From 489518b26a906e8e302e836e05888200204c9568 Mon Sep 17 00:00:00 2001 From: martin Date: Thu, 7 Apr 2005 19:45:39 +0000 Subject: [PATCH] Small fixes in the teletrust spec support code and related NEWS item git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2300 c6295689-39f2-0310-b995-f0e70906c6a9 --- NEWS | 4 ++-- src/libopensc/pkcs15-pin.c | 18 +++++++++--------- src/libopensc/reader-pcsc.c | 29 +++++++++++++++-------------- 3 files changed, 26 insertions(+), 25 deletions(-) diff --git a/NEWS b/NEWS index d7c1d253..9247977a 100644 --- a/NEWS +++ b/NEWS @@ -12,8 +12,8 @@ New in 0.9.x; 2005-xx-xx; Antti Tapaninen: * Experimental multi-slot support for CT-API and dynamic loading support for win32. Thanks to Bernhard Froehlich -* Experimental CCID pinpad support for libccid - using PC/SC reader driver interface. +* Experimental Class 2 pinpad reader support + via TeleTrust compatible PC/SC interface. * Fixed OpenSSL behaviour in the configure script. * PKCS#15 emulation layer improvements and diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c index ebc31f68..c3c7e7dd 100644 --- a/src/libopensc/pkcs15-pin.c +++ b/src/libopensc/pkcs15-pin.c @@ -168,16 +168,16 @@ static int _validate_pin(struct sc_pkcs15_card *p15card, /* prevent buffer overflow from hostile card */ if (pin->stored_length > SC_MAX_PIN_SIZE) return SC_ERROR_BUFFER_TOO_SMALL; - - max_length = pin->max_length != 0 ? pin->max_length : SC_MAX_PIN_SIZE; - + /* if we use pinpad, no more checks are needed */ if (p15card->opts.use_pinpad) return SC_SUCCESS; /* If pin is given, make sure it is within limits */ - if (pinlen && (pinlen > pin->stored_length || pinlen < pin->min_length)) + max_length = pin->max_length != 0 ? pin->max_length : SC_MAX_PIN_SIZE; + if (pinlen > max_length || pinlen < pin->min_length) return SC_ERROR_INVALID_PIN_LENGTH; + return SC_SUCCESS; } @@ -379,13 +379,13 @@ int sc_pkcs15_unblock_pin(struct sc_pkcs15_card *p15card, } } if (!puk_info) { - sc_debug(card->ctx, "unable to get puk object use pin object instead\n"); + sc_debug(card->ctx, "Unable to get puk object, using pin object instead!\n"); puk_info = pin; } - if (puklen > puk_info->stored_length) - return SC_ERROR_INVALID_PIN_LENGTH; - if (puklen < puk_info->min_length) - return SC_ERROR_INVALID_PIN_LENGTH; + + /* make sure the puk is in valid range */ + if ((r = _validate_pin(p15card, puk_info, puk, puklen)) != SC_SUCCESS) + return r; r = sc_lock(card); SC_TEST_RET(card->ctx, r, "sc_lock() failed"); diff --git a/src/libopensc/reader-pcsc.c b/src/libopensc/reader-pcsc.c index a83f402e..92dc6954 100644 --- a/src/libopensc/reader-pcsc.c +++ b/src/libopensc/reader-pcsc.c @@ -54,10 +54,11 @@ #else #define PCSC_ERROR(ctx, desc, rv) sc_error(ctx, desc ": %s\n", pcsc_stringify_error(rv)); -/* For mangling ioctl codes from IFDHandlers */ -#define dw2i(a, x) ((((((a[x+3] << 8) + a[x+2]) << 8) + a[x+1]) << 8) + a[x]) #endif +/* Utility for handling big endian IOCTL codes. */ +#define dw2i_be(a, x) ((((((a[x] << 8) + a[x+1]) << 8) + a[x+2]) << 8) + a[x+3]) + #define GET_SLOT_PTR(s, i) (&(s)->slot[(i)]) #define GET_PRIV_DATA(r) ((struct pcsc_private_data *) (r)->drv_data) #define GET_SLOT_DATA(r) ((struct pcsc_slot_data *) (r)->drv_data) @@ -429,11 +430,11 @@ static int pcsc_connect(sc_reader_t *reader, sc_slot_info_t *slot) for (i = 0; i < feature_len; i += 6) { if (feature_buf[i] == FEATURE_VERIFY_PIN_DIRECT) { sc_debug(reader->ctx, "Reader supports pinpad verification"); - pslot->verify_ioctl = dw2i(feature_buf, i + 2); + pslot->verify_ioctl = dw2i_be(feature_buf, i + 2); slot->capabilities |= SC_SLOT_CAP_PIN_PAD; } else if (feature_buf[i] == FEATURE_MODIFY_PIN_DIRECT) { sc_debug(reader->ctx, "Reader supports pinpad modification"); - pslot->modify_ioctl = dw2i(feature_buf, i + 2); + pslot->modify_ioctl = dw2i_be(feature_buf, i + 2); slot->capabilities |= SC_SLOT_CAP_PIN_PAD; } else { sc_debug(reader->ctx, "Reader pinpad feature: %c not recognized", feature_buf[i]); @@ -726,7 +727,7 @@ static int class2_build_verify_pin_block(u8 * buf, size_t * size, struct sc_pin_ buf[count++] = 0x00; /* " */ /* ulDataLength */ - if (data->pin1.length_offset > 4) + if (data->pin1.length_offset != 4) tmp = apdu->datalen + 4; else tmp = 4; @@ -739,7 +740,7 @@ static int class2_build_verify_pin_block(u8 * buf, size_t * size, struct sc_pin_ buf[count++] = apdu->p2; /* Copy data if not Case 1 */ - if (data->pin1.length_offset > 4) { + if (data->pin1.length_offset != 4) { memcpy(&buf[count], apdu->data, apdu->datalen); count += apdu->datalen; } @@ -815,16 +816,16 @@ static int class2_build_modify_pin_block(u8 * buf, size_t * size, struct sc_pin_ buf[count++] = 0x00; /* bNumberMessage */ buf[count++] = 0x00; /* wLangId */ buf[count++] = 0x00; /* " */ - /* FIXME: Only as many as bNumberMessage messages! */ - buf[count++] = 0x00; /* bMsgIndex1 */ - buf[count++] = 0x00; /* bMsgIndex2 */ - buf[count++] = 0x00; /* bMsgIndex3 */ - buf[count++] = 0x00; /* bTeoPrologue */ + /* Only as many as bNumberMessage messages, currently none */ + /* buf[count++] = 0x00; */ /* bMsgIndex1 */ + /* buf[count++] = 0x00; */ /* bMsgIndex2 */ + /* buf[count++] = 0x00; */ /* bMsgIndex3 */ + buf[count++] = 0x00; /* bTeoPrologue */ buf[count++] = 0x00; /* " */ buf[count++] = 0x00; /* " */ /* ulDataLength */ - if (data->pin1.length_offset > 4) + if (data->pin1.length_offset != 4) tmp = apdu->datalen + 4; else tmp = 4; @@ -837,7 +838,7 @@ static int class2_build_modify_pin_block(u8 * buf, size_t * size, struct sc_pin_ buf[count++] = apdu->p2; /* Copy full APDU if not Case 1 */ - if (data->pin1.length_offset > 4) { + if (data->pin1.length_offset != 4) { memcpy(&buf[count], apdu->data, apdu->datalen); count += apdu->datalen; } @@ -854,7 +855,7 @@ class2_pin_cmd(sc_reader_t *reader, sc_slot_info_t *slot, u8 rbuf[SC_MAX_APDU_BUFFER_SIZE], sbuf[SC_MAX_APDU_BUFFER_SIZE], dbuf[SC_MAX_APDU_BUFFER_SIZE * 3]; size_t rcount = sizeof(rbuf), scount = 0; int r; - unsigned long ioctl = 0; + DWORD ioctl = 0; sc_apdu_t *apdu; struct pcsc_slot_data *pslot = (struct pcsc_slot_data *) slot->drv_data;