algorithm = 0; + card->alg_info[0].supported_operations = 0xa2; + + format_file_struct(&card->file_app, "5015", 7); /* 7 = DF, 0 = EF */ + format_file_struct(&card->file_aodf, "50154401", 0); + format_file_struct(&card->file_prkdf, "50154402", 0); + format_file_struct(&card->file_cdf1, "50154403", 0); + format_file_struct(&card->file_cdf2, "50154404", 0); + format_file_struct(&card->file_cdf3, "50154405", 0); + format_file_struct(&card->file_dodf, "50154406", 0); + format_file_struct(&card->file_odf, "50155031", 0); + format_file_struct(&card->file_tokeninfo, "50155032", 0); + format_file_struct(&card->file_dir, "2F00", 0); + + card->pin_count = 2; + pin = &card->pin_info[0]; + strcpy(pin->com_attr.label, "perustunnusluku"); + pin->flags = 0x30; + pin->type = 1; + pin->min_length = 4; + pin->stored_length = 8; + pin->pad_char = 0; + format_path(&pin->path, "3F00"); + pin->auth_id.value[0] = 0x01; + pin->auth_id.len = 1; + pin->magic = SC_PKCS15_PIN_MAGIC; + + pin = &card->pin_info[1]; + strcpy(pin->com_attr.label, "allekirjoitustunnusluku"); + pin->flags = 0x32; + pin->type = 1; + pin->min_length = 4; + pin->stored_length = 8; + pin->pad_char = 0; + format_path(&pin->path, "5015"); + pin->auth_id.value[0] = 0x02; + pin->auth_id.len = 1; + pin->magic = SC_PKCS15_PIN_MAGIC; + + card->cert_count = 3; + format_cert_struct(&card->cert_info[0], "todentamis- ja salausvarmenne", "\x45", 1, 0, "50154331"); + format_cert_struct(&card->cert_info[1], "allekirjoitusvarmenne", "\x46", 1, 0, "50154332"); + format_cert_struct(&card->cert_info[2], "FINSIGN CA for Citizen", "\x47", 1, 1, "50154333"); + + card->prkey_count = 2; + format_prkey_struct(&card->prkey_info[0], "todentamis- ja salausavain", "\x45", 1, "\x01", 1, + 0x26, 0x1d, 1024, "4B01"); + format_prkey_struct(&card->prkey_info[1], "allekirjoitusavain", "\x46", 1, "\x02", 1, + 0x200, 0x1d, 1024, "4B02"); + + return 0; +} + +const struct sc_defaults sc_card_table[] = { + { "3B:9F:94:40:1E:00:67:11:43:46:49:53:45:10:52:66:FF:81:90:00", fineid_defaults, fineid_pkcs15_defaults }, + { NULL, NULL, NULL } +}; diff --git a/src/libopensc/opensc-pkcs15.h b/src/libopensc/opensc-pkcs15.h index ce000c1a..95f434b5 100644 --- a/src/libopensc/opensc-pkcs15.h +++ b/src/libopensc/opensc-pkcs15.h @@ -129,13 +129,6 @@ struct sc_pkcs15_prkey_info { struct sc_pkcs15_card { struct sc_card *card; char *label; - struct sc_file file_dir, file_ao1, file_app; - /* in app DF */ - struct sc_file file_tokeninfo, file_odf; - struct sc_file file_prkdf; - struct sc_file file_aodf, file_ao2; - struct sc_file file_cdf1, file_cdf2, file_cdf3; - struct sc_file file_dodf; /* fields from TokenInfo: */ int version; char *serial_number, *manufacturer_id; @@ -147,6 +140,14 @@ struct sc_pkcs15_card { int prkey_count; struct sc_pkcs15_pin_info pin_info[SC_PKCS15_MAX_PINS]; int pin_count; + + struct sc_file file_dir, file_ao1, file_app; + /* in app DF */ + struct sc_file file_tokeninfo, file_odf; + struct sc_file file_prkdf; + struct sc_file file_aodf, file_ao2; + struct sc_file file_cdf1, file_cdf2, file_cdf3; + struct sc_file file_dodf; }; #define SC_PKCS15_CARD_FLAG_READONLY 0x01 diff --git a/src/libopensc/opensc.h b/src/libopensc/opensc.h index d78d77bc..b160bed2 100644 --- a/src/libopensc/opensc.h +++ b/src/libopensc/opensc.h @@ -121,6 +121,8 @@ struct sc_card { const char *reader; char atr[SC_MAX_ATR_SIZE]; int atr_len; + + const struct sc_defaults *defaults; }; struct sc_context { @@ -148,6 +150,12 @@ struct sc_security_env { int key_ref; }; +struct sc_defaults { + const char *atr; + int (*defaults_func)(void *); + int (*pkcs15_defaults_func)(void *); +}; + /* Base64 encoding/decoding functions */ int sc_base64_encode(const u8 *in, int inlen, u8 *out, int outlen, int linelength); @@ -199,4 +207,6 @@ void sc_print_binary(const u8 *buf, int len); int sc_debug; const char *sc_version; +extern const struct sc_defaults sc_card_table[]; + #endif diff --git a/src/libopensc/pkcs15-cert.c b/src/libopensc/pkcs15-cert.c index 176fda39..9acd6b4d 100644 --- a/src/libopensc/pkcs15-cert.c +++ b/src/libopensc/pkcs15-cert.c @@ -273,8 +273,7 @@ static int get_certs_from_file(struct sc_pkcs15_card *card, tag = sc_asn1_skip_tag(&p, &left, 0x30, &taglen); /* SEQUENCE */ if (tag == NULL) break; - if (parse_x509_cert_info - (&card->cert_info[card->cert_count], tag, taglen)) + if (parse_x509_cert_info(&card->cert_info[card->cert_count], tag, taglen)) break; card->cert_count++; } @@ -286,6 +285,9 @@ int sc_pkcs15_enum_certificates(struct sc_pkcs15_card *card) int r; assert(card != NULL); + if (card->cert_count) + return card->cert_count; /* already enumerated */ + card->cert_count = 0; r = get_certs_from_file(card, &card->file_cdf1); if (r != 0) diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c index 1f627589..155c939c 100644 --- a/src/libopensc/pkcs15-pin.c +++ b/src/libopensc/pkcs15-pin.c @@ -121,6 +121,15 @@ int sc_pkcs15_enum_pins(struct sc_pkcs15_card *p15card) assert(p15card != NULL); + if (p15card->pin_count) { + for (i = 0; i < p15card->pin_count; i++) { + if (p15card->pin_info[i].magic != SC_PKCS15_PIN_MAGIC) + break; + } + if (i == p15card->pin_count) + return i; /* Already enumerated */ + } + r = sc_select_file(p15card->card, &p15card->file_aodf, &p15card->file_aodf.path, SC_SELECT_FILE_BY_PATH); diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c index 9b7e783f..c0fc9756 100644 --- a/src/libopensc/pkcs15-prkey.c +++ b/src/libopensc/pkcs15-prkey.c @@ -124,6 +124,8 @@ int sc_pkcs15_enum_private_keys(struct sc_pkcs15_card *card) assert(card != NULL); + if (card->prkey_count) + return card->prkey_count; /* already enumerated */ card->prkey_count = 0; r = sc_select_file(card->card, &card->file_prkdf, &card->file_prkdf.path, SC_SELECT_FILE_BY_PATH); diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c index 79143eaf..502efc5b 100644 --- a/src/libopensc/pkcs15.c +++ b/src/libopensc/pkcs15.c @@ -230,6 +230,26 @@ int sc_pkcs15_init(struct sc_card *card, memset(p15card, 0, sizeof(struct sc_pkcs15_card)); p15card->card = card; + if (card->defaults != NULL && card->defaults->pkcs15_defaults_func != NULL) { + card->defaults->pkcs15_defaults_func(p15card); + err = sc_select_file(card, &p15card->file_tokeninfo, + &p15card->file_tokeninfo.path, + SC_SELECT_FILE_BY_PATH); + if (err) + goto error; + err = sc_read_binary(card, 0, buf, p15card->file_tokeninfo.size); + if (err < 0) + goto error; + if (err <= 2) { + err = SC_ERROR_PKCS15_CARD_NOT_FOUND; + goto error; + } + parse_tokeninfo(p15card, buf, err); + + *p15card_out = p15card; + return 0; + } + memcpy(tmppath.value, "\x2F\x00", 2); tmppath.len = 2; err = sc_select_file(card, &p15card->file_dir, &tmppath, @@ -249,17 +269,14 @@ int sc_pkcs15_init(struct sc_card *card, goto error; } memcpy(&tmppath, &p15card->file_app.path, sizeof(struct sc_path)); - err = - sc_select_file(card, &p15card->file_app, - &p15card->file_app.path, - SC_SELECT_FILE_BY_PATH); + err = sc_select_file(card, &p15card->file_app, &p15card->file_app.path, + SC_SELECT_FILE_BY_PATH); if (err) goto error; memcpy(tmppath.value + tmppath.len, "\x50\x31", 2); tmppath.len += 2; - err = - sc_select_file(card, &p15card->file_odf, &tmppath, - SC_SELECT_FILE_BY_PATH); + err = sc_select_file(card, &p15card->file_odf, &tmppath, + SC_SELECT_FILE_BY_PATH); if (err) goto error; err = sc_read_binary(card, 0, buf, p15card->file_odf.size); @@ -277,9 +294,8 @@ int sc_pkcs15_init(struct sc_card *card, tmppath.len -= 2; memcpy(tmppath.value + tmppath.len, "\x50\x32", 2); tmppath.len += 2; - err = - sc_select_file(card, &p15card->file_tokeninfo, &tmppath, - SC_SELECT_FILE_BY_PATH); + err = sc_select_file(card, &p15card->file_tokeninfo, &tmppath, + SC_SELECT_FILE_BY_PATH); if (err) goto error; err = sc_read_binary(card, 0, buf, p15card->file_tokeninfo.size); diff --git a/src/libopensc/pkcs15.h b/src/libopensc/pkcs15.h index ce000c1a..95f434b5 100644 --- a/src/libopensc/pkcs15.h +++ b/src/libopensc/pkcs15.h @@ -129,13 +129,6 @@ struct sc_pkcs15_prkey_info { struct sc_pkcs15_card { struct sc_card *card; char *label; - struct sc_file file_dir, file_ao1, file_app; - /* in app DF */ - struct sc_file file_tokeninfo, file_odf; - struct sc_file file_prkdf; - struct sc_file file_aodf, file_ao2; - struct sc_file file_cdf1, file_cdf2, file_cdf3; - struct sc_file file_dodf; /* fields from TokenInfo: */ int version; char *serial_number, *manufacturer_id; @@ -147,6 +140,14 @@ struct sc_pkcs15_card { int prkey_count; struct sc_pkcs15_pin_info pin_info[SC_PKCS15_MAX_PINS]; int pin_count; + + struct sc_file file_dir, file_ao1, file_app; + /* in app DF */ + struct sc_file file_tokeninfo, file_odf; + struct sc_file file_prkdf; + struct sc_file file_aodf, file_ao2; + struct sc_file file_cdf1, file_cdf2, file_cdf3; + struct sc_file file_dodf; }; #define SC_PKCS15_CARD_FLAG_READONLY 0x01 diff --git a/src/libopensc/sc.c b/src/libopensc/sc.c index 0eac0fbd..ffdbb773 100644 --- a/src/libopensc/sc.c +++ b/src/libopensc/sc.c @@ -27,7 +27,7 @@ #include const char *sc_version = LIBSC_VERSION; -int sc_debug = 0; +int sc_debug = 1; static int convert_sw_to_errorcode(u8 * sw) { @@ -167,7 +167,7 @@ static int sc_transceive_t0(struct sc_card *card, struct sc_apdu *apdu) dwSendLength = data - s; dwRecvLength = apdu->resplen; - if (sc_debug) { + if (sc_debug > 2) { printf("Sending: "); sc_hex_dump(s, dwSendLength); } @@ -194,7 +194,7 @@ int sc_transmit_apdu(struct sc_card *card, struct sc_apdu *apdu) r = sc_transceive_t0(card, apdu); if (r) return r; - if (sc_debug) { + if (sc_debug > 2) { printf("Received: "); sc_hex_dump(apdu->resp, apdu->resplen); } @@ -209,15 +209,13 @@ int sc_transmit_apdu(struct sc_card *card, struct sc_apdu *apdu) rspapdu.le = apdu->resp[1]; rspapdu.resp = rsp; rspapdu.resplen = apdu->resp[1] + 2; - if (sc_debug) - printf("Sending response request with %d bytes\n", rspapdu.resplen); r = sc_transceive_t0(card, &rspapdu); if (r) { fprintf(stderr, "Error %d when getting response\n", r); return r; } - if (sc_debug) { + if (sc_debug > 2) { printf("Response: "); sc_hex_dump(rspapdu.resp, rspapdu.resplen); } @@ -236,14 +234,14 @@ static void process_fci(struct sc_file *file, tag = sc_asn1_find_tag(p, len, 0x83, &taglen); if (tag != NULL && taglen == 2) { file->id = (tag[0] << 8) | tag[1]; - if (sc_debug) + if (sc_debug > 1) printf("File identifier: 0x%02X%02X\n", tag[0], tag[1]); } tag = sc_asn1_find_tag(p, len, 0x81, &taglen); if (tag != NULL && taglen >= 2) { int bytes = (tag[0] << 8) + tag[1]; - if (sc_debug) + if (sc_debug > 1) printf("Bytes in file: %d\n", bytes); file->size = bytes; } @@ -254,12 +252,12 @@ static void process_fci(struct sc_file *file, const char *type; file->shareable = byte & 0x40 ? 1 : 0; - if (sc_debug) + if (sc_debug > 1) printf("\tShareable: %s\n", (byte & 0x40) ? "yes" : "no"); file->type = (byte >> 3) & 7; file->ef_structure = byte & 0x07; - if (sc_debug) { + if (sc_debug > 1) { switch ((byte >> 3) & 7) { case 0: type = "working EF"; @@ -296,7 +294,7 @@ static void process_fci(struct sc_file *file, name[i] = '?'; } name[taglen] = 0; - if (sc_debug) + if (sc_debug > 1) printf("\tFile name: %s\n", name); } tag = sc_asn1_find_tag(p, len, 0x85, &taglen); @@ -364,32 +362,29 @@ int sc_select_file(struct sc_card *card, apdu.lc = pathlen; apdu.data = path; apdu.datalen = pathlen; - r = sc_transmit_apdu(card, &apdu); + /* FIXME: Some smarter way to do this... */ + if (file == NULL || sc_file_valid(file)) { + r = sc_transceive_t0(card, &apdu); /* we don't need the response */ + if (apdu.resplen == 2 && apdu.resp[0] == 0x61) { + apdu.resp[0] = 0x90; + apdu.resp[1] = 0; + } + } else { + memset(file, 0, sizeof(*file)); + r = sc_transmit_apdu(card, &apdu); + } if (r) return r; if (apdu.resplen < 2) return SC_ERROR_UNKNOWN_RESPONSE; - if (file != NULL) - memset(file, 0, sizeof(*file)); switch (apdu.resp[0]) { - case 0x6A: - switch (apdu.resp[1]) { - case 0x82: - return SC_ERROR_FILE_NOT_FOUND; - default: - return SC_ERROR_UNKNOWN_RESPONSE; - } case 0x6F: break; case 0x90: case 0x00: /* proprietary coding */ return 0; default: - fprintf(stderr, - "SELECT FILE returned SW1=%02X, SW2=%02X.\n", - apdu.resp[0], apdu.resp[1]); - /* FIXME */ - return SC_ERROR_UNKNOWN_RESPONSE; + return convert_sw_to_errorcode(apdu.resp); } if (file == NULL) return 0; @@ -456,7 +451,7 @@ int sc_read_binary(struct sc_card *card, if (apdu.resplen == count + 2) apdu.resplen = count; memcpy(buf, recvbuf, apdu.resplen); - if (sc_debug == 2) { + if (sc_debug > 3) { FILE *file = fopen("sc_recv", "w"); if (file != NULL) { fwrite(buf, apdu.resplen, 1, file); @@ -551,14 +546,17 @@ int sc_establish_context(struct sc_context **ctx_out) rv = SCardEstablishContext(SCARD_SCOPE_GLOBAL, "localhost", NULL, &ctx->pcsc_ctx); if (rv != SCARD_S_SUCCESS) { - fprintf(stderr, - "ERROR: Cannot connect to Resource Manager\n"); + if (sc_debug) { + fprintf(stderr, + "ERROR: Cannot connect to Resource Manager\n"); + } return SC_ERROR_CONNECTING_TO_RES_MGR; } SCardListReaders(ctx->pcsc_ctx, NULL, NULL, (LPDWORD) & reader_buf_size); if (reader_buf_size == 0) { - fprintf(stderr, "No readers found!\n"); + if (sc_debug) + fprintf(stderr, "No readers found!\n"); free(ctx); return SC_ERROR_NO_READERS_FOUND; } @@ -591,6 +589,42 @@ int sc_destroy_context(struct sc_context *ctx) return 0; } +const struct sc_defaults * find_defaults(const u8 *atr, int atrlen) +{ + int i = 0; + const struct sc_defaults *match = NULL; + + while (sc_card_table[i].atr != NULL) { + unsigned int byte; + u8 defatr[SC_MAX_ATR_SIZE], *p = defatr; + int len = 0; + const struct sc_defaults *def = &sc_card_table[i]; + const char *atrp = def->atr; + i++; + + if (atrp == NULL) + break; + if (strlen(atrp)/3 > SC_MAX_ATR_SIZE) + continue; + while (*atrp) { + if (sscanf(atrp, "%02X", (unsigned int *) &byte) != 1) + break; + *p++ = byte; + atrp += 2; + len++; + if (*atrp++ != ':') + break; + } + if (len != atrlen) + continue; + if (memcmp(atr, defatr, len) != 0) + continue; + match = def; + break; + } + return match; +} + int sc_connect_card(struct sc_context *ctx, int reader, struct sc_card **card_out) { @@ -630,7 +664,13 @@ int sc_connect_card(struct sc_context *ctx, i = SC_MAX_ATR_SIZE; memcpy(card->atr, rgReaderStates[0].rgbAtr, i); card->atr_len = i; - card->class = 0; /* FIXME */ + + card->defaults = find_defaults(card->atr, card->atr_len); + if (card->defaults != NULL && card->defaults->defaults_func != NULL) { + card->defaults->defaults_func(card); + } else { + card->class = 0; /* FIXME */ + } card->reader = ctx->readers[reader]; *card_out = card; @@ -723,8 +763,9 @@ int sc_set_security_env(struct sc_card *card, if (r) return r; if (apdu.resp[0] != 0x90) { - fprintf(stderr, "Set sec env: SWs=%02X%02X\n", - apdu.resp[0], apdu.resp[1]); + if (sc_debug) + fprintf(stderr, "Set sec env: SWs=%02X%02X\n", + apdu.resp[0], apdu.resp[1]); return -1; } return 0; @@ -781,7 +822,8 @@ int sc_decipher(struct sc_card *card, memcpy(out, apdu.resp, len); return len; } - fprintf(stderr, "sc_decipher(): SW1=%02X, SW2=%02X\n", p[0], p[1]); + if (sc_debug) + fprintf(stderr, "sc_decipher(): SW1=%02X, SW2=%02X\n", p[0], p[1]); return convert_sw_to_errorcode(p); } @@ -818,8 +860,9 @@ int sc_compute_signature(struct sc_card *card, memcpy(out, apdu.resp, len); return len; } - fprintf(stderr, "sc_compute_signature(): SW1=%02X, SW2=%02X\n", - p[0], p[1]); + if (sc_debug) + fprintf(stderr, "sc_compute_signature(): SW1=%02X, SW2=%02X\n", + p[0], p[1]); return convert_sw_to_errorcode(p); } diff --git a/src/pam/pam_pkcs15.c b/src/pam/pam_pkcs15.c index 6fdf69bd..327f97a2 100644 --- a/src/pam/pam_pkcs15.c +++ b/src/pam/pam_pkcs15.c @@ -119,7 +119,7 @@ static int get_random(u8 *buf, int len) { int fd, r; - fd = open("/dev/random", O_RDONLY); + fd = open("/dev/urandom", O_RDONLY); if (fd < 0) return PAM_SYSTEM_ERR; while (len) { @@ -169,7 +169,7 @@ static int set_sec_env(struct sc_card *card, const struct sc_pkcs15_card *p15car { struct sc_security_env senv; int r; - + senv.signature = 0; senv.algorithm_ref = 0x02; senv.key_ref = 0; @@ -223,6 +223,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con pubkey = X509_get_pubkey(cert); if (pubkey == NULL) goto end; + DBG(printf("Getting random data...\n")); r = get_random(random_data, sizeof(random_data)); if (r != PAM_SUCCESS) goto end; @@ -250,6 +251,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con printf("SmartCard absent.\n"); goto end; } + DBG(printf("Locking card...\n")); sc_lock(card); locked = 1; @@ -259,7 +261,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con printf("PKCS#15 initialization failed: %s\n", sc_strerror(r)); goto end; } - DBG(printf("Enumerating stuff...\n")); + DBG(printf("Enumerating certificates...\n")); r = sc_pkcs15_enum_certificates(p15card); if (r < 0) { printf("Cert enum failed: %s\n", sc_strerror(r)); @@ -270,6 +272,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con for (i = 0; i < p15card->cert_count; i++) { } cinfo = &p15card->cert_info[0]; /* FIXME */ + DBG(printf("Enumerating private keys...\n")); r = sc_pkcs15_enum_private_keys(p15card); if (r <= 0) goto end; @@ -284,6 +287,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, con if (prkinfo == NULL) goto end; /* FIXME: Determine if PIN code needed */ + DBG(printf("Enumerating PIN codes...\n")); r = sc_pkcs15_enum_pins(p15card); if (r < 0) goto end; diff --git a/src/tests/p15dump.c b/src/tests/p15dump.c index 587dd9f2..2a7887e5 100644 --- a/src/tests/p15dump.c +++ b/src/tests/p15dump.c @@ -18,9 +18,7 @@ int enum_pins() { int i, c; - sc_lock(card); c = sc_pkcs15_enum_pins(p15card); - sc_unlock(card); if (c < 0) { fprintf(stderr, "Error enumerating PIN codes: %s\n", sc_strerror(i));