giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

config: allow disabling of PKCS15 application

This commit is contained in:
Viktor Tarasov 2016-01-21 18:11:42 +01:00
parent 0519de6c81
commit 754eaf3c14
3 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/opensc.conf.in
View File

@ -513,9 +513,13 @@ app default {
# obtained with the common procedures (ex. object creation protected by secure messaging).
# Used by PKCS#11 module configurated to expose restricted number of slots.
# (for ex. configurated to expose only User PIN slot, User and Sign PINs slots, ...)
#
# - disable: do not expose application in PKCS15 framework
# default 'false'
application E828BD080FD25047656E65726963 {
type = generic;
model = "ECC Generic PKI";
# disable = true
}
application E828BD080FD2500000040301 {

4
src/libopensc/ctx.c
View File

@ -259,11 +259,11 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
}
if (scconf_get_bool (block, "paranoid-memory",
ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY))
ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY))
ctx->flags |= SC_CTX_FLAG_PARANOID_MEMORY;
if (scconf_get_bool (block, "enable_default_driver",
ctx->flags & SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER))
ctx->flags & SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER))
ctx->flags |= SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER;
val = scconf_get_str(block, "force_card_driver", NULL);

20
src/libopensc/dir.c
View File

@ -61,6 +61,7 @@ parse_dir_record(sc_card_t *card, u8 ** buf, size_t *buflen, int rec_nr)
{
struct sc_context *ctx = card->ctx;
struct sc_asn1_entry asn1_dirrecord[5], asn1_dir[2];
scconf_block *conf_block = NULL;
sc_app_info_t *app = NULL;
struct sc_aid aid;
u8 label[128], path[128], ddo[128];
@ -83,6 +84,25 @@ parse_dir_record(sc_card_t *card, u8 ** buf, size_t *buflen, int rec_nr)
LOG_FUNC_RETURN(ctx, r);
LOG_TEST_RET(ctx, r, "EF(DIR) parsing failed");
conf_block = sc_get_conf_block(ctx, "framework", "pkcs15", 1);
if (conf_block) {
scconf_block **blocks = NULL;
char aid_str[SC_MAX_AID_STRING_SIZE];
int ignore_app = 0;
sc_bin_to_hex(aid.value, aid.len, aid_str, sizeof(aid_str), 0);
blocks = scconf_find_blocks(card->ctx->conf, conf_block, "application", aid_str);
if (blocks) {
ignore_app = (blocks[0] && scconf_get_str(blocks[0], "disable", 0));
free(blocks);
}
if (ignore_app) {
sc_log(ctx, "Application '%s' ignored", aid_str);
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
}
}
app = calloc(1, sizeof(struct sc_app_info));
if (app == NULL)
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);