By default 'default' card driver is disabled ...
'Default' card driver is explicitely enabled for 'opensc-explorer' and 'opensc-tool' tools. https://github.com/OpenSC/OpenSC/pull/175
This commit is contained in:
parent
de4dd056bf
commit
1a972920f0
|
@ -45,6 +45,12 @@ app default {
|
||||||
#
|
#
|
||||||
# paranoid_memory = false;
|
# paranoid_memory = false;
|
||||||
|
|
||||||
|
# Enable default card driver
|
||||||
|
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
||||||
|
#
|
||||||
|
# Default: false
|
||||||
|
# enable_default_driver = true;
|
||||||
|
|
||||||
# CT-API module configuration.
|
# CT-API module configuration.
|
||||||
reader_driver ctapi {
|
reader_driver ctapi {
|
||||||
# module @libdir@/libtowitoko.so {
|
# module @libdir@/libtowitoko.so {
|
||||||
|
|
|
@ -45,6 +45,12 @@ app default {
|
||||||
#
|
#
|
||||||
# paranoid_memory = false;
|
# paranoid_memory = false;
|
||||||
|
|
||||||
|
# Enable default card driver
|
||||||
|
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
||||||
|
#
|
||||||
|
# Default: false
|
||||||
|
# enable_default_driver = true;
|
||||||
|
|
||||||
# CT-API module configuration.
|
# CT-API module configuration.
|
||||||
reader_driver ctapi {
|
reader_driver ctapi {
|
||||||
# module @libdir@/libtowitoko.so {
|
# module @libdir@/libtowitoko.so {
|
||||||
|
|
|
@ -32,22 +32,29 @@ static struct sc_card_driver default_drv = {
|
||||||
NULL, 0, NULL
|
NULL, 0, NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static int default_match_card(sc_card_t *card)
|
|
||||||
|
static int
|
||||||
|
default_match_card(struct sc_card *card)
|
||||||
{
|
{
|
||||||
return 1; /* always match */
|
return 1; /* always match */
|
||||||
}
|
}
|
||||||
|
|
||||||
static int autodetect_class(sc_card_t *card)
|
|
||||||
|
static int
|
||||||
|
autodetect_class(struct sc_card *card)
|
||||||
{
|
{
|
||||||
|
struct sc_context *ctx = card->ctx;
|
||||||
int classes[] = { 0x00, 0xC0, 0xB0, 0xA0 };
|
int classes[] = { 0x00, 0xC0, 0xB0, 0xA0 };
|
||||||
int class_count = sizeof(classes)/sizeof(int);
|
int class_count = sizeof(classes)/sizeof(int);
|
||||||
u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
|
unsigned char rbuf[SC_MAX_APDU_BUFFER_SIZE];
|
||||||
sc_apdu_t apdu;
|
struct sc_apdu apdu;
|
||||||
int i, r;
|
int i, r;
|
||||||
|
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "autodetecting CLA byte\n");
|
LOG_FUNC_CALLED(ctx);
|
||||||
|
|
||||||
for (i = 0; i < class_count; i++) {
|
for (i = 0; i < class_count; i++) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "trying with 0x%02X\n", classes[i]);
|
sc_log(ctx, "trying with 0x%02X", classes[i]);
|
||||||
|
|
||||||
memset(&apdu, 0, sizeof(apdu));
|
memset(&apdu, 0, sizeof(apdu));
|
||||||
apdu.cla = classes[i];
|
apdu.cla = classes[i];
|
||||||
apdu.cse = SC_APDU_CASE_2_SHORT;
|
apdu.cse = SC_APDU_CASE_2_SHORT;
|
||||||
|
@ -59,56 +66,58 @@ static int autodetect_class(sc_card_t *card)
|
||||||
apdu.resp = rbuf;
|
apdu.resp = rbuf;
|
||||||
apdu.resplen = sizeof(rbuf);
|
apdu.resplen = sizeof(rbuf);
|
||||||
r = sc_transmit_apdu(card, &apdu);
|
r = sc_transmit_apdu(card, &apdu);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
|
LOG_TEST_RET(ctx, r, "APDU transmit failed");
|
||||||
|
|
||||||
if (apdu.sw1 == 0x6E)
|
if (apdu.sw1 == 0x6E)
|
||||||
continue;
|
continue;
|
||||||
if (apdu.sw1 == 0x90 && apdu.sw2 == 0x00)
|
if (apdu.sw1 == 0x90 && apdu.sw2 == 0x00)
|
||||||
break;
|
break;
|
||||||
if (apdu.sw1 == 0x61)
|
if (apdu.sw1 == 0x61)
|
||||||
break;
|
break;
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
|
||||||
"got strange SWs: 0x%02X 0x%02X\n", apdu.sw1, apdu.sw2);
|
sc_log(ctx, "got strange SWs: 0x%02X 0x%02X", apdu.sw1, apdu.sw2);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (i == class_count)
|
if (i == class_count)
|
||||||
return -1;
|
LOG_FUNC_RETURN(ctx, SC_ERROR_CLASS_NOT_SUPPORTED);
|
||||||
|
|
||||||
card->cla = classes[i];
|
card->cla = classes[i];
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_log(ctx, "detected CLA byte as 0x%02X", card->cla);
|
||||||
"detected CLA byte as 0x%02X\n", card->cla);
|
|
||||||
if (apdu.resplen < 2) {
|
if (apdu.resplen < 2) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_log(ctx, "SELECT FILE returned %d bytes", apdu.resplen);
|
||||||
"SELECT FILE returned %d bytes\n", apdu.resplen);
|
|
||||||
return SC_SUCCESS;
|
|
||||||
}
|
}
|
||||||
if (rbuf[0] == 0x6F) {
|
else if (rbuf[0] == 0x6F) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_log(ctx, "SELECT FILE seems to behave according to ISO 7816-4\n");
|
||||||
"SELECT FILE seems to behave according to ISO 7816-4\n");
|
|
||||||
return SC_SUCCESS;
|
|
||||||
}
|
}
|
||||||
if (rbuf[0] == 0x00 && rbuf[1] == 0x00) {
|
else if (rbuf[0] == 0x00 && rbuf[1] == 0x00) {
|
||||||
struct sc_card_driver *drv;
|
struct sc_card_driver *drv;
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_log(ctx, "SELECT FILE seems to return Schlumberger 'flex stuff");
|
||||||
"SELECT FILE seems to return Schlumberger 'flex stuff\n");
|
|
||||||
drv = sc_get_cryptoflex_driver();
|
drv = sc_get_cryptoflex_driver();
|
||||||
card->ops->select_file = drv->ops->select_file;
|
card->ops->select_file = drv->ops->select_file;
|
||||||
return SC_SUCCESS;
|
|
||||||
}
|
}
|
||||||
return SC_SUCCESS;
|
|
||||||
|
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int default_init(sc_card_t *card)
|
|
||||||
|
static int
|
||||||
|
default_init(struct sc_card *card)
|
||||||
{
|
{
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
LOG_FUNC_CALLED(card->ctx);
|
||||||
|
|
||||||
card->name = "Unsupported card";
|
card->name = "Unsupported card";
|
||||||
card->drv_data = NULL;
|
card->drv_data = NULL;
|
||||||
r = autodetect_class(card);
|
r = autodetect_class(card);
|
||||||
if (r) {
|
if (r) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "unable to determine the right class byte\n");
|
sc_log(card->ctx, "unable to determine the right class byte");
|
||||||
return SC_ERROR_INVALID_CARD;
|
LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_CARD);
|
||||||
}
|
}
|
||||||
|
|
||||||
return SC_SUCCESS;
|
LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct sc_card_driver * sc_get_driver(void)
|
static struct sc_card_driver * sc_get_driver(void)
|
||||||
|
|
|
@ -229,15 +229,22 @@ int sc_connect_card(sc_reader_t *reader, sc_card_t **card_out)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
}
|
||||||
sc_debug(ctx, SC_LOG_DEBUG_MATCH, "matching built-in ATRs");
|
else {
|
||||||
|
sc_log(ctx, "matching built-in ATRs");
|
||||||
for (i = 0; ctx->card_drivers[i] != NULL; i++) {
|
for (i = 0; ctx->card_drivers[i] != NULL; i++) {
|
||||||
struct sc_card_driver *drv = ctx->card_drivers[i];
|
struct sc_card_driver *drv = ctx->card_drivers[i];
|
||||||
const struct sc_card_operations *ops = drv->ops;
|
const struct sc_card_operations *ops = drv->ops;
|
||||||
|
|
||||||
sc_log(ctx, "trying driver '%s'", drv->short_name);
|
sc_log(ctx, "trying driver '%s'", drv->short_name);
|
||||||
if (ops == NULL || ops->match_card == NULL)
|
if (ops == NULL || ops->match_card == NULL) {
|
||||||
continue;
|
continue;
|
||||||
|
}
|
||||||
|
else if (!ctx->enable_default_driver && !strcmp("default", drv->short_name)) {
|
||||||
|
sc_log(ctx , "ignore 'default' card driver");
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
/* Needed if match_card() needs to talk with the card (e.g. card-muscle) */
|
/* Needed if match_card() needs to talk with the card (e.g. card-muscle) */
|
||||||
*card->ops = *ops;
|
*card->ops = *ops;
|
||||||
if (ops->match_card(card) != 1)
|
if (ops->match_card(card) != 1)
|
||||||
|
|
|
@ -182,6 +182,8 @@ static void set_defaults(sc_context_t *ctx, struct _sc_ctx_options *opts)
|
||||||
fclose(ctx->debug_file);
|
fclose(ctx->debug_file);
|
||||||
ctx->debug_file = stderr;
|
ctx->debug_file = stderr;
|
||||||
ctx->paranoid_memory = 0;
|
ctx->paranoid_memory = 0;
|
||||||
|
ctx->enable_default_driver = 0;
|
||||||
|
|
||||||
#ifdef __APPLE__
|
#ifdef __APPLE__
|
||||||
/* Override the default debug log for OpenSC.tokend to be different from PKCS#11.
|
/* Override the default debug log for OpenSC.tokend to be different from PKCS#11.
|
||||||
* TODO: Could be moved to OpenSC.tokend */
|
* TODO: Could be moved to OpenSC.tokend */
|
||||||
|
@ -254,6 +256,9 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
|
||||||
ctx->paranoid_memory = scconf_get_bool (block, "paranoid-memory",
|
ctx->paranoid_memory = scconf_get_bool (block, "paranoid-memory",
|
||||||
ctx->paranoid_memory);
|
ctx->paranoid_memory);
|
||||||
|
|
||||||
|
ctx->enable_default_driver = scconf_get_bool (block, "enable_default_driver",
|
||||||
|
ctx->enable_default_driver);
|
||||||
|
|
||||||
val = scconf_get_str(block, "force_card_driver", NULL);
|
val = scconf_get_str(block, "force_card_driver", NULL);
|
||||||
if (val) {
|
if (val) {
|
||||||
if (opts->forced_card_driver)
|
if (opts->forced_card_driver)
|
||||||
|
|
|
@ -693,6 +693,7 @@ typedef struct sc_context {
|
||||||
char *app_name;
|
char *app_name;
|
||||||
int debug;
|
int debug;
|
||||||
int paranoid_memory;
|
int paranoid_memory;
|
||||||
|
int enable_default_driver;
|
||||||
|
|
||||||
FILE *debug_file;
|
FILE *debug_file;
|
||||||
char *debug_filename;
|
char *debug_filename;
|
||||||
|
|
|
@ -297,27 +297,40 @@ ambiguous_match(struct command *table, const char *cmd)
|
||||||
return last_match;
|
return last_match;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void check_ret(int r, int op, const char *err, const sc_file_t *file)
|
|
||||||
|
static void
|
||||||
|
check_ret(int r, int op, const char *err, const sc_file_t *file)
|
||||||
{
|
{
|
||||||
fprintf(stderr, "%s: %s\n", err, sc_strerror(r));
|
fprintf(stderr, "%s: %s\n", err, sc_strerror(r));
|
||||||
if (r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
|
if (r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
|
||||||
fprintf(stderr, "ACL for operation: %s\n", util_acl_to_str(sc_file_get_acl_entry(file, op)));
|
fprintf(stderr, "ACL for operation: %s\n", util_acl_to_str(sc_file_get_acl_entry(file, op)));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int arg_to_fid(const char *arg, u8 *fid)
|
|
||||||
{
|
|
||||||
if (strlen(arg) != 4) {
|
|
||||||
printf("Wrong ID length.\n");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
if (sscanf(arg, "%02X%02X", &fid[0], &fid[1]) != 2) {
|
|
||||||
printf("Invalid ID.\n");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
return 0;
|
static int
|
||||||
|
arg_to_fid(const char *arg, u8 *fid)
|
||||||
|
{
|
||||||
|
unsigned int fid0, fid1;
|
||||||
|
|
||||||
|
if (strlen(arg) != 4) {
|
||||||
|
printf("Wrong ID length.\n");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sscanf(arg, "%02X%02X", &fid0, &fid1) != 2) {
|
||||||
|
printf("Invalid ID.\n");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
fid[0] = (unsigned char)fid0;
|
||||||
|
fid[1] = (unsigned char)fid1;
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
static int arg_to_path(const char *arg, sc_path_t *path, int is_id)
|
|
||||||
|
|
||||||
|
static int
|
||||||
|
arg_to_path(const char *arg, sc_path_t *path, int is_id)
|
||||||
{
|
{
|
||||||
memset(path, 0, sizeof(sc_path_t));
|
memset(path, 0, sizeof(sc_path_t));
|
||||||
|
|
||||||
|
@ -998,14 +1011,15 @@ static int do_verify(int argc, char **argv)
|
||||||
printf("No PIN entered - aborting VERIFY.\n");
|
printf("No PIN entered - aborting VERIFY.\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (strlcpy(buf, pin, sizeof(buf)) >= sizeof(buf)) {
|
|
||||||
|
if (strlcpy((char *)buf, pin, sizeof(buf)) >= sizeof(buf)) {
|
||||||
free(pin);
|
free(pin);
|
||||||
printf("PIN too long - aborting VERIFY.\n");
|
printf("PIN too long - aborting VERIFY.\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
free(pin);
|
free(pin);
|
||||||
data.pin1.data = buf;
|
data.pin1.data = buf;
|
||||||
data.pin1.len = strlen(buf);
|
data.pin1.len = strlen((char *)buf);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
r = parse_string_or_hexdata(argv[1], buf, &buflen);
|
r = parse_string_or_hexdata(argv[1], buf, &buflen);
|
||||||
|
@ -1772,7 +1786,7 @@ int main(int argc, char * const argv[])
|
||||||
char *cargv[260];
|
char *cargv[260];
|
||||||
sc_context_param_t ctx_param;
|
sc_context_param_t ctx_param;
|
||||||
int lcycle = SC_CARDCTRL_LIFECYCLE_ADMIN;
|
int lcycle = SC_CARDCTRL_LIFECYCLE_ADMIN;
|
||||||
FILE *script;
|
FILE *script = stdin;
|
||||||
|
|
||||||
printf("OpenSC Explorer version %s\n", sc_get_version());
|
printf("OpenSC Explorer version %s\n", sc_get_version());
|
||||||
|
|
||||||
|
@ -1811,6 +1825,8 @@ int main(int argc, char * const argv[])
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ctx->enable_default_driver = 1;
|
||||||
|
|
||||||
if (verbose > 1) {
|
if (verbose > 1) {
|
||||||
ctx->debug = verbose;
|
ctx->debug = verbose;
|
||||||
ctx->debug_file = stderr;
|
ctx->debug_file = stderr;
|
||||||
|
|
|
@ -751,6 +751,8 @@ int main(int argc, char * const argv[])
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ctx->enable_default_driver = 1;
|
||||||
|
|
||||||
if (verbose > 1) {
|
if (verbose > 1) {
|
||||||
ctx->debug = verbose;
|
ctx->debug = verbose;
|
||||||
sc_ctx_log_to_file(ctx, "stderr");
|
sc_ctx_log_to_file(ctx, "stderr");
|
||||||
|
|
Loading…
Reference in New Issue