giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

win32: Dedicated md/pkcs11 installation folders 

Don't install non-permanent files (md/pkcs11) to system folder anymore.
This commit is contained in:
Frank Morgner 2017-07-17 22:53:07 +02:00
parent 2765b7b1a0
commit 172f320c9a
11 changed files with 72 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
configure.ac
View File

@ -784,7 +784,11 @@ if test "${enable_sm}" = "yes"; then
fi
if test "${with_pkcs11_provider}" = "detect"; then
DEFAULT_PKCS11_PROVIDER="opensc-pkcs11${DYN_LIB_EXT}"
if test "${WIN32}" != "yes"; then
DEFAULT_PKCS11_PROVIDER="opensc-pkcs11${DYN_LIB_EXT}"
else
DEFAULT_PKCS11_PROVIDER="%PROGRAMFILES%\\\OpenSC Project\\\OpenSC\\\pkcs11\\\opensc-pkcs11.dll"
fi
else
DEFAULT_PKCS11_PROVIDER="${with_pkcs11_provider}"
fi

4
src/minidriver/Makefile.am
View File

@ -7,9 +7,9 @@ if ENABLE_MINIDRIVER
lib_LTLIBRARIES = opensc-minidriver@LIBRARY_BITNESS@.la
# Do we need this on bin? Why can't we
# put it in dedicated directory
dist_sbin_SCRIPTS = opensc-minidriver.inf minidriver-westcos.reg minidriver-sc-hsm.reg minidriver-feitian.reg
dist_sbin_SCRIPTS = opensc-minidriver.inf
else
dist_noinst_DATA = opensc-minidriver.inf minidriver-westcos.reg minidriver-sc-hsm.reg minidriver-feitian.reg
dist_noinst_DATA = opensc-minidriver.inf
endif
AM_CFLAGS = $(OPTIONAL_OPENSSL_CFLAGS)

30
src/minidriver/minidriver-feitian.reg
View File

@ -1,30 +0,0 @@
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\ePass2003]
"ATR"=hex:3b,9f,95,81,31,fe,9f,00,66,46,53,05,01,00,11,71,df,00,00,03,6a,82,f8
"ATRMask"=hex,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\ePass2003]
"ATR"=hex:3b,9f,95,81,31,fe,9f,00,66,46,53,05,01,00,11,71,df,00,00,03,6a,82,f8
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\FTCOS/PK-01C]
"ATR"=hex:3b,9f,95,81,31,fe,9f,00,65,46,53,05,00,06,71,df,00,00,00,00,00,00,00
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,ff,ff,ff,ff,ff,ff,00,00,00,00
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\FTCOS/PK-01C]
"ATR"=hex:3b,9f,95,81,31,fe,9f,00,65,46,53,05,00,06,71,df,00,00,00,00,00,00,00
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,ff,ff,ff,ff,ff,ff,00,00,00,00
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"

33
src/minidriver/minidriver-italian-cns.reg
View File

@ -1,33 +0,0 @@
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\CPS]
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
"ATR"=hex:3b,ff,18,00,ff,c1,0a,31,fe,55,00,6b,05,08,c8,0c,01,11,01,43,4e,53,10,\
31,80,05
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\CPS-Athena]
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
"ATR"=hex:3b,df,18,00,81,31,fe,7d,00,6b,02,0c,01,82,01,11,01,43,4e,53,10,31,80,fc
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\CPS]
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
"ATR"=hex:3b,ff,18,00,ff,c1,0a,31,fe,55,00,6b,05,08,c8,0c,01,11,01,43,4e,53,10,\
31,80,05
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\CPS-Athena]
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
"Smart Card Key Storage Provider"="Microsoft Smart Card Key Storage Provider"
"80000001"="opensc-minidriver.dll"
"ATR"=hex:3b,df,18,00,81,31,fe,7d,00,6b,02,0c,01,82,01,11,01,43,4e,53,10,31,80,fc
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff

BIN
src/minidriver/minidriver-sc-hsm.reg
View File

Binary file not shown.

7
src/minidriver/minidriver-westcos.reg
View File

@ -1,7 +0,0 @@
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\CEV WESTCOS]
"80000001"="opensc-minidriver.dll"
"ATR"=hex:3f,69,00,00,00,64,01,00,00,00,80,90,00
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,00,00,00,f0,ff,ff
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"

2
src/pkcs11/pkcs11-spy.c
View File

@ -172,7 +172,7 @@ init_spy(void)
}
}
if( (rc == ERROR_SUCCESS) && (temp_len < PATH_MAX) )
if( (rc == ERROR_SUCCESS) && (temp_len < PATH_MAX) )
output = temp_path;
RegCloseKey( hKey );
}

6
src/pkcs11/sc-pkcs11.h
View File

@ -36,12 +36,6 @@
extern "C" {
#endif
#if defined(_WIN32) || defined(USE_CYGWIN)
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.dll"
#else
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so"
#endif
#define SC_PKCS11_PIN_UNBLOCK_NOT_ALLOWED 0
#define SC_PKCS11_PIN_UNBLOCK_UNLOGGED_SETPIN 1
#define SC_PKCS11_PIN_UNBLOCK_SCONTEXT_SETPIN 2

13
src/tools/pkcs11-tool.c
View File

@ -26,10 +26,11 @@
#include <stdlib.h>
#ifndef _WIN32
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#else
#include <windows.h>
#include <io.h>
#endif
@ -537,6 +538,9 @@ int main(int argc, char * argv[])
CK_RV rv;
#ifdef _WIN32
char expanded_val[PATH_MAX];
DWORD expanded_len;
if(_setmode(_fileno(stdout), _O_BINARY ) == -1)
util_fatal("Cannot set FMODE to O_BINARY");
if(_setmode(_fileno(stdin), _O_BINARY ) == -1)
@ -844,6 +848,13 @@ int main(int argc, char * argv[])
if (action_count == 0)
util_print_usage_and_die(app_name, options, option_help, NULL);
#ifdef _WIN32
expanded_len = PATH_MAX;
expanded_len = ExpandEnvironmentStringsA(opt_module, expanded_val, expanded_len);
if (0 < expanded_len && expanded_len < sizeof expanded_val)
opt_module = expanded_val;
#endif
module = C_LoadModule(opt_module, &p11);
if (module == NULL)
util_fatal("Failed to load pkcs11 module");

80
win32/OpenSC.wxs.in
View File

@ -7,7 +7,6 @@
<?endif ?>
<?define Win64YesNo="yes" ?>
<?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>
<?define PlatformSystemFolder = "System64Folder" ?>
<?define PlatformUpgradeCode = "{9A449570-69A2-11E0-9CC6-955B4824019B}" ?>
<?else ?>
<?ifndef OpenSSL ?>
@ -17,7 +16,6 @@
<?endif ?>
<?define Win64YesNo="no" ?>
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
<?define PlatformSystemFolder = "SystemFolder" ?>
<?define PlatformUpgradeCode = "{69428F65-B96D-458D-BB87-DBB5FDB35DCE}" ?>
<?endif ?>
@ -59,47 +57,10 @@
<MajorUpgrade DowngradeErrorMessage="Can't downgrade." AllowSameVersionUpgrades="yes"/>
<Directory Id="TARGETDIR" Name="SourceDir">
<!-- Install critical DLL-s to system folder. NB! Id-s can not contain "-" characters! -->
<Directory Id="$(var.PlatformSystemFolder)" Name=".">
<Component Id="opensc_pkcs11.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\pkcs11\opensc-pkcs11.dll" Vital="yes"/>
</Component>
<Component Id="onepin_opensc_pkcs11.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\pkcs11\onepin-opensc-pkcs11.dll" Vital="yes"/>
</Component>
<Component Id="opensc_minidriver.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\minidriver\opensc-minidriver.dll" Vital="yes"/>
</Component>
<!-- install an alias for the Base smart card CSP. Using a different CSP in minidriver installation deactivate the plug and play feature
but not all other components like the pin change screen available after ctrl+alt+del.
It is because the "80000001" entry is still returning the minidriver dll.-->
<Component Id="openscBaseCSP" Guid="*" Win64="$(var.Win64YesNo)">
<RegistryKey Root="HKLM" Key="SOFTWARE\Microsoft\Cryptography\Defaults\Provider\OpenSC CSP">
<RegistryValue Type="string" Name="Image Path" Value="basecsp.dll" KeyPath="yes"/>
<RegistryValue Type="integer" Name="Type" Value="1"/>
</RegistryKey>
<!-- when the x64 installer will install x86 components on x64 plateform too
<?if $(var.Platform) = x64 ?>
<RegistryKey Root="HKLM" Key="SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\OpenSC CSP">
<RegistryValue Type="string" Name="Image Path" Value="basecsp.dll"/>
<RegistryValue Type="integer" Name="Type" Value="1"/>
</RegistryKey>
<?endif?>
-->
</Component>
</Directory>
<!-- Install tools and profiles to Program Files -->
<Directory Id="$(var.PlatformProgramFilesFolder)" Name="PFiles">
<Directory Id="OpenSC_Project_Dir" Name="OpenSC Project">
<!-- Most of the stuff goes to the Program Files folder -->
<Directory Id="PKCS11SPYINSTALLDIR" Name="PKCS11-Spy">
<Component Id="pkcs11_spy.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\pkcs11\pkcs11-spy.dll"/>
<RegistryKey Id="Pkcs11SpyRegs" Root="HKLM" Key="Software\[Manufacturer]\PKCS11-Spy" Action="createAndRemoveOnUninstall">
<RegistryValue Type="string" Name="Module" Value="%SystemRoot%\system32\opensc-pkcs11.dll"/>
<RegistryValue Type="string" Name="Output" Value="%TEMP%\pkcs11-spy.log"/>
</RegistryKey>
</Component>
</Directory>
<Directory Id="INSTALLDIR" Name="OpenSC">
<!-- opensc.conf sample goes to installation directory -->
<Component Id="opensc.conf" Guid="*" Win64="$(var.Win64YesNo)">
@ -113,6 +74,38 @@
</RegistryKey>
</Component>
<Directory Id="INSTALLDIR_MINIDRIVER" Name="minidriver">
<Component Id="opensc_minidriver.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\minidriver\opensc-minidriver.dll" Vital="yes"/>
</Component>
<!-- install an alias for the Base smart card CSP. Using a different CSP in minidriver installation deactivate the plug and play feature
but not all other components like the pin change screen available after ctrl+alt+del.
It is because the "80000001" entry is still returning the minidriver dll.-->
<Component Id="openscBaseCSP" Guid="*" Win64="$(var.Win64YesNo)">
<RegistryKey Root="HKLM" Key="SOFTWARE\Microsoft\Cryptography\Defaults\Provider\OpenSC CSP">
<RegistryValue Type="string" Name="Image Path" Value="basecsp.dll" KeyPath="yes"/>
<RegistryValue Type="integer" Name="Type" Value="1"/>
</RegistryKey>
<!-- when the x64 installer will install x86 components on x64 plateform too
<?if $(var.Platform) = x64 ?>
<RegistryKey Root="HKLM" Key="SOFTWARE\Wow6432Node\Microsoft\Cryptography\Defaults\Provider\OpenSC CSP">
<RegistryValue Type="string" Name="Image Path" Value="basecsp.dll"/>
<RegistryValue Type="integer" Name="Type" Value="1"/>
</RegistryKey>
<?endif?>
-->
</Component>
</Directory>
<Directory Id="INSTALLDIR_PKCS11" Name="pkcs11">
<Component Id="opensc_pkcs11.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\pkcs11\opensc-pkcs11.dll" Vital="yes"/>
</Component>
<Component Id="onepin_opensc_pkcs11.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\pkcs11\onepin-opensc-pkcs11.dll" Vital="yes"/>
</Component>
</Directory>
<!-- Tools have their own folder -->
<Directory Id="INSTALLDIR_TOOLS" Name="tools">
<?ifdef zlib ?>
@ -288,6 +281,15 @@
</Directory>
<?endif ?>
</Directory>
<Directory Id="PKCS11SPYINSTALLDIR" Name="PKCS11-Spy">
<Component Id="pkcs11_spy.dll" Guid="*" Win64="$(var.Win64YesNo)">
<File Source="$(var.SOURCE_DIR)\src\pkcs11\pkcs11-spy.dll"/>
<RegistryKey Id="Pkcs11SpyRegs" Root="HKLM" Key="Software\[Manufacturer]\PKCS11-Spy" Action="createAndRemoveOnUninstall">
<RegistryValue Type="string" Name="Module" Value="[INSTALLDIR_MINIDRIVER]opensc-pkcs11.dll"/>
<RegistryValue Type="string" Name="Output" Value="%TEMP%\pkcs11-spy.log"/>
</RegistryKey>
</Component>
</Directory>
</Directory>
</Directory>
<Directory Id="ProgramMenuFolder" Name="Programs">

15
win32/customactions.cpp
View File

@ -64,12 +64,10 @@ typedef struct _MD_REGISTRATION
For example, do not uninstall the minidriver for a card if a middleware is already installed */
MD_REGISTRATION minidriver_registration[] = {
/* from minidriver-feitian.reg */
{TEXT("ePass2003"), {0x3b,0x9f,0x95,0x81,0x31,0xfe,0x9f,0x00,0x66,0x46,0x53,0x05,0x01,0x00,0x11,0x71,0xdf,0x00,0x00,0x03,0x6a,0x82,0xf8},
23, {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}},
{TEXT("FTCOS/PK-01C"), {0x3b,0x9f,0x95,0x81,0x31,0xfe,0x9f,0x00,0x65,0x46,0x53,0x05,0x00,0x06,0x71,0xdf,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
23, {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00}},
/* from minidriver-sc-hsm.reg */
{TEXT("SmartCard-HSM"), {0x3b,0xfe,0x18,0x00,0x00,0x81,0x31,0xfe,0x45,0x80,0x31,0x81,0x54,0x48,0x53,0x4d,0x31,0x73,0x80,0x21,0x40,0x81,0x07,0xfa},
24, {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}},
{TEXT("SmartCard-HSM-CL"), {0x3B,0x8E,0x80,0x01,0x80,0x31,0x81,0x54,0x48,0x53,0x4D,0x31,0x73,0x80,0x21,0x40,0x81,0x07,0x18},
@ -100,7 +98,6 @@ MD_REGISTRATION minidriver_registration[] = {
19, {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}},
{TEXT("GoID (11)"), {0x3B,0x8f,0x80,0x01,0x47,0x6f,0x49,0x44,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
20, {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}},
/* from minidriver-westcos.reg */
{TEXT("CEV WESTCOS"), {0x3f,0x69,0x00,0x00,0x00,0x64,0x01,0x00,0x00,0x00,0x80,0x90,0x00},
13, {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x00,0x00,0xf0,0xff,0xff}},
/* from card-openpgp.c */
@ -254,8 +251,18 @@ void RegisterCardWithKey(PTSTR szKey, PTSTR szCard, PTSTR szPath, PBYTE pbATR, D
VOID RegisterSmartCard(PMD_REGISTRATION registration)
{
RegisterCardWithKey(SC_DATABASE, registration->szName, TEXT("opensc-minidriver.dll"),registration->pbAtr, registration->dwAtrSize, registration->pbAtrMask );
DWORD expanded_len = PATH_MAX;
TCHAR expanded_val[PATH_MAX];
PTSTR szPath = TEXT("C:\\Program Files\\OpenSC Project\\OpenSC\\minidriver\\opensc-minidriver.dll");
/* cope with x86 installation on x64 */
expanded_len = ExpandEnvironmentStrings(
TEXT("%ProgramFiles%\\OpenSC Project\\OpenSC\\minidriver\\opensc-minidriver.dll"),
expanded_val, expanded_len);
if (0 < expanded_len && expanded_len < sizeof expanded_val)
szPath = expanded_val;
RegisterCardWithKey(SC_DATABASE, registration->szName, szPath, registration->pbAtr, registration->dwAtrSize, registration->pbAtrMask );
}
UINT WINAPI AddSmartCardConfiguration(MSIHANDLE hInstall)