By default 'default' card driver is disabled ...
'Default' card driver is explicitely enabled for 'opensc-explorer' and 'opensc-tool' tools. https://github.com/OpenSC/OpenSC/pull/175
This commit is contained in:
Viktor Tarasov
parent
de4dd056bf
commit
1a972920f0
|
|
@ -45,6 +45,12 @@ app default {
|
|||
#
|
||||
# paranoid_memory = false;
|
||||
|
||||
# Enable default card driver
|
||||
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
||||
#
|
||||
# Default: false
|
||||
# enable_default_driver = true;
|
||||
|
||||
# CT-API module configuration.
|
||||
reader_driver ctapi {
|
||||
# module @libdir@/libtowitoko.so {
|
||||
|
|
|
|||
|
|
@ -45,6 +45,12 @@ app default {
|
|||
#
|
||||
# paranoid_memory = false;
|
||||
|
||||
# Enable default card driver
|
||||
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
||||
#
|
||||
# Default: false
|
||||
# enable_default_driver = true;
|
||||
|
||||
# CT-API module configuration.
|
||||
reader_driver ctapi {
|
||||
# module @libdir@/libtowitoko.so {
|
||||
|
|
|
|||
|
|
@ -32,22 +32,29 @@ static struct sc_card_driver default_drv = {
|
|||
NULL, 0, NULL
|
||||
};
|
||||
|
||||
static int default_match_card(sc_card_t *card)
|
||||
|
||||
static int
|
||||
default_match_card(struct sc_card *card)
|
||||
{
|
||||
return 1; /* always match */
|
||||
}
|
||||
|
||||
static int autodetect_class(sc_card_t *card)
|
||||
|
||||
static int
|
||||
autodetect_class(struct sc_card *card)
|
||||
{
|
||||
struct sc_context *ctx = card->ctx;
|
||||
int classes[] = { 0x00, 0xC0, 0xB0, 0xA0 };
|
||||
int class_count = sizeof(classes)/sizeof(int);
|
||||
u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
|
||||
sc_apdu_t apdu;
|
||||
unsigned char rbuf[SC_MAX_APDU_BUFFER_SIZE];
|
||||
struct sc_apdu apdu;
|
||||
int i, r;
|
||||
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "autodetecting CLA byte\n");
|
||||
LOG_FUNC_CALLED(ctx);
|
||||
|
||||
for (i = 0; i < class_count; i++) {
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "trying with 0x%02X\n", classes[i]);
|
||||
sc_log(ctx, "trying with 0x%02X", classes[i]);
|
||||
|
||||
memset(&apdu, 0, sizeof(apdu));
|
||||
apdu.cla = classes[i];
|
||||
apdu.cse = SC_APDU_CASE_2_SHORT;
|
||||
|
|
@ -59,56 +66,58 @@ static int autodetect_class(sc_card_t *card)
|
|||
apdu.resp = rbuf;
|
||||
apdu.resplen = sizeof(rbuf);
|
||||
r = sc_transmit_apdu(card, &apdu);
|
||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
|
||||
LOG_TEST_RET(ctx, r, "APDU transmit failed");
|
||||
|
||||
if (apdu.sw1 == 0x6E)
|
||||
continue;
|
||||
if (apdu.sw1 == 0x90 && apdu.sw2 == 0x00)
|
||||
break;
|
||||
if (apdu.sw1 == 0x61)
|
||||
break;
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"got strange SWs: 0x%02X 0x%02X\n", apdu.sw1, apdu.sw2);
|
||||
|
||||
sc_log(ctx, "got strange SWs: 0x%02X 0x%02X", apdu.sw1, apdu.sw2);
|
||||
break;
|
||||
}
|
||||
|
||||
if (i == class_count)
|
||||
return -1;
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_CLASS_NOT_SUPPORTED);
|
||||
|
||||
card->cla = classes[i];
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"detected CLA byte as 0x%02X\n", card->cla);
|
||||
sc_log(ctx, "detected CLA byte as 0x%02X", card->cla);
|
||||
if (apdu.resplen < 2) {
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"SELECT FILE returned %d bytes\n", apdu.resplen);
|
||||
return SC_SUCCESS;
|
||||
sc_log(ctx, "SELECT FILE returned %d bytes", apdu.resplen);
|
||||
}
|
||||
if (rbuf[0] == 0x6F) {
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"SELECT FILE seems to behave according to ISO 7816-4\n");
|
||||
return SC_SUCCESS;
|
||||
else if (rbuf[0] == 0x6F) {
|
||||
sc_log(ctx, "SELECT FILE seems to behave according to ISO 7816-4\n");
|
||||
}
|
||||
if (rbuf[0] == 0x00 && rbuf[1] == 0x00) {
|
||||
else if (rbuf[0] == 0x00 && rbuf[1] == 0x00) {
|
||||
struct sc_card_driver *drv;
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"SELECT FILE seems to return Schlumberger 'flex stuff\n");
|
||||
sc_log(ctx, "SELECT FILE seems to return Schlumberger 'flex stuff");
|
||||
|
||||
drv = sc_get_cryptoflex_driver();
|
||||
card->ops->select_file = drv->ops->select_file;
|
||||
return SC_SUCCESS;
|
||||
}
|
||||
return SC_SUCCESS;
|
||||
|
||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||
}
|
||||
|
||||
static int default_init(sc_card_t *card)
|
||||
|
||||
static int
|
||||
default_init(struct sc_card *card)
|
||||
{
|
||||
int r;
|
||||
|
||||
|
||||
LOG_FUNC_CALLED(card->ctx);
|
||||
|
||||
card->name = "Unsupported card";
|
||||
card->drv_data = NULL;
|
||||
r = autodetect_class(card);
|
||||
if (r) {
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "unable to determine the right class byte\n");
|
||||
return SC_ERROR_INVALID_CARD;
|
||||
sc_log(card->ctx, "unable to determine the right class byte");
|
||||
LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_CARD);
|
||||
}
|
||||
|
||||
return SC_SUCCESS;
|
||||
LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
|
||||
}
|
||||
|
||||
static struct sc_card_driver * sc_get_driver(void)
|
||||
|
|
|
|||
|
|
@ -229,15 +229,22 @@ int sc_connect_card(sc_reader_t *reader, sc_card_t **card_out)
|
|||
goto err;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
sc_debug(ctx, SC_LOG_DEBUG_MATCH, "matching built-in ATRs");
|
||||
}
|
||||
else {
|
||||
sc_log(ctx, "matching built-in ATRs");
|
||||
for (i = 0; ctx->card_drivers[i] != NULL; i++) {
|
||||
struct sc_card_driver *drv = ctx->card_drivers[i];
|
||||
const struct sc_card_operations *ops = drv->ops;
|
||||
|
||||
sc_log(ctx, "trying driver '%s'", drv->short_name);
|
||||
if (ops == NULL || ops->match_card == NULL)
|
||||
if (ops == NULL || ops->match_card == NULL) {
|
||||
continue;
|
||||
}
|
||||
else if (!ctx->enable_default_driver && !strcmp("default", drv->short_name)) {
|
||||
sc_log(ctx , "ignore 'default' card driver");
|
||||
continue;
|
||||
}
|
||||
|
||||
/* Needed if match_card() needs to talk with the card (e.g. card-muscle) */
|
||||
*card->ops = *ops;
|
||||
if (ops->match_card(card) != 1)
|
||||
|
|
|
|||
|
|
@ -182,6 +182,8 @@ static void set_defaults(sc_context_t *ctx, struct _sc_ctx_options *opts)
|
|||
fclose(ctx->debug_file);
|
||||
ctx->debug_file = stderr;
|
||||
ctx->paranoid_memory = 0;
|
||||
ctx->enable_default_driver = 0;
|
||||
|
||||
#ifdef __APPLE__
|
||||
/* Override the default debug log for OpenSC.tokend to be different from PKCS#11.
|
||||
* TODO: Could be moved to OpenSC.tokend */
|
||||
|
|
@ -254,6 +256,9 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
|
|||
ctx->paranoid_memory = scconf_get_bool (block, "paranoid-memory",
|
||||
ctx->paranoid_memory);
|
||||
|
||||
ctx->enable_default_driver = scconf_get_bool (block, "enable_default_driver",
|
||||
ctx->enable_default_driver);
|
||||
|
||||
val = scconf_get_str(block, "force_card_driver", NULL);
|
||||
if (val) {
|
||||
if (opts->forced_card_driver)
|
||||
|
|
|
|||
|
|
@ -693,6 +693,7 @@ typedef struct sc_context {
|
|||
char *app_name;
|
||||
int debug;
|
||||
int paranoid_memory;
|
||||
int enable_default_driver;
|
||||
|
||||
FILE *debug_file;
|
||||
char *debug_filename;
|
||||
|
|
|
|||
|
|
@ -297,27 +297,40 @@ ambiguous_match(struct command *table, const char *cmd)
|
|||
return last_match;
|
||||
}
|
||||
|
||||
static void check_ret(int r, int op, const char *err, const sc_file_t *file)
|
||||
|
||||
static void
|
||||
check_ret(int r, int op, const char *err, const sc_file_t *file)
|
||||
{
|
||||
fprintf(stderr, "%s: %s\n", err, sc_strerror(r));
|
||||
if (r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
|
||||
fprintf(stderr, "ACL for operation: %s\n", util_acl_to_str(sc_file_get_acl_entry(file, op)));
|
||||
}
|
||||
|
||||
static int arg_to_fid(const char *arg, u8 *fid)
|
||||
{
|
||||
if (strlen(arg) != 4) {
|
||||
printf("Wrong ID length.\n");
|
||||
return -1;
|
||||
}
|
||||
if (sscanf(arg, "%02X%02X", &fid[0], &fid[1]) != 2) {
|
||||
printf("Invalid ID.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
static int
|
||||
arg_to_fid(const char *arg, u8 *fid)
|
||||
{
|
||||
unsigned int fid0, fid1;
|
||||
|
||||
if (strlen(arg) != 4) {
|
||||
printf("Wrong ID length.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (sscanf(arg, "%02X%02X", &fid0, &fid1) != 2) {
|
||||
printf("Invalid ID.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
fid[0] = (unsigned char)fid0;
|
||||
fid[1] = (unsigned char)fid1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
static int arg_to_path(const char *arg, sc_path_t *path, int is_id)
|
||||
|
||||
|
||||
static int
|
||||
arg_to_path(const char *arg, sc_path_t *path, int is_id)
|
||||
{
|
||||
memset(path, 0, sizeof(sc_path_t));
|
||||
|
||||
|
|
@ -998,14 +1011,15 @@ static int do_verify(int argc, char **argv)
|
|||
printf("No PIN entered - aborting VERIFY.\n");
|
||||
return -1;
|
||||
}
|
||||
if (strlcpy(buf, pin, sizeof(buf)) >= sizeof(buf)) {
|
||||
|
||||
if (strlcpy((char *)buf, pin, sizeof(buf)) >= sizeof(buf)) {
|
||||
free(pin);
|
||||
printf("PIN too long - aborting VERIFY.\n");
|
||||
return -1;
|
||||
}
|
||||
free(pin);
|
||||
data.pin1.data = buf;
|
||||
data.pin1.len = strlen(buf);
|
||||
data.pin1.len = strlen((char *)buf);
|
||||
}
|
||||
} else {
|
||||
r = parse_string_or_hexdata(argv[1], buf, &buflen);
|
||||
|
|
@ -1772,7 +1786,7 @@ int main(int argc, char * const argv[])
|
|||
char *cargv[260];
|
||||
sc_context_param_t ctx_param;
|
||||
int lcycle = SC_CARDCTRL_LIFECYCLE_ADMIN;
|
||||
FILE *script;
|
||||
FILE *script = stdin;
|
||||
|
||||
printf("OpenSC Explorer version %s\n", sc_get_version());
|
||||
|
||||
|
|
@ -1811,6 +1825,8 @@ int main(int argc, char * const argv[])
|
|||
return 1;
|
||||
}
|
||||
|
||||
ctx->enable_default_driver = 1;
|
||||
|
||||
if (verbose > 1) {
|
||||
ctx->debug = verbose;
|
||||
ctx->debug_file = stderr;
|
||||
|
|
|
|||
|
|
@ -751,6 +751,8 @@ int main(int argc, char * const argv[])
|
|||
return 1;
|
||||
}
|
||||
|
||||
ctx->enable_default_driver = 1;
|
||||
|
||||
if (verbose > 1) {
|
||||
ctx->debug = verbose;
|
||||
sc_ctx_log_to_file(ctx, "stderr");
|
||||
|
|
|
|||
Loading…
Reference in New Issue