Small fixes in the teletrust spec support code and related NEWS item

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2300 c6295689-39f2-0310-b995-f0e70906c6a9

NEWS

@@ -12,8 +12,8 @@ New in 0.9.x; 2005-xx-xx; Antti Tapaninen:
 * Experimental multi-slot support for CT-API
   and dynamic loading support for win32.
   Thanks to Bernhard Froehlich <ted@convey.de>
-* Experimental CCID pinpad support for libccid
-  using PC/SC reader driver interface.
+* Experimental Class 2 pinpad reader support
+  via TeleTrust compatible PC/SC interface.
 * Fixed OpenSSL behaviour in the configure
   script.
 * PKCS#15 emulation layer improvements and

src/libopensc/pkcs15-pin.c

@@ -168,16 +168,16 @@ static int _validate_pin(struct sc_pkcs15_card *p15card,
 	/* prevent buffer overflow from hostile card */	
 	if (pin->stored_length > SC_MAX_PIN_SIZE)
 		return SC_ERROR_BUFFER_TOO_SMALL;
-		
-	max_length = pin->max_length != 0 ? pin->max_length : SC_MAX_PIN_SIZE;
-	
+
 	/* if we use pinpad, no more checks are needed */
 	if (p15card->opts.use_pinpad)
 		return SC_SUCCESS;
 		
 	/* If pin is given, make sure it is within limits */
-	if (pinlen && (pinlen > pin->stored_length || pinlen < pin->min_length))
+	max_length = pin->max_length != 0 ? pin->max_length : SC_MAX_PIN_SIZE;
+	if (pinlen > max_length || pinlen < pin->min_length)
 		return SC_ERROR_INVALID_PIN_LENGTH;
+
 	return SC_SUCCESS;
 }
 
@@ -379,13 +379,13 @@ int sc_pkcs15_unblock_pin(struct sc_pkcs15_card *p15card,
 		}
 	}
 	if (!puk_info) {
-		sc_debug(card->ctx, "unable to get puk object use pin object instead\n");
+		sc_debug(card->ctx, "Unable to get puk object, using pin object instead!\n");
 		puk_info = pin;
 	}
-	if (puklen > puk_info->stored_length)
-		return SC_ERROR_INVALID_PIN_LENGTH;
-	if (puklen < puk_info->min_length)
-		return SC_ERROR_INVALID_PIN_LENGTH;
+	
+	/* make sure the puk is in valid range */
+	if ((r = _validate_pin(p15card, puk_info, puk, puklen)) != SC_SUCCESS)
+		return r;
 
 	r = sc_lock(card);
 	SC_TEST_RET(card->ctx, r, "sc_lock() failed");

src/libopensc/reader-pcsc.c

@@ -54,10 +54,11 @@
 #else
 
 #define PCSC_ERROR(ctx, desc, rv) sc_error(ctx, desc ": %s\n", pcsc_stringify_error(rv));
-/* For mangling ioctl codes from IFDHandlers */
-#define dw2i(a, x) ((((((a[x+3] << 8) + a[x+2]) << 8) + a[x+1]) << 8) + a[x])
 #endif
 
+/* Utility for handling big endian IOCTL codes. */
+#define dw2i_be(a, x) ((((((a[x] << 8) + a[x+1]) << 8) + a[x+2]) << 8) + a[x+3])
+
 #define GET_SLOT_PTR(s, i) (&(s)->slot[(i)])
 #define GET_PRIV_DATA(r) ((struct pcsc_private_data *) (r)->drv_data)
 #define GET_SLOT_DATA(r) ((struct pcsc_slot_data *) (r)->drv_data)
@@ -429,11 +430,11 @@ static int pcsc_connect(sc_reader_t *reader, sc_slot_info_t *slot)
 			for (i = 0; i < feature_len; i += 6) {
 				if (feature_buf[i] == FEATURE_VERIFY_PIN_DIRECT) {
 					sc_debug(reader->ctx, "Reader supports pinpad verification");
-					pslot->verify_ioctl = dw2i(feature_buf, i + 2);
+					pslot->verify_ioctl = dw2i_be(feature_buf, i + 2);
 					slot->capabilities |= SC_SLOT_CAP_PIN_PAD;
 				} else if (feature_buf[i] == FEATURE_MODIFY_PIN_DIRECT) {
 					sc_debug(reader->ctx, "Reader supports pinpad modification");
-					pslot->modify_ioctl = dw2i(feature_buf, i + 2);
+					pslot->modify_ioctl = dw2i_be(feature_buf, i + 2);
 					slot->capabilities |= SC_SLOT_CAP_PIN_PAD;
 				} else {
 					sc_debug(reader->ctx, "Reader pinpad feature: %c not recognized", feature_buf[i]);
@@ -726,7 +727,7 @@ static int class2_build_verify_pin_block(u8 * buf, size_t * size, struct sc_pin_
 	buf[count++] = 0x00;	/* " */
 	
 	/* ulDataLength */
-	if (data->pin1.length_offset > 4)
+	if (data->pin1.length_offset != 4)
 		tmp = apdu->datalen + 4;
 	else
 		tmp = 4;
@@ -739,7 +740,7 @@ static int class2_build_verify_pin_block(u8 * buf, size_t * size, struct sc_pin_
 	buf[count++] = apdu->p2;
 	
 	/* Copy data if not Case 1 */
-	if (data->pin1.length_offset > 4) {
+	if (data->pin1.length_offset != 4) {
 		memcpy(&buf[count], apdu->data, apdu->datalen);
 		count += apdu->datalen;
 	}
@@ -815,16 +816,16 @@ static int class2_build_modify_pin_block(u8 * buf, size_t * size, struct sc_pin_
 	buf[count++] = 0x00;	/* bNumberMessage */
 	buf[count++] = 0x00;	/* wLangId */
 	buf[count++] = 0x00;	/* " */
-	/* FIXME: Only as many as bNumberMessage messages! */
-	buf[count++] = 0x00;	/* bMsgIndex1 */
-	buf[count++] = 0x00;	/* bMsgIndex2 */
-	buf[count++] = 0x00;	/* bMsgIndex3 */
-	buf[count++] = 0x00;	/* bTeoPrologue */
+	/* Only as many as bNumberMessage messages, currently none */
+	/* buf[count++] = 0x00; */	/* bMsgIndex1 */
+	/* buf[count++] = 0x00;	*/ /* bMsgIndex2 */
+	/* buf[count++] = 0x00;	*/ /* bMsgIndex3 */
+	buf[count++] = 0x00; /* bTeoPrologue */
 	buf[count++] = 0x00;	/* " */
 	buf[count++] = 0x00;	/* " */
 	
 	/* ulDataLength */
-	if (data->pin1.length_offset > 4)
+	if (data->pin1.length_offset != 4)
 		tmp = apdu->datalen + 4;
 	else
 		tmp = 4;
@@ -837,7 +838,7 @@ static int class2_build_modify_pin_block(u8 * buf, size_t * size, struct sc_pin_
 	buf[count++] = apdu->p2;
 	
 	/* Copy full APDU if not Case 1 */
-	if (data->pin1.length_offset > 4) {
+	if (data->pin1.length_offset != 4) {
 		memcpy(&buf[count], apdu->data, apdu->datalen);
 		count += apdu->datalen;
 	}
@@ -854,7 +855,7 @@ class2_pin_cmd(sc_reader_t *reader, sc_slot_info_t *slot,
 	u8 rbuf[SC_MAX_APDU_BUFFER_SIZE], sbuf[SC_MAX_APDU_BUFFER_SIZE], dbuf[SC_MAX_APDU_BUFFER_SIZE * 3];
 	size_t rcount = sizeof(rbuf), scount = 0;
 	int r;
-	unsigned long ioctl = 0;
+	DWORD ioctl = 0;
 	sc_apdu_t *apdu;
 	struct pcsc_slot_data *pslot = (struct pcsc_slot_data *) slot->drv_data;