If card initialization fails, return SC_ERROR_INVALID_CARD (#1251)

fixes https://github.com/OpenSC/OpenSC/issues/946
This commit is contained in:
Frank Morgner 2018-05-18 23:49:29 +02:00 committed by GitHub
parent ae31408f81
commit 439a95f2d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 59 additions and 46 deletions

View File

@ -83,7 +83,7 @@ static int asepcos_init(sc_card_t *card)
if (card->type == SC_CARD_TYPE_ASEPCOS_JAVA) {
int r = asepcos_select_asepcos_applet(card);
if (r != SC_SUCCESS)
return r;
return SC_ERROR_INVALID_CARD;
}
/* Set up algorithm info. */

View File

@ -463,7 +463,7 @@ static int
authentic_init(struct sc_card *card)
{
struct sc_context *ctx = card->ctx;
int ii, rv = SC_ERROR_NO_CARD_SUPPORT;
int ii, rv = SC_ERROR_INVALID_CARD;
LOG_FUNC_CALLED(ctx);
for(ii=0;authentic_known_atrs[ii].atr;ii++) {
@ -475,7 +475,7 @@ authentic_init(struct sc_card *card)
}
if (!authentic_known_atrs[ii].atr)
LOG_FUNC_RETURN(ctx, SC_ERROR_NO_CARD_SUPPORT);
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_CARD);
card->cla = 0x00;
card->drv_data = (struct authentic_private_data *) calloc(sizeof(struct authentic_private_data), 1);
@ -485,9 +485,12 @@ authentic_init(struct sc_card *card)
if (card->type == SC_CARD_TYPE_OBERTHUR_AUTHENTIC_3_2)
rv = authentic_init_oberthur_authentic_3_2(card);
if (!rv)
if (rv != SC_SUCCESS)
rv = authentic_get_serialnr(card, NULL);
if (rv != SC_SUCCESS)
rv = SC_ERROR_INVALID_CARD;
LOG_FUNC_RETURN(ctx, rv);
}

View File

@ -228,7 +228,7 @@ static int belpic_init(sc_card_t *card)
memset(carddata, 0, sizeof(carddata));
if((r = get_carddata(card, carddata, sizeof(carddata))) < 0) {
return r;
return SC_ERROR_INVALID_CARD;
}
if (carddata[BELPIC_CARDDATA_OFF_APPLETVERS] >= 0x17) {
key_size = 2048;

View File

@ -1611,7 +1611,7 @@ static int cac_init(sc_card_t *card)
r = cac_find_and_initialize(card, 1);
if (r < 0) {
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_CARD);
}
flags = SC_ALGORITHM_RSA_RAW;

View File

@ -171,6 +171,7 @@ static int cardos_init(sc_card_t *card)
size_t data_field_length;
sc_apdu_t apdu;
u8 rbuf[2];
int r;
card->name = "Atos CardOS";
card->cla = 0x00;
@ -188,9 +189,9 @@ static int cardos_init(sc_card_t *card)
_sc_card_add_rsa_alg(card, 1024, flags, 0);
if (card->type == SC_CARD_TYPE_CARDOS_M4_2) {
int r = cardos_have_2048bit_package(card);
r = cardos_have_2048bit_package(card);
if (r < 0)
return r;
return SC_ERROR_INVALID_CARD;
if (r == 1)
rsa_2048 = 1;
card->caps |= SC_CARD_CAP_APDU_EXT;
@ -208,14 +209,18 @@ static int cardos_init(sc_card_t *card)
apdu.le = sizeof rbuf;
apdu.resp = rbuf;
apdu.resplen = sizeof(rbuf);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,
sc_transmit_apdu(card, &apdu),
"APDU transmit failed");
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,
sc_check_sw(card, apdu.sw1, apdu.sw2),
"GET DATA command returned error");
r = sc_transmit_apdu(card, &apdu);
if (r < 0)
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,
SC_ERROR_INVALID_CARD,
"APDU transmit failed");
r = sc_check_sw(card, apdu.sw1, apdu.sw2);
if (r < 0)
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,
SC_ERROR_INVALID_CARD,
"GET DATA command returned error");
if (apdu.resplen != 2)
return SC_ERROR_WRONG_LENGTH;
return SC_ERROR_INVALID_CARD;
data_field_length = ((rbuf[0] << 8) | rbuf[1]);
/* strip the length of possible Lc and Le bytes */

View File

@ -2259,7 +2259,7 @@ static int coolkey_init(sc_card_t *card)
r = coolkey_initialize(card);
if (r < 0) {
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_CARD);
}
card->type = SC_CARD_TYPE_COOLKEY_GENERIC;

View File

@ -1168,7 +1168,7 @@ epass2003_init(struct sc_card *card)
/* decide FIPS/Non-FIPS mode */
if (SC_SUCCESS != get_data(card, 0x86, data, datalen))
return SC_ERROR_CARD_CMD_FAILED;
return SC_ERROR_INVALID_CARD;
if (0x01 == data[2])
exdata->smtype = KEY_TYPE_AES;

View File

@ -180,9 +180,9 @@ static int gemsafe_init(struct sc_card *card)
memcpy(exdata->aid, gemsafe_pteid_aid, sizeof(gemsafe_pteid_aid));
exdata->aid_len = sizeof(gemsafe_pteid_aid);
} else if (card->type == SC_CARD_TYPE_GEMSAFEV1_SEEID) {
memcpy(exdata->aid, gemsafe_seeid_aid, sizeof(gemsafe_seeid_aid));
exdata->aid_len = sizeof(gemsafe_seeid_aid);
}
memcpy(exdata->aid, gemsafe_seeid_aid, sizeof(gemsafe_seeid_aid));
exdata->aid_len = sizeof(gemsafe_seeid_aid);
}
/* increase lock_count here to prevent sc_unlock to select
* applet twice in gp_select_applet */
@ -192,7 +192,7 @@ static int gemsafe_init(struct sc_card *card)
if (r < 0) {
free(exdata);
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "applet selection failed\n");
return SC_ERROR_INTERNAL;
return SC_ERROR_INVALID_CARD;
}
card->lock_count--;
@ -232,7 +232,7 @@ static int gemsafe_init(struct sc_card *card)
card->caps |= SC_CARD_CAP_ISO7816_PIN_INFO;
card->drv_data = exdata;
return 0;
return SC_SUCCESS;
}
static int gemsafe_finish(sc_card_t *card)

View File

@ -634,7 +634,7 @@ static int gids_init(sc_card_t * card)
// cache some data in memory
data = (struct gids_private_data*) calloc(1, sizeof(struct gids_private_data));
if (!data) {
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_MEMORY_FAILURE);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
}
memset(data, 0, sizeof(struct gids_private_data));
card->drv_data = data;

View File

@ -206,7 +206,7 @@ gpk_init(sc_card_t *card)
/* Make sure max send/receive size is 4 byte aligned and <256. */
card->max_recv_size = 252;
return 0;
return SC_SUCCESS;
}
/*

View File

@ -606,7 +606,7 @@ iasecc_init(struct sc_card *card)
else if (card->type == SC_CARD_TYPE_IASECC_MI)
rv = iasecc_init_amos_or_sagem(card);
else
LOG_FUNC_RETURN(ctx, SC_ERROR_NO_CARD_SUPPORT);
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_CARD);
if (!rv) {
@ -631,8 +631,10 @@ iasecc_init(struct sc_card *card)
card->sm_ctx.ops.update_binary = _iasecc_sm_update_binary;
#endif
if (!rv)
if (!rv) {
sc_log(ctx, "EF.ATR(aid:'%s')", sc_dump_hex(card->ef_atr->aid.value, card->ef_atr->aid.len));
rv = SC_ERROR_INVALID_CARD;
}
LOG_FUNC_RETURN(ctx, rv);
}

View File

@ -193,7 +193,6 @@ isoApplet_match_card(sc_card_t *card)
static int
isoApplet_init(sc_card_t *card)
{
int r;
int i;
unsigned long flags = 0;
unsigned long ext_flags = 0;
@ -211,8 +210,9 @@ isoApplet_init(sc_card_t *card)
card->cla = 0x00;
/* Obtain applet version and specific features */
r = isoApplet_select_applet(card, isoApplet_aid, ISOAPPLET_AID_LEN, rbuf, &rlen);
LOG_TEST_RET(card->ctx, r, "Error obtaining applet version.");
if (0 > isoApplet_select_applet(card, isoApplet_aid, ISOAPPLET_AID_LEN, rbuf, &rlen)) {
LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_CARD, "Error obtaining applet version.");
}
if(rlen < 3)
{
assert(sizeof(rbuf) >= 3);

View File

@ -360,7 +360,8 @@ static int mcrd_init(sc_card_t * card)
apdu.resplen = 0;
apdu.le = 0;
r = sc_transmit_apdu(card, &apdu);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
if (r < 0)
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_CARD, "APDU transmit failed");
sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE, "SELECT AID: %02X%02X", apdu.sw1, apdu.sw2);
if(apdu.sw1 != 0x90 && apdu.sw2 != 0x00)
{
@ -371,7 +372,8 @@ static int mcrd_init(sc_card_t * card)
apdu.resplen = 0;
apdu.le = 0;
r = sc_transmit_apdu(card, &apdu);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
if (r < 0)
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_CARD, "APDU transmit failed");
sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE, "SELECT AID: %02X%02X", apdu.sw1, apdu.sw2);
if (apdu.sw1 == 0x90 && apdu.sw2 == 0x00) {
// Force EstEID 3.5 card recv size 255 with T=0 to avoid recursive read binary
@ -386,7 +388,8 @@ static int mcrd_init(sc_card_t * card)
apdu.resplen = 0;
apdu.le = 0;
r = sc_transmit_apdu(card, &apdu);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
if (r < 0)
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_CARD, "APDU transmit failed");
sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE, "SELECT AID: %02X%02X", apdu.sw1, apdu.sw2);
if (apdu.sw1 != 0x90 && apdu.sw2 != 0x00) {
free(card->drv_data);
@ -412,6 +415,8 @@ static int mcrd_init(sc_card_t * card)
sc_format_path ("3f00", &tmppath);
r = sc_select_file (card, &tmppath, NULL);
if (r < 0)
r = SC_ERROR_INVALID_CARD;
/* Not needed for the fixed EstEID profile */
if (!is_esteid_card(card))

View File

@ -149,7 +149,6 @@ static int myeid_init(struct sc_card *card)
myeid_private_data_t *priv;
u8 appletInfo[20];
size_t appletInfoLen;
int r;
myeid_card_caps_t card_caps;
LOG_FUNC_CALLED(card->ctx);
@ -168,9 +167,8 @@ static int myeid_init(struct sc_card *card)
appletInfoLen = 20;
r = myeid_get_info(card, appletInfo, appletInfoLen);
LOG_TEST_RET(card->ctx, r, "Failed to get MyEID applet information.");
if (0 > myeid_get_info(card, appletInfo, appletInfoLen))
LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_CARD, "Failed to get MyEID applet information.");
priv->change_counter = appletInfo[19] | appletInfo[18] << 8;
@ -190,10 +188,8 @@ static int myeid_init(struct sc_card *card)
if (card->version.fw_major >= 40) {
/* Since 4.0, we can query available algorithms and key sizes.
* Since 3.5.0 RSA up to 2048 and ECC up to 256 are always supported, so we check only max ECC key length. */
r = myeid_get_card_caps(card, &card_caps);
if (r != SC_SUCCESS) {
sc_log(card->ctx, "Failed to get card capabilities. Using default max ECC key length 256.");
if (myeid_get_card_caps(card, &card_caps) != SC_SUCCESS) {
sc_log(card->ctx, "Failed to get card capabilities. Using default max ECC key length 256.");
}
}

View File

@ -413,13 +413,13 @@ pgp_init(sc_card_t *card)
path.type = SC_PATH_TYPE_DF_NAME;
if ((r = iso_ops->select_file(card, &path, &file)) < 0) {
pgp_finish(card);
LOG_FUNC_RETURN(card->ctx, r);
LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_CARD);
}
/* defensive programming check */
if (!file) {
pgp_finish(card);
LOG_FUNC_RETURN(card->ctx, SC_ERROR_OBJECT_NOT_FOUND);
LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_CARD);
}
if (file->namelen != 16) {
@ -427,7 +427,7 @@ pgp_init(sc_card_t *card)
r = get_full_pgp_aid(card, file);
if (r < 0) {
pgp_finish(card);
return r;
return SC_ERROR_INVALID_CARD;
}
}

View File

@ -3295,11 +3295,9 @@ static int piv_init(sc_card_t *card)
piv_process_discovery(card);
r = 0;
priv->pstate=PIV_STATE_NORMAL;
sc_unlock(card) ; /* obtained in piv_match */
LOG_FUNC_RETURN(card->ctx, r);
LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
}

View File

@ -132,6 +132,10 @@ static int rutoken_init(sc_card_t *card)
ret = token_init(card, "uaToken S card");
else
ret = token_init(card, "Rutoken S card");
if (ret != SC_SUCCESS) {
ret = SC_ERROR_INVALID_CARD;
}
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, ret);
}