clean some code and use more opensc standard
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4336 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
a4df57eb4d
commit
5ae92ebcec
|
@ -38,14 +38,61 @@
|
|||
#include "libopensc/pkcs15.h"
|
||||
#include "libopensc/cardctl.h"
|
||||
|
||||
static const char *version ="0.0.6";
|
||||
#include "util.h"
|
||||
|
||||
static const char *version ="0.0.7";
|
||||
|
||||
static const char *nom_card = "WESTCOS";
|
||||
|
||||
static int finalise = 0;
|
||||
static int verbose = 0;
|
||||
static const char *app_name = "westcos-tool";
|
||||
|
||||
static const struct option options[] = {
|
||||
{ "reader", 1, NULL, 'r' },
|
||||
{ "wait", 0, NULL, 'w' },
|
||||
{ "generate-key", 0, NULL, 'g' },
|
||||
{ "overwrite-key", 0, NULL, 'o' },
|
||||
{ "key-length", 1, NULL, 'l' },
|
||||
{ "install-pin", 0, NULL, 'i' },
|
||||
{ "pin-value", 1, NULL, 'x' },
|
||||
{ "puk-value", 1, NULL, 'y' },
|
||||
{ "change-pin", 0, NULL, 'n' },
|
||||
{ "unblock-pin", 0, NULL, 'u' },
|
||||
{ "certificat", 1, NULL, 't' },
|
||||
{ "finalize", 0, NULL, 'f' },
|
||||
{ "read-file", 1, NULL, 'j' },
|
||||
{ "write-file", 1, NULL, 'k' },
|
||||
{ "help", 0, NULL, 'h' },
|
||||
{ "verbose", 0, NULL, 'v' },
|
||||
{ NULL, 0, NULL, 0 }
|
||||
};
|
||||
|
||||
static const char *option_help[] = {
|
||||
"Uses reader number <arg> [0]",
|
||||
"Wait for card insertion",
|
||||
"Generate key 1536 default",
|
||||
"Overwrite key if already exist",
|
||||
"Key length <arg> [512,1024,1536]",
|
||||
"Install pin",
|
||||
"Pin value <arg>",
|
||||
"Puk value <arg>",
|
||||
"Change pin (new pin in puk value)",
|
||||
"Unblock pin",
|
||||
"Write certificate <arg> (in pem format)",
|
||||
"Finalize card(!!! MANDATORY FOR SECURITY !!!)",
|
||||
"Read file <arg>",
|
||||
"Write file <arg> (ex 0002 write file 0002 to 0002)",
|
||||
"This message",
|
||||
"Verbose operation. Use several times to enable debug output."
|
||||
};
|
||||
|
||||
|
||||
static int opt_wait = 0, verbose = 0;
|
||||
static const char *opt_driver = NULL;
|
||||
static const char *opt_reader = NULL;
|
||||
|
||||
static int finalize = 0;
|
||||
static int install_pin = 0;
|
||||
static int remplace = 0;
|
||||
static int overwrite = 0;
|
||||
|
||||
static char *pin = NULL;
|
||||
static char *puk = NULL;
|
||||
|
@ -82,7 +129,7 @@ static void print_openssl_erreur(void)
|
|||
}
|
||||
|
||||
while ((r = ERR_get_error()) != 0)
|
||||
fprintf(stderr, "%s\n", ERR_error_string(r, NULL));
|
||||
printf("%s\n", ERR_error_string(r, NULL));
|
||||
}
|
||||
|
||||
static int verify_pin(sc_card_t *card, int pin_reference, char *pin_value)
|
||||
|
@ -128,7 +175,7 @@ static int verify_pin(sc_card_t *card, int pin_reference, char *pin_value)
|
|||
printf("Wrong pin.\n");
|
||||
}
|
||||
else
|
||||
fprintf(stderr, "The pin can be verify: %s\n", sc_strerror(r));
|
||||
printf("The pin can be verify: %s\n", sc_strerror(r));
|
||||
return -1;
|
||||
}
|
||||
printf("Pin correct.\n");
|
||||
|
@ -185,7 +232,7 @@ static int change_pin(sc_card_t *card,
|
|||
printf("Wrong pin.\n");
|
||||
}
|
||||
else
|
||||
fprintf(stderr, "Can't change pin: %s\n",
|
||||
printf("Can't change pin: %s\n",
|
||||
sc_strerror(r));
|
||||
return -1;
|
||||
}
|
||||
|
@ -243,7 +290,7 @@ static int unlock_pin(sc_card_t *card,
|
|||
printf("Wrong pin.\n");
|
||||
}
|
||||
else
|
||||
fprintf(stderr, "Can't unblock pin: %s\n",
|
||||
printf("Can't unblock pin: %s\n",
|
||||
sc_strerror(r));
|
||||
return -1;
|
||||
}
|
||||
|
@ -289,7 +336,7 @@ static int creation_fichier_cert(sc_card_t *card)
|
|||
file = sc_file_new();
|
||||
if(file == NULL)
|
||||
{
|
||||
fprintf(stderr, "memory error.\n");
|
||||
printf("Memory error.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -318,32 +365,9 @@ out:
|
|||
return r;
|
||||
}
|
||||
|
||||
static void usage(void)
|
||||
{
|
||||
printf("Tools for westcos card.\n");
|
||||
printf("version %s.\n\n", version);
|
||||
printf("\t -G Generate key 1536 default.\n");
|
||||
printf("\t -L [length] Key length 512,1024,1536.\n");
|
||||
printf("\t -i Install pin.\n");
|
||||
printf("\t -pin [value] Pin.\n");
|
||||
printf("\t -puk [value] Puk.\n");
|
||||
printf("\t -n Change pin (new pin in puk option).\n");
|
||||
printf("\t -u Unblock pin.\n");
|
||||
printf("\t -cert [file] Write certificate (in pem format).\n");
|
||||
printf("\t -F Finalize card "\
|
||||
"(!!! MANDATORY FOR SECURITY !!!).\n");
|
||||
printf("\t -r [n] Use reader number [n]"\
|
||||
" (default: autodetect).\n");
|
||||
printf("\t -gf [path] Read file [path].\n");
|
||||
printf("\t -pf [path] Write file [path].\n");
|
||||
printf("\t -v verbose.\n");
|
||||
printf("\t -h This message.\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
int r;
|
||||
int r, c, long_optind = 0;
|
||||
int i = 1;
|
||||
char *p;
|
||||
int card_presente = 0;
|
||||
|
@ -357,123 +381,62 @@ int main(int argc, char *argv[])
|
|||
BIGNUM *bn = NULL;
|
||||
BIO *mem = NULL;
|
||||
|
||||
while(i<argc)
|
||||
while (1)
|
||||
{
|
||||
p = argv[i++];
|
||||
if(strcmp(p, "-gf") == 0)
|
||||
c = getopt_long(argc, argv, "r:wgol:ix:y:nut:fj:k:hv", \
|
||||
options, &long_optind);
|
||||
if (c == -1)
|
||||
break;
|
||||
if (c == '?' || c == 'h')
|
||||
util_print_usage_and_die(app_name, options, option_help);
|
||||
switch (c)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
get_filename = argv[i++];
|
||||
continue;
|
||||
}
|
||||
case 'r':
|
||||
opt_reader = optarg;
|
||||
break;
|
||||
case 'w':
|
||||
opt_wait = 1;
|
||||
break;
|
||||
case 'g':
|
||||
if(keylen == 0) keylen = 1536;
|
||||
break;
|
||||
case 'o':
|
||||
overwrite = 1;
|
||||
break;
|
||||
case 'l':
|
||||
keylen = atoi(optarg);
|
||||
break;
|
||||
case 'i':
|
||||
install_pin = 1;
|
||||
break;
|
||||
case 'x':
|
||||
pin = optarg;
|
||||
break;
|
||||
case 'y':
|
||||
puk = optarg;
|
||||
break;
|
||||
case 'n':
|
||||
new_pin = 1;
|
||||
break;
|
||||
case 'u':
|
||||
unlock = 1;
|
||||
break;
|
||||
case 't':
|
||||
cert = optarg;
|
||||
break;
|
||||
case 'f':
|
||||
finalize = 1;
|
||||
break;
|
||||
case 'j':
|
||||
get_filename = optarg;
|
||||
break;
|
||||
case 'k':
|
||||
put_filename = optarg;
|
||||
break;
|
||||
case 'v':
|
||||
verbose++;
|
||||
break;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-pf") == 0)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
put_filename = argv[i++];
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(p, "-F") == 0)
|
||||
{
|
||||
finalise = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-i") == 0)
|
||||
{
|
||||
install_pin = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-R") == 0)
|
||||
{
|
||||
remplace = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-G") == 0)
|
||||
{
|
||||
if(keylen == 0) keylen = 1536;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-L") == 0)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
keylen = atoi(argv[i++]);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(p, "-pin") == 0)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
pin = argv[i++];
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(p, "-puk") == 0)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
puk = argv[i++];
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(p, "-cert") == 0)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
cert = argv[i++];
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(p, "-n") == 0)
|
||||
{
|
||||
new_pin = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-u") == 0)
|
||||
{
|
||||
unlock = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(p, "-r") == 0)
|
||||
{
|
||||
if(i<argc)
|
||||
{
|
||||
no_lecteur = atoi(argv[i++]);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(!strcmp(p, "-h") || !strcmp(p,"--help"))
|
||||
{
|
||||
usage();
|
||||
}
|
||||
|
||||
if(!strncmp(p, "-v", 2))
|
||||
{
|
||||
char *n = p+1;
|
||||
while(*n++ == 'v') verbose++;
|
||||
continue;
|
||||
}
|
||||
|
||||
printf("Unknown %s \n", p);
|
||||
usage();
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
memset(&ctx_param, 0, sizeof(ctx_param));
|
||||
|
@ -483,54 +446,26 @@ int main(int argc, char *argv[])
|
|||
r = sc_context_create(&ctx, &ctx_param);
|
||||
if (r)
|
||||
{
|
||||
fprintf(stderr, "Failed to establish context: %s\n", sc_strerror(r));
|
||||
printf("Failed to establish context: %s\n", sc_strerror(r));
|
||||
return 1;
|
||||
}
|
||||
|
||||
ctx->debug = verbose;
|
||||
if (verbose > 1)
|
||||
ctx->debug = verbose-1;
|
||||
|
||||
if(no_lecteur == -1)
|
||||
if (opt_driver != NULL)
|
||||
{
|
||||
for(i = 0; i<sc_ctx_get_reader_count(ctx); i++)
|
||||
r = sc_set_card_driver(ctx, opt_driver);
|
||||
if (r)
|
||||
{
|
||||
lecteur = sc_ctx_get_reader(ctx, i);
|
||||
if(sc_detect_card_presence(lecteur))
|
||||
{
|
||||
r = sc_connect_card(lecteur, &card);
|
||||
if(r>=0)
|
||||
{
|
||||
printf("card->name = %s\n", card->name);
|
||||
if(strncmp(card->name, nom_card, strlen(nom_card)) == 0)
|
||||
{
|
||||
card_presente = 1;
|
||||
break;
|
||||
}
|
||||
sc_disconnect_card(card);
|
||||
card = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if(no_lecteur < sc_ctx_get_reader_count(ctx))
|
||||
{
|
||||
lecteur = sc_ctx_get_reader(ctx, no_lecteur);
|
||||
r = sc_connect_card(lecteur, &card);
|
||||
if(r>=0)
|
||||
{
|
||||
card_presente = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
sc_disconnect_card(card);
|
||||
}
|
||||
printf("Driver '%s' not found!\n", opt_driver);
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
if(!card_presente) goto out;
|
||||
|
||||
sc_lock(card);
|
||||
r = util_connect_card(ctx, &card, opt_reader, opt_wait, 0);
|
||||
if (r)
|
||||
goto out;
|
||||
|
||||
sc_format_path("3F00", &path);
|
||||
r = sc_select_file(card, &path, NULL);
|
||||
|
@ -547,7 +482,7 @@ int main(int argc, char *argv[])
|
|||
file = sc_file_new();
|
||||
if(file == NULL)
|
||||
{
|
||||
fprintf(stderr, "Not enougth memory.\n");
|
||||
printf("Not enougth memory.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -666,7 +601,7 @@ int main(int argc, char *argv[])
|
|||
|
||||
if(rsa == NULL || bn == NULL || mem == NULL)
|
||||
{
|
||||
fprintf(stderr,"Not enougth memory.\n");
|
||||
printf("Not enougth memory.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -678,15 +613,14 @@ int main(int argc, char *argv[])
|
|||
|
||||
if(mem == NULL)
|
||||
{
|
||||
fprintf(stderr,"Not enougth memory.\n");
|
||||
printf("Not enougth memory.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!rsa)
|
||||
#endif
|
||||
{
|
||||
fprintf(stderr,
|
||||
"RSA_generate_key_ex return %ld\n", ERR_get_error());
|
||||
printf("RSA_generate_key_ex return %ld\n", ERR_get_error());
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -694,8 +628,7 @@ int main(int argc, char *argv[])
|
|||
|
||||
if(!i2d_RSAPrivateKey_bio(mem, rsa))
|
||||
{
|
||||
fprintf(stderr,
|
||||
"i2d_RSAPrivateKey_bio return %ld\n", ERR_get_error());
|
||||
printf("i2d_RSAPrivateKey_bio return %ld\n", ERR_get_error());
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -710,7 +643,7 @@ int main(int argc, char *argv[])
|
|||
file = sc_file_new();
|
||||
if(file == NULL)
|
||||
{
|
||||
fprintf(stderr, "Not enougth memory.\n");
|
||||
printf("Not enougth memory.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -737,11 +670,10 @@ int main(int argc, char *argv[])
|
|||
}
|
||||
else
|
||||
{
|
||||
if(!remplace)
|
||||
if(!overwrite)
|
||||
{
|
||||
fprintf(stderr,
|
||||
"Key file already exist,"\
|
||||
" use -R to replace it.\n");
|
||||
printf("Key file already exist,"\
|
||||
" use -o to replace it.\n");
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
@ -786,7 +718,7 @@ int main(int argc, char *argv[])
|
|||
if (BIO_read_filename(bio, cert) <= 0)
|
||||
{
|
||||
BIO_free(bio);
|
||||
fprintf(stderr, "Can't open file %s.\n", cert);
|
||||
printf("Can't open file %s.\n", cert);
|
||||
goto out;
|
||||
}
|
||||
xp = PEM_read_bio_X509(bio, NULL, NULL, NULL);
|
||||
|
@ -808,6 +740,17 @@ int main(int argc, char *argv[])
|
|||
printf("Write certificate %s.\n", cert);
|
||||
|
||||
r = sc_update_binary(card,0,pdata,lg,0);
|
||||
if(r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
|
||||
{
|
||||
if(verify_pin(card, 0, pin))
|
||||
{
|
||||
printf("Wrong pin.\n");
|
||||
}
|
||||
else
|
||||
{
|
||||
r = sc_update_binary(card,0,pdata,lg,0);
|
||||
}
|
||||
}
|
||||
if(r<0)
|
||||
{
|
||||
if(pdata) free(pdata);
|
||||
|
@ -820,7 +763,7 @@ int main(int argc, char *argv[])
|
|||
}
|
||||
}
|
||||
|
||||
if(finalise)
|
||||
if(finalize)
|
||||
{
|
||||
int mode = SC_CARDCTRL_LIFECYCLE_USER;
|
||||
|
||||
|
@ -868,11 +811,21 @@ int main(int argc, char *argv[])
|
|||
b = (u8*)malloc(file->size);
|
||||
if(b == NULL)
|
||||
{
|
||||
fprintf(stderr, "Not enougth memory.\n");
|
||||
printf("Not enougth memory.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
r = sc_read_binary(card, 0, b, file->size, 0);
|
||||
if(r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
|
||||
{
|
||||
if(verify_pin(card, 0, pin))
|
||||
{
|
||||
printf("Wrong pin.\n");
|
||||
goto out;
|
||||
}
|
||||
r = sc_read_binary(card, 0, b, file->size, 0);
|
||||
}
|
||||
|
||||
if(r<0)
|
||||
{
|
||||
printf("Error reading file.\n");
|
||||
|
@ -908,7 +861,7 @@ int main(int argc, char *argv[])
|
|||
b = (u8*)malloc(file->size);
|
||||
if(b == NULL)
|
||||
{
|
||||
fprintf(stderr, "Not enougth memory.\n");
|
||||
printf("Not enougth memory.\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
@ -919,6 +872,17 @@ int main(int argc, char *argv[])
|
|||
fclose(fp);
|
||||
|
||||
r = sc_update_binary(card, 0, b, file->size, 0);
|
||||
if(r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
|
||||
{
|
||||
if(verify_pin(card, 0, pin))
|
||||
{
|
||||
printf("Wrong pin.\n");
|
||||
}
|
||||
else
|
||||
{
|
||||
r = sc_update_binary(card, 0, b, file->size, 0);
|
||||
}
|
||||
}
|
||||
if(r<0)
|
||||
{
|
||||
free(b);
|
||||
|
|
Loading…
Reference in New Issue