EstonianEid: remove the iconv dependency and use the common name from the certificate as the card label.
This makes it universal, as some cards don't have the personal data file (Digi-ID) It also makes it a bit ugly, as the common name is the name and personal ID code concatenated like "FIRSTNAME,LASTNAME,123456789" git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4817 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
08c111affe
commit
2d6e3bd262
4
NEWS
4
NEWS
|
@ -40,7 +40,9 @@ New in 0.12.??; 2010-??-??; ??
|
|||
Fix path to reference headers, remove src/include/ directory.
|
||||
* Various source code fixes and improvements.
|
||||
* OpenSC now depends on xsltproc utility and docbook-xsl to build docs and man
|
||||
|
||||
* Remove iconv dependency. EstEID driver now uses the commonName from the
|
||||
certificate for card label.
|
||||
|
||||
New in 0.11.12; 2009-12-18; Andreas Jellinghaus
|
||||
* Document integer problem in OpenSC and implement workaround
|
||||
* Improve entersafe profile to support private data objects
|
||||
|
|
78
configure.ac
78
configure.ac
|
@ -99,13 +99,6 @@ AC_ARG_ENABLE(
|
|||
[enable_readline="detect"]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE(
|
||||
[iconv],
|
||||
[AS_HELP_STRING([--enable-iconv],[enable iconv linkage @<:@detect@:>@])],
|
||||
,
|
||||
[enable_iconv="detect"]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE(
|
||||
[openssl],
|
||||
[AS_HELP_STRING([--enable-openssl],[enable openssl linkage @<:@detect@:>@])],
|
||||
|
@ -390,66 +383,6 @@ if test "${enable_readline}" = "yes"; then
|
|||
fi
|
||||
fi
|
||||
|
||||
AC_ARG_VAR([ICONV_CFLAGS], [C compiler flags for iconv])
|
||||
AC_ARG_VAR([ICONV_LIBS], [linker flags for iconv])
|
||||
if test -n "${ICONV_LIBS}"; then
|
||||
ac_cv_lib_iconv="yes"
|
||||
else
|
||||
AC_MSG_CHECKING([if iconv library available within libc])
|
||||
AC_LINK_IFELSE(
|
||||
[AC_LANG_FUNC_LINK_TRY([iconv])],
|
||||
[
|
||||
AC_MSG_RESULT([yes])
|
||||
ac_cv_lib_iconv="yes"
|
||||
],
|
||||
[
|
||||
AC_MSG_RESULT([no])
|
||||
AC_CHECK_LIB(
|
||||
[iconv],
|
||||
[iconv],
|
||||
[
|
||||
ac_cv_lib_iconv="yes"
|
||||
ICONV_LIBS="-liconv"
|
||||
],
|
||||
[AC_CHECK_LIB(
|
||||
[iconv],
|
||||
[libiconv],
|
||||
[
|
||||
ac_cv_lib_iconv="yes"
|
||||
ICONV_LIBS="-liconv"
|
||||
]
|
||||
)]
|
||||
)
|
||||
]
|
||||
)
|
||||
fi
|
||||
saved_CFLAGS="${CFLAGS}"
|
||||
CFLAGS="${CFLAGS} ${ICONV_CFLAGS}"
|
||||
AC_CHECK_HEADERS([iconv.h])
|
||||
CFLAGS="${saved_CFLAGS}"
|
||||
test "${ac_cv_lib_iconv}" = "yes" -a "${ac_cv_header_iconv_h}" = "yes" && have_iconv="yes"
|
||||
|
||||
case "${enable_iconv}" in
|
||||
no)
|
||||
have_iconv="no"
|
||||
;;
|
||||
detect)
|
||||
if test "${have_iconv}" = "yes"; then
|
||||
enable_iconv="yes"
|
||||
else
|
||||
enable_iconv="no"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
if test "${enable_iconv}" = "yes"; then
|
||||
if test "${have_iconv}" = "yes"; then
|
||||
AC_DEFINE([ENABLE_ICONV], [1], [Use iconv libraries and header files])
|
||||
else
|
||||
AC_MSG_ERROR([iconv linkage required, but no iconv was found])
|
||||
fi
|
||||
fi
|
||||
|
||||
PKG_CHECK_MODULES(
|
||||
[OPENSSL],
|
||||
[libcrypto >= 0.9.7],
|
||||
|
@ -574,11 +507,6 @@ if test "${enable_readline}" = "yes"; then
|
|||
OPTIONAL_READLINE_CFLAGS="${READLINE_CFLAGS}"
|
||||
OPTIONAL_READLINE_LIBS="${READLINE_LIBS}"
|
||||
fi
|
||||
if test "${enable_iconv}" = "yes"; then
|
||||
OPENSC_FEATURES="${OPENSC_FEATURES} iconv"
|
||||
OPTIONAL_ICONV_CFLAGS="${ICONV_CFLAGS}"
|
||||
OPTIONAL_ICONV_LIBS="${ICONV_LIBS}"
|
||||
fi
|
||||
if test "${enable_openssl}" = "yes"; then
|
||||
OPENSC_FEATURES="${OPENSC_FEATURES} openssl"
|
||||
OPTIONAL_OPENSSL_CFLAGS="${OPENSSL_CFLAGS}"
|
||||
|
@ -622,8 +550,6 @@ AC_SUBST([OPTIONAL_ZLIB_CFLAGS])
|
|||
AC_SUBST([OPTIONAL_ZLIB_LIBS])
|
||||
AC_SUBST([OPTIONAL_READLINE_CFLAGS])
|
||||
AC_SUBST([OPTIONAL_READLINE_LIBS])
|
||||
AC_SUBST([OPTIONAL_ICONV_CFLAGS])
|
||||
AC_SUBST([OPTIONAL_ICONV_LIBS])
|
||||
AC_SUBST([OPTIONAL_OPENSSL_CFLAGS])
|
||||
AC_SUBST([OPTIONAL_OPENSSL_LIBS])
|
||||
AC_SUBST([OPTIONAL_OPENCT_CFLAGS])
|
||||
|
@ -634,7 +560,6 @@ AC_SUBST([LIBRARY_BITNESS])
|
|||
AM_CONDITIONAL([ENABLE_MAN], [test "${enable_man}" = "yes"])
|
||||
AM_CONDITIONAL([ENABLE_ZLIB], [test "${enable_zlib}" = "yes"])
|
||||
AM_CONDITIONAL([ENABLE_READLINE], [test "${enable_readline}" = "yes"])
|
||||
AM_CONDITIONAL([ENABLE_ICONV], [test "${enable_iconv}" = "yes"])
|
||||
AM_CONDITIONAL([ENABLE_OPENSSL], [test "${enable_openssl}" = "yes"])
|
||||
AM_CONDITIONAL([ENABLE_OPENCT], [test "${enable_openct}" = "yes"])
|
||||
AM_CONDITIONAL([ENABLE_DOC], [test "${enable_doc}" = "yes"])
|
||||
|
@ -690,7 +615,6 @@ man support: ${enable_man}
|
|||
doc support: ${enable_doc}
|
||||
zlib support: ${enable_zlib}
|
||||
readline support: ${enable_readline}
|
||||
iconv support: ${enable_iconv}
|
||||
OpenSSL support: ${enable_openssl}
|
||||
PC/SC support: ${enable_pcsc}
|
||||
OpenCT support: ${enable_openct}
|
||||
|
@ -712,8 +636,6 @@ READLINE_CFLAGS: ${READLINE_CFLAGS}
|
|||
READLINE_LIBS: ${READLINE_LIBS}
|
||||
ZLIB_CFLAGS: ${ZLIB_CFLAGS}
|
||||
ZLIB_LIBS: ${ZLIB_LIBS}
|
||||
ICONV_CFLAGS: ${ICONV_CFLAGS}
|
||||
ICONV_LIBS: ${ICONV_LIBS}
|
||||
OPENSSL_CFLAGS: ${OPENSSL_CFLAGS}
|
||||
OPENSSL_LIBS: ${OPENSSL_LIBS}
|
||||
OPENCT_CFLAGS: ${OPENCT_CFLAGS}
|
||||
|
|
|
@ -14,7 +14,7 @@ noinst_HEADERS = cards.h ctbcs.h internal.h esteid.h muscle.h muscle-filesystem.
|
|||
AM_CPPFLAGS = -DOPENSC_CONF_PATH=\"$(sysconfdir)/opensc.conf\"
|
||||
AM_CFLAGS = $(OPTIONAL_OPENSSL_CFLAGS) $(OPTIONAL_OPENCT_CFLAGS) \
|
||||
$(OPTIONAL_PCSC_CFLAGS) $(OPTIONAL_ZLIB_CFLAGS) \
|
||||
$(OPTIONAL_ICONV_CFLAGS) $(LTLIB_CFLAGS)
|
||||
$(LTLIB_CFLAGS)
|
||||
INCLUDES = -I$(top_srcdir)/src
|
||||
|
||||
libopensc_la_SOURCES = \
|
||||
|
@ -50,7 +50,7 @@ if WIN32
|
|||
libopensc_la_SOURCES += $(top_builddir)/win32/versioninfo.rc
|
||||
endif
|
||||
libopensc_la_LIBADD = $(OPTIONAL_OPENSSL_LIBS) $(OPTIONAL_OPENCT_LIBS) \
|
||||
$(OPTIONAL_ZLIB_LIBS) $(OPTIONAL_ICONV_LIBS) $(LTLIB_LIBS) \
|
||||
$(OPTIONAL_ZLIB_LIBS) $(LTLIB_LIBS) \
|
||||
$(top_builddir)/src/pkcs15init/libpkcs15init.la \
|
||||
$(top_builddir)/src/scconf/libscconf.la \
|
||||
$(top_builddir)/src/common/libcompat.la
|
||||
|
|
|
@ -39,7 +39,7 @@ opensc.dll: $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\pkcs15init\p
|
|||
echo LIBRARY $* > $*.def
|
||||
echo EXPORTS >> $*.def
|
||||
type lib$*.exports >> $*.def
|
||||
link $(LINKFLAGS) /dll /def:$*.def /implib:$*.lib /out:opensc.dll $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\pkcs15init\pkcs15init.lib winscard.lib $(OPENSSL_LIB) $(ZLIB_LIB) $(ICONV_LIB) gdi32.lib $(LIBLTDL_LIB) advapi32.lib ws2_32.lib
|
||||
link $(LINKFLAGS) /dll /def:$*.def /implib:$*.lib /out:opensc.dll $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\pkcs15init\pkcs15init.lib winscard.lib $(OPENSSL_LIB) $(ZLIB_LIB) gdi32.lib $(LIBLTDL_LIB) advapi32.lib ws2_32.lib
|
||||
if EXIST opensc.dll.manifest mt -manifest opensc.dll.manifest -outputresource:opensc.dll;2
|
||||
|
||||
opensc_a.lib: $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\pkcs15init\pkcs15init.lib
|
||||
|
|
|
@ -26,11 +26,12 @@
|
|||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#ifdef ENABLE_ICONV
|
||||
#include <iconv.h>
|
||||
#ifdef ENABLE_OPENSSL
|
||||
#include <openssl/x509v3.h>
|
||||
#endif
|
||||
|
||||
#include "common/compat_strlcpy.h"
|
||||
#include "common/compat_strlcat.h"
|
||||
|
||||
#include "internal.h"
|
||||
#include "pkcs15.h"
|
||||
|
@ -62,12 +63,6 @@ static int
|
|||
sc_pkcs15emu_esteid_init (sc_pkcs15_card_t * p15card)
|
||||
{
|
||||
sc_card_t *card = p15card->card;
|
||||
#ifdef ENABLE_ICONV
|
||||
iconv_t iso_utf;
|
||||
char *inptr, *outptr;
|
||||
size_t inbytes, outbytes, result;
|
||||
char label[64], name1[32], name2[32];
|
||||
#endif
|
||||
unsigned char buff[128];
|
||||
int r, i, flags;
|
||||
sc_path_t tmppath;
|
||||
|
@ -86,37 +81,6 @@ sc_pkcs15emu_esteid_init (sc_pkcs15_card_t * p15card)
|
|||
buff[r] = '\0';
|
||||
set_string (&p15card->tokeninfo->serial_number, (const char *) buff);
|
||||
|
||||
#ifdef ENABLE_ICONV
|
||||
/* Read the name of the cardholder and convert it into UTF-8 */
|
||||
iso_utf = iconv_open ("UTF-8", "CP1252");
|
||||
if (iso_utf == (iconv_t) -1)
|
||||
return SC_ERROR_INTERNAL;
|
||||
|
||||
r = sc_read_record (card, SC_ESTEID_PD_GIVEN_NAMES1, buff, sizeof(buff), SC_RECORD_BY_REC_NR);
|
||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "read name1 failed");
|
||||
inptr = (char *) buff;
|
||||
outptr = name1;
|
||||
inbytes = r;
|
||||
outbytes = 32;
|
||||
result = iconv(iso_utf, &inptr, &inbytes, &outptr, &outbytes);
|
||||
if (result == (size_t) -1)
|
||||
return SC_ERROR_INTERNAL;
|
||||
*outptr = '\0';
|
||||
|
||||
r = sc_read_record (card, SC_ESTEID_PD_SURNAME, buff, sizeof(buff), SC_RECORD_BY_REC_NR);
|
||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "read name2 failed");
|
||||
inptr = (char *) buff;
|
||||
outptr = name2;
|
||||
inbytes = r;
|
||||
outbytes = 32;
|
||||
result = iconv(iso_utf, &inptr, &inbytes, &outptr, &outbytes);
|
||||
if (result == (size_t) -1)
|
||||
return SC_ERROR_INTERNAL;
|
||||
*outptr = '\0';
|
||||
iconv_close(iso_utf);
|
||||
snprintf(label, sizeof(label), "%s %s", name1, name2);
|
||||
set_string (&p15card->tokeninfo->label, label);
|
||||
#endif
|
||||
p15card->tokeninfo->flags = SC_PKCS15_TOKEN_PRN_GENERATION
|
||||
| SC_PKCS15_TOKEN_EID_COMPLIANT
|
||||
| SC_PKCS15_TOKEN_READONLY;
|
||||
|
@ -149,6 +113,44 @@ sc_pkcs15emu_esteid_init (sc_pkcs15_card_t * p15card)
|
|||
r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
|
||||
if (r < 0)
|
||||
return SC_ERROR_INTERNAL;
|
||||
#ifdef ENABLE_OPENSSL
|
||||
if (i == 0) {
|
||||
BIO *mem = NULL;
|
||||
X509 *x509 = NULL;
|
||||
sc_pkcs15_cert_t *cert;
|
||||
char cardholder_name[64];
|
||||
unsigned char *tmp = NULL;
|
||||
r = sc_pkcs15_read_certificate(p15card, &cert_info, &cert);
|
||||
if (r == SC_SUCCESS) {
|
||||
mem = BIO_new_mem_buf(cert->data, cert->data_len);
|
||||
if (!mem)
|
||||
return SC_ERROR_INTERNAL;
|
||||
x509 = d2i_X509_bio(mem, NULL);
|
||||
if (!x509)
|
||||
return SC_ERROR_INTERNAL;
|
||||
r = X509_NAME_get_index_by_NID(X509_get_subject_name(x509), NID_commonName, -1);
|
||||
if (r >= 0) {
|
||||
X509_NAME_ENTRY *ne;
|
||||
ASN1_STRING *a_str;
|
||||
ne = X509_NAME_get_entry(X509_get_subject_name(x509), r);
|
||||
if (!ne)
|
||||
return SC_ERROR_INTERNAL;
|
||||
a_str = X509_NAME_ENTRY_get_data(ne);
|
||||
if (!a_str)
|
||||
return SC_ERROR_INTERNAL;
|
||||
r = ASN1_STRING_to_UTF8(&tmp, a_str);
|
||||
if (r > 0) {
|
||||
if ((unsigned)r > sizeof(cardholder_name) - 1)
|
||||
r = sizeof(cardholder_name) -1;
|
||||
memcpy(cardholder_name, tmp, r);
|
||||
cardholder_name[r] = '\0';
|
||||
set_string (&p15card->tokeninfo->label, cardholder_name);
|
||||
OPENSSL_free(tmp);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
/* the file with key pin info (tries left) */
|
||||
|
@ -247,6 +249,8 @@ sc_pkcs15emu_esteid_init (sc_pkcs15_card_t * p15card)
|
|||
if (r < 0)
|
||||
return SC_ERROR_INTERNAL;
|
||||
}
|
||||
/* Read the certificate to get the name of the person */
|
||||
|
||||
return SC_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
|
@ -36,18 +36,6 @@ ZLIB_LIB = C:\ZLIB\LIB\zlib.lib
|
|||
OPENSC_FEATURES = $(OPENSC_FEATURES) zlib
|
||||
!ENDIF
|
||||
|
||||
# If you want support for iconv (Used for EstEID):
|
||||
# - Download iconv and build
|
||||
# - uncomment the line starting with ICONV_DEF
|
||||
# - set the ICONV_INCL_DIR below to the iconv include lib proceeded by "/I"
|
||||
# - set the ICONV_LIB below to your iconv lib file
|
||||
#ICONV_DEF = /DENABLE_ICONV
|
||||
!IF "$(ICONV_DEF)" == "/DENABLE_ICONV"
|
||||
ICONV_INCL_DIR = /IC:\build\iconv\include
|
||||
ICONV_LIB = C:\build\iconv\lib\iconv.lib
|
||||
OPENSC_FEATURES = $(OPENSC_FEATURES) iconv
|
||||
!ENDIF
|
||||
|
||||
# No choice for DUMPRESTORE: it has to be desabled
|
||||
SIMCLIST_NO_DUMPRESTORE_DEF = /DSIMCLIST_NO_DUMPRESTORE
|
||||
|
||||
|
@ -55,7 +43,7 @@ SIMCLIST_NO_DUMPRESTORE_DEF = /DSIMCLIST_NO_DUMPRESTORE
|
|||
# http://msinttypes.googlecode.com/files/msinttypes-r26.zip
|
||||
INTTYPES_INCL_DIR = /IC:\opensc\dependencies\msys\local
|
||||
|
||||
COPTS = /D_CRT_SECURE_NO_DEPRECATE /Zi /MD /nologo /DHAVE_CONFIG_H /I$(TOPDIR)\win32 /I$(TOPDIR)\src $(OPENSSL_INCL_DIR) $(ZLIB_INCL_DIR) $(LIBLTDL_INCL) $(ICONV_INCL_DIR) $(INTTYPES_INCL_DIR) /D_WIN32_WINNT=0x0400 /DWIN32_LEAN_AND_MEAN $(OPENSSL_DEF) $(ZLIB_DEF) $(ICONV_DEF) $(SIMCLIST_NO_DUMPRESTORE_DEF) /DOPENSC_FEATURES="\"$(OPENSC_FEATURES)\""
|
||||
COPTS = /D_CRT_SECURE_NO_DEPRECATE /Zi /MD /nologo /DHAVE_CONFIG_H /I$(TOPDIR)\win32 /I$(TOPDIR)\src $(OPENSSL_INCL_DIR) $(ZLIB_INCL_DIR) $(LIBLTDL_INCL) $(INTTYPES_INCL_DIR) /D_WIN32_WINNT=0x0400 /DWIN32_LEAN_AND_MEAN $(OPENSSL_DEF) $(ZLIB_DEF) $(SIMCLIST_NO_DUMPRESTORE_DEF) /DOPENSC_FEATURES="\"$(OPENSC_FEATURES)\""
|
||||
LINKFLAGS = /DEBUG /NOLOGO /INCREMENTAL:NO /MACHINE:IX86
|
||||
|
||||
.c.obj::
|
||||
|
|
Loading…
Reference in New Issue