Merge branch 'master' of https://github.com/OpenSC/OpenSC into OpenSC-master
Conflicts: src/minidriver/minidriver.c
This commit is contained in:
commit
75d76f5ce4
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Building the installer is only tested and supported on 10.9+ with Xcode 6.0.1
|
# Building the installer is only tested and supported on 10.9+ with Xcode 6.0.1
|
||||||
# Built package targets 10.9+
|
# Built package targets 10.10
|
||||||
# Building should also work on older versions with older revisions or slight changes, YMMV
|
# Building should also work on older versions with older revisions or slight changes, YMMV
|
||||||
|
|
||||||
# You need to have the following from homebrew or macports or fink:
|
# You need to have the following from homebrew or macports or fink:
|
||||||
|
@ -15,7 +15,7 @@ SDKS_PATH="$(xcode-select -p)/Platforms/MacOSX.platform/Developer/SDKs"
|
||||||
SDK_PATH="${SDK_PATH:-$SDKS_PATH/$(ls -1 ${SDKS_PATH} | sort -n -k2 -t. -r | head -1)}"
|
SDK_PATH="${SDK_PATH:-$SDKS_PATH/$(ls -1 ${SDKS_PATH} | sort -n -k2 -t. -r | head -1)}"
|
||||||
|
|
||||||
# Set SDK path
|
# Set SDK path
|
||||||
export CFLAGS="-isysroot $SDK_PATH -arch i386 -arch x86_64 -mmacosx-version-min=10.7"
|
export CFLAGS="-isysroot $SDK_PATH -arch i386 -arch x86_64 -mmacosx-version-min=10.10"
|
||||||
|
|
||||||
# OpenSSL is deprecated on OSX since 10.7 and that generates lots of
|
# OpenSSL is deprecated on OSX since 10.7 and that generates lots of
|
||||||
# "false positive" warnings and there is no alternative option.
|
# "false positive" warnings and there is no alternative option.
|
||||||
|
|
45
appveyor.yml
45
appveyor.yml
|
@ -1,18 +1,26 @@
|
||||||
version: 0.15.0.{build}
|
version: 0.15.0.{build}
|
||||||
|
|
||||||
platform:
|
platform:
|
||||||
# the prebuilt zlib is 32 bit only
|
|
||||||
- x86
|
- x86
|
||||||
|
- x64
|
||||||
|
|
||||||
configuration:
|
configuration:
|
||||||
- Release
|
- Release
|
||||||
- Debug
|
- Debug
|
||||||
|
- Light-Release
|
||||||
|
- Light-Debug
|
||||||
|
|
||||||
environment:
|
environment:
|
||||||
matrix:
|
matrix:
|
||||||
- VSVER: 12
|
- VSVER: 12
|
||||||
- VSVER: 10
|
- VSVER: 10
|
||||||
|
|
||||||
|
matrix:
|
||||||
|
allow_failures:
|
||||||
|
# not included in AppVeyor right now
|
||||||
|
- platform: x64
|
||||||
|
VSVER: 10
|
||||||
|
|
||||||
install:
|
install:
|
||||||
- ps: if ($env:APPVEYOR_PULL_REQUEST_NUMBER -and $env:APPVEYOR_BUILD_NUMBER -ne ((Invoke-RestMethod `
|
- ps: if ($env:APPVEYOR_PULL_REQUEST_NUMBER -and $env:APPVEYOR_BUILD_NUMBER -ne ((Invoke-RestMethod `
|
||||||
https://ci.appveyor.com/api/projects/$env:APPVEYOR_ACCOUNT_NAME/$env:APPVEYOR_PROJECT_SLUG/history?recordsNumber=50).builds | `
|
https://ci.appveyor.com/api/projects/$env:APPVEYOR_ACCOUNT_NAME/$env:APPVEYOR_PROJECT_SLUG/history?recordsNumber=50).builds | `
|
||||||
|
@ -37,22 +45,28 @@ install:
|
||||||
$env:ARTIFACT="OpenSC-${env:APPVEYOR_BUILD_VERSION}-win64_vs${env:VSVER}-${env:CONFIGURATION}.msi"
|
$env:ARTIFACT="OpenSC-${env:APPVEYOR_BUILD_VERSION}-win64_vs${env:VSVER}-${env:CONFIGURATION}.msi"
|
||||||
}
|
}
|
||||||
- ps: >-
|
- ps: >-
|
||||||
If ($env:Configuration -Match "Debug") {
|
If ($env:Configuration -Like "*Debug*") {
|
||||||
$env:NMAKE_DEBUG="DEBUG_DEF=/DDEBUG"
|
$env:NMAKE_EXTRA="DEBUG_DEF=/DDEBUG ${env:NMAKE_EXTRA}"
|
||||||
|
}
|
||||||
|
- ps: >-
|
||||||
|
If (!($env:Configuration -Like "*Light*")) {
|
||||||
|
If (!(Test-Path -Path "C:\OpenSSL-${env:OPENSSL_PF}" )) {
|
||||||
|
Start-FileDownload https://slproweb.com/download/${env:OPENSSL_PF}OpenSSL-${env:OPENSSL_VER}.exe -FileName C:\WinOpenSSL.exe
|
||||||
|
C:\WinOpenSSL.exe /SILENT /VERYSILENT /SP- /SUPPRESSMSGBOXES /NORESTART
|
||||||
|
}
|
||||||
|
$env:NMAKE_EXTRA="OPENSSL_DEF=/DENABLE_OPENSSL ${env:NMAKE_EXTRA}"
|
||||||
|
# the prebuilt zlib is 32 bit only
|
||||||
|
If ($env:Platform -Match "x86") {
|
||||||
|
If (!(Test-Path -Path "C:\zlib-dll" )) {
|
||||||
|
appveyor DownloadFile "https://prdownloads.sourceforge.net/libpng/zlib${env:ZLIB_VER}-dll.zip" -FileName zlib-dll.zip
|
||||||
|
7z x zlib-dll.zip -oC:\zlib-dll
|
||||||
|
}
|
||||||
|
$env:NMAKE_EXTRA="ZLIB_DEF=/DENABLE_ZLIB ${env:NMAKE_EXTRA}"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
- ps: $env:VSCOMNTOOLS=(Get-Content ("env:VS" + "$env:VSVER" + "0COMNTOOLS"))
|
- ps: $env:VSCOMNTOOLS=(Get-Content ("env:VS" + "$env:VSVER" + "0COMNTOOLS"))
|
||||||
- echo "Using Visual Studio %VSVER%.0 at %VSCOMNTOOLS%"
|
- echo "Using Visual Studio %VSVER%.0 at %VSCOMNTOOLS%"
|
||||||
- call "%VSCOMNTOOLS%\..\..\VC\vcvarsall.bat" %VCVARS_PLATFORM%
|
- call "%VSCOMNTOOLS%\..\..\VC\vcvarsall.bat" %VCVARS_PLATFORM%
|
||||||
- ps: >-
|
|
||||||
If(!(Test-Path -Path "C:\OpenSSL-${env:OPENSSL_PF}" )) {
|
|
||||||
Start-FileDownload https://slproweb.com/download/${env:OPENSSL_PF}OpenSSL-${env:OPENSSL_VER}.exe -FileName C:\WinOpenSSL.exe
|
|
||||||
C:\WinOpenSSL.exe /SILENT /VERYSILENT /SP- /SUPPRESSMSGBOXES /NORESTART
|
|
||||||
}
|
|
||||||
- ps: >-
|
|
||||||
If(!(Test-Path -Path "C:\zlib-dll" )) {
|
|
||||||
appveyor DownloadFile "https://prdownloads.sourceforge.net/libpng/zlib${env:ZLIB_VER}-dll.zip" -FileName zlib-dll.zip
|
|
||||||
7z x zlib-dll.zip -oC:\zlib-dll
|
|
||||||
}
|
|
||||||
- appveyor DownloadFile "http://download.microsoft.com/download/2/C/9/2C93059C-0532-42DF-8C24-9AEAFF00768E/cngsdk.msi"
|
- appveyor DownloadFile "http://download.microsoft.com/download/2/C/9/2C93059C-0532-42DF-8C24-9AEAFF00768E/cngsdk.msi"
|
||||||
- cngsdk.msi /quiet
|
- cngsdk.msi /quiet
|
||||||
- uname -a
|
- uname -a
|
||||||
|
@ -61,9 +75,10 @@ build_script:
|
||||||
- bash -c "exec 0</dev/null && ./bootstrap"
|
- bash -c "exec 0</dev/null && ./bootstrap"
|
||||||
# disable features to speed up the script
|
# disable features to speed up the script
|
||||||
- bash -c "exec 0</dev/null && ./configure --disable-openssl --disable-readline --disable-zlib || cat config.log"
|
- bash -c "exec 0</dev/null && ./configure --disable-openssl --disable-readline --disable-zlib || cat config.log"
|
||||||
|
- bash -c "make -C etc opensc.conf"
|
||||||
- cp win32/winconfig.h config.h
|
- cp win32/winconfig.h config.h
|
||||||
- nmake /f Makefile.mak %NMAKE_ARCH% %NMAKE_DEBUG%
|
- nmake /f Makefile.mak %NMAKE_ARCH% %NMAKE_EXTRA%
|
||||||
- cd win32 && nmake /f Makefile.mak %NMAKE_ARCH% %NMAKE_DEBUG% VSVER=%VSVER% OpenSC.msi
|
- cd win32 && nmake /f Makefile.mak %NMAKE_ARCH% %NMAKE_EXTRA% VSVER=%VSVER% OpenSC.msi
|
||||||
- move OpenSC.msi %ARTIFACT%
|
- move OpenSC.msi %ARTIFACT%
|
||||||
- appveyor PushArtifact %ARTIFACT%
|
- appveyor PushArtifact %ARTIFACT%
|
||||||
|
|
||||||
|
|
21
configure.ac
21
configure.ac
|
@ -114,13 +114,19 @@ esac
|
||||||
|
|
||||||
case "${host}" in
|
case "${host}" in
|
||||||
*-mingw*|*-winnt*|*-cygwin*)
|
*-mingw*|*-winnt*|*-cygwin*)
|
||||||
DEBUG_FILE="%TEMP%\opensc-debug.log"
|
DEBUG_FILE="%TEMP%\\\opensc-debug.log"
|
||||||
|
PROFILE_DIR_DEFAULT="obtained from windows registers"
|
||||||
|
PROFILE_DIR="\"\""
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
DEBUG_FILE="/tmp/opensc-debug.log"
|
DEBUG_FILE="/tmp/opensc-debug.log"
|
||||||
|
PROFILE_DIR="\$(pkgdatadir)"
|
||||||
|
PROFILE_DIR_DEFAULT="\$(pkgdatadir)"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
AC_DEFINE_UNQUOTED([DEBUG_FILE], ["${DEBUG_FILE}"], [Debug file])
|
AC_DEFINE_UNQUOTED([DEBUG_FILE], ["${DEBUG_FILE}"], [Debug file])
|
||||||
|
AC_DEFINE_UNQUOTED([PROFILE_DIR], ["${PROFILE_DIR}"], [Directory of profiles])
|
||||||
|
AC_DEFINE_UNQUOTED([PROFILE_DIR_DEFAULT], ["${PROFILE_DIR_DEFAULT}"], [Default directory of profiles])
|
||||||
|
|
||||||
AC_ARG_ENABLE(
|
AC_ARG_ENABLE(
|
||||||
[strict],
|
[strict],
|
||||||
|
@ -486,14 +492,12 @@ PKG_CHECK_MODULES(
|
||||||
case "${enable_openssl}" in
|
case "${enable_openssl}" in
|
||||||
no)
|
no)
|
||||||
have_openssl="no"
|
have_openssl="no"
|
||||||
enable_sm="no"
|
|
||||||
;;
|
;;
|
||||||
detect)
|
detect)
|
||||||
if test "${have_openssl}" = "yes"; then
|
if test "${have_openssl}" = "yes"; then
|
||||||
enable_openssl="yes"
|
enable_openssl="yes"
|
||||||
else
|
else
|
||||||
enable_openssl="no"
|
enable_openssl="no"
|
||||||
enable_sm="no"
|
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
@ -504,6 +508,9 @@ if test "${enable_openssl}" = "yes"; then
|
||||||
else
|
else
|
||||||
AC_MSG_ERROR([OpenSSL linkage required, but no OpenSSL was found])
|
AC_MSG_ERROR([OpenSSL linkage required, but no OpenSSL was found])
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
OPENSSL_CFLAGS=""
|
||||||
|
OPENSSL_LIBS=""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test "${enable_sm}" = "yes"; then
|
if test "${enable_sm}" = "yes"; then
|
||||||
|
@ -512,15 +519,19 @@ if test "${enable_sm}" = "yes"; then
|
||||||
case "${host}" in
|
case "${host}" in
|
||||||
*-mingw*|*-winnt*|*-cygwin*)
|
*-mingw*|*-winnt*|*-cygwin*)
|
||||||
DEFAULT_SM_MODULE="smm-local.dll"
|
DEFAULT_SM_MODULE="smm-local.dll"
|
||||||
|
DEFAULT_SM_MODULE_PATH="\# module_path = \"\";"
|
||||||
;;
|
;;
|
||||||
*-apple-*)
|
*-apple-*)
|
||||||
DEFAULT_SM_MODULE="libsmm-local.3.dylib"
|
DEFAULT_SM_MODULE="libsmm-local.3.dylib"
|
||||||
|
DEFAULT_SM_MODULE_PATH="module_path = \$(libdir);"
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
DEFAULT_SM_MODULE="libsmm-local.so.3"
|
DEFAULT_SM_MODULE="libsmm-local.so.3"
|
||||||
|
DEFAULT_SM_MODULE_PATH="module_path = \$(libdir);"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
AC_DEFINE_UNQUOTED([DEFAULT_SM_MODULE], ["${DEFAULT_SM_MODULE}"], [Default SM module])
|
AC_DEFINE_UNQUOTED([DEFAULT_SM_MODULE], ["${DEFAULT_SM_MODULE}"], [Default SM module])
|
||||||
|
AC_DEFINE_UNQUOTED([DEFAULT_SM_MODULE_PATH], ["${DEFAULT_SM_MODULE_PATH}"], [Default SM module path])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test "${enable_openct}" = "yes"; then
|
if test "${enable_openct}" = "yes"; then
|
||||||
|
@ -565,6 +576,7 @@ if test "${enable_pcsc}" = "yes"; then
|
||||||
CFLAGS="${CFLAGS} ${PCSC_CFLAGS}"
|
CFLAGS="${CFLAGS} ${PCSC_CFLAGS}"
|
||||||
# We must cope with mingw32 that does not have winscard.h mingw64 has it.
|
# We must cope with mingw32 that does not have winscard.h mingw64 has it.
|
||||||
AC_CHECK_HEADERS([winscard.h],,[test "${WIN32}" != "yes" && AC_MSG_ERROR([winscard.h is required for pcsc])])
|
AC_CHECK_HEADERS([winscard.h],,[test "${WIN32}" != "yes" && AC_MSG_ERROR([winscard.h is required for pcsc])])
|
||||||
|
AC_CHECK_HEADERS([pcsclite.h])
|
||||||
CFLAGS="${saved_CFLAGS}"
|
CFLAGS="${saved_CFLAGS}"
|
||||||
|
|
||||||
if test "${with_pcsc_provider}" = "detect"; then
|
if test "${with_pcsc_provider}" = "detect"; then
|
||||||
|
@ -697,7 +709,10 @@ AC_SUBST([OPTIONAL_OPENCT_LIBS])
|
||||||
AC_SUBST([OPTIONAL_PCSC_CFLAGS])
|
AC_SUBST([OPTIONAL_PCSC_CFLAGS])
|
||||||
AC_SUBST([LIBRARY_BITNESS])
|
AC_SUBST([LIBRARY_BITNESS])
|
||||||
AC_SUBST([DEFAULT_SM_MODULE])
|
AC_SUBST([DEFAULT_SM_MODULE])
|
||||||
|
AC_SUBST([DEFAULT_SM_MODULE_PATH])
|
||||||
AC_SUBST([DEBUG_FILE])
|
AC_SUBST([DEBUG_FILE])
|
||||||
|
AC_SUBST([PROFILE_DIR])
|
||||||
|
AC_SUBST([PROFILE_DIR_DEFAULT])
|
||||||
|
|
||||||
AM_CONDITIONAL([ENABLE_MAN], [test "${enable_man}" = "yes"])
|
AM_CONDITIONAL([ENABLE_MAN], [test "${enable_man}" = "yes"])
|
||||||
AM_CONDITIONAL([ENABLE_ZLIB], [test "${enable_zlib}" = "yes"])
|
AM_CONDITIONAL([ENABLE_ZLIB], [test "${enable_zlib}" = "yes"])
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in $(srcdir)/opensc.conf.win
|
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
|
||||||
DISTCLEANFILES = opensc.conf opensc.conf.win
|
DISTCLEANFILES = opensc.conf
|
||||||
|
|
||||||
EXTRA_DIST = Makefile.mak
|
EXTRA_DIST = Makefile.mak
|
||||||
|
|
||||||
SUFFIXES = .in
|
SUFFIXES = .in
|
||||||
|
|
||||||
dist_noinst_DATA = opensc.conf.in opensc.conf.win.in
|
dist_noinst_DATA = opensc.conf.in
|
||||||
nodist_noinst_DATA = opensc.conf opensc.conf.win # For Windows MSVC build
|
nodist_noinst_DATA = opensc.conf
|
||||||
|
|
||||||
# Make sure we build this every time
|
# Make sure we build this every time
|
||||||
# as there is no dependency for this.
|
# as there is no dependency for this.
|
||||||
|
@ -18,9 +18,12 @@ opensc.conf: opensc.conf.in force
|
||||||
@sed \
|
@sed \
|
||||||
-e 's|@pkgdatadir[@]|$(pkgdatadir)|g' \
|
-e 's|@pkgdatadir[@]|$(pkgdatadir)|g' \
|
||||||
-e 's|@libdir[@]|$(libdir)|g' \
|
-e 's|@libdir[@]|$(libdir)|g' \
|
||||||
|
-e 's|@DEBUG_FILE[@]|$(DEBUG_FILE)|g' \
|
||||||
-e 's|@DEFAULT_PCSC_PROVIDER[@]|$(DEFAULT_PCSC_PROVIDER)|g' \
|
-e 's|@DEFAULT_PCSC_PROVIDER[@]|$(DEFAULT_PCSC_PROVIDER)|g' \
|
||||||
-e 's|@DEFAULT_SM_MODULE[@]|$(DEFAULT_SM_MODULE)|g' \
|
-e 's|@DEFAULT_SM_MODULE[@]|$(DEFAULT_SM_MODULE)|g' \
|
||||||
-e 's|@DEBUG_FILE[@]|$(DEBUG_FILE)|g' \
|
-e 's|@DEFAULT_SM_MODULE_PATH[@]|$(DEFAULT_SM_MODULE_PATH)|g' \
|
||||||
|
-e 's|@PROFILE_DIR[@]|$(PROFILE_DIR)|g' \
|
||||||
|
-e 's|@PROFILE_DIR_DEFAULT[@]|$(PROFILE_DIR_DEFAULT)|g' \
|
||||||
< $< > $@
|
< $< > $@
|
||||||
|
|
||||||
install-exec-hook: opensc.conf
|
install-exec-hook: opensc.conf
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
all: opensc.conf.win
|
|
||||||
|
|
||||||
opensc.conf.win: opensc.conf.win.in
|
|
||||||
copy /y opensc.conf.win.in opensc.conf.win
|
|
||||||
|
|
||||||
clean::
|
|
||||||
del /Q opensc.conf.win
|
|
||||||
|
|
|
@ -32,9 +32,9 @@ app default {
|
||||||
|
|
||||||
# PKCS#15 initialization / personalization
|
# PKCS#15 initialization / personalization
|
||||||
# profiles directory for pkcs15-init.
|
# profiles directory for pkcs15-init.
|
||||||
# Default: @pkgdatadir@
|
# Default: @PROFILE_DIR_DEFAULT@
|
||||||
#
|
#
|
||||||
# profile_dir = @pkgdatadir@;
|
# profile_dir = @PROFILE_DIR@;
|
||||||
|
|
||||||
# Paranoid memory allocation.
|
# Paranoid memory allocation.
|
||||||
#
|
#
|
||||||
|
@ -45,11 +45,11 @@ app default {
|
||||||
#
|
#
|
||||||
# paranoid_memory = false;
|
# paranoid_memory = false;
|
||||||
|
|
||||||
# Enable default card driver
|
# Enable default card driver
|
||||||
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
||||||
#
|
#
|
||||||
# Default: false
|
# Default: false
|
||||||
# enable_default_driver = true;
|
# enable_default_driver = true;
|
||||||
|
|
||||||
# CT-API module configuration.
|
# CT-API module configuration.
|
||||||
reader_driver ctapi {
|
reader_driver ctapi {
|
||||||
|
@ -112,7 +112,11 @@ app default {
|
||||||
# max_recv_size = 256;
|
# max_recv_size = 256;
|
||||||
};
|
};
|
||||||
|
|
||||||
# What card drivers to load at start-up
|
# Whitelist of card drivers to load at start-up
|
||||||
|
#
|
||||||
|
# The supported internal card driver names can be retrieved
|
||||||
|
# from the output of:
|
||||||
|
# $ opensc-tool --list-drivers
|
||||||
#
|
#
|
||||||
# A special value of 'internal' will load all
|
# A special value of 'internal' will load all
|
||||||
# statically linked drivers. If an unknown (ie. not
|
# statically linked drivers. If an unknown (ie. not
|
||||||
|
@ -277,144 +281,148 @@ app default {
|
||||||
|
|
||||||
# IAS/ECC cards
|
# IAS/ECC cards
|
||||||
card_atr 3B:7F:96:00:00:00:31:B9:64:40:70:14:10:73:94:01:80:82:90:00 {
|
card_atr 3B:7F:96:00:00:00:31:B9:64:40:70:14:10:73:94:01:80:82:90:00 {
|
||||||
type = 25001;
|
type = 25001;
|
||||||
driver = "iasecc";
|
driver = "iasecc";
|
||||||
name = "Gemalto MultiApp IAS/ECC v1.0.1";
|
name = "Gemalto MultiApp IAS/ECC v1.0.1";
|
||||||
secure_messaging = local_gemalto_iam;
|
secure_messaging = local_gemalto_iam;
|
||||||
# secure_messaging = local_adele;
|
# secure_messaging = local_adele;
|
||||||
md_read_only = false;
|
md_read_only = false;
|
||||||
md_supports_X509_enrollment = true;
|
md_supports_X509_enrollment = true;
|
||||||
}
|
}
|
||||||
card_atr 3B:7F:96:00:00:00:31:B8:64:40:70:14:10:73:94:01:80:82:90:00 {
|
card_atr 3B:7F:96:00:00:00:31:B8:64:40:70:14:10:73:94:01:80:82:90:00 {
|
||||||
type = 25001;
|
type = 25001;
|
||||||
driver = "iasecc";
|
driver = "iasecc";
|
||||||
name = "Gemalto MultiApp IAS/ECC v1.0.1";
|
name = "Gemalto MultiApp IAS/ECC v1.0.1";
|
||||||
secure_messaging = local_gemalto_iam;
|
secure_messaging = local_gemalto_iam;
|
||||||
md_read_only = false;
|
md_read_only = false;
|
||||||
md_supports_X509_enrollment = true;
|
md_supports_X509_enrollment = true;
|
||||||
}
|
}
|
||||||
#card_atr 3B:DD:18:00:81:31:FE:45:80:F9:A0:00:00:00:77:01:08:00:07:90:00:FE {
|
#card_atr 3B:DD:18:00:81:31:FE:45:80:F9:A0:00:00:00:77:01:08:00:07:90:00:FE {
|
||||||
# type = 25002;
|
# type = 25002;
|
||||||
# driver = "iasecc";
|
# driver = "iasecc";
|
||||||
# name = "Oberthur IAS/ECC v1.0.1";
|
# name = "Oberthur IAS/ECC v1.0.1";
|
||||||
# # No 'admin' application for this card -- no secure messaging
|
# # No 'admin' application for this card -- no secure messaging
|
||||||
#}
|
#}
|
||||||
#card_atr 3B:7F:18:00:00:00:31:B8:64:50:23:EC:C1:73:94:01:80:82:90:00 {
|
#card_atr 3B:7F:18:00:00:00:31:B8:64:50:23:EC:C1:73:94:01:80:82:90:00 {
|
||||||
# type = 25003;
|
# type = 25003;
|
||||||
# driver = "iasecc";
|
# driver = "iasecc";
|
||||||
# name = "Morpho YpsID S3 IAS/ECC";
|
# name = "Morpho YpsID S3 IAS/ECC";
|
||||||
# # secure_messaging = local_morpho_YpsID_S3;
|
# # secure_messaging = local_morpho_YpsID_S3;
|
||||||
#}
|
#}
|
||||||
#card_atr 3B:DF:96:00:80:31:FE:45:00:31:B8:64:04:1F:EC:C1:73:94:01:80:82:90:00:EC {
|
#card_atr 3B:DF:96:00:80:31:FE:45:00:31:B8:64:04:1F:EC:C1:73:94:01:80:82:90:00:EC {
|
||||||
# type = 25005;
|
# type = 25005;
|
||||||
# driver = "iasecc";
|
# driver = "iasecc";
|
||||||
# name = "Morpho MI IAS/ECC v1.0.1";
|
# name = "Morpho MI IAS/ECC v1.0.1";
|
||||||
# md_read_only = false;
|
# md_read_only = false;
|
||||||
# md_supports_X509_enrollment = true;
|
# md_supports_X509_enrollment = true;
|
||||||
# secure_messaging = local_morpho_mi;
|
# secure_messaging = local_morpho_mi;
|
||||||
#}
|
#}
|
||||||
card_atr 3B:DF:18:FF:81:91:FE:1F:C3:00:31:B8:64:0C:01:EC:C1:73:94:01:80:82:90:00:B3 {
|
card_atr 3B:DF:18:FF:81:91:FE:1F:C3:00:31:B8:64:0C:01:EC:C1:73:94:01:80:82:90:00:B3 {
|
||||||
type = 25004;
|
type = 25004;
|
||||||
driver = "iasecc";
|
driver = "iasecc";
|
||||||
name = "Amos IAS/ECC v1.0.1";
|
name = "Amos IAS/ECC v1.0.1";
|
||||||
md_read_only = false;
|
md_read_only = false;
|
||||||
md_supports_X509_enrollment = true;
|
md_supports_X509_enrollment = true;
|
||||||
secure_messaging = local_amos;
|
secure_messaging = local_amos;
|
||||||
}
|
}
|
||||||
card_atr 3B:DC:18:FF:81:91:FE:1F:C3:80:73:C8:21:13:66:01:0B:03:52:00:05:38 {
|
card_atr 3B:DC:18:FF:81:91:FE:1F:C3:80:73:C8:21:13:66:01:0B:03:52:00:05:38 {
|
||||||
type = 25004;
|
type = 25004;
|
||||||
driver = "iasecc";
|
driver = "iasecc";
|
||||||
name = "Amos IAS/ECC v1.0.1";
|
name = "Amos IAS/ECC v1.0.1";
|
||||||
md_read_only = false;
|
md_read_only = false;
|
||||||
md_supports_X509_enrollment = true;
|
md_supports_X509_enrollment = true;
|
||||||
secure_messaging = local_amos_eid;
|
secure_messaging = local_amos_eid;
|
||||||
}
|
}
|
||||||
|
|
||||||
secure_messaging local_authentic {
|
secure_messaging local_authentic {
|
||||||
#path to ans name of external SM module
|
# name of external SM module
|
||||||
#module_name = @DEFAULT_SM_MODULE@;
|
# module_name = @DEFAULT_SM_MODULE@;
|
||||||
#module_path = @libdir@;
|
# directory with external SM module
|
||||||
|
# Default: defined by windows register
|
||||||
|
@DEFAULT_SM_MODULE_PATH@
|
||||||
|
|
||||||
# specific data to tune the module initialization
|
# specific data to tune the module initialization
|
||||||
#module_data = "Here can be your SM module init data";
|
# module_data = "Here can be your SM module init data";
|
||||||
|
|
||||||
# SM mode:
|
# SM mode:
|
||||||
# 'transmit' -- in this mode the procedure to securize an APDU is called by the OpenSC general
|
# 'transmit' -- in this mode the procedure to securize an APDU is called by the OpenSC general
|
||||||
# APDU transmit procedure.
|
# APDU transmit procedure.
|
||||||
# In this mode all APDUs, except the ones filtered by the card specific procedure,
|
# In this mode all APDUs, except the ones filtered by the card specific procedure,
|
||||||
# are securized.
|
# are securized.
|
||||||
# 'acl' -- in this mode APDU are securized only if needed by the ACLs of the command to be executed.
|
# 'acl' -- in this mode APDU are securized only if needed by the ACLs of the command to be executed.
|
||||||
#
|
#
|
||||||
#mode = transmit;
|
#mode = transmit;
|
||||||
|
|
||||||
# SM type specific flags
|
# SM type specific flags
|
||||||
# flags = 0x78; # 0x78 -- level 3, channel 0
|
# flags = 0x78; # 0x78 -- level 3, channel 0
|
||||||
|
|
||||||
# Default KMC of the GP Card Manager for the Oberthur's Java cards
|
# Default KMC of the GP Card Manager for the Oberthur's Java cards
|
||||||
# kmc = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00";
|
# kmc = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00";
|
||||||
}
|
}
|
||||||
|
|
||||||
secure_messaging local_gemalto_iam {
|
secure_messaging local_gemalto_iam {
|
||||||
module_name = @DEFAULT_SM_MODULE@;
|
module_name = @DEFAULT_SM_MODULE@;
|
||||||
module_path = @libdir@;
|
@DEFAULT_SM_MODULE_PATH@
|
||||||
#module_data = "";
|
# module_data = "";
|
||||||
type = acl; # transmit, acl
|
type = acl; # transmit, acl
|
||||||
|
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
ifd_serial = "11:22:33:44:55:66:77:88";
|
||||||
|
|
||||||
# Keyset values from IAM profiles of the Gemalto IAS/ECC cards
|
# Keyset values from IAM profiles of the Gemalto IAS/ECC cards
|
||||||
keyset_02_enc = "RW_PRIV_ENC_TEST";
|
keyset_02_enc = "RW_PRIV_ENC_TEST";
|
||||||
keyset_02_mac = "RW_PRIV_MAC_TEST";
|
keyset_02_mac = "RW_PRIV_MAC_TEST";
|
||||||
|
|
||||||
keyset_E828BD080FD2504543432D654944_01_enc = "RO_ENC_TEST_KEY_";
|
keyset_E828BD080FD2504543432D654944_01_enc = "RO_ENC_TEST_KEY_";
|
||||||
keyset_E828BD080FD2504543432D654944_01_mac = "RO_MAC_TEST_KEY_";
|
keyset_E828BD080FD2504543432D654944_01_mac = "RO_MAC_TEST_KEY_";
|
||||||
|
|
||||||
keyset_E828BD080FD2504543432D654944_03_enc = "RW_PUBL_ENC_TEST";
|
keyset_E828BD080FD2504543432D654944_03_enc = "RW_PUBL_ENC_TEST";
|
||||||
keyset_E828BD080FD2504543432D654944_03_mac = "RW_PUBL_MAC_TEST";
|
keyset_E828BD080FD2504543432D654944_03_mac = "RW_PUBL_MAC_TEST";
|
||||||
}
|
}
|
||||||
|
|
||||||
secure_messaging local_amos {
|
secure_messaging local_amos {
|
||||||
module_name = @DEFAULT_SM_MODULE@;
|
module_name = @DEFAULT_SM_MODULE@;
|
||||||
module_path = @libdir@;
|
@DEFAULT_SM_MODULE_PATH@
|
||||||
|
# module_data = "";
|
||||||
mode = acl;
|
mode = acl;
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
ifd_serial = "11:22:33:44:55:66:77:88";
|
||||||
keyset_02_enc = "ENCROECHANTILLON";
|
keyset_02_enc = "ENCROECHANTILLON";
|
||||||
keyset_02_mac = "MACROECHANTILLON";
|
keyset_02_mac = "MACROECHANTILLON";
|
||||||
}
|
}
|
||||||
|
|
||||||
secure_messaging local_amos_eid {
|
secure_messaging local_amos_eid {
|
||||||
module_name = @DEFAULT_SM_MODULE@;
|
module_name = @DEFAULT_SM_MODULE@;
|
||||||
module_path = @libdir@;
|
@DEFAULT_SM_MODULE_PATH@
|
||||||
mode = acl;
|
# module_data = "";
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
mode = acl;
|
||||||
keyset_E828BD080FD2504543432D654944_03_enc = "RW_PUBL_ENC_TEST";
|
ifd_serial = "11:22:33:44:55:66:77:88";
|
||||||
keyset_E828BD080FD2504543432D654944_03_mac = "RW_PUBL_MAC_TEST";
|
keyset_E828BD080FD2504543432D654944_03_enc = "RW_PUBL_ENC_TEST";
|
||||||
}
|
keyset_E828BD080FD2504543432D654944_03_mac = "RW_PUBL_MAC_TEST";
|
||||||
|
}
|
||||||
|
|
||||||
secure_messaging local_adele {
|
secure_messaging local_adele {
|
||||||
module_name = @DEFAULT_SM_MODULE@;
|
module_name = @DEFAULT_SM_MODULE@;
|
||||||
module_path = @libdir@;
|
@DEFAULT_SM_MODULE_PATH@
|
||||||
#module_data = "";
|
# module_data = "";
|
||||||
type = acl; # transmit, acl
|
type = acl; # transmit, acl
|
||||||
|
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
ifd_serial = "11:22:33:44:55:66:77:88";
|
||||||
|
|
||||||
# Keyset values from 'Adele' profiles of the IAS/ECC cards
|
# Keyset values from 'Adele' profiles of the IAS/ECC cards
|
||||||
keyset_01_enc = "EMENCECHANTILLON";
|
keyset_01_enc = "EMENCECHANTILLON";
|
||||||
keyset_01_mac = "EMMACECHANTILLON";
|
keyset_01_mac = "EMMACECHANTILLON";
|
||||||
|
|
||||||
keyset_02_enc = "AAENCECHANTILLON";
|
keyset_02_enc = "AAENCECHANTILLON";
|
||||||
keyset_02_mac = "AAMACECHANTILLON";
|
keyset_02_mac = "AAMACECHANTILLON";
|
||||||
|
|
||||||
keyset_E828BD080FD2500000040301_02_enc = "E2ENCECHANTILLON";
|
keyset_E828BD080FD2500000040301_02_enc = "E2ENCECHANTILLON";
|
||||||
keyset_E828BD080FD2500000040301_02_mac = "E2MACECHANTILLON";
|
keyset_E828BD080FD2500000040301_02_mac = "E2MACECHANTILLON";
|
||||||
|
|
||||||
keyset_D2500000044164E86C650101_02_enc = "E1ENCECHANTILLON";
|
keyset_D2500000044164E86C650101_02_enc = "E1ENCECHANTILLON";
|
||||||
keyset_D2500000044164E86C650101_02_mac = "E1MACECHANTILLON";
|
keyset_D2500000044164E86C650101_02_mac = "E1MACECHANTILLON";
|
||||||
|
|
||||||
keyset_D2500000044164E86C650101_03_enc = "SIENCECHANTILLON";
|
keyset_D2500000044164E86C650101_03_enc = "SIENCECHANTILLON";
|
||||||
keyset_D2500000044164E86C650101_03_mac = "SIMACECHANTILLON";
|
keyset_D2500000044164E86C650101_03_mac = "SIMACECHANTILLON";
|
||||||
}
|
}
|
||||||
|
|
||||||
# Below are the framework specific configuration blocks.
|
# Below are the framework specific configuration blocks.
|
||||||
|
|
||||||
|
@ -487,25 +495,25 @@ app default {
|
||||||
# obtained with the common procedures (ex. object creation protected by secure messaging).
|
# obtained with the common procedures (ex. object creation protected by secure messaging).
|
||||||
# Used by PKCS#11 module configurated to expose restricted number of slots.
|
# Used by PKCS#11 module configurated to expose restricted number of slots.
|
||||||
# (for ex. configurated to expose only User PIN slot, User and Sign PINs slots, ...)
|
# (for ex. configurated to expose only User PIN slot, User and Sign PINs slots, ...)
|
||||||
application E828BD080FD25047656E65726963 {
|
application E828BD080FD25047656E65726963 {
|
||||||
type = generic;
|
type = generic;
|
||||||
model = "ECC Generic PKI";
|
model = "ECC Generic PKI";
|
||||||
}
|
}
|
||||||
|
|
||||||
application E828BD080FD2500000040301 {
|
application E828BD080FD2500000040301 {
|
||||||
type = generic;
|
type = generic;
|
||||||
model = "Adèle Générique";
|
model = "Adèle Générique";
|
||||||
}
|
}
|
||||||
|
|
||||||
application E828BD080FD2504543432D654944 {
|
application E828BD080FD2504543432D654944 {
|
||||||
type = protected;
|
type = protected;
|
||||||
model = "ECC eID";
|
model = "ECC eID";
|
||||||
}
|
}
|
||||||
|
|
||||||
application E828BD080FD2500000040201 {
|
application E828BD080FD2500000040201 {
|
||||||
type = protected;
|
type = protected;
|
||||||
model = "Adèle Admin-2";
|
model = "Adèle Admin-2";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -568,6 +576,18 @@ app opensc-pkcs11 {
|
||||||
# Default: false
|
# Default: false
|
||||||
# lock_login = true;
|
# lock_login = true;
|
||||||
|
|
||||||
|
# With this setting disabled, the OpenSC PKCS#11 module will initialize
|
||||||
|
# the slots available when the application calls `C_GetSlotList`. With
|
||||||
|
# this setting enabled, the slots will also get initialized when
|
||||||
|
# C_GetSlotInfo is called.
|
||||||
|
#
|
||||||
|
# This setting is a workaround for Java which does not call
|
||||||
|
# `C_GetSlotList` when configured with a static `slot` instead of
|
||||||
|
# `slotListIndex`.
|
||||||
|
#
|
||||||
|
# Default: true
|
||||||
|
# init_sloppy = false;
|
||||||
|
|
||||||
# User PIN unblock style
|
# User PIN unblock style
|
||||||
# none: PIN unblock is not possible with PKCS#11 API;
|
# none: PIN unblock is not possible with PKCS#11 API;
|
||||||
# set_pin_in_unlogged_session: C_SetPIN() in unlogged session:
|
# set_pin_in_unlogged_session: C_SetPIN() in unlogged session:
|
||||||
|
|
|
@ -1,650 +0,0 @@
|
||||||
# Configuration file for OpenSC
|
|
||||||
# Example configuration file
|
|
||||||
|
|
||||||
# NOTE: All key-value pairs must be terminated by a semicolon.
|
|
||||||
|
|
||||||
# Default values for any application
|
|
||||||
# These can be overridden by an application
|
|
||||||
# specific configuration block.
|
|
||||||
app default {
|
|
||||||
# Amount of debug info to print
|
|
||||||
#
|
|
||||||
# A greater value means more debug info.
|
|
||||||
# Default: 0
|
|
||||||
#
|
|
||||||
debug = 0;
|
|
||||||
|
|
||||||
# The file to which debug output will be written
|
|
||||||
#
|
|
||||||
# Special values 'stdout' and 'stderr' are recognized.
|
|
||||||
# Default: stderr
|
|
||||||
#
|
|
||||||
# debug_file = %TEMP%\opensc-debug.log
|
|
||||||
|
|
||||||
# Re-open debug file (used in WIN32)
|
|
||||||
#
|
|
||||||
# In Windows, file handles can not be shared between DLL-s,
|
|
||||||
# each DLL has a separate file handle table.
|
|
||||||
# For that reason reopen debug file before every debug message.
|
|
||||||
#
|
|
||||||
# Default: true
|
|
||||||
# reopen_debug_file = false;
|
|
||||||
|
|
||||||
# PKCS#15 initialization / personalization
|
|
||||||
# profiles directory for pkcs15-init.
|
|
||||||
# Default: obtained from windows registers
|
|
||||||
#
|
|
||||||
# profile_dir = "";
|
|
||||||
|
|
||||||
# Paranoid memory allocation.
|
|
||||||
#
|
|
||||||
# If set to 'true', then refuse to continue when locking of non-pageable
|
|
||||||
# memory fails. This can cause subtle failures but is more secure when
|
|
||||||
# you have a swap disk.
|
|
||||||
# Default: false
|
|
||||||
#
|
|
||||||
# paranoid_memory = false;
|
|
||||||
|
|
||||||
# Enable default card driver
|
|
||||||
# Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
|
|
||||||
#
|
|
||||||
# Default: false
|
|
||||||
# enable_default_driver = true;
|
|
||||||
|
|
||||||
# CT-API module configuration.
|
|
||||||
reader_driver ctapi {
|
|
||||||
# module @libdir@/libtowitoko.so {
|
|
||||||
# CT-API ports:
|
|
||||||
# 0..3 COM1..4
|
|
||||||
# 4 Printer
|
|
||||||
# 5 Modem
|
|
||||||
# 6..7 LPT1..2
|
|
||||||
# ports = 0;
|
|
||||||
# }
|
|
||||||
}
|
|
||||||
|
|
||||||
# The following section shows definitions for PC/SC readers.
|
|
||||||
reader_driver pcsc {
|
|
||||||
# Limit command and response sizes.
|
|
||||||
# Default: n/a
|
|
||||||
# max_send_size = 255;
|
|
||||||
# max_recv_size = 256;
|
|
||||||
#
|
|
||||||
# Connect to reader in exclusive mode?
|
|
||||||
# Default: false
|
|
||||||
# connect_exclusive = true;
|
|
||||||
#
|
|
||||||
# What to do when disconnecting from a card (SCardDisconnect)
|
|
||||||
# Valid values: leave, reset, unpower.
|
|
||||||
# Default: reset
|
|
||||||
# disconnect_action = unpower;
|
|
||||||
#
|
|
||||||
# What to do at the end of a transaction (SCardEndTransaction)
|
|
||||||
# Valid values: leave, reset, unpower.
|
|
||||||
# Default: leave
|
|
||||||
# transaction_end_action = reset;
|
|
||||||
#
|
|
||||||
# What to do when reconnection to a card (SCardReconnect)
|
|
||||||
# Valid values: leave, reset, unpower.
|
|
||||||
# Note that this affects only the internal reconnect (after a SCARD_W_RESET_CARD).
|
|
||||||
# A forced reset via sc_reset() always does a full powerup.
|
|
||||||
# Default: leave
|
|
||||||
# reconnect_action = reset;
|
|
||||||
#
|
|
||||||
# Enable pinpad if detected (PC/SC v2.0.2 Part 10)
|
|
||||||
# Default: true
|
|
||||||
# enable_pinpad = false;
|
|
||||||
#
|
|
||||||
# Use specific pcsc provider.
|
|
||||||
# Default: winscard.dll
|
|
||||||
# provider_library = winscard.dll
|
|
||||||
}
|
|
||||||
|
|
||||||
# Options for OpenCT support
|
|
||||||
reader_driver openct {
|
|
||||||
# Virtual readers to allocate.
|
|
||||||
# Default: 2
|
|
||||||
# readers = 5;
|
|
||||||
#
|
|
||||||
# Limit command and response sizes.
|
|
||||||
# Default: n/a
|
|
||||||
# max_send_size = 255;
|
|
||||||
# max_recv_size = 256;
|
|
||||||
};
|
|
||||||
|
|
||||||
# What card drivers to load at start-up
|
|
||||||
#
|
|
||||||
# A special value of 'internal' will load all
|
|
||||||
# statically linked drivers. If an unknown (ie. not
|
|
||||||
# internal) driver is supplied, a separate configuration
|
|
||||||
# configuration block has to be written for the driver.
|
|
||||||
# Default: internal
|
|
||||||
# NOTE: When "internal" keyword is used, must be last entry
|
|
||||||
#
|
|
||||||
# card_drivers = customcos, internal;
|
|
||||||
|
|
||||||
# Card driver configuration blocks.
|
|
||||||
|
|
||||||
# For card drivers loaded from an external shared library/DLL,
|
|
||||||
# you need to specify the path name of the module
|
|
||||||
#
|
|
||||||
# card_driver customcos {
|
|
||||||
# The location of the driver library
|
|
||||||
# module = @libdir@/card_customcos.so;
|
|
||||||
# }
|
|
||||||
|
|
||||||
# Force using specific card driver
|
|
||||||
#
|
|
||||||
# If this option is present, OpenSC will use the supplied
|
|
||||||
# driver with all inserted cards.
|
|
||||||
#
|
|
||||||
# Default: autodetect
|
|
||||||
#
|
|
||||||
# force_card_driver = customcos;
|
|
||||||
|
|
||||||
# In addition to the built-in list of known cards in the
|
|
||||||
# card driver, you can configure a new card for the driver
|
|
||||||
# using the card_atr block. The goal is to centralize
|
|
||||||
# everything related to a certain card to card_atr.
|
|
||||||
#
|
|
||||||
# The supported internal card driver names can be retrieved
|
|
||||||
# from the output of:
|
|
||||||
# $ opensc-tool --list-drivers
|
|
||||||
|
|
||||||
# Generic format: card_atr <hex encoded ATR (case-sensitive!)>
|
|
||||||
|
|
||||||
# New card entry for the flex card driver
|
|
||||||
# card_atr 3b:f0:0d:ca:fe {
|
|
||||||
# All parameters for the context are
|
|
||||||
# optional unless specified otherwise.
|
|
||||||
|
|
||||||
# Context: global, card driver
|
|
||||||
#
|
|
||||||
# ATR mask value
|
|
||||||
#
|
|
||||||
# The mask is logically AND'd with an
|
|
||||||
# card ATR prior to comparison with the
|
|
||||||
# ATR reference value above. Using mask
|
|
||||||
# allows identifying and configuring
|
|
||||||
# multiple ATRs as the same card model.
|
|
||||||
# atrmask = "ff:ff:ff:ff:ff";
|
|
||||||
|
|
||||||
# Context: card driver
|
|
||||||
#
|
|
||||||
# Specify used card driver (REQUIRED).
|
|
||||||
#
|
|
||||||
# When enabled, overrides all possible
|
|
||||||
# settings from the card drivers built-in
|
|
||||||
# card configuration list.
|
|
||||||
# driver = "flex";
|
|
||||||
|
|
||||||
# Set card name for card drivers that allows it.
|
|
||||||
# name = "My CryptoFlex card";
|
|
||||||
|
|
||||||
# Card type as an integer value.
|
|
||||||
#
|
|
||||||
# Depending on card driver, this allows
|
|
||||||
# tuning the behaviour of the card driver
|
|
||||||
# for your card.
|
|
||||||
# type = "2002";
|
|
||||||
|
|
||||||
# Card flags as an hex value.
|
|
||||||
# Multiple values are OR'd together.
|
|
||||||
#
|
|
||||||
# Depending on card driver, this allows
|
|
||||||
# fine-tuning the capabilities in
|
|
||||||
# the card driver for your card.
|
|
||||||
#
|
|
||||||
# Optionally, some known parameters
|
|
||||||
# can be specified as strings:
|
|
||||||
#
|
|
||||||
# rng - On-board random number source
|
|
||||||
#
|
|
||||||
# flags = "rng", "0x80000000";
|
|
||||||
|
|
||||||
# Enable pkcs11 initialization.
|
|
||||||
# Default: no
|
|
||||||
# pkcs11_enable_InitToken = yes;
|
|
||||||
|
|
||||||
#
|
|
||||||
# Context: PKCS#15 emulation layer
|
|
||||||
#
|
|
||||||
# When using PKCS#15 emulation, force
|
|
||||||
# the emulation driver for specific cards.
|
|
||||||
#
|
|
||||||
# Required for external drivers, but can
|
|
||||||
# be used with built-in drivers, too.
|
|
||||||
# pkcs15emu = "custom";
|
|
||||||
|
|
||||||
#
|
|
||||||
# Context: reader driver
|
|
||||||
#
|
|
||||||
# Force protocol selection for specific cards.
|
|
||||||
# Known parameters: t0, t1, raw
|
|
||||||
# force_protocol = "t0";
|
|
||||||
# }
|
|
||||||
|
|
||||||
# PIV cards need an entry similar to this one:
|
|
||||||
# card_atr 3B:7D:96:00:00:80:31:80:65:B0:83:11:00:AC:83:00:90:00 {
|
|
||||||
# name = "PIV-II";
|
|
||||||
# driver = "piv";
|
|
||||||
# }
|
|
||||||
|
|
||||||
# Estonian ID card and Micardo driver sometimes only play together with T=0
|
|
||||||
# In theory only the 'cold' ATR should be specified, as T=0 will
|
|
||||||
# be the preferred protocol once you boot it up with T=0, but be
|
|
||||||
# paranoid.
|
|
||||||
#
|
|
||||||
# Warm ATR v1
|
|
||||||
card_atr 3b:6e:00:ff:45:73:74:45:49:44:20:76:65:72:20:31:2e:30 {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
# Cold ATR v1
|
|
||||||
card_atr 3b:fe:94:00:ff:80:b1:fa:45:1f:03:45:73:74:45:49:44:20:76:65:72:20:31:2e:30:43 {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
# Warm ATR v2
|
|
||||||
card_atr 3b:5e:11:ff:45:73:74:45:49:44:20:76:65:72:20:31:2e:30 {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
# Cold ATR v2
|
|
||||||
card_atr 3b:de:18:ff:c0:80:b1:fe:45:1f:03:45:73:74:45:49:44:20:76:65:72:20:31:2e:30:2b {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
# Digi-ID cold ATR. The same card has the same warm ATR as "Cold ATR v1" above
|
|
||||||
# The card is claimed to only support T=0 but in fact (sometimes) works with T=1, even if not advertised in ATR.
|
|
||||||
card_atr 3b:6e:00:00:45:73:74:45:49:44:20:76:65:72:20:31:2e:30 {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
|
|
||||||
# D-Trust cards are also based on micardo and need T=0 for some reason
|
|
||||||
card_atr 3b:ff:94:00:ff:80:b1:fe:45:1f:03:00:68:d2:76:00:00:28:ff:05:1e:31:80:00:90:00:23 {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
card_atr 3b:ff:11:00:ff:80:b1:fe:45:1f:03:00:68:d2:76:00:00:28:ff:05:1e:31:80:00:90:00:a6 {
|
|
||||||
force_protocol = t0;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Oberthur's AuthentIC v3.2.2
|
|
||||||
card_atr 3B:DD:18:00:81:31:FE:45:80:F9:A0:00:00:00:77:01:00:70:0A:90:00:8B {
|
|
||||||
type = 11100;
|
|
||||||
driver = "authentic";
|
|
||||||
name = "AuthentIC v3.1";
|
|
||||||
|
|
||||||
# Name of SM configuration sub-section
|
|
||||||
# secure_messaging = local_authentic;
|
|
||||||
}
|
|
||||||
|
|
||||||
# IAS/ECC cards
|
|
||||||
card_atr 3B:7F:96:00:00:00:31:B9:64:40:70:14:10:73:94:01:80:82:90:00 {
|
|
||||||
type = 25001;
|
|
||||||
driver = "iasecc";
|
|
||||||
name = "Gemalto MultiApp IAS/ECC v1.0.1";
|
|
||||||
secure_messaging = local_gemalto_iam;
|
|
||||||
# secure_messaging = local_adele;
|
|
||||||
md_read_only = false;
|
|
||||||
md_supports_X509_enrollment = true;
|
|
||||||
}
|
|
||||||
card_atr 3B:7F:96:00:00:00:31:B8:64:40:70:14:10:73:94:01:80:82:90:00 {
|
|
||||||
type = 25001;
|
|
||||||
driver = "iasecc";
|
|
||||||
name = "Gemalto MultiApp IAS/ECC v1.0.1";
|
|
||||||
secure_messaging = local_gemalto_iam;
|
|
||||||
md_read_only = false;
|
|
||||||
md_supports_X509_enrollment = true;
|
|
||||||
}
|
|
||||||
#card_atr 3B:DD:18:00:81:31:FE:45:80:F9:A0:00:00:00:77:01:08:00:07:90:00:FE {
|
|
||||||
# type = 25002;
|
|
||||||
# driver = "iasecc";
|
|
||||||
# name = "Oberthur IAS/ECC v1.0.1";
|
|
||||||
# # No 'admin' application for this card -- no secure messaging
|
|
||||||
#}
|
|
||||||
#card_atr 3B:7F:18:00:00:00:31:B8:64:50:23:EC:C1:73:94:01:80:82:90:00 {
|
|
||||||
# type = 25003;
|
|
||||||
# driver = "iasecc";
|
|
||||||
# name = "Morpho YpsID S3 IAS/ECC";
|
|
||||||
# # secure_messaging = local_morpho_YpsID_S3;
|
|
||||||
#}
|
|
||||||
card_atr 3B:DF:18:FF:81:91:FE:1F:C3:00:31:B8:64:0C:01:EC:C1:73:94:01:80:82:90:00:B3 {
|
|
||||||
type = 25004;
|
|
||||||
driver = "iasecc";
|
|
||||||
name = "Amos IAS/ECC v1.0.1";
|
|
||||||
md_read_only = false;
|
|
||||||
md_supports_X509_enrollment = true;
|
|
||||||
secure_messaging = local_amos;
|
|
||||||
}
|
|
||||||
card_atr 3B:DC:18:FF:81:91:FE:1F:C3:80:73:C8:21:13:66:01:0B:03:52:00:05:38 {
|
|
||||||
type = 25004;
|
|
||||||
driver = "iasecc";
|
|
||||||
name = "Amos IAS/ECC v1.0.1";
|
|
||||||
md_read_only = false;
|
|
||||||
md_supports_X509_enrollment = true;
|
|
||||||
secure_messaging = local_amos_eid;
|
|
||||||
}
|
|
||||||
|
|
||||||
secure_messaging local_authentic {
|
|
||||||
# name of external SM module
|
|
||||||
# module_name = smm-local.dll;
|
|
||||||
|
|
||||||
# directory with external SM module
|
|
||||||
# Default: defined by windows register
|
|
||||||
# module_path = "";
|
|
||||||
|
|
||||||
# specific data to tune the module initialization
|
|
||||||
# module_data = "Here can be your SM module init data";
|
|
||||||
|
|
||||||
# SM mode:
|
|
||||||
# 'transmit' -- in this mode the procedure to securize an APDU is called by the OpenSC general
|
|
||||||
# APDU transmit procedure.
|
|
||||||
# In this mode all APDUs, except the ones filtered by the card specific procedure,
|
|
||||||
# are securized.
|
|
||||||
# 'acl' -- in this mode APDU are securized only if needed by the ACLs of the command to be executed.
|
|
||||||
#
|
|
||||||
#mode = transmit;
|
|
||||||
|
|
||||||
# SM type specific flags
|
|
||||||
# flags = 0x78; # 0x78 -- level 3, channel 0
|
|
||||||
|
|
||||||
# Default KMC of the GP Card Manager for the Oberthur's Java cards
|
|
||||||
# kmc = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00";
|
|
||||||
}
|
|
||||||
|
|
||||||
secure_messaging local_gemalto_iam {
|
|
||||||
module_name = smm-local.dll;
|
|
||||||
# module_path = "";
|
|
||||||
# module_data = "";
|
|
||||||
type = acl; # transmit, acl
|
|
||||||
|
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
|
||||||
|
|
||||||
# Keyset values from IAM profiles of the Gemalto IAS/ECC cards
|
|
||||||
keyset_02_enc = "RW_PRIV_ENC_TEST";
|
|
||||||
keyset_02_mac = "RW_PRIV_MAC_TEST";
|
|
||||||
|
|
||||||
keyset_E828BD080FD2504543432D654944_01_enc = "RO_ENC_TEST_KEY_";
|
|
||||||
keyset_E828BD080FD2504543432D654944_01_mac = "RO_MAC_TEST_KEY_";
|
|
||||||
|
|
||||||
keyset_E828BD080FD2504543432D654944_03_enc = "RW_PUBL_ENC_TEST";
|
|
||||||
keyset_E828BD080FD2504543432D654944_03_mac = "RW_PUBL_MAC_TEST";
|
|
||||||
}
|
|
||||||
|
|
||||||
secure_messaging local_amos {
|
|
||||||
module_name = smm-local.dll;
|
|
||||||
# module_path = "";
|
|
||||||
# module_data = "";
|
|
||||||
mode = acl;
|
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
|
||||||
keyset_02_enc = "ENCROECHANTILLON";
|
|
||||||
keyset_02_mac = "MACROECHANTILLON";
|
|
||||||
}
|
|
||||||
|
|
||||||
secure_messaging local_amos_eid {
|
|
||||||
module_name = smm-local.dll;
|
|
||||||
# module_path = "";
|
|
||||||
# module_data = "";
|
|
||||||
mode = acl;
|
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
|
||||||
keyset_E828BD080FD2504543432D654944_03_enc = "RW_PUBL_ENC_TEST";
|
|
||||||
keyset_E828BD080FD2504543432D654944_03_mac = "RW_PUBL_MAC_TEST";
|
|
||||||
}
|
|
||||||
|
|
||||||
secure_messaging local_adele {
|
|
||||||
module_name = smm-local.dll;
|
|
||||||
# module_path = "";
|
|
||||||
# module_data = "";
|
|
||||||
type = acl; # transmit, acl
|
|
||||||
|
|
||||||
ifd_serial = "11:22:33:44:55:66:77:88";
|
|
||||||
|
|
||||||
# Keyset values from 'Adele' profiles of the IAS/ECC cards
|
|
||||||
keyset_01_enc = "EMENCECHANTILLON";
|
|
||||||
keyset_01_mac = "EMMACECHANTILLON";
|
|
||||||
|
|
||||||
keyset_02_enc = "AAENCECHANTILLON";
|
|
||||||
keyset_02_mac = "AAMACECHANTILLON";
|
|
||||||
|
|
||||||
keyset_E828BD080FD2500000040301_02_enc = "E2ENCECHANTILLON";
|
|
||||||
keyset_E828BD080FD2500000040301_02_mac = "E2MACECHANTILLON";
|
|
||||||
|
|
||||||
keyset_D2500000044164E86C650101_02_enc = "E1ENCECHANTILLON";
|
|
||||||
keyset_D2500000044164E86C650101_02_mac = "E1MACECHANTILLON";
|
|
||||||
|
|
||||||
keyset_D2500000044164E86C650101_03_enc = "SIENCECHANTILLON";
|
|
||||||
keyset_D2500000044164E86C650101_03_mac = "SIMACECHANTILLON";
|
|
||||||
}
|
|
||||||
|
|
||||||
# Below are the framework specific configuration blocks.
|
|
||||||
|
|
||||||
# PKCS #15
|
|
||||||
framework pkcs15 {
|
|
||||||
# Whether to use the cache files in the user's
|
|
||||||
# home directory.
|
|
||||||
#
|
|
||||||
# At the moment you have to 'teach' the card
|
|
||||||
# to the system by running command: pkcs15-tool -L
|
|
||||||
#
|
|
||||||
# WARNING: Caching shouldn't be used in setuid root
|
|
||||||
# applications.
|
|
||||||
# Default: false
|
|
||||||
# use_file_caching = true;
|
|
||||||
#
|
|
||||||
# Use PIN caching?
|
|
||||||
# Default: true
|
|
||||||
# use_pin_caching = false;
|
|
||||||
#
|
|
||||||
# How many times to use a PIN from cache before re-authenticating it?
|
|
||||||
# Default: 10
|
|
||||||
# pin_cache_counter = 3;
|
|
||||||
#
|
|
||||||
# Older PKCS#11 applications not supporting CKA_ALWAYS_AUTHENTICATE
|
|
||||||
# may need to set this to get signatures to work with some cards.
|
|
||||||
# Default: false
|
|
||||||
# pin_cache_ignore_user_consent = true;
|
|
||||||
#
|
|
||||||
# Enable pkcs15 emulation.
|
|
||||||
# Default: yes
|
|
||||||
# enable_pkcs15_emulation = no;
|
|
||||||
#
|
|
||||||
# Prefer pkcs15 emulation code before
|
|
||||||
# the normal pkcs15 processing.
|
|
||||||
# Some cards (like esteid and pteid) work in emu-only mode,
|
|
||||||
# and do not depend on this option.
|
|
||||||
#
|
|
||||||
# Default: no
|
|
||||||
# try_emulation_first = yes;
|
|
||||||
|
|
||||||
# Enable builtin emulators.
|
|
||||||
# Default: yes
|
|
||||||
# enable_builtin_emulation = no;
|
|
||||||
#
|
|
||||||
# List of the builtin pkcs15 emulators to test
|
|
||||||
# Default: esteid, openpgp, tcos, starcert, itacns, infocamere, postecert, actalis, atrust-acos, gemsafeGPK, gemsafeV1, tccardos, PIV-II;
|
|
||||||
# builtin_emulators = openpgp;
|
|
||||||
|
|
||||||
# additional settings per driver
|
|
||||||
#
|
|
||||||
# For pkcs15 emulators loaded from an external shared
|
|
||||||
# library/DLL, you need to specify the path name of the module
|
|
||||||
# and customize the card_atr example above correctly.
|
|
||||||
#
|
|
||||||
# emulate custom {
|
|
||||||
# The location of the driver library
|
|
||||||
# module = p15emu_custom.dll;
|
|
||||||
# }
|
|
||||||
|
|
||||||
# some additional application parameters:
|
|
||||||
# - type (generic, protected) used to distinguish the common access application
|
|
||||||
# and application for which authentication to perform some operation cannot be
|
|
||||||
# obtained with the common procedures (ex. object creation protected by secure messaging).
|
|
||||||
# Used by PKCS#11 module configurated to expose restricted number of slots.
|
|
||||||
# (for ex. configurated to expose only User PIN slot, User and Sign PINs slots, ...)
|
|
||||||
application E828BD080FD25047656E65726963 {
|
|
||||||
type = generic;
|
|
||||||
model = "ECC Generic PKI";
|
|
||||||
}
|
|
||||||
|
|
||||||
application E828BD080FD2500000040301 {
|
|
||||||
type = generic;
|
|
||||||
model = "Adèle Générique";
|
|
||||||
}
|
|
||||||
|
|
||||||
application E828BD080FD2504543432D654944 {
|
|
||||||
type = protected;
|
|
||||||
model = "ECC eID";
|
|
||||||
}
|
|
||||||
|
|
||||||
application E828BD080FD2500000040201 {
|
|
||||||
type = protected;
|
|
||||||
model = "Adèle Admin-2";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Parameters for the OpenSC PKCS11 module
|
|
||||||
app opensc-pkcs11 {
|
|
||||||
pkcs11 {
|
|
||||||
# Should the module support hotplug of readers as per PKCS#11 v2.20?
|
|
||||||
# This affects slot changes and PC/SC PnP, as v2.11 applications
|
|
||||||
# are not allowed to change the length of the slot list.
|
|
||||||
# Default: true
|
|
||||||
# plug_and_play = false;
|
|
||||||
|
|
||||||
# Maximum Number of virtual slots.
|
|
||||||
# If there are more slots than defined here,
|
|
||||||
# the remaining slots will be hidden from PKCS#11.
|
|
||||||
# Default: 16
|
|
||||||
# max_virtual_slots = 32;
|
|
||||||
|
|
||||||
# Maximum number of slots per smart card.
|
|
||||||
# If the card has fewer keys than defined here,
|
|
||||||
# the remaining number of slots will be empty.
|
|
||||||
# Default: 4
|
|
||||||
# slots_per_card = 2;
|
|
||||||
|
|
||||||
# (max_virtual_slots/slots_per_card) limits the number of readers
|
|
||||||
# that can be used on the system. Default is then 16/4=4 readers.
|
|
||||||
|
|
||||||
# Normally, the pkcs11 module will create
|
|
||||||
# the full number of slots defined above by
|
|
||||||
# num_slots. If there are fewer pins/keys on
|
|
||||||
# the card, the remaining keys will be empty
|
|
||||||
# (and you will be able to create new objects
|
|
||||||
# within them).
|
|
||||||
# Default: true
|
|
||||||
# hide_empty_tokens = false;
|
|
||||||
|
|
||||||
# By default, the OpenSC PKCS#11 module will not lock your card
|
|
||||||
# once you authenticate to the card via C_Login.
|
|
||||||
#
|
|
||||||
# Thus the other users or other applications is not prevented
|
|
||||||
# from connecting to the card and perform crypto operations
|
|
||||||
# (which may be possible because you have already authenticated
|
|
||||||
# with the card). This setting is not very secure.
|
|
||||||
#
|
|
||||||
# Also, if your card is not locked, you can enconter problems
|
|
||||||
# due to limitation of the OpenSC framework, that still is not
|
|
||||||
# thoroughly tested in the multi threads environment.
|
|
||||||
#
|
|
||||||
# Your settings will be more secure if you choose to lock your
|
|
||||||
# card. Nevertheless this behavior is a known violation of PKCS#11
|
|
||||||
# specification. Now once one application has started using your
|
|
||||||
# card with C_Login, no other application can use it, until
|
|
||||||
# the first is done and calls C_Logout or C_Finalize. In the case
|
|
||||||
# of many PKCS#11 application this does not happen until you exit
|
|
||||||
# the application.
|
|
||||||
# Thus it is impossible to use several smart card aware applications
|
|
||||||
# at the same time, e.g. you cannot run both Firefox and Thunderbird at
|
|
||||||
# the same time, if both are configured to use your smart card.
|
|
||||||
#
|
|
||||||
# Default: false
|
|
||||||
# lock_login = true;
|
|
||||||
|
|
||||||
# User PIN unblock style
|
|
||||||
# none: PIN unblock is not possible with PKCS#11 API;
|
|
||||||
# set_pin_in_unlogged_session: C_SetPIN() in unlogged session:
|
|
||||||
# PUK is passed as the 'OldPin' argument of the C_SetPIN() call.
|
|
||||||
# set_pin_in_specific_context: C_SetPIN() in the CKU_SPECIFIC_CONTEXT logged session:
|
|
||||||
# PUK is passed as the 'OldPin' argument of the C_SetPIN() call.
|
|
||||||
# init_pin_in_so_session: C_InitPIN() in CKU_SO logged session:
|
|
||||||
# User PIN 'UNBLOCK' is protected by SOPIN. (PUK == SOPIN).
|
|
||||||
# # Actually this style works only for the PKCS15 contents without SOPIN.
|
|
||||||
# # For those with SOPIN, this mode will be usefull for the cards without
|
|
||||||
# # modes 00 and 01 of ISO command 'RESET RETRY COUNTER'. --vt
|
|
||||||
#
|
|
||||||
# Default: none
|
|
||||||
# user_pin_unblock_style = set_pin_in_unlogged_session;
|
|
||||||
|
|
||||||
# Create slot for unblocking PIN with PUK
|
|
||||||
# This way PKCS#11 API can be used to login with PUK and
|
|
||||||
# change a PIN.
|
|
||||||
# Warning: causes problems with some applications like
|
|
||||||
# firefox and thunderbird. Thus turned off by default
|
|
||||||
#
|
|
||||||
# Default: false
|
|
||||||
# create_puk_slot = true;
|
|
||||||
|
|
||||||
# Report as 'zero' the CKA_ID attribute of CA certificate
|
|
||||||
# For the unknown reason the middleware of the manufacturer of gemalto (axalto, gemplus)
|
|
||||||
# card reports as '0' the CKA_ID of CA cartificates.
|
|
||||||
# Maybe someone else will need it. (Would be nice to know who and what for -- VTA)
|
|
||||||
#
|
|
||||||
# Default: false
|
|
||||||
# zero_ckaid_for_ca_certs = true;
|
|
||||||
|
|
||||||
# List of readers to ignore
|
|
||||||
# If any of the strings listed below is matched (case sensitive) in a reader name,
|
|
||||||
# the reader is ignored by the PKCS#11 module.
|
|
||||||
#
|
|
||||||
# Default: empty
|
|
||||||
# ignored_readers = "CardMan 1021", "SPR 532";
|
|
||||||
|
|
||||||
# Symbolic names of PINs for which slots are created
|
|
||||||
# Card can contain more then one PINs or more then one on-card application with
|
|
||||||
# its own PINs. Normally, to access all of them with the PKCS#11 API a slot has to be
|
|
||||||
# created for all of them. Many slots could be ennoying for some of widely used application,
|
|
||||||
# like FireFox. This configuration parameter allows to select the PINs or on-card application
|
|
||||||
# for which PKCS#11 slot will be created.
|
|
||||||
# Actually recognised following symbolic names:
|
|
||||||
# 'user', 'sign', 'application', all
|
|
||||||
# Only PINs initialised, non-SoPIN, non-unblocking are associated with symbolic name.
|
|
||||||
# 'user' is identified as first global or first local PIN.
|
|
||||||
# 'sign' is identified as second PIN: first local, second global or second local.
|
|
||||||
# 'application' slot created for each on-card application,
|
|
||||||
# even if they use a common global PIN.
|
|
||||||
# 'all' slot created for all non-sopin, non-unblocking PINs,
|
|
||||||
# optionally for PUK (see option 'create_puk_slot')
|
|
||||||
#
|
|
||||||
# Default: all
|
|
||||||
# create_slots_for_pins = "user,sign";
|
|
||||||
# create_slots_for_pins = application;
|
|
||||||
# create_slots_for_pins = "application,sign";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Used by OpenSC.tokend on Mac OS X only.
|
|
||||||
app tokend {
|
|
||||||
# The file to which debug log will be written
|
|
||||||
# Default: /tmp/opensc-tokend.log
|
|
||||||
#
|
|
||||||
# debug_file = /Library/Logs/OpenSC.tokend.log
|
|
||||||
|
|
||||||
framework tokend {
|
|
||||||
# Score for OpenSC.tokend
|
|
||||||
# The tokend with the highest score shall be used.
|
|
||||||
# Default: 300
|
|
||||||
#
|
|
||||||
# score = 10;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# XXX: remove cardmod pseudodriver
|
|
||||||
app cardmod {
|
|
||||||
# cardmod app name use special pcsc reader subset
|
|
||||||
# fix options for this reader driver here.
|
|
||||||
|
|
||||||
reader_driver cardmod {
|
|
||||||
# Enable pinpad if detected (PC/SC v2.0.2 Part 10)
|
|
||||||
# Default: true
|
|
||||||
# enable_pinpad = false;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -8,4 +8,3 @@ SUBDIRS = common scconf pkcs15init libopensc pkcs11 \
|
||||||
if ENABLE_SM
|
if ENABLE_SM
|
||||||
SUBDIRS += libsm smm
|
SUBDIRS += libsm smm
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* Convenience pkcs11 library that can be linked into an application,
|
* Convenience pkcs11 library that can be linked into an application,
|
||||||
* and will bind to a specific pkcs11 module.
|
* and will bind to a specific pkcs11 module.
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#if HAVE_CONFIG_H
|
#if HAVE_CONFIG_H
|
||||||
|
|
|
@ -47,4 +47,4 @@ opensc.dll: $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\common\libsc
|
||||||
if EXIST opensc.dll.manifest mt -manifest opensc.dll.manifest -outputresource:opensc.dll;2
|
if EXIST opensc.dll.manifest mt -manifest opensc.dll.manifest -outputresource:opensc.dll;2
|
||||||
|
|
||||||
opensc_a.lib: $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\common\libscdl.lib ..\pkcs15init\pkcs15init.lib
|
opensc_a.lib: $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\common\libscdl.lib ..\pkcs15init\pkcs15init.lib
|
||||||
lib $(LIBFLAGS) /out:opensc_a.lib $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\common\libscdl.lib ..\pkcs15init\pkcs15init.lib $(ZLIB_LIB) user32.lib ws2_32.lib
|
lib $(LIBFLAGS) /out:opensc_a.lib $(OBJECTS) ..\scconf\scconf.lib ..\common\common.lib ..\common\libscdl.lib ..\pkcs15init\pkcs15init.lib $(ZLIB_LIB) user32.lib advapi32.lib ws2_32.lib
|
||||||
|
|
|
@ -1854,6 +1854,17 @@ sc_asn1_sig_value_rs_to_sequence(struct sc_context *ctx, unsigned char *in, size
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
LOG_FUNC_CALLED(ctx);
|
LOG_FUNC_CALLED(ctx);
|
||||||
|
|
||||||
|
/* R/S are filled up with zeroes, we do not want that in sequence format */
|
||||||
|
while(r_len > 1 && *r == 0x00) {
|
||||||
|
r++;
|
||||||
|
r_len--;
|
||||||
|
}
|
||||||
|
while(s_len > 1 && *s == 0x00) {
|
||||||
|
s++;
|
||||||
|
s_len--;
|
||||||
|
}
|
||||||
|
|
||||||
sc_copy_asn1_entry(c_asn1_sig_value, asn1_sig_value);
|
sc_copy_asn1_entry(c_asn1_sig_value, asn1_sig_value);
|
||||||
sc_format_asn1_entry(asn1_sig_value + 0, asn1_sig_value_coefficients, NULL, 1);
|
sc_format_asn1_entry(asn1_sig_value + 0, asn1_sig_value_coefficients, NULL, 1);
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* card-gpk: Driver for GPK 4000 cards
|
* card-gpk: Driver for GPK 4000 cards
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -3571,4 +3571,15 @@ sc_get_iasecc_driver(void)
|
||||||
return sc_get_driver();
|
return sc_get_driver();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#else
|
||||||
|
|
||||||
|
/* we need to define the functions below to export them */
|
||||||
|
#include "errors.h"
|
||||||
|
|
||||||
|
int
|
||||||
|
iasecc_se_get_info()
|
||||||
|
{
|
||||||
|
return SC_ERROR_NOT_SUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* ENABLE_OPENSSL */
|
#endif /* ENABLE_OPENSSL */
|
||||||
|
|
|
@ -1700,7 +1700,7 @@ pgp_update_new_algo_attr(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_
|
||||||
}
|
}
|
||||||
/* To generate key with new key size */
|
/* To generate key with new key size */
|
||||||
else if (old_modulus_len != key_info->modulus_len) {
|
else if (old_modulus_len != key_info->modulus_len) {
|
||||||
algo_blob->data[1] = (unsigned char)key_info->modulus_len >> 8;
|
algo_blob->data[1] = (unsigned char)(key_info->modulus_len >> 8);
|
||||||
algo_blob->data[2] = (unsigned char)key_info->modulus_len;
|
algo_blob->data[2] = (unsigned char)key_info->modulus_len;
|
||||||
changed = 1;
|
changed = 1;
|
||||||
}
|
}
|
||||||
|
@ -1711,7 +1711,7 @@ pgp_update_new_algo_attr(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_
|
||||||
key_info->exponent_len = old_exponent_len;
|
key_info->exponent_len = old_exponent_len;
|
||||||
}
|
}
|
||||||
else if (old_exponent_len != key_info->exponent_len) {
|
else if (old_exponent_len != key_info->exponent_len) {
|
||||||
algo_blob->data[3] = (unsigned char)key_info->exponent_len >> 8;
|
algo_blob->data[3] = (unsigned char)(key_info->exponent_len >> 8);
|
||||||
algo_blob->data[4] = (unsigned char)key_info->exponent_len;
|
algo_blob->data[4] = (unsigned char)key_info->exponent_len;
|
||||||
changed = 1;
|
changed = 1;
|
||||||
}
|
}
|
||||||
|
|
|
@ -723,9 +723,6 @@ static int piv_find_aid(sc_card_t * card, sc_file_t *aid_file)
|
||||||
* that we know about.
|
* that we know about.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (card->type == SC_CARD_TYPE_PIV_II_GENERIC)
|
|
||||||
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, 0);
|
|
||||||
|
|
||||||
r = piv_select_aid(card, piv_aids[0].value, piv_aids[0].len_short, rbuf, &resplen);
|
r = piv_select_aid(card, piv_aids[0].value, piv_aids[0].len_short, rbuf, &resplen);
|
||||||
if (r >= 0 && resplen > 2 ) {
|
if (r >= 0 && resplen > 2 ) {
|
||||||
tag = sc_asn1_find_tag(card->ctx, rbuf, resplen, 0x61, &taglen);
|
tag = sc_asn1_find_tag(card->ctx, rbuf, resplen, 0x61, &taglen);
|
||||||
|
|
|
@ -85,10 +85,6 @@ static int sc_hsm_select_file(sc_card_t *card,
|
||||||
sc_file_t *file = NULL;
|
sc_file_t *file = NULL;
|
||||||
|
|
||||||
if (file_out == NULL) { // Versions before 0.16 of the SmartCard-HSM do not support P2='0C'
|
if (file_out == NULL) { // Versions before 0.16 of the SmartCard-HSM do not support P2='0C'
|
||||||
if (!in_path->len && in_path->aid.len) {
|
|
||||||
sc_log(card->ctx, "Preventing reselection of applet which would clear the security state");
|
|
||||||
return SC_SUCCESS;
|
|
||||||
}
|
|
||||||
rv = sc_hsm_select_file(card, in_path, &file);
|
rv = sc_hsm_select_file(card, in_path, &file);
|
||||||
if (file != NULL) {
|
if (file != NULL) {
|
||||||
sc_file_free(file);
|
sc_file_free(file);
|
||||||
|
|
|
@ -402,6 +402,7 @@ static int tcos_select_file(sc_card_t *card,
|
||||||
|
|
||||||
file = sc_file_new();
|
file = sc_file_new();
|
||||||
if (file == NULL) SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
|
if (file == NULL) SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
|
||||||
|
*file_out = file;
|
||||||
file->path = *in_path;
|
file->path = *in_path;
|
||||||
|
|
||||||
for(i=2; i+1<apdu.resplen && i+1+apdu.resp[i+1]<apdu.resplen; i+=2+apdu.resp[i+1]){
|
for(i=2; i+1<apdu.resplen && i+1+apdu.resp[i+1]<apdu.resplen; i+=2+apdu.resp[i+1]){
|
||||||
|
@ -440,7 +441,6 @@ static int tcos_select_file(sc_card_t *card,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file->magic = SC_FILE_MAGIC;
|
file->magic = SC_FILE_MAGIC;
|
||||||
*file_out = file;
|
|
||||||
|
|
||||||
parse_sec_attr(card, file, file->sec_attr, file->sec_attr_len);
|
parse_sec_attr(card, file, file->sec_attr, file->sec_attr_len);
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* ctbcs.c: Extended CTBCS commands, used for pcsc and ct-api readers
|
* ctbcs.c: Extended CTBCS commands, used for pcsc and ct-api readers
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@ -71,7 +71,7 @@ ctbcs_build_perform_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *d
|
||||||
/* card apdu must be last in packet */
|
/* card apdu must be last in packet */
|
||||||
if (!data->apdu)
|
if (!data->apdu)
|
||||||
return SC_ERROR_INTERNAL;
|
return SC_ERROR_INTERNAL;
|
||||||
if (count + 7 > buflen)
|
if (count + 8 > buflen)
|
||||||
return SC_ERROR_BUFFER_TOO_SMALL;
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||||
|
|
||||||
j = count;
|
j = count;
|
||||||
|
@ -95,12 +95,14 @@ ctbcs_build_perform_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *d
|
||||||
|
|
||||||
if (data->flags & SC_PIN_CMD_NEED_PADDING) {
|
if (data->flags & SC_PIN_CMD_NEED_PADDING) {
|
||||||
len = data->pin1.pad_length;
|
len = data->pin1.pad_length;
|
||||||
if (j + len > buflen || len > 256)
|
if (1 + j + len > buflen || len > 256)
|
||||||
return SC_ERROR_BUFFER_TOO_SMALL;
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||||
buf[j++] = len;
|
buf[j++] = len;
|
||||||
memset(buf+j, data->pin1.pad_char, len);
|
memset(buf+j, data->pin1.pad_char, len);
|
||||||
j += len;
|
j += len;
|
||||||
}
|
}
|
||||||
|
if (count + 1 > buflen)
|
||||||
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||||
buf[count+1] = j - count - 2;
|
buf[count+1] = j - count - 2;
|
||||||
count = j;
|
count = j;
|
||||||
|
|
||||||
|
@ -168,7 +170,7 @@ ctbcs_build_modify_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *da
|
||||||
|
|
||||||
if (data->flags & SC_PIN_CMD_NEED_PADDING) {
|
if (data->flags & SC_PIN_CMD_NEED_PADDING) {
|
||||||
len = data->pin1.pad_length + data->pin2.pad_length;
|
len = data->pin1.pad_length + data->pin2.pad_length;
|
||||||
if (j + len > buflen || len > 256)
|
if (1 + j + len > buflen || len > 256)
|
||||||
return SC_ERROR_BUFFER_TOO_SMALL;
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||||
buf[j++] = len;
|
buf[j++] = len;
|
||||||
memset(buf+j, data->pin1.pad_char, len);
|
memset(buf+j, data->pin1.pad_char, len);
|
||||||
|
|
|
@ -1466,17 +1466,21 @@ int cwa_encode_apdu(sc_card_t * card,
|
||||||
/* reserve extra bytes for padding and tlv header */
|
/* reserve extra bytes for padding and tlv header */
|
||||||
msgbuf = calloc(12 + from->lc, sizeof(u8)); /* to encrypt apdu data */
|
msgbuf = calloc(12 + from->lc, sizeof(u8)); /* to encrypt apdu data */
|
||||||
cryptbuf = calloc(12 + from->lc, sizeof(u8));
|
cryptbuf = calloc(12 + from->lc, sizeof(u8));
|
||||||
if (!msgbuf || !cryptbuf)
|
if (!msgbuf || !cryptbuf) {
|
||||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
res = SC_ERROR_OUT_OF_MEMORY;
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
/* check if APDU is already encoded */
|
/* check if APDU is already encoded */
|
||||||
if ((from->cla & 0x0C) != 0) {
|
if ((from->cla & 0x0C) != 0) {
|
||||||
memcpy(to, from, sizeof(sc_apdu_t));
|
memcpy(to, from, sizeof(sc_apdu_t));
|
||||||
return SC_SUCCESS; /* already encoded */
|
res = SC_SUCCESS; /* already encoded */
|
||||||
|
goto encode_end;
|
||||||
}
|
}
|
||||||
if (from->ins == 0xC0) {
|
if (from->ins == 0xC0) {
|
||||||
memcpy(to, from, sizeof(sc_apdu_t));
|
memcpy(to, from, sizeof(sc_apdu_t));
|
||||||
return SC_SUCCESS; /* dont encode GET Response cmd */
|
res = SC_SUCCESS; /* dont encode GET Response cmd */
|
||||||
|
goto encode_end;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* call provider pre-operation method */
|
/* call provider pre-operation method */
|
||||||
|
@ -1500,8 +1504,10 @@ int cwa_encode_apdu(sc_card_t * card,
|
||||||
ccbuf =
|
ccbuf =
|
||||||
calloc(MAX(SC_MAX_APDU_BUFFER_SIZE, 20 + from->datalen),
|
calloc(MAX(SC_MAX_APDU_BUFFER_SIZE, 20 + from->datalen),
|
||||||
sizeof(u8));
|
sizeof(u8));
|
||||||
if (!apdubuf || !ccbuf)
|
if (!apdubuf || !ccbuf) {
|
||||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
res = SC_ERROR_OUT_OF_MEMORY;
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
/* set up data on destination apdu */
|
/* set up data on destination apdu */
|
||||||
to->cse = SC_APDU_CASE_3_SHORT;
|
to->cse = SC_APDU_CASE_3_SHORT;
|
||||||
|
@ -1615,6 +1621,7 @@ int cwa_encode_apdu(sc_card_t * card,
|
||||||
res = SC_SUCCESS;
|
res = SC_SUCCESS;
|
||||||
goto encode_end_apdu_valid;
|
goto encode_end_apdu_valid;
|
||||||
|
|
||||||
|
err:
|
||||||
encode_end:
|
encode_end:
|
||||||
if (apdubuf)
|
if (apdubuf)
|
||||||
free(apdubuf);
|
free(apdubuf);
|
||||||
|
|
|
@ -764,15 +764,14 @@ iasecc_sdo_allocate_and_parse(struct sc_card *card, unsigned char *data, size_t
|
||||||
sdo = calloc(1, sizeof(struct iasecc_sdo));
|
sdo = calloc(1, sizeof(struct iasecc_sdo));
|
||||||
if (!sdo)
|
if (!sdo)
|
||||||
return SC_ERROR_OUT_OF_MEMORY;
|
return SC_ERROR_OUT_OF_MEMORY;
|
||||||
|
*out = sdo;
|
||||||
|
|
||||||
sdo->sdo_class = *(data + 1) & 0x7F;
|
sdo->sdo_class = *(data + 1) & 0x7F;
|
||||||
sdo->sdo_ref = *(data + 2) & 0x3F;
|
sdo->sdo_ref = *(data + 2) & 0x3F;
|
||||||
|
|
||||||
sc_log(ctx, "sdo_class 0x%X, sdo_ref 0x%X", sdo->sdo_class, sdo->sdo_ref);
|
sc_log(ctx, "sdo_class 0x%X, sdo_ref 0x%X", sdo->sdo_class, sdo->sdo_ref);
|
||||||
if (data_len == 3) {
|
if (data_len == 3)
|
||||||
*out = sdo;
|
|
||||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||||
}
|
|
||||||
|
|
||||||
size_size = iasecc_parse_size(data + 3, &size);
|
size_size = iasecc_parse_size(data + 3, &size);
|
||||||
LOG_TEST_RET(ctx, size_size, "parse error: invalid size data");
|
LOG_TEST_RET(ctx, size_size, "parse error: invalid size data");
|
||||||
|
@ -795,8 +794,6 @@ iasecc_sdo_allocate_and_parse(struct sc_card *card, unsigned char *data, size_t
|
||||||
|
|
||||||
sc_log(ctx, "docp.acls_contact.size %i; docp.size.size %i", sdo->docp.acls_contact.size, sdo->docp.size.size);
|
sc_log(ctx, "docp.acls_contact.size %i; docp.size.size %i", sdo->docp.acls_contact.size, sdo->docp.size.size);
|
||||||
|
|
||||||
*out = sdo;
|
|
||||||
|
|
||||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1299,4 +1296,10 @@ iasecc_sdo_encode_update_field()
|
||||||
return SC_ERROR_NOT_SUPPORTED;
|
return SC_ERROR_NOT_SUPPORTED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
iasecc_se_get_crt()
|
||||||
|
{
|
||||||
|
return SC_ERROR_NOT_SUPPORTED;
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* ENABLE_OPENSSL */
|
#endif /* ENABLE_OPENSSL */
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* pkc15-algo.c: ASN.1 handling for algorithm IDs and parameters
|
* pkc15-algo.c: ASN.1 handling for algorithm IDs and parameters
|
||||||
*
|
*
|
||||||
* Copyright (C) 2001, 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2001, 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -157,7 +157,7 @@ int sc_pkcs15_encode_dodf_entry(sc_context_t *ctx,
|
||||||
size_t label_len;
|
size_t label_len;
|
||||||
|
|
||||||
info = (struct sc_pkcs15_data_info *) obj->data;
|
info = (struct sc_pkcs15_data_info *) obj->data;
|
||||||
label_len = strlen(info->app_label);
|
label_len = strnlen(info->app_label, sizeof info->app_label);
|
||||||
|
|
||||||
sc_copy_asn1_entry(c_asn1_com_data_attr, asn1_com_data_attr);
|
sc_copy_asn1_entry(c_asn1_com_data_attr, asn1_com_data_attr);
|
||||||
sc_copy_asn1_entry(c_asn1_type_data_attr, asn1_type_data_attr);
|
sc_copy_asn1_entry(c_asn1_type_data_attr, asn1_type_data_attr);
|
||||||
|
|
|
@ -358,7 +358,7 @@ int sc_pkcs15_verify_pin(struct sc_pkcs15_card *p15card,
|
||||||
LOG_TEST_RET(ctx, r, "sc_lock() failed");
|
LOG_TEST_RET(ctx, r, "sc_lock() failed");
|
||||||
|
|
||||||
/* the path in the pin object is optional */
|
/* the path in the pin object is optional */
|
||||||
if (auth_info->path.len > 0) {
|
if ((auth_info->path.len > 0) || ((auth_info->path.aid.len > 0))) {
|
||||||
r = sc_select_file(card, &auth_info->path, NULL);
|
r = sc_select_file(card, &auth_info->path, NULL);
|
||||||
if (r)
|
if (r)
|
||||||
goto out;
|
goto out;
|
||||||
|
@ -402,7 +402,7 @@ int sc_pkcs15_change_pin(struct sc_pkcs15_card *p15card,
|
||||||
r = sc_lock(card);
|
r = sc_lock(card);
|
||||||
LOG_TEST_RET(ctx, r, "sc_lock() failed");
|
LOG_TEST_RET(ctx, r, "sc_lock() failed");
|
||||||
/* the path in the pin object is optional */
|
/* the path in the pin object is optional */
|
||||||
if (auth_info->path.len > 0) {
|
if ((auth_info->path.len > 0) || ((auth_info->path.aid.len > 0))) {
|
||||||
r = sc_select_file(card, &auth_info->path, NULL);
|
r = sc_select_file(card, &auth_info->path, NULL);
|
||||||
if (r)
|
if (r)
|
||||||
goto out;
|
goto out;
|
||||||
|
@ -509,7 +509,7 @@ int sc_pkcs15_unblock_pin(struct sc_pkcs15_card *p15card,
|
||||||
LOG_TEST_RET(ctx, r, "sc_lock() failed");
|
LOG_TEST_RET(ctx, r, "sc_lock() failed");
|
||||||
|
|
||||||
/* the path in the pin object is optional */
|
/* the path in the pin object is optional */
|
||||||
if (auth_info->path.len > 0) {
|
if ((auth_info->path.len > 0) || ((auth_info->path.aid.len > 0))) {
|
||||||
r = sc_select_file(card, &auth_info->path, NULL);
|
r = sc_select_file(card, &auth_info->path, NULL);
|
||||||
if (r)
|
if (r)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
|
@ -298,10 +298,10 @@ int sc_pkcs15emu_sc_hsm_encode_cvc(sc_pkcs15_card_t * p15card,
|
||||||
}
|
}
|
||||||
|
|
||||||
sc_format_asn1_entry(asn1_cvc_body , &cvc->cpi, NULL, 1);
|
sc_format_asn1_entry(asn1_cvc_body , &cvc->cpi, NULL, 1);
|
||||||
lencar = strlen(cvc->car);
|
lencar = strnlen(cvc->car, sizeof cvc->car);
|
||||||
sc_format_asn1_entry(asn1_cvc_body + 1, &cvc->car, &lencar, 1);
|
sc_format_asn1_entry(asn1_cvc_body + 1, &cvc->car, &lencar, 1);
|
||||||
sc_format_asn1_entry(asn1_cvc_body + 2, &asn1_cvc_pubkey, NULL, 1);
|
sc_format_asn1_entry(asn1_cvc_body + 2, &asn1_cvc_pubkey, NULL, 1);
|
||||||
lenchr = strlen(cvc->chr);
|
lenchr = strnlen(cvc->chr, sizeof cvc->chr);
|
||||||
sc_format_asn1_entry(asn1_cvc_body + 3, &cvc->chr, &lenchr, 1);
|
sc_format_asn1_entry(asn1_cvc_body + 3, &cvc->chr, &lenchr, 1);
|
||||||
|
|
||||||
sc_format_asn1_entry(asn1_cvcert , &asn1_cvc_body, NULL, 1);
|
sc_format_asn1_entry(asn1_cvcert , &asn1_cvc_body, NULL, 1);
|
||||||
|
@ -846,7 +846,7 @@ static int sc_pkcs15emu_sc_hsm_init (sc_pkcs15_card_t * p15card)
|
||||||
if (appinfo->label == NULL)
|
if (appinfo->label == NULL)
|
||||||
LOG_FUNC_RETURN(card->ctx, SC_ERROR_OUT_OF_MEMORY);
|
LOG_FUNC_RETURN(card->ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||||
|
|
||||||
len = strlen(devcert.chr); /* Strip last 5 digit sequence number from CHR */
|
len = strnlen(devcert.chr, sizeof devcert.chr); /* Strip last 5 digit sequence number from CHR */
|
||||||
assert(len >= 8);
|
assert(len >= 8);
|
||||||
len -= 5;
|
len -= 5;
|
||||||
|
|
||||||
|
@ -866,9 +866,10 @@ static int sc_pkcs15emu_sc_hsm_init (sc_pkcs15_card_t * p15card)
|
||||||
|
|
||||||
pin_info.auth_id.len = 1;
|
pin_info.auth_id.len = 1;
|
||||||
pin_info.auth_id.value[0] = 1;
|
pin_info.auth_id.value[0] = 1;
|
||||||
|
pin_info.path.aid = sc_hsm_aid;
|
||||||
pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
|
pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
|
||||||
pin_info.attrs.pin.reference = 0x81;
|
pin_info.attrs.pin.reference = 0x81;
|
||||||
pin_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_LOCAL|SC_PKCS15_PIN_FLAG_INITIALIZED|SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED|SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA;
|
pin_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_LOCAL|SC_PKCS15_PIN_FLAG_INITIALIZED|SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA;
|
||||||
pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC;
|
pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC;
|
||||||
pin_info.attrs.pin.min_length = 6;
|
pin_info.attrs.pin.min_length = 6;
|
||||||
pin_info.attrs.pin.stored_length = 0;
|
pin_info.attrs.pin.stored_length = 0;
|
||||||
|
@ -890,16 +891,17 @@ static int sc_pkcs15emu_sc_hsm_init (sc_pkcs15_card_t * p15card)
|
||||||
|
|
||||||
pin_info.auth_id.len = 1;
|
pin_info.auth_id.len = 1;
|
||||||
pin_info.auth_id.value[0] = 2;
|
pin_info.auth_id.value[0] = 2;
|
||||||
|
pin_info.path.aid = sc_hsm_aid;
|
||||||
pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
|
pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
|
||||||
pin_info.attrs.pin.reference = 0x88;
|
pin_info.attrs.pin.reference = 0x88;
|
||||||
pin_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_LOCAL|SC_PKCS15_PIN_FLAG_CHANGE_DISABLED|SC_PKCS15_PIN_FLAG_INITIALIZED|SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED|SC_PKCS15_PIN_FLAG_SO_PIN;
|
pin_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_LOCAL|SC_PKCS15_PIN_FLAG_INITIALIZED|SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED|SC_PKCS15_PIN_FLAG_SO_PIN;
|
||||||
pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_BCD;
|
pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_BCD;
|
||||||
pin_info.attrs.pin.min_length = 16;
|
pin_info.attrs.pin.min_length = 16;
|
||||||
pin_info.attrs.pin.stored_length = 0;
|
pin_info.attrs.pin.stored_length = 0;
|
||||||
pin_info.attrs.pin.max_length = 16;
|
pin_info.attrs.pin.max_length = 16;
|
||||||
pin_info.attrs.pin.pad_char = '\0';
|
pin_info.attrs.pin.pad_char = '\0';
|
||||||
pin_info.tries_left = 3;
|
pin_info.tries_left = 15;
|
||||||
pin_info.max_tries = 3;
|
pin_info.max_tries = 15;
|
||||||
|
|
||||||
strlcpy(pin_obj.label, "SOPIN", sizeof(pin_obj.label));
|
strlcpy(pin_obj.label, "SOPIN", sizeof(pin_obj.label));
|
||||||
pin_obj.flags = SC_PKCS15_CO_FLAG_PRIVATE;
|
pin_obj.flags = SC_PKCS15_CO_FLAG_PRIVATE;
|
||||||
|
|
|
@ -1505,8 +1505,8 @@ compare_obj_data_name(struct sc_pkcs15_object *obj, const char *app_label, const
|
||||||
if (obj->type != SC_PKCS15_TYPE_DATA_OBJECT)
|
if (obj->type != SC_PKCS15_TYPE_DATA_OBJECT)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return !strcmp(cinfo->app_label, app_label) &&
|
return !strncmp(cinfo->app_label, app_label, sizeof cinfo->app_label) &&
|
||||||
!strcmp(obj->label, label);
|
!strncmp(obj->label, label, sizeof obj->label);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -248,7 +248,7 @@ static int openct_reader_disconnect(sc_reader_t *reader)
|
||||||
struct driver_data *data = (struct driver_data *) reader->drv_data;
|
struct driver_data *data = (struct driver_data *) reader->drv_data;
|
||||||
|
|
||||||
SC_FUNC_CALLED(reader->ctx, SC_LOG_DEBUG_VERBOSE);
|
SC_FUNC_CALLED(reader->ctx, SC_LOG_DEBUG_VERBOSE);
|
||||||
if (data->h && !(reader->flags & SC_TERMINATE))
|
if (data->h && !(reader->ctx->flags & SC_CTX_FLAG_TERMINATE))
|
||||||
ct_reader_disconnect(data->h);
|
ct_reader_disconnect(data->h);
|
||||||
data->h = NULL;
|
data->h = NULL;
|
||||||
return SC_SUCCESS;
|
return SC_SUCCESS;
|
||||||
|
|
|
@ -41,6 +41,12 @@
|
||||||
|
|
||||||
#include "pace.h"
|
#include "pace.h"
|
||||||
|
|
||||||
|
#ifdef HAVE_PCSCLITE_H
|
||||||
|
#if !defined (__MAC_OS_X_VERSION_MIN_REQUIRED) || __MAC_OS_X_VERSION_MIN_REQUIRED < 101000
|
||||||
|
#define HAVE_PCSCLITE 1
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Logging */
|
/* Logging */
|
||||||
#define PCSC_TRACE(reader, desc, rv) do { sc_log(reader->ctx, "%s:" desc ": 0x%08lx\n", reader->name, rv); } while (0)
|
#define PCSC_TRACE(reader, desc, rv) do { sc_log(reader->ctx, "%s:" desc ": 0x%08lx\n", reader->name, rv); } while (0)
|
||||||
#define PCSC_LOG(ctx, desc, rv) do { sc_log(ctx, desc ": 0x%08lx\n", rv); } while (0)
|
#define PCSC_LOG(ctx, desc, rv) do { sc_log(ctx, desc ": 0x%08lx\n", rv); } while (0)
|
||||||
|
@ -431,8 +437,10 @@ static int pcsc_reconnect(sc_reader_t * reader, DWORD action)
|
||||||
if (check_forced_protocol(reader->ctx, &reader->atr, &tmp))
|
if (check_forced_protocol(reader->ctx, &reader->atr, &tmp))
|
||||||
protocol = tmp;
|
protocol = tmp;
|
||||||
|
|
||||||
/* reconnect always unlocks transaction */
|
#ifndef HAVE_PCSCLITE
|
||||||
|
/* reconnect unlocks transaction everywhere but in PCSC-lite */
|
||||||
priv->locked = 0;
|
priv->locked = 0;
|
||||||
|
#endif
|
||||||
|
|
||||||
rv = priv->gpriv->SCardReconnect(priv->pcsc_card,
|
rv = priv->gpriv->SCardReconnect(priv->pcsc_card,
|
||||||
priv->gpriv->connect_exclusive ? SCARD_SHARE_EXCLUSIVE : SCARD_SHARE_SHARED,
|
priv->gpriv->connect_exclusive ? SCARD_SHARE_EXCLUSIVE : SCARD_SHARE_SHARED,
|
||||||
|
@ -588,17 +596,21 @@ static int pcsc_release(sc_reader_t *reader)
|
||||||
|
|
||||||
static int pcsc_reset(sc_reader_t *reader, int do_cold_reset)
|
static int pcsc_reset(sc_reader_t *reader, int do_cold_reset)
|
||||||
{
|
{
|
||||||
struct pcsc_private_data *priv = GET_PRIV_DATA(reader);
|
|
||||||
int r;
|
int r;
|
||||||
|
#ifndef HAVE_PCSCLITE
|
||||||
|
struct pcsc_private_data *priv = GET_PRIV_DATA(reader);
|
||||||
int old_locked = priv->locked;
|
int old_locked = priv->locked;
|
||||||
|
#endif
|
||||||
|
|
||||||
r = pcsc_reconnect(reader, do_cold_reset ? SCARD_UNPOWER_CARD : SCARD_RESET_CARD);
|
r = pcsc_reconnect(reader, do_cold_reset ? SCARD_UNPOWER_CARD : SCARD_RESET_CARD);
|
||||||
if(r != SC_SUCCESS)
|
if(r != SC_SUCCESS)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
/* pcsc_reconnect unlocks card... try to lock it again if it was locked */
|
#ifndef HAVE_PCSCLITE
|
||||||
|
/* reconnect unlocks transaction everywhere but in PCSC-lite */
|
||||||
if(old_locked)
|
if(old_locked)
|
||||||
r = pcsc_lock(reader);
|
r = pcsc_lock(reader);
|
||||||
|
#endif
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
@ -2486,4 +2498,3 @@ struct sc_reader_driver * sc_get_cardmod_driver(void)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#endif /* ENABLE_PCSC */
|
#endif /* ENABLE_PCSC */
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,9 @@
|
||||||
MAINTAINERCLEANFILES = Makefile.in
|
MAINTAINERCLEANFILES = Makefile.in
|
||||||
EXTRA_DIST = Makefile.mak
|
EXTRA_DIST = Makefile.mak
|
||||||
|
|
||||||
|
if ENABLE_OPENSSL
|
||||||
noinst_LTLIBRARIES = libsm.la
|
noinst_LTLIBRARIES = libsm.la
|
||||||
|
endif
|
||||||
noinst_HEADERS = sm-common.h
|
noinst_HEADERS = sm-common.h
|
||||||
|
|
||||||
AM_CFLAGS = $(OPTIONAL_OPENSSL_CFLAGS) $(OPTIONAL_READLINE_CFLAGS)
|
AM_CFLAGS = $(OPTIONAL_OPENSSL_CFLAGS) $(OPTIONAL_READLINE_CFLAGS)
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
TOPDIR = ..\..
|
TOPDIR = ..\..
|
||||||
|
|
||||||
|
!IF "$(OPENSSL_DEF)" == "/DENABLE_OPENSSL"
|
||||||
TARGET = libsm.lib
|
TARGET = libsm.lib
|
||||||
OBJECTS = sm-common.obj
|
OBJECTS = sm-common.obj
|
||||||
|
|
||||||
|
@ -9,3 +10,7 @@ $(TARGET): $(OBJECTS)
|
||||||
lib $(LIBFLAGS) /out:$(TARGET) $(OBJECTS)
|
lib $(LIBFLAGS) /out:$(TARGET) $(OBJECTS)
|
||||||
|
|
||||||
!INCLUDE $(TOPDIR)\win32\Make.rules.mak
|
!INCLUDE $(TOPDIR)\win32\Make.rules.mak
|
||||||
|
|
||||||
|
!ELSE
|
||||||
|
all:
|
||||||
|
!ENDIF
|
||||||
|
|
|
@ -118,7 +118,6 @@ HINSTANCE g_inst;
|
||||||
#define MAGIC_SESSION_PIN "opensc-minidriver"
|
#define MAGIC_SESSION_PIN "opensc-minidriver"
|
||||||
|
|
||||||
struct md_directory {
|
struct md_directory {
|
||||||
unsigned char parent[9];
|
|
||||||
unsigned char name[9];
|
unsigned char name[9];
|
||||||
|
|
||||||
CARD_DIRECTORY_ACCESS_CONDITION acl;
|
CARD_DIRECTORY_ACCESS_CONDITION acl;
|
||||||
|
@ -130,7 +129,6 @@ struct md_directory {
|
||||||
};
|
};
|
||||||
|
|
||||||
struct md_file {
|
struct md_file {
|
||||||
unsigned char parent[9];
|
|
||||||
unsigned char name[9];
|
unsigned char name[9];
|
||||||
|
|
||||||
CARD_FILE_ACCESS_CONDITION acl;
|
CARD_FILE_ACCESS_CONDITION acl;
|
||||||
|
@ -680,7 +678,8 @@ md_fs_find_directory(PCARD_DATA pCardData, struct md_directory *parent, char *na
|
||||||
else {
|
else {
|
||||||
dir = parent->subdirs;
|
dir = parent->subdirs;
|
||||||
while(dir) {
|
while(dir) {
|
||||||
if (!strcmp(dir->name, name))
|
if (strlen(name) > sizeof dir->name
|
||||||
|
|| !strncmp(dir->name, name, sizeof dir->name))
|
||||||
break;
|
break;
|
||||||
dir = dir->next;
|
dir = dir->next;
|
||||||
}
|
}
|
||||||
|
@ -760,7 +759,8 @@ md_fs_find_file(PCARD_DATA pCardData, char *parent, char *name, struct md_file *
|
||||||
}
|
}
|
||||||
|
|
||||||
for (file = dir->files; file!=NULL;) {
|
for (file = dir->files; file!=NULL;) {
|
||||||
if (!strcmp(file->name, name))
|
if (sizeof file->name < strlen(name)
|
||||||
|
|| !strncmp(file->name, name, sizeof file->name))
|
||||||
break;
|
break;
|
||||||
file = file->next;
|
file = file->next;
|
||||||
}
|
}
|
||||||
|
@ -865,7 +865,8 @@ md_fs_delete_file(PCARD_DATA pCardData, char *parent, char *name)
|
||||||
return SCARD_E_FILE_NOT_FOUND;
|
return SCARD_E_FILE_NOT_FOUND;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!strcmp(dir->files->name, name)) {
|
if (sizeof dir->files->name < strlen(name)
|
||||||
|
|| !strncmp(dir->files->name, name, sizeof dir->files->name)) {
|
||||||
file_to_rm = dir->files;
|
file_to_rm = dir->files;
|
||||||
dir->files = dir->files->next;
|
dir->files = dir->files->next;
|
||||||
md_fs_free_file(pCardData, file_to_rm);
|
md_fs_free_file(pCardData, file_to_rm);
|
||||||
|
@ -875,7 +876,8 @@ md_fs_delete_file(PCARD_DATA pCardData, char *parent, char *name)
|
||||||
for (file = dir->files; file!=NULL; file = file->next) {
|
for (file = dir->files; file!=NULL; file = file->next) {
|
||||||
if (!file->next)
|
if (!file->next)
|
||||||
break;
|
break;
|
||||||
if (!strcmp(file->next->name, name)) {
|
if (sizeof file->next->name < strlen(name)
|
||||||
|
|| !strncmp(file->next->name, name, sizeof file->next->name)) {
|
||||||
file_to_rm = file->next;
|
file_to_rm = file->next;
|
||||||
file->next = file->next->next;
|
file->next = file->next->next;
|
||||||
md_fs_free_file(pCardData, file_to_rm);
|
md_fs_free_file(pCardData, file_to_rm);
|
||||||
|
@ -978,8 +980,8 @@ md_pkcs15_update_containers(PCARD_DATA pCardData, unsigned char *blob, size_t si
|
||||||
cont->flags = pp->bFlags;
|
cont->flags = pp->bFlags;
|
||||||
cont->size_sign = pp->wSigKeySizeBits;
|
cont->size_sign = pp->wSigKeySizeBits;
|
||||||
cont->size_key_exchange = pp->wKeyExchangeKeySizeBits;
|
cont->size_key_exchange = pp->wKeyExchangeKeySizeBits;
|
||||||
logprintf(pCardData, 3, "update P15 containers: touch container (idx:%i,id:%s,guid:%s,flags:%X)\n",
|
logprintf(pCardData, 3, "update P15 containers: touch container (idx:%i,id:%s,guid:%.*s,flags:%X)\n",
|
||||||
idx, sc_pkcs15_print_id(&cont->id),cont->guid,cont->flags);
|
idx, sc_pkcs15_print_id(&cont->id),(int)sizeof cont->guid,cont->guid,cont->flags);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1002,7 +1004,7 @@ md_pkcs15_update_container_from_do(PCARD_DATA pCardData, struct sc_pkcs15_object
|
||||||
|
|
||||||
rv = sc_pkcs15_read_data_object(vs->p15card, (struct sc_pkcs15_data_info *)dobj->data, &ddata);
|
rv = sc_pkcs15_read_data_object(vs->p15card, (struct sc_pkcs15_data_info *)dobj->data, &ddata);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%s') returned %i\n", dobj->label, rv);
|
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%.*s') returned %i\n", (int) sizeof dobj->label, dobj->label, rv);
|
||||||
return SCARD_F_INTERNAL_ERROR;
|
return SCARD_F_INTERNAL_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1060,7 +1062,7 @@ md_pkcs15_default_container_from_do(PCARD_DATA pCardData, struct sc_pkcs15_objec
|
||||||
|
|
||||||
rv = sc_pkcs15_read_data_object(vs->p15card, (struct sc_pkcs15_data_info *)dobj->data, &ddata);
|
rv = sc_pkcs15_read_data_object(vs->p15card, (struct sc_pkcs15_data_info *)dobj->data, &ddata);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%s') returned %i\n", dobj->label, rv);
|
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%.*s') returned %i\n", (int) sizeof dobj->label, dobj->label, rv);
|
||||||
return SCARD_F_INTERNAL_ERROR;
|
return SCARD_F_INTERNAL_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1102,7 +1104,7 @@ md_pkcs15_delete_object(PCARD_DATA pCardData, struct sc_pkcs15_object *obj)
|
||||||
|
|
||||||
if (!obj)
|
if (!obj)
|
||||||
return SCARD_S_SUCCESS;
|
return SCARD_S_SUCCESS;
|
||||||
logprintf(pCardData, 3, "MdDeleteObject('%s',type:0x%X) called\n", obj->label, obj->type);
|
logprintf(pCardData, 3, "MdDeleteObject('%.*s',type:0x%X) called\n", (int) sizeof obj->label, obj->label, obj->type);
|
||||||
|
|
||||||
rv = sc_lock(card);
|
rv = sc_lock(card);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
|
@ -1550,7 +1552,7 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
|
||||||
cont->size_key_exchange = prkey_info->field_length;
|
cont->size_key_exchange = prkey_info->field_length;
|
||||||
}
|
}
|
||||||
|
|
||||||
logprintf(pCardData, 7, "Container[%i]'s guid=%s\n", ii, cont->guid);
|
logprintf(pCardData, 7, "Container[%i]'s guid=%.*s\n", ii, (int) sizeof cont->guid, cont->guid);
|
||||||
logprintf(pCardData, 7, "Container[%i]'s key-exchange:%i, sign:%i\n", ii, cont->size_key_exchange, cont->size_sign);
|
logprintf(pCardData, 7, "Container[%i]'s key-exchange:%i, sign:%i\n", ii, cont->size_key_exchange, cont->size_sign);
|
||||||
|
|
||||||
cont->id = prkey_info->id;
|
cont->id = prkey_info->id;
|
||||||
|
@ -1558,10 +1560,10 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
|
||||||
|
|
||||||
/* Try to find the friend objects: certficate and public key */
|
/* Try to find the friend objects: certficate and public key */
|
||||||
if (!sc_pkcs15_find_cert_by_id(vs->p15card, &cont->id, &cont->cert_obj))
|
if (!sc_pkcs15_find_cert_by_id(vs->p15card, &cont->id, &cont->cert_obj))
|
||||||
logprintf(pCardData, 2, "found certificate friend '%s'\n", cont->cert_obj->label);
|
logprintf(pCardData, 2, "found certificate friend '%.*s'\n", (int) sizeof cont->cert_obj->label, cont->cert_obj->label);
|
||||||
|
|
||||||
if (!sc_pkcs15_find_pubkey_by_id(vs->p15card, &cont->id, &cont->pubkey_obj))
|
if (!sc_pkcs15_find_pubkey_by_id(vs->p15card, &cont->id, &cont->pubkey_obj))
|
||||||
logprintf(pCardData, 2, "found public key friend '%s'\n", cont->pubkey_obj->label);
|
logprintf(pCardData, 2, "found public key friend '%.*s'\n", (int) sizeof cont->pubkey_obj->label, cont->pubkey_obj->label);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conts_num) {
|
if (conts_num) {
|
||||||
|
@ -1584,8 +1586,8 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
|
||||||
if (strcmp(dinfo->app_label, MD_DATA_APPLICAITON_NAME))
|
if (strcmp(dinfo->app_label, MD_DATA_APPLICAITON_NAME))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
logprintf(pCardData, 2, "Found 'DATA' object '%s'\n", dobjs[ii]->label);
|
logprintf(pCardData, 2, "Found 'DATA' object '%.*s'\n", (int) sizeof dobjs[ii]->label, dobjs[ii]->label);
|
||||||
if (!strcmp(dobjs[ii]->label, MD_DATA_DEFAULT_CONT_LABEL)) {
|
if (!strncmp(dobjs[ii]->label, MD_DATA_DEFAULT_CONT_LABEL, sizeof dobjs[ii]->label)) {
|
||||||
default_cont = dobjs[ii];
|
default_cont = dobjs[ii];
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
@ -2039,8 +2041,8 @@ md_pkcs15_generate_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, DWORD ke
|
||||||
cont->index = idx;
|
cont->index = idx;
|
||||||
cont->flags = CONTAINER_MAP_VALID_CONTAINER;
|
cont->flags = CONTAINER_MAP_VALID_CONTAINER;
|
||||||
|
|
||||||
logprintf(pCardData, 3, "MdGenerateKey(): generated key(idx:%i,id:%s,guid:%s)\n",
|
logprintf(pCardData, 3, "MdGenerateKey(): generated key(idx:%i,id:%s,guid:%.*s)\n",
|
||||||
idx, sc_pkcs15_print_id(&cont->id),cont->guid);
|
idx, sc_pkcs15_print_id(&cont->id),(int) sizeof cont->guid, cont->guid);
|
||||||
|
|
||||||
dwret = SCARD_S_SUCCESS;
|
dwret = SCARD_S_SUCCESS;
|
||||||
done:
|
done:
|
||||||
|
@ -2171,7 +2173,7 @@ md_pkcs15_store_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, BYTE *blob,
|
||||||
cont->index = idx;
|
cont->index = idx;
|
||||||
cont->flags |= CONTAINER_MAP_VALID_CONTAINER;
|
cont->flags |= CONTAINER_MAP_VALID_CONTAINER;
|
||||||
|
|
||||||
logprintf(pCardData, 3, "MdStoreKey(): stored key(idx:%i,id:%s,guid:%s)\n", idx, sc_pkcs15_print_id(&cont->id),cont->guid);
|
logprintf(pCardData, 3, "MdStoreKey(): stored key(idx:%i,id:%s,guid:%.*s)\n", idx, sc_pkcs15_print_id(&cont->id),(int) sizeof cont->guid,cont->guid);
|
||||||
dwret = SCARD_S_SUCCESS;
|
dwret = SCARD_S_SUCCESS;
|
||||||
|
|
||||||
done:
|
done:
|
||||||
|
@ -2812,7 +2814,7 @@ DWORD WINAPI CardGetContainerInfo(__in PCARD_DATA pCardData, __in BYTE bContaine
|
||||||
if (!pubkey_der.value && cont->pubkey_obj) {
|
if (!pubkey_der.value && cont->pubkey_obj) {
|
||||||
struct sc_pkcs15_pubkey *pubkey = NULL;
|
struct sc_pkcs15_pubkey *pubkey = NULL;
|
||||||
|
|
||||||
logprintf(pCardData, 1, "now read public key '%s'\n", cont->pubkey_obj->label);
|
logprintf(pCardData, 1, "now read public key '%.*s'\n", (int) sizeof cont->pubkey_obj->label, cont->pubkey_obj->label);
|
||||||
rv = sc_pkcs15_read_pubkey(vs->p15card, cont->pubkey_obj, &pubkey);
|
rv = sc_pkcs15_read_pubkey(vs->p15card, cont->pubkey_obj, &pubkey);
|
||||||
if (!rv) {
|
if (!rv) {
|
||||||
rv = sc_pkcs15_encode_pubkey(vs->ctx, pubkey, &pubkey_der.value, &pubkey_der.len);
|
rv = sc_pkcs15_encode_pubkey(vs->ctx, pubkey, &pubkey_der.value, &pubkey_der.len);
|
||||||
|
@ -2836,7 +2838,7 @@ DWORD WINAPI CardGetContainerInfo(__in PCARD_DATA pCardData, __in BYTE bContaine
|
||||||
if (!pubkey_der.value && cont->cert_obj) {
|
if (!pubkey_der.value && cont->cert_obj) {
|
||||||
struct sc_pkcs15_cert *cert = NULL;
|
struct sc_pkcs15_cert *cert = NULL;
|
||||||
|
|
||||||
logprintf(pCardData, 1, "now read certificate '%s'\n", cont->cert_obj->label);
|
logprintf(pCardData, 1, "now read certificate '%.*s'\n", (int) sizeof cont->cert_obj->label, cont->cert_obj->label);
|
||||||
rv = sc_pkcs15_read_certificate(vs->p15card, (struct sc_pkcs15_cert_info *)(cont->cert_obj->data), &cert);
|
rv = sc_pkcs15_read_certificate(vs->p15card, (struct sc_pkcs15_cert_info *)(cont->cert_obj->data), &cert);
|
||||||
if(!rv) {
|
if(!rv) {
|
||||||
rv = sc_pkcs15_encode_pubkey(vs->ctx, cert->key, &pubkey_der.value, &pubkey_der.len);
|
rv = sc_pkcs15_encode_pubkey(vs->ctx, cert->key, &pubkey_der.value, &pubkey_der.len);
|
||||||
|
|
|
@ -967,7 +967,7 @@ pkcs15_init_slot(struct sc_pkcs15_card *p15card, struct sc_pkcs11_slot *slot,
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (auth->label[0])
|
if (auth->label[0])
|
||||||
snprintf(label, sizeof(label), "%s (%s)", p15card->tokeninfo->label, auth->label);
|
snprintf(label, sizeof(label), "%s (%.*s)", p15card->tokeninfo->label, (int) sizeof auth->label, auth->label);
|
||||||
else
|
else
|
||||||
snprintf(label, sizeof(label), "%s", p15card->tokeninfo->label);
|
snprintf(label, sizeof(label), "%s", p15card->tokeninfo->label);
|
||||||
slot->token_info.flags |= CKF_LOGIN_REQUIRED;
|
slot->token_info.flags |= CKF_LOGIN_REQUIRED;
|
||||||
|
@ -1156,7 +1156,7 @@ _add_pin_related_objects(struct sc_pkcs11_slot *slot, struct sc_pkcs15_object *p
|
||||||
struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info *)pin_obj->data;
|
struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info *)pin_obj->data;
|
||||||
unsigned i;
|
unsigned i;
|
||||||
|
|
||||||
sc_log(context, "Add objects related to PIN('%s',ID:%s)", pin_obj->label, sc_pkcs15_print_id(&pin_info->auth_id));
|
sc_log(context, "Add objects related to PIN('%.*s',ID:%s)", (int) sizeof pin_obj->label, pin_obj->label, sc_pkcs15_print_id(&pin_info->auth_id));
|
||||||
for (i=0; i < fw_data->num_objects; i++) {
|
for (i=0; i < fw_data->num_objects; i++) {
|
||||||
struct pkcs15_any_object *obj = fw_data->objects[i];
|
struct pkcs15_any_object *obj = fw_data->objects[i];
|
||||||
|
|
||||||
|
@ -1167,7 +1167,7 @@ _add_pin_related_objects(struct sc_pkcs11_slot *slot, struct sc_pkcs15_object *p
|
||||||
* not private. Just ignore those... */
|
* not private. Just ignore those... */
|
||||||
if (!(obj->p15_object->flags & SC_PKCS15_CO_FLAG_PRIVATE))
|
if (!(obj->p15_object->flags & SC_PKCS15_CO_FLAG_PRIVATE))
|
||||||
continue;
|
continue;
|
||||||
sc_log(context, "ObjID(%p,%s,%x):%s", obj, obj->p15_object->label,
|
sc_log(context, "ObjID(%p,%.*s,%x):%s", obj, (int) sizeof obj->p15_object->label, obj->p15_object->label,
|
||||||
obj->p15_object->type, sc_pkcs15_print_id(&obj->p15_object->auth_id));
|
obj->p15_object->type, sc_pkcs15_print_id(&obj->p15_object->auth_id));
|
||||||
if (!sc_pkcs15_compare_id(&pin_info->auth_id, &obj->p15_object->auth_id)) {
|
if (!sc_pkcs15_compare_id(&pin_info->auth_id, &obj->p15_object->auth_id)) {
|
||||||
sc_log(context, "Ignoring object %d", i);
|
sc_log(context, "Ignoring object %d", i);
|
||||||
|
@ -1175,15 +1175,15 @@ _add_pin_related_objects(struct sc_pkcs11_slot *slot, struct sc_pkcs15_object *p
|
||||||
}
|
}
|
||||||
|
|
||||||
if (is_privkey(obj)) {
|
if (is_privkey(obj)) {
|
||||||
sc_log(context, "Slot:%p, obj:%p Adding private key %d to PIN '%s'", slot, obj, i, pin_obj->label);
|
sc_log(context, "Slot:%p, obj:%p Adding private key %d to PIN '%.*s'", slot, obj, i, (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
pkcs15_add_object(slot, obj, NULL);
|
pkcs15_add_object(slot, obj, NULL);
|
||||||
}
|
}
|
||||||
else if (is_data(obj)) {
|
else if (is_data(obj)) {
|
||||||
sc_log(context, "Slot:%p Adding data object %d to PIN '%s'", slot, i, pin_obj->label);
|
sc_log(context, "Slot:%p Adding data object %d to PIN '%.*s'", slot, i, (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
pkcs15_add_object(slot, obj, NULL);
|
pkcs15_add_object(slot, obj, NULL);
|
||||||
}
|
}
|
||||||
else if (is_cert(obj)) {
|
else if (is_cert(obj)) {
|
||||||
sc_log(context, "Slot:%p Adding cert object %d to PIN '%s'", slot, i, pin_obj->label);
|
sc_log(context, "Slot:%p Adding cert object %d to PIN '%.*s'", slot, i, (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
pkcs15_add_object(slot, obj, NULL);
|
pkcs15_add_object(slot, obj, NULL);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -1233,7 +1233,7 @@ _add_public_objects(struct sc_pkcs11_slot *slot, struct pkcs15_fw_data *fw_data,
|
||||||
if (obj->p15_object->auth_id.len && !(is_pubkey(obj) || is_cert(obj)))
|
if (obj->p15_object->auth_id.len && !(is_pubkey(obj) || is_cert(obj)))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
sc_log(context, "Add public object(%p,%s,%x)", obj, obj->p15_object->label, obj->p15_object->type);
|
sc_log(context, "Add public object(%p,%.*s,%x)", obj, (int) sizeof obj->p15_object->label, obj->p15_object->label, obj->p15_object->type);
|
||||||
pkcs15_add_object(slot, obj, NULL);
|
pkcs15_add_object(slot, obj, NULL);
|
||||||
|
|
||||||
if (move_to_fw && move_to_fw != fw_data && move_to_fw->num_objects < MAX_OBJECTS) {
|
if (move_to_fw && move_to_fw != fw_data && move_to_fw->num_objects < MAX_OBJECTS) {
|
||||||
|
@ -1306,7 +1306,7 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
|
||||||
/* Check if a slot could be created with this PIN */
|
/* Check if a slot could be created with this PIN */
|
||||||
if (!_is_slot_auth_object(pin_info))
|
if (!_is_slot_auth_object(pin_info))
|
||||||
continue;
|
continue;
|
||||||
sc_log(context, "Found authentication object '%s'", auths[i]->label);
|
sc_log(context, "Found authentication object '%.*s'", (int) sizeof auths[i]->label, auths[i]->label);
|
||||||
|
|
||||||
rv = pkcs15_create_slot(p11card, fw_data, auths[i], app_info, &islot);
|
rv = pkcs15_create_slot(p11card, fw_data, auths[i], app_info, &islot);
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
|
@ -1337,13 +1337,13 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
|
||||||
sc_log(context, "User/Sign PINs %p/%p", auth_user_pin, auth_sign_pin);
|
sc_log(context, "User/Sign PINs %p/%p", auth_user_pin, auth_sign_pin);
|
||||||
if (fauo && auth_user_pin && !memcmp(fauo->data, auth_user_pin->data, sizeof(struct sc_pkcs15_auth_info))) {
|
if (fauo && auth_user_pin && !memcmp(fauo->data, auth_user_pin->data, sizeof(struct sc_pkcs15_auth_info))) {
|
||||||
/* Add objects from the non-first application to the FW data of the first slot */
|
/* Add objects from the non-first application to the FW data of the first slot */
|
||||||
sc_log(context, "Add objects to existing slot created for PIN '%s'", fauo->label);
|
sc_log(context, "Add objects to existing slot created for PIN '%.*s'", (int) sizeof fauo->label, fauo->label);
|
||||||
_add_pin_related_objects(*first_slot, fauo, fw_data, ffda);
|
_add_pin_related_objects(*first_slot, fauo, fw_data, ffda);
|
||||||
slot = *first_slot;
|
slot = *first_slot;
|
||||||
}
|
}
|
||||||
else if (auth_user_pin) {
|
else if (auth_user_pin) {
|
||||||
/* For the UserPIN of the first slot create slot */
|
/* For the UserPIN of the first slot create slot */
|
||||||
sc_log(context, "Create slot for User PIN '%s'", auth_user_pin->label);
|
sc_log(context, "Create slot for User PIN '%.*s'", (int) sizeof auth_user_pin->label, auth_user_pin->label);
|
||||||
rv = pkcs15_create_slot(p11card, fw_data, auth_user_pin, app_info, &slot);
|
rv = pkcs15_create_slot(p11card, fw_data, auth_user_pin, app_info, &slot);
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
return CKR_OK; /* no more slots available for this card */
|
return CKR_OK; /* no more slots available for this card */
|
||||||
|
@ -1355,7 +1355,7 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
|
||||||
if (auth_sign_pin && auth_user_pin) {
|
if (auth_sign_pin && auth_user_pin) {
|
||||||
struct sc_pkcs11_slot *sign_slot = NULL;
|
struct sc_pkcs11_slot *sign_slot = NULL;
|
||||||
|
|
||||||
sc_log(context, "Create slot for Sign PIN '%s'", auth_sign_pin->label);
|
sc_log(context, "Create slot for Sign PIN '%.*s'", (int) sizeof auth_sign_pin->label, auth_sign_pin->label);
|
||||||
rv = pkcs15_create_slot(p11card, fw_data, auth_sign_pin, app_info, &sign_slot);
|
rv = pkcs15_create_slot(p11card, fw_data, auth_sign_pin, app_info, &sign_slot);
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
return CKR_OK; /* no more slots available for this card */
|
return CKR_OK; /* no more slots available for this card */
|
||||||
|
@ -1641,7 +1641,7 @@ pkcs15_change_pin(struct sc_pkcs11_slot *slot,
|
||||||
if (!auth_info)
|
if (!auth_info)
|
||||||
return CKR_USER_PIN_NOT_INITIALIZED;
|
return CKR_USER_PIN_NOT_INITIALIZED;
|
||||||
|
|
||||||
sc_log(context, "Change '%s' (ref:%i,type:%i)", pin_obj->label, auth_info->attrs.pin.reference, login_user);
|
sc_log(context, "Change '%.*s' (ref:%i,type:%i)", (int) sizeof pin_obj->label, pin_obj->label, auth_info->attrs.pin.reference, login_user);
|
||||||
if (p11card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) {
|
if (p11card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) {
|
||||||
/* pPin should be NULL in case of a pin pad reader, but
|
/* pPin should be NULL in case of a pin pad reader, but
|
||||||
* some apps (e.g. older Netscapes) don't know about it.
|
* some apps (e.g. older Netscapes) don't know about it.
|
||||||
|
@ -3151,7 +3151,7 @@ pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, void *object, CK_AT
|
||||||
*(CK_BBOOL*)attr->pValue = FALSE;
|
*(CK_BBOOL*)attr->pValue = FALSE;
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
len = strlen(cert->cert_p15obj->label);
|
len = strnlen(cert->cert_p15obj->label, sizeof cert->cert_p15obj->label);
|
||||||
check_attribute_buffer(attr, len);
|
check_attribute_buffer(attr, len);
|
||||||
memcpy(attr->pValue, cert->cert_p15obj->label, len);
|
memcpy(attr->pValue, cert->cert_p15obj->label, len);
|
||||||
break;
|
break;
|
||||||
|
@ -3420,7 +3420,7 @@ pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session,
|
||||||
*(CK_BBOOL*)attr->pValue = FALSE;
|
*(CK_BBOOL*)attr->pValue = FALSE;
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
len = strlen(prkey->prv_p15obj->label);
|
len = strnlen(prkey->prv_p15obj->label, sizeof prkey->prv_p15obj->label);
|
||||||
check_attribute_buffer(attr, len);
|
check_attribute_buffer(attr, len);
|
||||||
memcpy(attr->pValue, prkey->prv_p15obj->label, len);
|
memcpy(attr->pValue, prkey->prv_p15obj->label, len);
|
||||||
break;
|
break;
|
||||||
|
@ -3904,12 +3904,12 @@ pkcs15_pubkey_get_attribute(struct sc_pkcs11_session *session, void *object, CK_
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
if (pubkey->pub_p15obj) {
|
if (pubkey->pub_p15obj) {
|
||||||
len = strlen(pubkey->pub_p15obj->label);
|
len = strnlen(pubkey->pub_p15obj->label, sizeof pubkey->pub_p15obj->label);
|
||||||
check_attribute_buffer(attr, len);
|
check_attribute_buffer(attr, len);
|
||||||
memcpy(attr->pValue, pubkey->pub_p15obj->label, len);
|
memcpy(attr->pValue, pubkey->pub_p15obj->label, len);
|
||||||
}
|
}
|
||||||
else if (cert && cert->cert_p15obj) {
|
else if (cert && cert->cert_p15obj) {
|
||||||
len = strlen(cert->cert_p15obj->label);
|
len = strnlen(cert->cert_p15obj->label, sizeof cert->cert_p15obj->label);
|
||||||
check_attribute_buffer(attr, len);
|
check_attribute_buffer(attr, len);
|
||||||
memcpy(attr->pValue, cert->cert_p15obj->label, len);
|
memcpy(attr->pValue, cert->cert_p15obj->label, len);
|
||||||
}
|
}
|
||||||
|
@ -4127,7 +4127,7 @@ pkcs15_dobj_get_attribute(struct sc_pkcs11_session *session, void *object, CK_AT
|
||||||
*(CK_BBOOL*)attr->pValue = (dobj->base.p15_object->flags & 0x02) != 0;
|
*(CK_BBOOL*)attr->pValue = (dobj->base.p15_object->flags & 0x02) != 0;
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
len = strlen(dobj->base.p15_object->label);
|
len = strnlen(dobj->base.p15_object->label, sizeof dobj->base.p15_object->label);
|
||||||
check_attribute_buffer(attr, len);
|
check_attribute_buffer(attr, len);
|
||||||
memcpy(attr->pValue, dobj->base.p15_object->label, len);
|
memcpy(attr->pValue, dobj->base.p15_object->label, len);
|
||||||
break;
|
break;
|
||||||
|
@ -4262,7 +4262,7 @@ pkcs15_skey_get_attribute(struct sc_pkcs11_session *session,
|
||||||
/*TODO Why no definition of the flag */
|
/*TODO Why no definition of the flag */
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
len = strlen(skey->base.p15_object->label);
|
len = strnlen(skey->base.p15_object->label, sizeof skey->base.p15_object->label);
|
||||||
check_attribute_buffer(attr, len);
|
check_attribute_buffer(attr, len);
|
||||||
memcpy(attr->pValue, skey->base.p15_object->label, len);
|
memcpy(attr->pValue, skey->base.p15_object->label, len);
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* Generic handling of PKCS11 mechanisms
|
* Generic handling of PKCS11 mechanisms
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
|
@ -324,6 +324,7 @@ void load_pkcs11_parameters(struct sc_pkcs11_config *conf, sc_context_t * ctx)
|
||||||
}
|
}
|
||||||
conf->hide_empty_tokens = 1;
|
conf->hide_empty_tokens = 1;
|
||||||
conf->lock_login = 0;
|
conf->lock_login = 0;
|
||||||
|
conf->init_sloppy = 1;
|
||||||
conf->pin_unblock_style = SC_PKCS11_PIN_UNBLOCK_NOT_ALLOWED;
|
conf->pin_unblock_style = SC_PKCS11_PIN_UNBLOCK_NOT_ALLOWED;
|
||||||
conf->create_puk_slot = 0;
|
conf->create_puk_slot = 0;
|
||||||
conf->zero_ckaid_for_ca_certs = 0;
|
conf->zero_ckaid_for_ca_certs = 0;
|
||||||
|
@ -339,6 +340,7 @@ void load_pkcs11_parameters(struct sc_pkcs11_config *conf, sc_context_t * ctx)
|
||||||
conf->slots_per_card = scconf_get_int(conf_block, "slots_per_card", conf->slots_per_card);
|
conf->slots_per_card = scconf_get_int(conf_block, "slots_per_card", conf->slots_per_card);
|
||||||
conf->hide_empty_tokens = scconf_get_bool(conf_block, "hide_empty_tokens", conf->hide_empty_tokens);
|
conf->hide_empty_tokens = scconf_get_bool(conf_block, "hide_empty_tokens", conf->hide_empty_tokens);
|
||||||
conf->lock_login = scconf_get_bool(conf_block, "lock_login", conf->lock_login);
|
conf->lock_login = scconf_get_bool(conf_block, "lock_login", conf->lock_login);
|
||||||
|
conf->init_sloppy = scconf_get_bool(conf_block, "init_sloppy", conf->init_sloppy);
|
||||||
|
|
||||||
unblock_style = (char *)scconf_get_str(conf_block, "user_pin_unblock_style", NULL);
|
unblock_style = (char *)scconf_get_str(conf_block, "user_pin_unblock_style", NULL);
|
||||||
if (unblock_style && !strcmp(unblock_style, "set_pin_in_unlogged_session"))
|
if (unblock_style && !strcmp(unblock_style, "set_pin_in_unlogged_session"))
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* OpenSSL helper functions, e.g. for implementing MD5 support
|
* OpenSSL helper functions, e.g. for implementing MD5 support
|
||||||
* et al
|
* et al
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
|
@ -473,6 +473,7 @@ static sc_timestamp_t get_current_time(void)
|
||||||
CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
|
CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
|
||||||
{
|
{
|
||||||
struct sc_pkcs11_slot *slot;
|
struct sc_pkcs11_slot *slot;
|
||||||
|
unsigned int uninit_slotcount;
|
||||||
sc_timestamp_t now;
|
sc_timestamp_t now;
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
|
|
||||||
|
@ -485,6 +486,19 @@ CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
|
||||||
|
|
||||||
sc_log(context, "C_GetSlotInfo(0x%lx)", slotID);
|
sc_log(context, "C_GetSlotInfo(0x%lx)", slotID);
|
||||||
|
|
||||||
|
if (sc_pkcs11_conf.plug_and_play)
|
||||||
|
uninit_slotcount = 1;
|
||||||
|
else
|
||||||
|
uninit_slotcount = 0;
|
||||||
|
if (sc_pkcs11_conf.init_sloppy && uninit_slotcount <= list_size(&virtual_slots)) {
|
||||||
|
/* Most likely virtual_slots only contains the hotplug slot and has not
|
||||||
|
* been initialized because the caller has *not* called C_GetSlotList
|
||||||
|
* before C_GetSlotInfo, as required by PKCS#11. Initialize
|
||||||
|
* virtual_slots to make things work and hope the caller knows what
|
||||||
|
* it's doing... */
|
||||||
|
card_detect_all();
|
||||||
|
}
|
||||||
|
|
||||||
rv = slot_get_slot(slotID, &slot);
|
rv = slot_get_slot(slotID, &slot);
|
||||||
sc_log(context, "C_GetSlotInfo() get slot rv %i", rv);
|
sc_log(context, "C_GetSlotInfo() get slot rv %i", rv);
|
||||||
if (rv == CKR_OK) {
|
if (rv == CKR_OK) {
|
||||||
|
|
|
@ -78,6 +78,7 @@ struct sc_pkcs11_config {
|
||||||
unsigned int slots_per_card;
|
unsigned int slots_per_card;
|
||||||
unsigned char hide_empty_tokens;
|
unsigned char hide_empty_tokens;
|
||||||
unsigned char lock_login;
|
unsigned char lock_login;
|
||||||
|
unsigned char init_sloppy;
|
||||||
unsigned int pin_unblock_style;
|
unsigned int pin_unblock_style;
|
||||||
unsigned int create_puk_slot;
|
unsigned int create_puk_slot;
|
||||||
unsigned int zero_ckaid_for_ca_certs;
|
unsigned int zero_ckaid_for_ca_certs;
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* CardOS specific operation for PKCS15 initialization
|
* CardOS specific operation for PKCS15 initialization
|
||||||
*
|
*
|
||||||
* Copyright (C) 2005 Nils Larsch <nils@larsch.net>
|
* Copyright (C) 2005 Nils Larsch <nils@larsch.net>
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -499,7 +499,7 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
|
|
||||||
/* allocate key object */
|
/* allocate key object */
|
||||||
r = cosm_new_file(profile, card, SC_PKCS15_TYPE_PRKEY_RSA, idx, &file);
|
r = cosm_new_file(profile, card, SC_PKCS15_TYPE_PRKEY_RSA, idx, &file);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"create key: failed to allocate new key object");
|
"create key: failed to allocate new key object");
|
||||||
file->size = keybits;
|
file->size = keybits;
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "private key path: %s",
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "private key path: %s",
|
||||||
|
@ -509,13 +509,13 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
|
|
||||||
r = sc_pkcs15init_authenticate(profile, p15card, file,
|
r = sc_pkcs15init_authenticate(profile, p15card, file,
|
||||||
SC_AC_OP_DELETE);
|
SC_AC_OP_DELETE);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate key: pkcs15init_authenticate(SC_AC_OP_DELETE) failed");
|
"generate key: pkcs15init_authenticate(SC_AC_OP_DELETE) failed");
|
||||||
|
|
||||||
r = sc_delete_file(p15card->card, &file->path);
|
r = sc_delete_file(p15card->card, &file->path);
|
||||||
/* create */
|
/* create */
|
||||||
r = sc_pkcs15init_create_file(profile, p15card, file);
|
r = sc_pkcs15init_create_file(profile, p15card, file);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"create key: failed to create key file");
|
"create key: failed to create key file");
|
||||||
|
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "index %i; keybits %i\n", idx,
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "index %i; keybits %i\n", idx,
|
||||||
|
@ -523,33 +523,32 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
if (keybits < 1024 || keybits > 2048 || (keybits % 0x20)) {
|
if (keybits < 1024 || keybits > 2048 || (keybits % 0x20)) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE_TOOL,
|
sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE_TOOL,
|
||||||
"Unsupported key size %u\n", keybits);
|
"Unsupported key size %u\n", keybits);
|
||||||
return SC_ERROR_INVALID_ARGUMENTS;
|
r = SC_ERROR_INVALID_ARGUMENTS;
|
||||||
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
path = key_info->path;
|
path = key_info->path;
|
||||||
path.len -= 2;
|
path.len -= 2;
|
||||||
|
|
||||||
r = sc_select_file(card, &path, &tfile);
|
r = sc_select_file(card, &path, &tfile);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate key: no private object DF");
|
"generate key: no private object DF");
|
||||||
|
|
||||||
r = sc_pkcs15init_authenticate(profile, p15card, tfile,
|
r = sc_pkcs15init_authenticate(profile, p15card, tfile,
|
||||||
SC_AC_OP_CRYPTO);
|
SC_AC_OP_CRYPTO);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate key: pkcs15init_authenticate(SC_AC_OP_CRYPTO) failed");
|
"generate key: pkcs15init_authenticate(SC_AC_OP_CRYPTO) failed");
|
||||||
|
|
||||||
r = sc_pkcs15init_authenticate(profile, p15card, tfile,
|
r = sc_pkcs15init_authenticate(profile, p15card, tfile,
|
||||||
SC_AC_OP_CREATE);
|
SC_AC_OP_CREATE);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate key: pkcs15init_authenticate(SC_AC_OP_CREATE) failed");
|
"generate key: pkcs15init_authenticate(SC_AC_OP_CREATE) failed");
|
||||||
|
|
||||||
sc_file_free(tfile);
|
|
||||||
|
|
||||||
if ((r = cosm_new_file(profile, card, SC_PKCS15_TYPE_PUBKEY_RSA, idx,
|
if ((r = cosm_new_file(profile, card, SC_PKCS15_TYPE_PUBKEY_RSA, idx,
|
||||||
&pukf)) < 0) {
|
&pukf)) < 0) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||||
"generate key: create temporary pukf failed\n");
|
"generate key: create temporary pukf failed\n");
|
||||||
goto failed;
|
goto err;
|
||||||
}
|
}
|
||||||
pukf->size = keybits;
|
pukf->size = keybits;
|
||||||
pukf->id = pukf->path.value[pukf->path.len - 2] * 0x100
|
pukf->id = pukf->path.value[pukf->path.len - 2] * 0x100
|
||||||
|
@ -565,14 +564,14 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
if (r == SC_SUCCESS) {
|
if (r == SC_SUCCESS) {
|
||||||
r = sc_pkcs15init_authenticate(profile, p15card, pukf,
|
r = sc_pkcs15init_authenticate(profile, p15card, pukf,
|
||||||
SC_AC_OP_DELETE);
|
SC_AC_OP_DELETE);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_DELETE) failed");
|
"generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_DELETE) failed");
|
||||||
|
|
||||||
r = sc_pkcs15init_delete_by_path(profile, p15card, &pukf->path);
|
r = sc_pkcs15init_delete_by_path(profile, p15card, &pukf->path);
|
||||||
if (r != SC_SUCCESS) {
|
if (r != SC_SUCCESS) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||||
"generate key: failed to delete existing key file\n");
|
"generate key: failed to delete existing key file\n");
|
||||||
goto failed;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* create */
|
/* create */
|
||||||
|
@ -580,12 +579,12 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
if (r != SC_SUCCESS) {
|
if (r != SC_SUCCESS) {
|
||||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||||
"generate key: pukf create file failed\n");
|
"generate key: pukf create file failed\n");
|
||||||
goto failed;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = sc_pkcs15init_authenticate(profile, p15card, pukf,
|
r = sc_pkcs15init_authenticate(profile, p15card, pukf,
|
||||||
SC_AC_OP_UPDATE);
|
SC_AC_OP_UPDATE);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_UPDATE) failed");
|
"generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_UPDATE) failed");
|
||||||
|
|
||||||
/* generate key pair */
|
/* generate key pair */
|
||||||
|
@ -597,7 +596,7 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
gendat.key_length = keybits;
|
gendat.key_length = keybits;
|
||||||
gendat.modulus = NULL;
|
gendat.modulus = NULL;
|
||||||
r = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_GENERATE_KEY, &gendat);
|
r = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_GENERATE_KEY, &gendat);
|
||||||
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
SC_TEST_GOTO_ERR(card->ctx, SC_LOG_DEBUG_NORMAL, r,
|
||||||
"generate RSA key pair failed");
|
"generate RSA key pair failed");
|
||||||
|
|
||||||
/* get the modulus */
|
/* get the modulus */
|
||||||
|
@ -611,7 +610,7 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
buf = (u8 *) malloc(3);
|
buf = (u8 *) malloc(3);
|
||||||
if (!buf) {
|
if (!buf) {
|
||||||
r = SC_ERROR_OUT_OF_MEMORY;
|
r = SC_ERROR_OUT_OF_MEMORY;
|
||||||
goto failed;
|
goto err;
|
||||||
}
|
}
|
||||||
buf[0] = 0x01;
|
buf[0] = 0x01;
|
||||||
buf[1] = 0x00;
|
buf[1] = 0x00;
|
||||||
|
@ -624,9 +623,13 @@ static int epass2003_pkcs15_generate_key(struct sc_profile *profile,
|
||||||
/* free public key */
|
/* free public key */
|
||||||
free(gendat.modulus);
|
free(gendat.modulus);
|
||||||
|
|
||||||
failed:
|
err:
|
||||||
if (pukf)
|
if (pukf)
|
||||||
sc_file_free(pukf);
|
sc_file_free(pukf);
|
||||||
|
if (file)
|
||||||
|
sc_file_free(file);
|
||||||
|
if (tfile)
|
||||||
|
sc_file_free(tfile);
|
||||||
|
|
||||||
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
|
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* GPK specific operation for PKCS15 initialization
|
* GPK specific operation for PKCS15 initialization
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* Incrypto34 specific operation for PKCS15 initialization
|
* Incrypto34 specific operation for PKCS15 initialization
|
||||||
*
|
*
|
||||||
* Copyright (C) 2005 ST Incard srl, Giuseppe Amato <giuseppe dot amato at st dot com>
|
* Copyright (C) 2005 ST Incard srl, Giuseppe Amato <giuseppe dot amato at st dot com>
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* Function prototypes for pkcs15-init
|
* Function prototypes for pkcs15-init
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef PKCS15_INIT_H
|
#ifndef PKCS15_INIT_H
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* JCOP specific operation for PKCS15 initialization
|
* JCOP specific operation for PKCS15 initialization
|
||||||
*
|
*
|
||||||
* Copyright 2003 Chaskiel Grundman <cg2v@andrew.cmu.edu>
|
* Copyright 2003 Chaskiel Grundman <cg2v@andrew.cmu.edu>
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
* a generic implementation; that is how PINs and keys are stored
|
* a generic implementation; that is how PINs and keys are stored
|
||||||
* on the card. These should be implemented in pkcs15-<cardname>.c
|
* on the card. These should be implemented in pkcs15-<cardname>.c
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002, Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@ -727,10 +727,6 @@ sc_pkcs15init_finalize_profile(struct sc_card *card, struct sc_profile *profile,
|
||||||
if (aid) {
|
if (aid) {
|
||||||
sc_log(ctx, "finalize profile for AID %s", sc_dump_hex(aid->value, aid->len));
|
sc_log(ctx, "finalize profile for AID %s", sc_dump_hex(aid->value, aid->len));
|
||||||
app = sc_find_app(card, aid);
|
app = sc_find_app(card, aid);
|
||||||
if (!app) {
|
|
||||||
sc_log(ctx, "Cannot find oncard application");
|
|
||||||
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else if (card->app_count == 1) {
|
else if (card->app_count == 1) {
|
||||||
app = card->app[0];
|
app = card->app[0];
|
||||||
|
@ -813,7 +809,7 @@ sc_pkcs15init_add_app(struct sc_card *card, struct sc_profile *profile,
|
||||||
* For this, create a 'virtual' AUTH object 'SO PIN', accessible by the card specific part,
|
* For this, create a 'virtual' AUTH object 'SO PIN', accessible by the card specific part,
|
||||||
* but not yet written into the on-card PKCS#15.
|
* but not yet written into the on-card PKCS#15.
|
||||||
*/
|
*/
|
||||||
sc_log(ctx, "Add virtual SO_PIN('%s',flags:%X,reference:%i,path:'%s')", pin_obj->label,
|
sc_log(ctx, "Add virtual SO_PIN('%.*s',flags:%X,reference:%i,path:'%s')", (int) sizeof pin_obj->label, pin_obj->label,
|
||||||
pin_attrs->flags, pin_attrs->reference, sc_print_path(&pin_ainfo.path));
|
pin_attrs->flags, pin_attrs->reference, sc_print_path(&pin_ainfo.path));
|
||||||
r = sc_pkcs15_add_object(p15card, pin_obj);
|
r = sc_pkcs15_add_object(p15card, pin_obj);
|
||||||
LOG_TEST_RET(ctx, r, "Failed to add 'SOPIN' AUTH object");
|
LOG_TEST_RET(ctx, r, "Failed to add 'SOPIN' AUTH object");
|
||||||
|
@ -1009,7 +1005,7 @@ sc_pkcs15init_store_pin(struct sc_pkcs15_card *p15card, struct sc_profile *profi
|
||||||
auth_info->auth_id = args->auth_id;
|
auth_info->auth_id = args->auth_id;
|
||||||
|
|
||||||
/* Now store the PINs */
|
/* Now store the PINs */
|
||||||
sc_log(ctx, "Store PIN(%s,authID:%s)", pin_obj->label, sc_pkcs15_print_id(&auth_info->auth_id));
|
sc_log(ctx, "Store PIN(%.*s,authID:%s)", (int) sizeof pin_obj->label, pin_obj->label, sc_pkcs15_print_id(&auth_info->auth_id));
|
||||||
r = sc_pkcs15init_create_pin(p15card, profile, pin_obj, args);
|
r = sc_pkcs15init_create_pin(p15card, profile, pin_obj, args);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
sc_pkcs15_free_object(pin_obj);
|
sc_pkcs15_free_object(pin_obj);
|
||||||
|
@ -1683,7 +1679,7 @@ sc_pkcs15init_store_certificate(struct sc_pkcs15_card *p15card,
|
||||||
cert_info->path = existing_path;
|
cert_info->path = existing_path;
|
||||||
}
|
}
|
||||||
|
|
||||||
sc_log(ctx, "Store cert(%s,ID:%s,der(%p,%i))", object->label,
|
sc_log(ctx, "Store cert(%.*s,ID:%s,der(%p,%i))", (int) sizeof object->label, object->label,
|
||||||
sc_pkcs15_print_id(&cert_info->id), args->der_encoded.value, args->der_encoded.len);
|
sc_pkcs15_print_id(&cert_info->id), args->der_encoded.value, args->der_encoded.len);
|
||||||
|
|
||||||
if (!profile->pkcs15.direct_certificates)
|
if (!profile->pkcs15.direct_certificates)
|
||||||
|
@ -1832,8 +1828,8 @@ sc_pkcs15init_get_pin_reference(struct sc_pkcs15_card *p15card,
|
||||||
struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)auth_objs[ii]->data;
|
struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)auth_objs[ii]->data;
|
||||||
struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin;
|
struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin;
|
||||||
|
|
||||||
sc_log(ctx, "check PIN(%s,auth_method:%i,type:%i,reference:%i,flags:%X)",
|
sc_log(ctx, "check PIN(%.*s,auth_method:%i,type:%i,reference:%i,flags:%X)",
|
||||||
auth_objs[ii]->label, auth_info->auth_method, pin_attrs->type,
|
(int) sizeof auth_objs[ii]->label, auth_objs[ii]->label, auth_info->auth_method, pin_attrs->type,
|
||||||
pin_attrs->reference, pin_attrs->flags);
|
pin_attrs->reference, pin_attrs->flags);
|
||||||
/* Find out if there is AUTH pkcs15 object with given 'type' and 'reference' */
|
/* Find out if there is AUTH pkcs15 object with given 'type' and 'reference' */
|
||||||
if (auth_info->auth_method == auth_method && pin_attrs->reference == reference)
|
if (auth_info->auth_method == auth_method && pin_attrs->reference == reference)
|
||||||
|
@ -2332,6 +2328,8 @@ sc_pkcs15init_select_intrinsic_id(struct sc_pkcs15_card *p15card, struct sc_prof
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
sc_log(ctx, "Unsupported ID style: %i", id_style);
|
sc_log(ctx, "Unsupported ID style: %i", id_style);
|
||||||
|
if (allocated)
|
||||||
|
sc_pkcs15_free_pubkey(pubkey);
|
||||||
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Non supported ID style");
|
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Non supported ID style");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -3310,11 +3308,11 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
|
||||||
|
|
||||||
if (!r && pin_obj) {
|
if (!r && pin_obj) {
|
||||||
memcpy(&auth_info, pin_obj->data, sizeof(auth_info));
|
memcpy(&auth_info, pin_obj->data, sizeof(auth_info));
|
||||||
sc_log(ctx, "found PIN object '%s'", pin_obj->label);
|
sc_log(ctx, "found PIN object '%.*s'", (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (pin_obj) {
|
if (pin_obj) {
|
||||||
sc_log(ctx, "PIN object '%s'; pin_obj->content.len:%i", pin_obj->label, pin_obj->content.len);
|
sc_log(ctx, "PIN object '%.*s'; pin_obj->content.len:%i", (int) sizeof pin_obj->label, pin_obj->label, pin_obj->content.len);
|
||||||
if (pin_obj->content.value && pin_obj->content.len) {
|
if (pin_obj->content.value && pin_obj->content.len) {
|
||||||
if (pin_obj->content.len > pinsize)
|
if (pin_obj->content.len > pinsize)
|
||||||
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "PIN buffer is too small");
|
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "PIN buffer is too small");
|
||||||
|
@ -3410,6 +3408,7 @@ sc_pkcs15init_authenticate(struct sc_profile *profile, struct sc_pkcs15_card *p1
|
||||||
int r = 0;
|
int r = 0;
|
||||||
|
|
||||||
LOG_FUNC_CALLED(ctx);
|
LOG_FUNC_CALLED(ctx);
|
||||||
|
assert(file != NULL);
|
||||||
sc_log(ctx, "path '%s', op=%u", sc_print_path(&file->path), op);
|
sc_log(ctx, "path '%s', op=%u", sc_print_path(&file->path), op);
|
||||||
|
|
||||||
if (p15card->card->caps & SC_CARD_CAP_USE_FCI_AC) {
|
if (p15card->card->caps & SC_CARD_CAP_USE_FCI_AC) {
|
||||||
|
|
|
@ -76,15 +76,21 @@ cosm_write_tokeninfo (struct sc_pkcs15_card *p15card, struct sc_profile *profile
|
||||||
|
|
||||||
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
||||||
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "cosm_write_tokeninfo() label '%s'; flags 0x%X", label, flags);
|
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "cosm_write_tokeninfo() label '%s'; flags 0x%X", label, flags);
|
||||||
if (sc_profile_get_file(profile, COSM_TITLE"-token-info", &file))
|
if (sc_profile_get_file(profile, COSM_TITLE"-token-info", &file)) {
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "Cannot find "COSM_TITLE"-token-info");
|
rv = SC_ERROR_INCONSISTENT_PROFILE;
|
||||||
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot find "COSM_TITLE"-token-info");
|
||||||
|
}
|
||||||
|
|
||||||
if (file->size < 16)
|
if (file->size < 16) {
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "Unsufficient size of the "COSM_TITLE"-token-info file");
|
rv = SC_ERROR_INCONSISTENT_PROFILE;
|
||||||
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "Unsufficient size of the "COSM_TITLE"-token-info file");
|
||||||
|
}
|
||||||
|
|
||||||
buffer = calloc(1, file->size);
|
buffer = calloc(1, file->size);
|
||||||
if (!buffer)
|
if (!buffer) {
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY, "Allocation error in cosm_write_tokeninfo()");
|
rv = SC_ERROR_OUT_OF_MEMORY;
|
||||||
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "Allocation error in cosm_write_tokeninfo()");
|
||||||
|
}
|
||||||
|
|
||||||
if (label)
|
if (label)
|
||||||
strncpy(buffer, label, file->size - 4);
|
strncpy(buffer, label, file->size - 4);
|
||||||
|
@ -109,6 +115,9 @@ cosm_write_tokeninfo (struct sc_pkcs15_card *p15card, struct sc_profile *profile
|
||||||
if (rv > 0)
|
if (rv > 0)
|
||||||
rv = 0;
|
rv = 0;
|
||||||
|
|
||||||
|
err:
|
||||||
|
if (file)
|
||||||
|
sc_file_free(file);
|
||||||
free(buffer);
|
free(buffer);
|
||||||
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
|
||||||
}
|
}
|
||||||
|
@ -427,7 +436,7 @@ cosm_create_pin(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
||||||
|
|
||||||
pin_attrs = &auth_info->attrs.pin;
|
pin_attrs = &auth_info->attrs.pin;
|
||||||
|
|
||||||
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create '%s'; ref 0x%X; flags %X", pin_obj->label, pin_attrs->reference, pin_attrs->flags);
|
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create '%.*s'; ref 0x%X; flags %X", (int) sizeof pin_obj->label, pin_obj->label, pin_attrs->reference, pin_attrs->flags);
|
||||||
if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pin_file) < 0)
|
if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pin_file) < 0)
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "\""COSM_TITLE"-AppDF\" not defined");
|
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "\""COSM_TITLE"-AppDF\" not defined");
|
||||||
|
|
||||||
|
@ -574,6 +583,8 @@ cosm_get_temporary_public_key_file(struct sc_card *card,
|
||||||
rv = sc_file_add_acl_entry(file, SC_AC_OP_PSO_VERIFY_SIGNATURE, SC_AC_NONE, 0);
|
rv = sc_file_add_acl_entry(file, SC_AC_OP_PSO_VERIFY_SIGNATURE, SC_AC_NONE, 0);
|
||||||
if (!rv)
|
if (!rv)
|
||||||
rv = sc_file_add_acl_entry(file, SC_AC_OP_EXTERNAL_AUTHENTICATE, SC_AC_NONE, 0);
|
rv = sc_file_add_acl_entry(file, SC_AC_OP_EXTERNAL_AUTHENTICATE, SC_AC_NONE, 0);
|
||||||
|
if (rv < 0)
|
||||||
|
sc_file_free(file);
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to add ACL entry to the temporary public key file");
|
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to add ACL entry to the temporary public key file");
|
||||||
|
|
||||||
*pubkey_file = file;
|
*pubkey_file = file;
|
||||||
|
@ -696,18 +707,20 @@ cosm_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
||||||
rv = sc_select_file(p15card->card, &file->path, NULL);
|
rv = sc_select_file(p15card->card, &file->path, NULL);
|
||||||
if (rv == 0) {
|
if (rv == 0) {
|
||||||
rv = cosm_delete_file(p15card, profile, file);
|
rv = cosm_delete_file(p15card, profile, file);
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to delete private key file");
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to delete private key file");
|
||||||
}
|
}
|
||||||
else if (rv != SC_ERROR_FILE_NOT_FOUND) {
|
else if (rv != SC_ERROR_FILE_NOT_FOUND) {
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Select private key file error");
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "Select private key file error");
|
||||||
}
|
}
|
||||||
|
|
||||||
rv = sc_pkcs15init_create_file(profile, p15card, file);
|
rv = sc_pkcs15init_create_file(profile, p15card, file);
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to create private key file");
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to create private key file");
|
||||||
|
|
||||||
key_info->key_reference = file->path.value[file->path.len - 1];
|
key_info->key_reference = file->path.value[file->path.len - 1];
|
||||||
|
|
||||||
sc_file_free(file);
|
err:
|
||||||
|
if (file)
|
||||||
|
sc_file_free(file);
|
||||||
|
|
||||||
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
|
||||||
}
|
}
|
||||||
|
@ -781,11 +794,11 @@ cosm_emu_update_any_df(struct sc_profile *profile, struct sc_pkcs15_card *p15car
|
||||||
SC_FUNC_CALLED(ctx, 1);
|
SC_FUNC_CALLED(ctx, 1);
|
||||||
switch(op) {
|
switch(op) {
|
||||||
case SC_AC_OP_ERASE:
|
case SC_AC_OP_ERASE:
|
||||||
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; erase object('%s',type:%X)", object->label, object->type);
|
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; erase object('%.*s',type:%X)", (int) sizeof object->label, object->label, object->type);
|
||||||
rv = awp_update_df_delete(p15card, profile, object);
|
rv = awp_update_df_delete(p15card, profile, object);
|
||||||
break;
|
break;
|
||||||
case SC_AC_OP_CREATE:
|
case SC_AC_OP_CREATE:
|
||||||
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; create object('%s',type:%X)", object->label, object->type);
|
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; create object('%.*s',type:%X)", (int) sizeof object->label, object->label, object->type);
|
||||||
rv = awp_update_df_create(p15card, profile, object);
|
rv = awp_update_df_create(p15card, profile, object);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -808,8 +821,10 @@ cosm_emu_update_tokeninfo(struct sc_profile *profile, struct sc_pkcs15_card *p15
|
||||||
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "cannot find "COSM_TITLE"-token-info");
|
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "cannot find "COSM_TITLE"-token-info");
|
||||||
|
|
||||||
buf = calloc(1, file->size);
|
buf = calloc(1, file->size);
|
||||||
if (!buf)
|
if (!buf) {
|
||||||
|
sc_file_free(file);
|
||||||
SC_FUNC_RETURN(ctx, 1, SC_ERROR_OUT_OF_MEMORY);
|
SC_FUNC_RETURN(ctx, 1, SC_ERROR_OUT_OF_MEMORY);
|
||||||
|
}
|
||||||
|
|
||||||
label_len = strlen(tinfo->label) > (file->size - 4) ? (file->size - 4) : strlen(tinfo->label);
|
label_len = strlen(tinfo->label) > (file->size - 4) ? (file->size - 4) : strlen(tinfo->label);
|
||||||
memcpy(buf, tinfo->label, label_len);
|
memcpy(buf, tinfo->label, label_len);
|
||||||
|
@ -830,6 +845,7 @@ cosm_emu_update_tokeninfo(struct sc_profile *profile, struct sc_pkcs15_card *p15
|
||||||
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update token info (label:'%s',flags:%X,p15card->flags:%X)", buf, flags, p15card->flags);
|
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update token info (label:'%s',flags:%X,p15card->flags:%X)", buf, flags, p15card->flags);
|
||||||
rv = sc_pkcs15init_update_file(profile, p15card, file, buf, file->size);
|
rv = sc_pkcs15init_update_file(profile, p15card, file, buf, file->size);
|
||||||
free(buf);
|
free(buf);
|
||||||
|
sc_file_free(file);
|
||||||
|
|
||||||
if (rv > 0)
|
if (rv > 0)
|
||||||
rv = 0;
|
rv = 0;
|
||||||
|
|
|
@ -260,8 +260,8 @@ static int sc_hsm_generate_key(struct sc_profile *profile, struct sc_pkcs15_card
|
||||||
|
|
||||||
memset(&cvc, 0, sizeof(cvc));
|
memset(&cvc, 0, sizeof(cvc));
|
||||||
|
|
||||||
strcpy(cvc.car, "UTCA00001");
|
strlcpy(cvc.car, "UTCA00001", sizeof cvc.car);
|
||||||
strcpy(cvc.chr, "UTTM00001");
|
strlcpy(cvc.chr, "UTTM00001", sizeof cvc.chr);
|
||||||
|
|
||||||
switch(object->type) {
|
switch(object->type) {
|
||||||
case SC_PKCS15_TYPE_PRKEY_RSA:
|
case SC_PKCS15_TYPE_PRKEY_RSA:
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* Initialize Cards according to PKCS#15
|
* Initialize Cards according to PKCS#15
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* Card profile information (internal)
|
* Card profile information (internal)
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef _OPENSC_PROFILE_H
|
#ifndef _OPENSC_PROFILE_H
|
||||||
|
|
|
@ -5,65 +5,16 @@ cardinfo {
|
||||||
label = "SmartCard-HSM";
|
label = "SmartCard-HSM";
|
||||||
manufacturer = "CardContact";
|
manufacturer = "CardContact";
|
||||||
|
|
||||||
max-pin-length = 16;
|
max-pin-length = 15;
|
||||||
min-pin-length = 6;
|
min-pin-length = 6;
|
||||||
pin-encoding = ascii-numeric;
|
pin-encoding = ascii-numeric;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Default settings.
|
|
||||||
# This option block will always be processed.
|
|
||||||
option default {
|
|
||||||
macros {
|
|
||||||
protected = *=$SOPIN, READ=NONE;
|
|
||||||
unprotected = *=NONE;
|
|
||||||
so-pin-flags = local, initialized, soPin;
|
|
||||||
so-min-pin-length = 8;
|
|
||||||
so-pin-attempts = 3;
|
|
||||||
so-auth-id = 3;
|
|
||||||
odf-size = 256;
|
|
||||||
aodf-size = 256;
|
|
||||||
cdf-size = 512;
|
|
||||||
prkdf-size = 256;
|
|
||||||
pukdf-size = 256;
|
|
||||||
dodf-size = 256;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
filesystem {
|
filesystem {
|
||||||
DF MF {
|
# Here comes the application DF
|
||||||
path = 3F00;
|
DF PKCS15-AppDF {
|
||||||
type = DF;
|
type = DF;
|
||||||
|
exclusive-aid = E8:2B:06:01:04:01:81:C3:1F:02:01;
|
||||||
# This is the DIR file
|
acl = *=NONE;
|
||||||
EF DIR {
|
|
||||||
type = EF;
|
|
||||||
file-id = 2F00;
|
|
||||||
acl = *=NONE;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Here comes the application DF
|
|
||||||
DF PKCS15-AppDF {
|
|
||||||
type = DF;
|
|
||||||
exclusive-aid = E8:2B:06:01:04:01:81:C3:1F:02:01;
|
|
||||||
acl = *=NONE;
|
|
||||||
|
|
||||||
EF PKCS15-TokenInfo {
|
|
||||||
ACL = $unprotected;
|
|
||||||
}
|
|
||||||
|
|
||||||
EF PKCS15-PrKDF {
|
|
||||||
size = $prkdf-size;
|
|
||||||
acl = $protected;
|
|
||||||
}
|
|
||||||
|
|
||||||
EF PKCS15-PuKDF {
|
|
||||||
size = $pukdf-size;
|
|
||||||
acl = $protected;
|
|
||||||
}
|
|
||||||
|
|
||||||
EF PKCS15-CDF {
|
|
||||||
acl = $unprotected;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,9 @@ LIBS = $(top_builddir)/src/libsm/libsm.la \
|
||||||
$(top_builddir)/src/libopensc/libopensc.la \
|
$(top_builddir)/src/libopensc/libopensc.la \
|
||||||
$(top_builddir)/src/common/libcompat.la
|
$(top_builddir)/src/common/libcompat.la
|
||||||
|
|
||||||
|
if ENABLE_OPENSSL
|
||||||
lib_LTLIBRARIES = libsmm-local.la
|
lib_LTLIBRARIES = libsmm-local.la
|
||||||
|
endif
|
||||||
|
|
||||||
libsmm_local_la_SOURCES = smm-local.c sm-module.h \
|
libsmm_local_la_SOURCES = smm-local.c sm-module.h \
|
||||||
sm-global-platform.c sm-cwa14890.c \
|
sm-global-platform.c sm-cwa14890.c \
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
TOPDIR = ..\..
|
TOPDIR = ..\..
|
||||||
|
|
||||||
|
!IF "$(OPENSSL_DEF)" == "/DENABLE_OPENSSL"
|
||||||
TARGET = smm-local.dll
|
TARGET = smm-local.dll
|
||||||
|
|
||||||
OBJECTS = smm-local.obj sm-global-platform.obj sm-cwa14890.obj sm-card-iasecc.obj sm-card-authentic.obj
|
OBJECTS = smm-local.obj sm-global-platform.obj sm-cwa14890.obj sm-card-iasecc.obj sm-card-authentic.obj
|
||||||
|
@ -17,3 +18,7 @@ $(TARGET): $(OBJECTS) ..\libsm\libsm.lib ..\libopensc\opensc.lib
|
||||||
|
|
||||||
.c.obj:
|
.c.obj:
|
||||||
cl $(COPTS) /c $<
|
cl $(COPTS) /c $<
|
||||||
|
|
||||||
|
!ELSE
|
||||||
|
all:
|
||||||
|
!ENDIF
|
||||||
|
|
|
@ -60,11 +60,11 @@ static int ask_and_verify_pin(struct sc_pkcs15_object *pin_obj)
|
||||||
u8 *pass;
|
u8 *pass;
|
||||||
|
|
||||||
if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {
|
if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {
|
||||||
printf("Skipping unblocking pin [%s]\n", pin_obj->label);
|
printf("Skipping unblocking pin [%.*s]\n", (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(prompt, "Please enter PIN code [%s]: ", pin_obj->label);
|
sprintf(prompt, "Please enter PIN code [%.*s]: ", (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
pass = (u8 *) getpass(prompt);
|
pass = (u8 *) getpass(prompt);
|
||||||
|
|
||||||
if (SC_SUCCESS != sc_lock(card))
|
if (SC_SUCCESS != sc_lock(card))
|
||||||
|
|
|
@ -260,7 +260,7 @@ void sc_test_print_object(const struct sc_pkcs15_object *obj)
|
||||||
|
|
||||||
printf("%s", kind);
|
printf("%s", kind);
|
||||||
if (obj->label[0])
|
if (obj->label[0])
|
||||||
printf(" [%s]\n", obj->label);
|
printf(" [%.*s]\n", (int) sizeof obj->label, obj->label);
|
||||||
else
|
else
|
||||||
printf(" (no label)\n");
|
printf(" (no label)\n");
|
||||||
printf("\tCom. Flags : ");
|
printf("\tCom. Flags : ");
|
||||||
|
|
|
@ -3,8 +3,7 @@ TOPDIR = ..\..
|
||||||
!INCLUDE $(TOPDIR)\win32\Make.rules.mak
|
!INCLUDE $(TOPDIR)\win32\Make.rules.mak
|
||||||
|
|
||||||
TARGETS = opensc-tool.exe opensc-explorer.exe pkcs15-tool.exe pkcs15-crypt.exe \
|
TARGETS = opensc-tool.exe opensc-explorer.exe pkcs15-tool.exe pkcs15-crypt.exe \
|
||||||
pkcs11-tool.exe cardos-tool.exe eidenv.exe sc-hsm-tool.exe openpgp-tool.exe dnie-tool.exe \
|
pkcs11-tool.exe cardos-tool.exe eidenv.exe openpgp-tool.exe iasecc-tool.exe \
|
||||||
iasecc-tool.exe cryptoflex-tool.exe netkey-tool.exe piv-tool.exe westcos-tool.exe \
|
|
||||||
$(PROGRAMS_OPENSSL)
|
$(PROGRAMS_OPENSSL)
|
||||||
|
|
||||||
$(TARGETS): versioninfo-tools.res util.obj
|
$(TARGETS): versioninfo-tools.res util.obj
|
||||||
|
|
|
@ -130,8 +130,8 @@ static const char *option_help[] = {
|
||||||
/* E */ "Erase (reset) the card",
|
/* E */ "Erase (reset) the card",
|
||||||
"Verify PIN (CHV1, CHV2, CHV3...)",
|
"Verify PIN (CHV1, CHV2, CHV3...)",
|
||||||
"PIN string",
|
"PIN string",
|
||||||
"Delete key (1, 2, 3 or all)"
|
"Delete key (1, 2, 3 or all)",
|
||||||
/* d */ "Dump private data object number <arg> (i.e. PRIVATE-DO-<arg>)"
|
/* d */ "Dump private data object number <arg> (i.e. PRIVATE-DO-<arg>)",
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ef_name_map openpgp_data[] = {
|
static const struct ef_name_map openpgp_data[] = {
|
||||||
|
@ -315,6 +315,7 @@ static int decode_options(int argc, char **argv)
|
||||||
key_id = optarg[0] - '0';
|
key_id = optarg[0] - '0';
|
||||||
else /* Arg string is 'all' */
|
else /* Arg string is 'all' */
|
||||||
key_id = 'a';
|
key_id = 'a';
|
||||||
|
break;
|
||||||
case 'd':
|
case 'd':
|
||||||
do_dump_idx = optarg[0] - '0';
|
do_dump_idx = optarg[0] - '0';
|
||||||
opt_dump_do++;
|
opt_dump_do++;
|
||||||
|
|
|
@ -104,41 +104,41 @@ static EVP_PKEY * evpkey = NULL;
|
||||||
|
|
||||||
static int load_object(const char * object_id, const char * object_file)
|
static int load_object(const char * object_id, const char * object_file)
|
||||||
{
|
{
|
||||||
FILE *fp;
|
FILE *fp = NULL;
|
||||||
sc_path_t path;
|
sc_path_t path;
|
||||||
size_t derlen;
|
size_t derlen;
|
||||||
u8 *der = NULL;
|
u8 *der = NULL;
|
||||||
u8 *body;
|
u8 *body;
|
||||||
size_t bodylen;
|
size_t bodylen;
|
||||||
int r;
|
int r = -1;
|
||||||
struct stat stat_buf;
|
struct stat stat_buf;
|
||||||
|
|
||||||
if(!object_file || (fp=fopen(object_file, "r")) == NULL){
|
if(!object_file || (fp=fopen(object_file, "r")) == NULL){
|
||||||
printf("Cannot open object file, %s %s\n",
|
printf("Cannot open object file, %s %s\n",
|
||||||
(object_file)?object_file:"", strerror(errno));
|
(object_file)?object_file:"", strerror(errno));
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (0 != stat(object_file, &stat_buf)) {
|
if (0 != stat(object_file, &stat_buf)) {
|
||||||
printf("unable to read file %s\n",object_file);
|
printf("unable to read file %s\n",object_file);
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
derlen = stat_buf.st_size;
|
derlen = stat_buf.st_size;
|
||||||
der = malloc(derlen);
|
der = malloc(derlen);
|
||||||
if (der == NULL) {
|
if (der == NULL) {
|
||||||
printf("file %s is too big, %lu\n",
|
printf("file %s is too big, %lu\n",
|
||||||
object_file, (unsigned long)derlen);
|
object_file, (unsigned long)derlen);
|
||||||
return-1 ;
|
goto err;
|
||||||
}
|
}
|
||||||
if (1 != fread(der, derlen, 1, fp)) {
|
if (1 != fread(der, derlen, 1, fp)) {
|
||||||
printf("unable to read file %s\n",object_file);
|
printf("unable to read file %s\n",object_file);
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
/* check if tag and length are valid */
|
/* check if tag and length are valid */
|
||||||
body = (u8 *)sc_asn1_find_tag(card->ctx, der, derlen, 0x53, &bodylen);
|
body = (u8 *)sc_asn1_find_tag(card->ctx, der, derlen, 0x53, &bodylen);
|
||||||
if (body == NULL || derlen != body - der + bodylen) {
|
if (body == NULL || derlen != body - der + bodylen) {
|
||||||
fprintf(stderr, "object tag or length not valid\n");
|
fprintf(stderr, "object tag or length not valid\n");
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
sc_format_path(object_id, &path);
|
sc_format_path(object_id, &path);
|
||||||
|
@ -146,11 +146,17 @@ static int load_object(const char * object_id, const char * object_file)
|
||||||
r = sc_select_file(card, &path, NULL);
|
r = sc_select_file(card, &path, NULL);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
fprintf(stderr, "select file failed\n");
|
fprintf(stderr, "select file failed\n");
|
||||||
return -1;
|
r = -1;
|
||||||
|
goto err;
|
||||||
}
|
}
|
||||||
/* leave 8 bits for flags, and pass in total length */
|
/* leave 8 bits for flags, and pass in total length */
|
||||||
r = sc_write_binary(card, 0, der, derlen, derlen<<8);
|
r = sc_write_binary(card, 0, der, derlen, derlen<<8);
|
||||||
|
|
||||||
|
err:
|
||||||
|
free(der);
|
||||||
|
if (fp)
|
||||||
|
fclose(fp);
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -159,49 +165,49 @@ static int load_cert(const char * cert_id, const char * cert_file,
|
||||||
int compress)
|
int compress)
|
||||||
{
|
{
|
||||||
X509 * cert = NULL;
|
X509 * cert = NULL;
|
||||||
FILE *fp;
|
FILE *fp = NULL;
|
||||||
u8 buf[1];
|
u8 buf[1];
|
||||||
size_t buflen = 1;
|
size_t buflen = 1;
|
||||||
sc_path_t path;
|
sc_path_t path;
|
||||||
u8 *der = NULL;
|
u8 *der = NULL;
|
||||||
u8 *p;
|
u8 *p;
|
||||||
size_t derlen;
|
size_t derlen;
|
||||||
int r;
|
int r = -1;
|
||||||
|
|
||||||
if (!cert_file) {
|
if (!cert_file) {
|
||||||
printf("Missing cert file\n");
|
printf("Missing cert file\n");
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if((fp=fopen(cert_file, "r"))==NULL){
|
if((fp=fopen(cert_file, "r"))==NULL){
|
||||||
printf("Cannot open cert file, %s %s\n",
|
printf("Cannot open cert file, %s %s\n",
|
||||||
cert_file, strerror(errno));
|
cert_file, strerror(errno));
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
if (compress) { /* file is gziped already */
|
if (compress) { /* file is gziped already */
|
||||||
struct stat stat_buf;
|
struct stat stat_buf;
|
||||||
|
|
||||||
if (0 != stat(cert_file, &stat_buf)) {
|
if (0 != stat(cert_file, &stat_buf)) {
|
||||||
printf("unable to read file %s\n",cert_file);
|
printf("unable to read file %s\n",cert_file);
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
derlen = stat_buf.st_size;
|
derlen = stat_buf.st_size;
|
||||||
der = malloc(derlen);
|
der = malloc(derlen);
|
||||||
if (der == NULL) {
|
if (der == NULL) {
|
||||||
printf("file %s is too big, %lu\n",
|
printf("file %s is too big, %lu\n",
|
||||||
cert_file, (unsigned long)derlen);
|
cert_file, (unsigned long)derlen);
|
||||||
return -1 ;
|
goto err;
|
||||||
}
|
}
|
||||||
if (1 != fread(der, derlen, 1, fp)) {
|
if (1 != fread(der, derlen, 1, fp)) {
|
||||||
printf("unable to read file %s\n",cert_file);
|
printf("unable to read file %s\n",cert_file);
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
cert = PEM_read_X509(fp, &cert, NULL, NULL);
|
cert = PEM_read_X509(fp, &cert, NULL, NULL);
|
||||||
if(cert == NULL){
|
if(cert == NULL){
|
||||||
printf("file %s does not conatin PEM-encoded certificate\n",
|
printf("file %s does not conatin PEM-encoded certificate\n",
|
||||||
cert_file);
|
cert_file);
|
||||||
return -1 ;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
derlen = i2d_X509(cert, NULL);
|
derlen = i2d_X509(cert, NULL);
|
||||||
|
@ -209,7 +215,6 @@ static int load_cert(const char * cert_id, const char * cert_file,
|
||||||
p = der;
|
p = der;
|
||||||
i2d_X509(cert, &p);
|
i2d_X509(cert, &p);
|
||||||
}
|
}
|
||||||
fclose(fp);
|
|
||||||
sc_hex_to_bin(cert_id, buf,&buflen);
|
sc_hex_to_bin(cert_id, buf,&buflen);
|
||||||
|
|
||||||
switch (buf[0]) {
|
switch (buf[0]) {
|
||||||
|
@ -219,20 +224,25 @@ static int load_cert(const char * cert_id, const char * cert_file,
|
||||||
case 0x9e: sc_format_path("0500",&path); break;
|
case 0x9e: sc_format_path("0500",&path); break;
|
||||||
default:
|
default:
|
||||||
fprintf(stderr,"cert must be 9A, 9C, 9D or 9E\n");
|
fprintf(stderr,"cert must be 9A, 9C, 9D or 9E\n");
|
||||||
return 2;
|
r = 2;
|
||||||
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = sc_select_file(card, &path, NULL);
|
r = sc_select_file(card, &path, NULL);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
fprintf(stderr, "select file failed\n");
|
fprintf(stderr, "select file failed\n");
|
||||||
return -1;
|
goto err;
|
||||||
}
|
}
|
||||||
/* we pass length and 8 bits of flag to card-piv.c write_binary */
|
/* we pass length and 8 bits of flag to card-piv.c write_binary */
|
||||||
/* pass in its a cert and if needs compress */
|
/* pass in its a cert and if needs compress */
|
||||||
r = sc_write_binary(card, 0, der, derlen, (derlen<<8) | (compress<<4) | 1);
|
r = sc_write_binary(card, 0, der, derlen, (derlen<<8) | (compress<<4) | 1);
|
||||||
|
|
||||||
return r;
|
err:
|
||||||
|
free(der);
|
||||||
|
if (fp)
|
||||||
|
fclose(fp);
|
||||||
|
|
||||||
|
return r;
|
||||||
}
|
}
|
||||||
static int admin_mode(const char* admin_info)
|
static int admin_mode(const char* admin_info)
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* pkcs11-tool.c: Tool for poking around pkcs11 modules/tokens
|
* pkcs11-tool.c: Tool for poking around pkcs11 modules/tokens
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002 Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002 Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
|
|
@ -140,7 +140,7 @@ static char * get_pin(struct sc_pkcs15_object *obj)
|
||||||
return strdup(opt_pincode);
|
return strdup(opt_pincode);
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(buf, "Enter PIN [%s]: ", obj->label);
|
sprintf(buf, "Enter PIN [%.*s]: ", (int) sizeof obj->label, obj->label);
|
||||||
while (1) {
|
while (1) {
|
||||||
pincode = getpass(buf);
|
pincode = getpass(buf);
|
||||||
if (strlen(pincode) == 0)
|
if (strlen(pincode) == 0)
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
* a generic implementation; that is how PINs and keys are stored
|
* a generic implementation; that is how PINs and keys are stored
|
||||||
* on the card. These should be implemented in pkcs15-<cardname>.c
|
* on the card. These should be implemented in pkcs15-<cardname>.c
|
||||||
*
|
*
|
||||||
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002, Olaf Kirch <okir@suse.de>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
@ -1015,7 +1015,7 @@ is_cacert_already_present(struct sc_pkcs15init_certargs *args)
|
||||||
|
|
||||||
if (!cinfo->authority)
|
if (!cinfo->authority)
|
||||||
continue;
|
continue;
|
||||||
if (strcmp(args->label, objs[i]->label))
|
if (strncmp(args->label, objs[i]->label, sizeof objs[i]->label))
|
||||||
continue;
|
continue;
|
||||||
/* XXX we should also match the usage field here */
|
/* XXX we should also match the usage field here */
|
||||||
|
|
||||||
|
@ -2852,7 +2852,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
|
||||||
if (opt_no_prompt)
|
if (opt_no_prompt)
|
||||||
return SC_ERROR_OBJECT_NOT_FOUND;
|
return SC_ERROR_OBJECT_NOT_FOUND;
|
||||||
|
|
||||||
if (0 < strnlen(pin_obj->label, sizeof pin_obj->label))
|
if (pin_obj->label[0])
|
||||||
snprintf(pin_label, sizeof(pin_label), "User PIN [%s]", pin_obj->label);
|
snprintf(pin_label, sizeof(pin_label), "User PIN [%s]", pin_obj->label);
|
||||||
else
|
else
|
||||||
snprintf(pin_label, sizeof(pin_label), "User PIN");
|
snprintf(pin_label, sizeof(pin_label), "User PIN");
|
||||||
|
|
|
@ -233,7 +233,7 @@ static void print_cert_info(const struct sc_pkcs15_object *obj)
|
||||||
struct sc_pkcs15_cert *cert_parsed = NULL;
|
struct sc_pkcs15_cert *cert_parsed = NULL;
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
printf("X.509 Certificate [%s]\n", obj->label);
|
printf("X.509 Certificate [%.*s]\n", (int) sizeof obj->label, obj->label);
|
||||||
print_common_flags(obj);
|
print_common_flags(obj);
|
||||||
printf("\tAuthority : %s\n", cert_info->authority ? "yes" : "no");
|
printf("\tAuthority : %s\n", cert_info->authority ? "yes" : "no");
|
||||||
printf("\tPath : %s\n", sc_print_path(&cert_info->path));
|
printf("\tPath : %s\n", sc_print_path(&cert_info->path));
|
||||||
|
@ -435,7 +435,7 @@ static int read_data_object(void)
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (strcmp(opt_data, cinfo->app_label) && strcmp(opt_data, objs[i]->label))
|
if (strcmp(opt_data, cinfo->app_label) && strncmp(opt_data, objs[i]->label, sizeof objs[i]->label))
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -477,8 +477,8 @@ static int list_data_objects(void)
|
||||||
int idx;
|
int idx;
|
||||||
struct sc_pkcs15_data_info *cinfo = (struct sc_pkcs15_data_info *) objs[i]->data;
|
struct sc_pkcs15_data_info *cinfo = (struct sc_pkcs15_data_info *) objs[i]->data;
|
||||||
|
|
||||||
if (0 < strnlen(objs[i]->label, sizeof objs[i]->label))
|
if (objs[i]->label[0] != '\0')
|
||||||
printf("Data object '%s'\n", objs[i]->label);
|
printf("Data object '%.*s'\n",(int) sizeof objs[i]->label, objs[i]->label);
|
||||||
else
|
else
|
||||||
printf("Data object <%i>\n", i);
|
printf("Data object <%i>\n", i);
|
||||||
printf("\tapplicationName: %s\n", cinfo->app_label);
|
printf("\tapplicationName: %s\n", cinfo->app_label);
|
||||||
|
@ -527,7 +527,7 @@ static void print_prkey_info(const struct sc_pkcs15_object *obj)
|
||||||
unsigned char guid[40];
|
unsigned char guid[40];
|
||||||
size_t guid_len;
|
size_t guid_len;
|
||||||
|
|
||||||
printf("Private %s Key [%s]\n", types[7 & obj->type], obj->label);
|
printf("Private %s Key [%.*s]\n", types[7 & obj->type], (int) sizeof obj->label, obj->label);
|
||||||
print_common_flags(obj);
|
print_common_flags(obj);
|
||||||
printf("\tUsage : [0x%X]", prkey->usage);
|
printf("\tUsage : [0x%X]", prkey->usage);
|
||||||
for (i = 0; i < usage_count; i++)
|
for (i = 0; i < usage_count; i++)
|
||||||
|
@ -613,7 +613,7 @@ static void print_pubkey_info(const struct sc_pkcs15_object *obj)
|
||||||
const unsigned int af_count = NELEMENTS(access_flags);
|
const unsigned int af_count = NELEMENTS(access_flags);
|
||||||
int have_path = (pubkey->path.len != 0) || (pubkey->path.aid.len != 0);
|
int have_path = (pubkey->path.len != 0) || (pubkey->path.aid.len != 0);
|
||||||
|
|
||||||
printf("Public %s Key [%s]\n", types[7 & obj->type], obj->label);
|
printf("Public %s Key [%.*s]\n", types[7 & obj->type], (int) sizeof obj->label, obj->label);
|
||||||
print_common_flags(obj);
|
print_common_flags(obj);
|
||||||
printf("\tUsage : [0x%X]", pubkey->usage);
|
printf("\tUsage : [0x%X]", pubkey->usage);
|
||||||
for (i = 0; i < usage_count; i++)
|
for (i = 0; i < usage_count; i++)
|
||||||
|
@ -757,7 +757,7 @@ static void print_skey_info(const struct sc_pkcs15_object *obj)
|
||||||
unsigned char guid[40];
|
unsigned char guid[40];
|
||||||
size_t guid_len;
|
size_t guid_len;
|
||||||
|
|
||||||
printf("Secret %s Key [%s]\n", types[3 & obj->type], obj->label);
|
printf("Secret %s Key [%.*s]\n", types[3 & obj->type], (int) sizeof obj->label, obj->label);
|
||||||
print_common_flags(obj);
|
print_common_flags(obj);
|
||||||
printf("\tUsage : [0x%X]", skey->usage);
|
printf("\tUsage : [0x%X]", skey->usage);
|
||||||
for (i = 0; i < usage_count; i++)
|
for (i = 0; i < usage_count; i++)
|
||||||
|
@ -824,8 +824,8 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object
|
||||||
|
|
||||||
fprintf(outf,"---- BEGIN SSH2 PUBLIC KEY ----\n");
|
fprintf(outf,"---- BEGIN SSH2 PUBLIC KEY ----\n");
|
||||||
|
|
||||||
if (obj->label && strlen(obj->label))
|
if (obj->label[0] != '\0')
|
||||||
fprintf(outf,"Comment: \"%s\"\n", obj->label);
|
fprintf(outf,"Comment: \"%.*s\"\n", (int) sizeof obj->label, obj->label);
|
||||||
|
|
||||||
fprintf(outf,"%s", uu);
|
fprintf(outf,"%s", uu);
|
||||||
fprintf(outf,"---- END SSH2 PUBLIC KEY ----\n");
|
fprintf(outf,"---- END SSH2 PUBLIC KEY ----\n");
|
||||||
|
@ -836,8 +836,8 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
if (obj->label && strlen(obj->label))
|
if (obj->label[0] != '\0')
|
||||||
fprintf(outf,"ssh-%s %s %.*s\n", alg, uu, sizeof obj->label, obj->label);
|
fprintf(outf,"ssh-%s %s %.*s\n", alg, uu, (int) sizeof obj->label, obj->label);
|
||||||
else
|
else
|
||||||
fprintf(outf,"ssh-%s %s\n", alg, uu);
|
fprintf(outf,"ssh-%s %s\n", alg, uu);
|
||||||
}
|
}
|
||||||
|
@ -1109,11 +1109,11 @@ static u8 * get_pin(const char *prompt, sc_pkcs15_object_t *pin_obj)
|
||||||
if (opt_no_prompt) {
|
if (opt_no_prompt) {
|
||||||
// defer entry of the PIN to the readers pinpad.
|
// defer entry of the PIN to the readers pinpad.
|
||||||
if (verbose)
|
if (verbose)
|
||||||
printf("%s [%s]: entry deferred to the reader keypad\n", prompt, pin_obj->label);
|
printf("%s [%.*s]: entry deferred to the reader keypad\n", prompt, (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
printf("%s [%s]: ", prompt, pin_obj->label);
|
printf("%s [%.*s]: ", prompt, (int) sizeof pin_obj->label, pin_obj->label);
|
||||||
if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
@ -1232,9 +1232,9 @@ static void print_pin_info(const struct sc_pkcs15_object *obj)
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
if (obj->type == SC_PKCS15_TYPE_AUTH_PIN)
|
if (obj->type == SC_PKCS15_TYPE_AUTH_PIN)
|
||||||
printf("PIN [%s]\n", obj->label);
|
printf("PIN [%.*s]\n", (int) sizeof obj->label, obj->label);
|
||||||
else if (obj->type == SC_PKCS15_TYPE_AUTH_AUTHKEY)
|
else if (obj->type == SC_PKCS15_TYPE_AUTH_AUTHKEY)
|
||||||
printf("AuthKey [%s]\n", obj->label);
|
printf("AuthKey [%.*s]\n", (int) sizeof obj->label, obj->label);
|
||||||
|
|
||||||
print_common_flags(obj);
|
print_common_flags(obj);
|
||||||
if (obj->auth_id.len)
|
if (obj->auth_id.len)
|
||||||
|
@ -1299,7 +1299,7 @@ static int list_apps(FILE *fout)
|
||||||
for (i=0; i<p15card->card->app_count; i++) {
|
for (i=0; i<p15card->card->app_count; i++) {
|
||||||
struct sc_app_info *info = p15card->card->app[i];
|
struct sc_app_info *info = p15card->card->app[i];
|
||||||
|
|
||||||
fprintf(fout, "Application '%s':\n", info->label);
|
fprintf(fout, "Application '%.*s':\n", (int) sizeof info->label, info->label);
|
||||||
fprintf(fout, "\tAID: ");
|
fprintf(fout, "\tAID: ");
|
||||||
for(j=0;j<info->aid.len;j++)
|
for(j=0;j<info->aid.len;j++)
|
||||||
fprintf(fout, "%02X", info->aid.value[j]);
|
fprintf(fout, "%02X", info->aid.value[j]);
|
||||||
|
@ -1673,7 +1673,7 @@ static int learn_card(void)
|
||||||
sc_path_t tpath;
|
sc_path_t tpath;
|
||||||
struct sc_pkcs15_cert_info *cinfo = (struct sc_pkcs15_cert_info *) certs[i]->data;
|
struct sc_pkcs15_cert_info *cinfo = (struct sc_pkcs15_cert_info *) certs[i]->data;
|
||||||
|
|
||||||
printf("[%s]\n", certs[i]->label);
|
printf("[%.*s]\n", (int) sizeof certs[i]->label, certs[i]->label);
|
||||||
|
|
||||||
memset(&tpath, 0, sizeof(tpath));
|
memset(&tpath, 0, sizeof(tpath));
|
||||||
tpath = cinfo->path;
|
tpath = cinfo->path;
|
||||||
|
|
|
@ -23,7 +23,7 @@ SM_DEF = /DENABLE_SM
|
||||||
# - uncomment the line starting with OPENSSL_DEF
|
# - uncomment the line starting with OPENSSL_DEF
|
||||||
# - set the OPENSSL_INCL_DIR below to your openssl include directory, preceded by "/I"
|
# - set the OPENSSL_INCL_DIR below to your openssl include directory, preceded by "/I"
|
||||||
# - set the OPENSSL_LIB below to your openssl lib file
|
# - set the OPENSSL_LIB below to your openssl lib file
|
||||||
OPENSSL_DEF = /DENABLE_OPENSSL
|
#OPENSSL_DEF= /DENABLE_OPENSSL
|
||||||
!IF "$(OPENSSL_DEF)" == "/DENABLE_OPENSSL"
|
!IF "$(OPENSSL_DEF)" == "/DENABLE_OPENSSL"
|
||||||
!IF "$(BUILD_FOR)" == "WIN64"
|
!IF "$(BUILD_FOR)" == "WIN64"
|
||||||
OPENSSL_DIR = C:\OpenSSL-Win64
|
OPENSSL_DIR = C:\OpenSSL-Win64
|
||||||
|
@ -45,8 +45,10 @@ OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libeay32MTd.lib user32
|
||||||
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libeay32MT.lib user32.lib advapi32.lib crypt32.lib
|
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libeay32MT.lib user32.lib advapi32.lib crypt32.lib
|
||||||
!ENDIF
|
!ENDIF
|
||||||
|
|
||||||
PROGRAMS_OPENSSL = pkcs15-init.exe cryptoflex-tool.exe netkey-tool.exe piv-tool.exe westcos-tool.exe
|
PROGRAMS_OPENSSL = cryptoflex-tool.exe pkcs15-init.exe netkey-tool.exe piv-tool.exe \
|
||||||
|
westcos-tool.exe sc-hsm-tool.exe dnie-tool.exe
|
||||||
OPENSC_FEATURES = $(OPENSC_FEATURES) openssl
|
OPENSC_FEATURES = $(OPENSC_FEATURES) openssl
|
||||||
|
CANDLEFLAGS = -dOpenSSL="$(OPENSSL_DIR)" $(CANDLEFLAGS)
|
||||||
!ENDIF
|
!ENDIF
|
||||||
|
|
||||||
|
|
||||||
|
@ -55,11 +57,12 @@ OPENSC_FEATURES = $(OPENSC_FEATURES) openssl
|
||||||
# - uncomment the line starting with ZLIB_DEF
|
# - uncomment the line starting with ZLIB_DEF
|
||||||
# - set the ZLIB_INCL_DIR below to the zlib include lib proceeded by "/I"
|
# - set the ZLIB_INCL_DIR below to the zlib include lib proceeded by "/I"
|
||||||
# - set the ZLIB_LIB below to your zlib lib file
|
# - set the ZLIB_LIB below to your zlib lib file
|
||||||
ZLIB_DEF = /DENABLE_ZLIB
|
#ZLIB_DEF = /DENABLE_ZLIB
|
||||||
!IF "$(ZLIB_DEF)" == "/DENABLE_ZLIB"
|
!IF "$(ZLIB_DEF)" == "/DENABLE_ZLIB"
|
||||||
ZLIB_INCL_DIR = /IC:\zlib-dll\include
|
ZLIB_INCL_DIR = /IC:\zlib-dll\include
|
||||||
ZLIB_LIB = C:\zlib-dll\lib\zdll.lib
|
ZLIB_LIB = C:\zlib-dll\lib\zdll.lib
|
||||||
OPENSC_FEATURES = $(OPENSC_FEATURES) zlib
|
OPENSC_FEATURES = $(OPENSC_FEATURES) zlib
|
||||||
|
CANDLEFLAGS = -dzlib="C:\zlib-dll" $(CANDLEFLAGS)
|
||||||
!ENDIF
|
!ENDIF
|
||||||
|
|
||||||
# Used for MiniDriver
|
# Used for MiniDriver
|
||||||
|
@ -87,11 +90,11 @@ COPTS = /W3 /D_CRT_SECURE_NO_DEPRECATE /MT /nologo /DHAVE_CONFIG_H $(ALL_INCLUD
|
||||||
!IF "$(BUILD_FOR)" == "WIN64"
|
!IF "$(BUILD_FOR)" == "WIN64"
|
||||||
LINKFLAGS = /NOLOGO /INCREMENTAL:NO /MACHINE:X64 /MANIFEST:NO /NODEFAULTLIB:MSVCRTD /NODEFAULTLIB:MSVCRT $(LINKDEBUGFLAGS)
|
LINKFLAGS = /NOLOGO /INCREMENTAL:NO /MACHINE:X64 /MANIFEST:NO /NODEFAULTLIB:MSVCRTD /NODEFAULTLIB:MSVCRT $(LINKDEBUGFLAGS)
|
||||||
LIBFLAGS = /nologo /machine:x64
|
LIBFLAGS = /nologo /machine:x64
|
||||||
CANDLEFLAGS = -dPlatform=x64
|
CANDLEFLAGS = -dPlatform=x64 $(CANDLEFLAGS)
|
||||||
!ELSE
|
!ELSE
|
||||||
LINKFLAGS = /NOLOGO /INCREMENTAL:NO /MACHINE:X86 /MANIFEST:NO /NODEFAULTLIB:MSVCRTD /NODEFAULTLIB:MSVCRT $(LINKDEBUGFLAGS)
|
LINKFLAGS = /NOLOGO /INCREMENTAL:NO /MACHINE:X86 /MANIFEST:NO /NODEFAULTLIB:MSVCRTD /NODEFAULTLIB:MSVCRT $(LINKDEBUGFLAGS)
|
||||||
LIBFLAGS = /nologo /machine:x86
|
LIBFLAGS = /nologo /machine:x86
|
||||||
CANDLEFLAGS = -dPlatform=x86
|
CANDLEFLAGS = -dPlatform=x86 $(CANDLEFLAGS)
|
||||||
!ENDIF
|
!ENDIF
|
||||||
.c.obj::
|
.c.obj::
|
||||||
cl $(CODE_OPTIMIZATION) $(COPTS) /c $<
|
cl $(CODE_OPTIMIZATION) $(COPTS) /c $<
|
||||||
|
|
|
@ -11,7 +11,7 @@ customactions.dll: versioninfo-customactions.res customactions.obj
|
||||||
echo LIBRARY $* > $*.def
|
echo LIBRARY $* > $*.def
|
||||||
echo EXPORTS >> $*.def
|
echo EXPORTS >> $*.def
|
||||||
type customactions.exports >> $*.def
|
type customactions.exports >> $*.def
|
||||||
link /dll $(LINKFLAGS) /def:$*.def /out:customactions.dll versioninfo-customactions.res customactions.obj msi.lib $(WIX_LIBS) Advapi32.lib User32.lib Version.lib Shell32.lib
|
link /dll $(LINKFLAGS) /def:$*.def /out:customactions.dll versioninfo-customactions.res customactions.obj msi.lib $(WIX_LIBS) Advapi32.lib User32.lib Version.lib Shell32.lib
|
||||||
|
|
||||||
OpenSC.msi: OpenSC.wixobj
|
OpenSC.msi: OpenSC.wixobj
|
||||||
"$(WIX_PATH)\bin\light.exe" -sh -ext WixUIExtension -ext WiXUtilExtension $?
|
"$(WIX_PATH)\bin\light.exe" -sh -ext WixUIExtension -ext WiXUtilExtension $?
|
||||||
|
|
|
@ -1,12 +1,20 @@
|
||||||
<?xml version="1.0" encoding="windows-1252"?>
|
<?xml version="1.0" encoding="windows-1252"?>
|
||||||
<?if $(var.Platform) = x64 ?>
|
<?if $(var.Platform) = x64 ?>
|
||||||
<?define ProductName = "@OPENSC_VS_FF_PRODUCT_NAME@ (64bit)" ?>
|
<?ifndef OpenSSL ?>
|
||||||
|
<?define ProductName = "@OPENSC_VS_FF_PRODUCT_NAME@ Light (64bit)" ?>
|
||||||
|
<?else ?>
|
||||||
|
<?define ProductName = "@OPENSC_VS_FF_PRODUCT_NAME@ (64bit)" ?>
|
||||||
|
<?endif ?>
|
||||||
<?define Win64YesNo="yes" ?>
|
<?define Win64YesNo="yes" ?>
|
||||||
<?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>
|
<?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>
|
||||||
<?define PlatformSystemFolder = "System64Folder" ?>
|
<?define PlatformSystemFolder = "System64Folder" ?>
|
||||||
<?define PlatformUpgradeCode = "{9A449570-69A2-11E0-9CC6-955B4824019B}" ?>
|
<?define PlatformUpgradeCode = "{9A449570-69A2-11E0-9CC6-955B4824019B}" ?>
|
||||||
<?else ?>
|
<?else ?>
|
||||||
<?define ProductName = "@OPENSC_VS_FF_PRODUCT_NAME@" ?>
|
<?ifndef OpenSSL ?>
|
||||||
|
<?define ProductName = "@OPENSC_VS_FF_PRODUCT_NAME@ Light" ?>
|
||||||
|
<?else ?>
|
||||||
|
<?define ProductName = "@OPENSC_VS_FF_PRODUCT_NAME@" ?>
|
||||||
|
<?endif ?>
|
||||||
<?define Win64YesNo="no" ?>
|
<?define Win64YesNo="no" ?>
|
||||||
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
|
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
|
||||||
<?define PlatformSystemFolder = "SystemFolder" ?>
|
<?define PlatformSystemFolder = "SystemFolder" ?>
|
||||||
|
@ -97,7 +105,7 @@
|
||||||
<Directory Id="INSTALLDIR" Name="OpenSC">
|
<Directory Id="INSTALLDIR" Name="OpenSC">
|
||||||
<!-- opensc.conf sample goes to installation directory -->
|
<!-- opensc.conf sample goes to installation directory -->
|
||||||
<Component Id="opensc.conf" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="opensc.conf" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\etc\opensc.conf.win" Name="opensc.conf" KeyPath="yes"/>
|
<File Source="$(var.SOURCE_DIR)\etc\opensc.conf" Name="opensc.conf" KeyPath="yes"/>
|
||||||
<!-- -->
|
<!-- -->
|
||||||
<RegistryKey Id="OpenscRegs" Root="HKLM" Key="Software\[Manufacturer]\OpenSC" Action="createAndRemoveOnUninstall">
|
<RegistryKey Id="OpenscRegs" Root="HKLM" Key="Software\[Manufacturer]\OpenSC" Action="createAndRemoveOnUninstall">
|
||||||
<RegistryValue Type="string" Name="ConfigFile" Value="[INSTALLDIR]opensc.conf"/>
|
<RegistryValue Type="string" Name="ConfigFile" Value="[INSTALLDIR]opensc.conf"/>
|
||||||
|
@ -108,12 +116,14 @@
|
||||||
|
|
||||||
<!-- Tools have their own folder -->
|
<!-- Tools have their own folder -->
|
||||||
<Directory Id="INSTALLDIR_TOOLS" Name="tools">
|
<Directory Id="INSTALLDIR_TOOLS" Name="tools">
|
||||||
|
<?ifdef zlib ?>
|
||||||
|
<Component Id="zlib1.dll" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.zlib)\zlib1.dll" Vital="yes"/>
|
||||||
|
</Component>
|
||||||
|
<?endif ?>
|
||||||
<Component Id="opensc.dll" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="opensc.dll" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\libopensc\opensc.dll" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\libopensc\opensc.dll" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="smm_local.dll" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\smm\smm-local.dll" Vital="yes"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="opensc_explorer.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="opensc_explorer.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\opensc-explorer.exe" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\tools\opensc-explorer.exe" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
|
@ -129,132 +139,142 @@
|
||||||
<Component Id="eidenv.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="eidenv.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\eidenv.exe" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\tools\eidenv.exe" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="pkcs15_init.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\pkcs15-init.exe" Vital="yes"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="pkcs15_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="pkcs15_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\pkcs15-tool.exe" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\tools\pkcs15-tool.exe" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="pkcs15_crypt.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="pkcs15_crypt.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\pkcs15-crypt.exe" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\tools\pkcs15-crypt.exe" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="sc_hsm_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\sc-hsm-tool.exe" Vital="yes"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="dnie_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\dnie-tool.exe" Vital="yes"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="openpgp_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="openpgp_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\openpgp-tool.exe" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\tools\openpgp-tool.exe" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="iasecc_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="iasecc_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\iasecc-tool.exe" Vital="yes"/>
|
<File Source="$(var.SOURCE_DIR)\src\tools\iasecc-tool.exe" Vital="yes"/>
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="cryptoflex_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
<?ifdef OpenSSL ?>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\cryptoflex-tool.exe" Vital="yes"/>
|
<Component Id="libeay32.dll" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
</Component>
|
<File Source="$(var.OpenSSL)\libeay32.dll" Vital="yes"/>
|
||||||
<Component Id="netkey_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
</Component>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\netkey-tool.exe" Vital="yes"/>
|
<Component Id="smm_local.dll" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
</Component>
|
<File Source="$(var.SOURCE_DIR)\src\smm\smm-local.dll" Vital="yes"/>
|
||||||
<Component Id="piv_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
</Component>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\piv-tool.exe" Vital="yes"/>
|
<Component Id="cryptoflex_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
</Component>
|
<File Source="$(var.SOURCE_DIR)\src\tools\cryptoflex-tool.exe" Vital="yes"/>
|
||||||
<Component Id="westcos_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
</Component>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\tools\westcos-tool.exe" Vital="yes"/>
|
<Component Id="pkcs15_init.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
</Component>
|
<File Source="$(var.SOURCE_DIR)\src\tools\pkcs15-init.exe" Vital="yes"/>
|
||||||
</Directory>
|
</Component>
|
||||||
<Directory Id="INSTALLDIR_PROFILES" Name="profiles">
|
<Component Id="netkey_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<Component Id="cyberflex.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<File Source="$(var.SOURCE_DIR)\src\tools\netkey-tool.exe" Vital="yes"/>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\cyberflex.profile"/>
|
</Component>
|
||||||
</Component>
|
<Component Id="piv_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<Component Id="flex.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<File Source="$(var.SOURCE_DIR)\src\tools\piv-tool.exe" Vital="yes"/>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\flex.profile"/>
|
</Component>
|
||||||
</Component>
|
<Component Id="westcos_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<Component Id="gpk.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<File Source="$(var.SOURCE_DIR)\src\tools\westcos-tool.exe" Vital="yes"/>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\gpk.profile"/>
|
</Component>
|
||||||
</Component>
|
<Component Id="sc_hsm_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<Component Id="miocos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<File Source="$(var.SOURCE_DIR)\src\tools\sc-hsm-tool.exe" Vital="yes"/>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\miocos.profile"/>
|
</Component>
|
||||||
</Component>
|
<Component Id="dnie_tool.exe" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<Component Id="incrypto34.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<File Source="$(var.SOURCE_DIR)\src\tools\dnie-tool.exe" Vital="yes"/>
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\incrypto34.profile"/>
|
</Component>
|
||||||
</Component>
|
<?endif ?>
|
||||||
<Component Id="jcop.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\jcop.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="muscle.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\muscle.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="pkcs15.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\pkcs15.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="asepcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\asepcos.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="cardos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\cardos.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="entersafe.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\entersafe.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="epass2003.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\epass2003.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="myeid.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\myeid.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="setcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\setcos.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="starcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\starcos.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="westcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\westcos.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="oberthur.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\oberthur.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="authentic.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\authentic.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="rutoken.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="rutoken_ecp.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken_ecp.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="ias_adele_admin1.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_admin1.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="ias_adele_admin2.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_admin2.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="ias_adele_common.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_common.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="iasecc_admin_eid.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc_admin_eid.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="iasecc_generic_oberthur.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc_generic_oberthur.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="iasecc_generic_pki.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc_generic_pki.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="iasecc.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="schsm.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\sc-hsm.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="openpgp.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\openpgp.profile"/>
|
|
||||||
</Component>
|
|
||||||
<Component Id="isoApplet.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\isoApplet.profile"/>
|
|
||||||
</Component>
|
|
||||||
</Directory>
|
</Directory>
|
||||||
|
<?ifdef OpenSSL ?>
|
||||||
|
<Directory Id="INSTALLDIR_PROFILES" Name="profiles">
|
||||||
|
<Component Id="cyberflex.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\cyberflex.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="flex.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\flex.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="gpk.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\gpk.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="miocos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\miocos.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="incrypto34.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\incrypto34.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="jcop.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\jcop.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="muscle.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\muscle.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="pkcs15.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\pkcs15.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="asepcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\asepcos.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="cardos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\cardos.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="entersafe.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\entersafe.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="epass2003.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\epass2003.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="myeid.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\myeid.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="setcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\setcos.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="starcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\starcos.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="westcos.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\westcos.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="oberthur.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\oberthur.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="authentic.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\authentic.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="rutoken.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="rutoken_ecp.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken_ecp.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="ias_adele_admin1.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_admin1.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="ias_adele_admin2.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_admin2.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="ias_adele_common.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_common.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="iasecc_admin_eid.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc_admin_eid.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="iasecc_generic_oberthur.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc_generic_oberthur.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="iasecc_generic_pki.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc_generic_pki.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="iasecc.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\iasecc.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="schsm.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\sc-hsm.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="openpgp.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\openpgp.profile"/>
|
||||||
|
</Component>
|
||||||
|
<Component Id="isoApplet.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\isoApplet.profile"/>
|
||||||
|
</Component>
|
||||||
|
</Directory>
|
||||||
|
<?endif ?>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
|
@ -272,8 +292,14 @@
|
||||||
<Feature Id="Complete" Level="1" Title="OpenSC software suite" Display="expand">
|
<Feature Id="Complete" Level="1" Title="OpenSC software suite" Display="expand">
|
||||||
<Feature Id="OpenSC_core" Level="1" Title="OpenSC core library" Description="Core DLL and configuration file used by all other components." Absent="disallow">
|
<Feature Id="OpenSC_core" Level="1" Title="OpenSC core library" Description="Core DLL and configuration file used by all other components." Absent="disallow">
|
||||||
<ComponentRef Id="opensc.dll"/>
|
<ComponentRef Id="opensc.dll"/>
|
||||||
|
<?ifdef zlib ?>
|
||||||
|
<ComponentRef Id="zlib1.dll"/>
|
||||||
|
<?endif ?>
|
||||||
<ComponentRef Id="opensc.conf"/>
|
<ComponentRef Id="opensc.conf"/>
|
||||||
<ComponentRef Id="smm_local.dll"/>
|
<?ifdef OpenSSL ?>
|
||||||
|
<ComponentRef Id="libeay32.dll"/>
|
||||||
|
<ComponentRef Id="smm_local.dll"/>
|
||||||
|
<?endif ?>
|
||||||
</Feature>
|
</Feature>
|
||||||
<Feature Id="OpenSC_pkcs11" Level="1" Title="OpenSC PKCS#11 module" Description="PKCS#11 module usd by most open source and cross-platform software (like Firefox, Putty, TrueCrypt, OpenVPN etc)" TypicalDefault="install">
|
<Feature Id="OpenSC_pkcs11" Level="1" Title="OpenSC PKCS#11 module" Description="PKCS#11 module usd by most open source and cross-platform software (like Firefox, Putty, TrueCrypt, OpenVPN etc)" TypicalDefault="install">
|
||||||
<ComponentRef Id="opensc_pkcs11.dll"/>
|
<ComponentRef Id="opensc_pkcs11.dll"/>
|
||||||
|
@ -293,47 +319,49 @@
|
||||||
<ComponentRef Id="pkcs11_tool.exe"/>
|
<ComponentRef Id="pkcs11_tool.exe"/>
|
||||||
<ComponentRef Id="cardos_tool.exe"/>
|
<ComponentRef Id="cardos_tool.exe"/>
|
||||||
<ComponentRef Id="eidenv.exe"/>
|
<ComponentRef Id="eidenv.exe"/>
|
||||||
<ComponentRef Id="pkcs15_init.exe"/>
|
|
||||||
<ComponentRef Id="dnie_tool.exe"/>
|
|
||||||
<ComponentRef Id="pkcs15_tool.exe"/>
|
<ComponentRef Id="pkcs15_tool.exe"/>
|
||||||
<ComponentRef Id="pkcs15_crypt.exe"/>
|
<ComponentRef Id="pkcs15_crypt.exe"/>
|
||||||
<ComponentRef Id="sc_hsm_tool.exe"/>
|
|
||||||
<ComponentRef Id="openpgp_tool.exe"/>
|
<ComponentRef Id="openpgp_tool.exe"/>
|
||||||
<ComponentRef Id="iasecc_tool.exe"/>
|
<ComponentRef Id="iasecc_tool.exe"/>
|
||||||
<ComponentRef Id="cryptoflex_tool.exe"/>
|
<?ifdef OpenSSL ?>
|
||||||
<ComponentRef Id="netkey_tool.exe"/>
|
<ComponentRef Id="cryptoflex_tool.exe"/>
|
||||||
<ComponentRef Id="piv_tool.exe"/>
|
<ComponentRef Id="pkcs15_init.exe"/>
|
||||||
<ComponentRef Id="westcos_tool.exe"/>
|
<ComponentRef Id="netkey_tool.exe"/>
|
||||||
<ComponentRef Id="cyberflex.profile"/>
|
<ComponentRef Id="piv_tool.exe"/>
|
||||||
<ComponentRef Id="flex.profile"/>
|
<ComponentRef Id="westcos_tool.exe"/>
|
||||||
<ComponentRef Id="gpk.profile"/>
|
<ComponentRef Id="sc_hsm_tool.exe"/>
|
||||||
<ComponentRef Id="miocos.profile"/>
|
<ComponentRef Id="dnie_tool.exe"/>
|
||||||
<ComponentRef Id="incrypto34.profile"/>
|
<ComponentRef Id="cyberflex.profile"/>
|
||||||
<ComponentRef Id="jcop.profile"/>
|
<ComponentRef Id="flex.profile"/>
|
||||||
<ComponentRef Id="muscle.profile"/>
|
<ComponentRef Id="gpk.profile"/>
|
||||||
<ComponentRef Id="pkcs15.profile"/>
|
<ComponentRef Id="miocos.profile"/>
|
||||||
<ComponentRef Id="asepcos.profile"/>
|
<ComponentRef Id="incrypto34.profile"/>
|
||||||
<ComponentRef Id="cardos.profile"/>
|
<ComponentRef Id="jcop.profile"/>
|
||||||
<ComponentRef Id="entersafe.profile"/>
|
<ComponentRef Id="muscle.profile"/>
|
||||||
<ComponentRef Id="epass2003.profile"/>
|
<ComponentRef Id="pkcs15.profile"/>
|
||||||
<ComponentRef Id="myeid.profile"/>
|
<ComponentRef Id="asepcos.profile"/>
|
||||||
<ComponentRef Id="setcos.profile"/>
|
<ComponentRef Id="cardos.profile"/>
|
||||||
<ComponentRef Id="starcos.profile"/>
|
<ComponentRef Id="entersafe.profile"/>
|
||||||
<ComponentRef Id="westcos.profile"/>
|
<ComponentRef Id="epass2003.profile"/>
|
||||||
<ComponentRef Id="oberthur.profile"/>
|
<ComponentRef Id="myeid.profile"/>
|
||||||
<ComponentRef Id="authentic.profile"/>
|
<ComponentRef Id="setcos.profile"/>
|
||||||
<ComponentRef Id="rutoken.profile"/>
|
<ComponentRef Id="starcos.profile"/>
|
||||||
<ComponentRef Id="rutoken_ecp.profile"/>
|
<ComponentRef Id="westcos.profile"/>
|
||||||
<ComponentRef Id="ias_adele_admin1.profile"/>
|
<ComponentRef Id="oberthur.profile"/>
|
||||||
<ComponentRef Id="ias_adele_admin2.profile"/>
|
<ComponentRef Id="authentic.profile"/>
|
||||||
<ComponentRef Id="ias_adele_common.profile"/>
|
<ComponentRef Id="rutoken.profile"/>
|
||||||
<ComponentRef Id="iasecc_admin_eid.profile"/>
|
<ComponentRef Id="rutoken_ecp.profile"/>
|
||||||
<ComponentRef Id="iasecc_generic_oberthur.profile"/>
|
<ComponentRef Id="ias_adele_admin1.profile"/>
|
||||||
<ComponentRef Id="iasecc_generic_pki.profile"/>
|
<ComponentRef Id="ias_adele_admin2.profile"/>
|
||||||
<ComponentRef Id="iasecc.profile"/>
|
<ComponentRef Id="ias_adele_common.profile"/>
|
||||||
<ComponentRef Id="schsm.profile"/>
|
<ComponentRef Id="iasecc_admin_eid.profile"/>
|
||||||
<ComponentRef Id="openpgp.profile"/>
|
<ComponentRef Id="iasecc_generic_oberthur.profile"/>
|
||||||
<ComponentRef Id="isoApplet.profile"/>
|
<ComponentRef Id="iasecc_generic_pki.profile"/>
|
||||||
|
<ComponentRef Id="iasecc.profile"/>
|
||||||
|
<ComponentRef Id="schsm.profile"/>
|
||||||
|
<ComponentRef Id="openpgp.profile"/>
|
||||||
|
<ComponentRef Id="isoApplet.profile"/>
|
||||||
|
<?endif ?>
|
||||||
</Feature>
|
</Feature>
|
||||||
<Feature Id="OpenSC_menu" Level="1" Title="Start menu entries" Description="Start menu entries: link to documentation">
|
<Feature Id="OpenSC_menu" Level="1" Title="Start menu entries" Description="Start menu entries: link to documentation">
|
||||||
<ComponentRef Id="ProgramMenuDir"/>
|
<ComponentRef Id="ProgramMenuDir"/>
|
||||||
|
|
Loading…
Reference in New Issue