Disable dnie if not defined ENABLE_SM (issue #927)
This commit is contained in:
ricky
Frank Morgner
parent
ebf0a8b9f5
commit
39f619fbb3
@ -28,7 +28,7 @@
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef ENABLE_OPENSSL /* empty file without openssl */
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM) /* empty file without openssl or sm */
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@ -848,20 +848,16 @@ static int dnie_init(struct sc_card *card)
|
||||
if (!provider)
|
||||
LOG_TEST_RET(card->ctx, SC_ERROR_INTERNAL, "Error initializing cwa-dnie provider");
|
||||
|
||||
#ifdef ENABLE_SM
|
||||
/** Secure messaging initialization section **/
|
||||
memset(&(card->sm_ctx), 0, sizeof(sm_context_t));
|
||||
card->sm_ctx.ops.get_sm_apdu = dnie_sm_get_wrapped_apdu;
|
||||
card->sm_ctx.ops.free_sm_apdu = dnie_sm_free_wrapped_apdu;
|
||||
card->sm_ctx.sm_mode = SM_MODE_NONE;
|
||||
#endif
|
||||
|
||||
init_flags(card);
|
||||
|
||||
#ifdef ENABLE_SM
|
||||
res=cwa_create_secure_channel(card,provider,CWA_SM_OFF);
|
||||
LOG_TEST_RET(card->ctx, res, "Failure creating CWA secure channel.");
|
||||
#endif
|
||||
|
||||
/* initialize private data */
|
||||
card->drv_data = calloc(1, sizeof(dnie_private_data_t));
|
||||
@ -896,10 +892,8 @@ static int dnie_finish(struct sc_card *card)
|
||||
int result = SC_SUCCESS;
|
||||
LOG_FUNC_CALLED(card->ctx);
|
||||
dnie_clear_cache(GET_DNIE_PRIV_DATA(card));
|
||||
#ifdef ENABLE_SM
|
||||
/* disable sm channel if established */
|
||||
result = cwa_create_secure_channel(card, GET_DNIE_PRIV_DATA(card)->cwa_provider, CWA_SM_OFF);
|
||||
#endif
|
||||
free(GET_DNIE_PRIV_DATA(card)->cwa_provider);
|
||||
free(card->drv_data);
|
||||
LOG_FUNC_RETURN(card->ctx, result);
|
||||
@ -1428,11 +1422,9 @@ static int dnie_logout(struct sc_card *card)
|
||||
if ((card == NULL) || (card->ctx == NULL))
|
||||
return SC_ERROR_INVALID_ARGUMENTS;
|
||||
LOG_FUNC_CALLED(card->ctx);
|
||||
#ifdef ENABLE_SM
|
||||
/* disable and free any sm channel related data */
|
||||
result =
|
||||
cwa_create_secure_channel(card, GET_DNIE_PRIV_DATA(card)->cwa_provider, CWA_SM_OFF);
|
||||
#endif
|
||||
/* TODO: _logout() see comments.txt on what to do here */
|
||||
LOG_FUNC_RETURN(card->ctx, result);
|
||||
}
|
||||
@ -2161,11 +2153,9 @@ static int dnie_pin_change(struct sc_card *card, struct sc_pin_cmd_data * data)
|
||||
{
|
||||
int res=SC_SUCCESS;
|
||||
LOG_FUNC_CALLED(card->ctx);
|
||||
#ifdef ENABLE_SM
|
||||
/* Ensure that secure channel is established from reset */
|
||||
res = cwa_create_secure_channel(card, GET_DNIE_PRIV_DATA(card)->cwa_provider, CWA_SM_COLD);
|
||||
LOG_TEST_RET(card->ctx, res, "Establish SM failed");
|
||||
#endif
|
||||
/* Ensure that secure channel is established from reset */
|
||||
res = cwa_create_secure_channel(card, GET_DNIE_PRIV_DATA(card)->cwa_provider, CWA_SM_COLD);
|
||||
LOG_TEST_RET(card->ctx, res, "Establish SM failed");
|
||||
LOG_FUNC_RETURN(card->ctx,SC_ERROR_NOT_SUPPORTED);
|
||||
}
|
||||
|
||||
@ -2182,7 +2172,6 @@ static int dnie_pin_change(struct sc_card *card, struct sc_pin_cmd_data * data)
|
||||
static int dnie_pin_verify(struct sc_card *card,
|
||||
struct sc_pin_cmd_data *data, int *tries_left)
|
||||
{
|
||||
#ifdef ENABLE_SM
|
||||
int res=SC_SUCCESS;
|
||||
sc_apdu_t apdu;
|
||||
|
||||
@ -2244,10 +2233,6 @@ static int dnie_pin_verify(struct sc_card *card,
|
||||
}
|
||||
|
||||
LOG_FUNC_RETURN(card->ctx, res);
|
||||
#else
|
||||
LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, "built without support of SM and External Authentication");
|
||||
return SC_ERROR_NOT_SUPPORTED;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* pin_cmd: verify/change/unblock command; optionally using the
|
||||
|
||||
@ -99,7 +99,7 @@ static const struct _sc_driver_entry internal_card_drivers[] = {
|
||||
{ "westcos", (void *(*)(void)) sc_get_westcos_driver },
|
||||
{ "myeid", (void *(*)(void)) sc_get_myeid_driver },
|
||||
{ "sc-hsm", (void *(*)(void)) sc_get_sc_hsm_driver },
|
||||
#ifdef ENABLE_OPENSSL
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM)
|
||||
{ "dnie", (void *(*)(void)) sc_get_dnie_driver },
|
||||
#endif
|
||||
{ "masktech", (void *(*)(void)) sc_get_masktech_driver },
|
||||
|
||||
@ -27,7 +27,7 @@
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef ENABLE_OPENSSL /* empty file without openssl */
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM) /* empty file without openssl or sm */
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
@ -23,7 +23,7 @@
|
||||
#ifndef __CWADNIE_H__
|
||||
#define __CWADNIE_H__
|
||||
|
||||
#ifdef ENABLE_OPENSSL
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM)
|
||||
|
||||
#include "libopensc/opensc.h"
|
||||
|
||||
|
||||
@ -27,7 +27,7 @@
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef ENABLE_OPENSSL /* empty file without openssl */
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM) /* empty file without openssl or sm */
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
#ifndef __CWA14890_H__
|
||||
#define __CWA14890_H__
|
||||
|
||||
#ifdef ENABLE_OPENSSL
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM)
|
||||
|
||||
/* Secure Messaging state indicator */
|
||||
#define CWA_SM_NONE 0x00 /** No SM channel defined */
|
||||
|
||||
@ -31,11 +31,7 @@
|
||||
#include "libopensc/cwa-dnie.h"
|
||||
|
||||
/* Card driver related */
|
||||
#ifdef ENABLE_OPENSSL
|
||||
extern int dnie_match_card(struct sc_card *card);
|
||||
#else
|
||||
#define dnie_match_card(card) 0
|
||||
#endif
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM)
|
||||
|
||||
/* Helper functions to get the pkcs15 stuff bound. */
|
||||
|
||||
@ -158,7 +154,6 @@ static int sc_pkcs15emu_dnie_init(sc_pkcs15_card_t * p15card)
|
||||
if (dnie_match_card(p15card->card) != 1)
|
||||
return SC_ERROR_WRONG_CARD;
|
||||
|
||||
#ifdef ENABLE_OPENSSL
|
||||
/* The two keys inside DNIe 3.0 needs login before performing any signature.
|
||||
* They are CKA_ALWAYS_AUTHENTICATE although they are not tagged like that.
|
||||
* For the moment caching is forced if 3.0 is detected to make it work properly. */
|
||||
@ -171,7 +166,6 @@ static int sc_pkcs15emu_dnie_init(sc_pkcs15_card_t * p15card)
|
||||
p15card->opts.pin_cache_counter,
|
||||
p15card->opts.pin_cache_ignore_user_consent);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Set root path of this application */
|
||||
p15card->file_app = sc_file_new();
|
||||
@ -273,6 +267,7 @@ static int sc_pkcs15emu_dnie_init(sc_pkcs15_card_t * p15card)
|
||||
|
||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||
}
|
||||
#endif
|
||||
|
||||
/****************************************/
|
||||
/* public functions for in-built module */
|
||||
@ -285,6 +280,7 @@ int sc_pkcs15emu_dnie_init_ex(sc_pkcs15_card_t * p15card,
|
||||
sc_context_t *ctx = p15card->card->ctx;
|
||||
LOG_FUNC_CALLED(ctx);
|
||||
|
||||
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM)
|
||||
/* if no check flag execute unconditionally */
|
||||
if (opts && opts->flags & SC_PKCS15EMU_FLAGS_NO_CHECK)
|
||||
LOG_FUNC_RETURN(ctx, sc_pkcs15emu_dnie_init(p15card));
|
||||
@ -294,4 +290,8 @@ int sc_pkcs15emu_dnie_init_ex(sc_pkcs15_card_t * p15card,
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_CARD);
|
||||
/* ok: initialize and return */
|
||||
LOG_FUNC_RETURN(ctx, sc_pkcs15emu_dnie_init(p15card));
|
||||
#else
|
||||
r = SC_ERROR_WRONG_CARD;
|
||||
LOG_FUNC_RETURN(ctx, r);
|
||||
#endif
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user