diff --git a/src/libopensc/card-authentic.c b/src/libopensc/card-authentic.c index 0741e753..d7c81b5a 100644 --- a/src/libopensc/card-authentic.c +++ b/src/libopensc/card-authentic.c @@ -436,9 +436,6 @@ authentic_init_oberthur_authentic_3_2(struct sc_card *card) flags = AUTHENTIC_CARD_DEFAULT_FLAGS; - _sc_card_add_rsa_alg(card, 1024, flags, 0x10001); - _sc_card_add_rsa_alg(card, 2048, flags, 0x10001); - card->caps = SC_CARD_CAP_RNG; card->caps |= SC_CARD_CAP_APDU_EXT; card->caps |= SC_CARD_CAP_USE_FCI_AC; @@ -455,6 +452,9 @@ authentic_init_oberthur_authentic_3_2(struct sc_card *card) rv = authentic_select_mf(card, NULL); LOG_TEST_RET(ctx, rv, "MF selection error"); + _sc_card_add_rsa_alg(card, 1024, flags, 0x10001); + _sc_card_add_rsa_alg(card, 2048, flags, 0x10001); + LOG_FUNC_RETURN(ctx, rv); } diff --git a/src/libopensc/card-cardos.c b/src/libopensc/card-cardos.c index 2d9ec683..3de45ffd 100644 --- a/src/libopensc/card-cardos.c +++ b/src/libopensc/card-cardos.c @@ -184,10 +184,6 @@ static int cardos_init(sc_card_t *card) if (card->type != SC_CARD_TYPE_CARDOS_V5_0) flags |= SC_ALGORITHM_NEED_USAGE; - _sc_card_add_rsa_alg(card, 512, flags, 0); - _sc_card_add_rsa_alg(card, 768, flags, 0); - _sc_card_add_rsa_alg(card, 1024, flags, 0); - if (card->type == SC_CARD_TYPE_CARDOS_M4_2) { r = cardos_have_2048bit_package(card); if (r < 0) @@ -231,6 +227,9 @@ static int cardos_init(sc_card_t *card) /* strip the length of SW bytes */ card->max_recv_size = data_field_length - 2; + _sc_card_add_rsa_alg(card, 512, flags, 0); + _sc_card_add_rsa_alg(card, 768, flags, 0); + _sc_card_add_rsa_alg(card, 1024, flags, 0); if (rsa_2048 == 1) { _sc_card_add_rsa_alg(card, 1280, flags, 0); _sc_card_add_rsa_alg(card, 1536, flags, 0); diff --git a/src/libopensc/card-dnie.c b/src/libopensc/card-dnie.c index 2b62e23d..902754dc 100644 --- a/src/libopensc/card-dnie.c +++ b/src/libopensc/card-dnie.c @@ -857,8 +857,6 @@ static int dnie_init(struct sc_card *card) card->sm_ctx.ops.free_sm_apdu = dnie_sm_free_wrapped_apdu; card->sm_ctx.sm_mode = SM_MODE_NONE; - init_flags(card); - res=cwa_create_secure_channel(card,provider,CWA_SM_OFF); LOG_TEST_RET(card->ctx, res, "Failure creating CWA secure channel."); @@ -876,6 +874,8 @@ static int dnie_init(struct sc_card *card) } #endif + init_flags(card); + GET_DNIE_PRIV_DATA(card)->cwa_provider = provider; LOG_FUNC_RETURN(card->ctx, res); diff --git a/src/libopensc/card-iasecc.c b/src/libopensc/card-iasecc.c index 7eb3f5d0..9033369f 100644 --- a/src/libopensc/card-iasecc.c +++ b/src/libopensc/card-iasecc.c @@ -411,9 +411,6 @@ iasecc_init_gemalto(struct sc_card *card) flags = IASECC_CARD_DEFAULT_FLAGS; - _sc_card_add_rsa_alg(card, 1024, flags, 0x10001); - _sc_card_add_rsa_alg(card, 2048, flags, 0x10001); - card->caps = SC_CARD_CAP_RNG; card->caps |= SC_CARD_CAP_APDU_EXT; card->caps |= SC_CARD_CAP_USE_FCI_AC; @@ -436,6 +433,9 @@ iasecc_init_gemalto(struct sc_card *card) sc_log(ctx, "rv %i", rv); LOG_TEST_RET(ctx, rv, "Cannot read/parse EF.ATR"); + _sc_card_add_rsa_alg(card, 1024, flags, 0x10001); + _sc_card_add_rsa_alg(card, 2048, flags, 0x10001); + LOG_FUNC_RETURN(ctx, SC_SUCCESS); } diff --git a/src/libopensc/card-mcrd.c b/src/libopensc/card-mcrd.c index db67f37a..7aac191a 100644 --- a/src/libopensc/card-mcrd.c +++ b/src/libopensc/card-mcrd.c @@ -309,7 +309,6 @@ static int mcrd_init(sc_card_t * card) unsigned long flags, ext_flags; struct mcrd_priv_data *priv; int r; - sc_path_t tmppath; priv = calloc(1, sizeof *priv); if (!priv) @@ -323,13 +322,6 @@ static int mcrd_init(sc_card_t * card) /* Select the EstEID AID to get to a known state. * For some reason a reset is required as well... */ if (card->type == SC_CARD_TYPE_MCRD_ESTEID_V30) { - flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_HASH_SHA1 | SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_SHA256; - /* EstEID v3.0 has 2048 bit keys */ - _sc_card_add_rsa_alg(card, 2048, flags, 0); - - flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW | SC_ALGORITHM_ECDSA_HASH_NONE; - ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES; - _sc_card_add_ec_alg(card, 384, flags, ext_flags, NULL); sc_reset(card, 0); r = gp_select_aid(card, &EstEID_v3_AID); @@ -350,6 +342,13 @@ static int mcrd_init(sc_card_t * card) } } } + flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_HASH_SHA1 | SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_SHA256; + /* EstEID v3.0 has 2048 bit keys */ + _sc_card_add_rsa_alg(card, 2048, flags, 0); + + flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW | SC_ALGORITHM_ECDSA_HASH_NONE; + ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES; + _sc_card_add_ec_alg(card, 384, flags, ext_flags, NULL); } else { /* EstEID v1.0 and 1.1 have 1024 bit keys */ flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_SHA1; @@ -365,19 +364,13 @@ static int mcrd_init(sc_card_t * card) priv->curpath[0] = MFID; priv->curpathlen = 1; - sc_format_path ("3f00", &tmppath); - r = sc_select_file (card, &tmppath, NULL); - if (r < 0) { - free(card->drv_data); - card->drv_data = NULL; - r = SC_ERROR_INVALID_CARD; - } + sc_select_file (card, sc_get_mf_path(), NULL); /* Not needed for the fixed EstEID profile */ if (!is_esteid_card(card)) load_special_files(card); - return r; + return SC_SUCCESS; } static int mcrd_finish(sc_card_t * card) @@ -1165,7 +1158,6 @@ static int mcrd_set_security_env(sc_card_t * card, { struct mcrd_priv_data *priv; sc_apdu_t apdu; - sc_path_t tmppath; u8 sbuf[SC_MAX_APDU_BUFFER_SIZE]; u8 *p; int r, locked = 0; @@ -1187,8 +1179,7 @@ static int mcrd_set_security_env(sc_card_t * card, return SC_ERROR_INVALID_ARGUMENTS; /* Make sure we always start from MF */ - sc_format_path ("3f00", &tmppath); - r = sc_select_file (card, &tmppath, NULL); + r = sc_select_file (card, sc_get_mf_path(), NULL); if (r < 0) return r; /* We now know that cache is not valid */ @@ -1453,8 +1444,7 @@ static int mcrd_pin_cmd(sc_card_t * card, struct sc_pin_cmd_data *data, /* the file with key pin info (tries left) 4.5 EF_PwdC */ /* XXX: cheat the file path cache by always starting fresh from MF */ - sc_format_path ("3f00", &tmppath); - r = sc_select_file (card, &tmppath, NULL); + r = sc_select_file (card, sc_get_mf_path(), NULL); if (r < 0) return SC_ERROR_INTERNAL; diff --git a/src/libopensc/card-oberthur.c b/src/libopensc/card-oberthur.c index 97db1490..675a453f 100644 --- a/src/libopensc/card-oberthur.c +++ b/src/libopensc/card-oberthur.c @@ -226,20 +226,27 @@ auth_init(struct sc_card *card) if (auth_select_aid(card)) { sc_log(card->ctx, "Failed to initialize %s", card->name); - LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_CARD, "Failed to initialize"); + rv = SC_ERROR_INVALID_CARD; + LOG_TEST_GOTO_ERR(card->ctx, SC_ERROR_INVALID_CARD, "Failed to initialize"); } - flags = SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_PAD_ISO9796; - flags |= SC_ALGORITHM_RSA_HASH_NONE; - flags |= SC_ALGORITHM_ONBOARD_KEY_GEN; - - _sc_card_add_rsa_alg(card, 512, flags, 0); - _sc_card_add_rsa_alg(card, 1024, flags, 0); - _sc_card_add_rsa_alg(card, 2048, flags, 0); - sc_format_path("3F00", &path); rv = auth_select_file(card, &path, NULL); +err: + if (rv == SC_SUCCESS) { + flags = SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_PAD_ISO9796; + flags |= SC_ALGORITHM_RSA_HASH_NONE; + flags |= SC_ALGORITHM_ONBOARD_KEY_GEN; + + _sc_card_add_rsa_alg(card, 512, flags, 0); + _sc_card_add_rsa_alg(card, 1024, flags, 0); + _sc_card_add_rsa_alg(card, 2048, flags, 0); + } else { + free(card->drv_data); + card->drv_data = NULL; + } + LOG_FUNC_RETURN(card->ctx, rv); } diff --git a/src/libopensc/card-westcos.c b/src/libopensc/card-westcos.c index 4af0d5f7..d16512b1 100644 --- a/src/libopensc/card-westcos.c +++ b/src/libopensc/card-westcos.c @@ -221,6 +221,23 @@ static int westcos_init(sc_card_t * card) priv_data = (priv_data_t *) card->drv_data; + default_key = + scconf_get_str(card->ctx->conf_blocks[0], "westcos_default_key", + DEFAULT_TRANSPORT_KEY); + if (default_key) { + priv_data = (priv_data_t *) (card->drv_data); + priv_data->default_key.key_reference = 0; + priv_data->default_key.key_len = + sizeof(priv_data->default_key.key_value); + r = sc_hex_to_bin(default_key, priv_data->default_key.key_value, + &(priv_data->default_key.key_len)); + if (r) { + free (priv_data); + card->drv_data = NULL; + return (r); + } + } + if (card->type & JAVACARD) { priv_data->flags |= JAVACARD; } @@ -250,19 +267,6 @@ static int westcos_init(sc_card_t * card) _sc_card_add_rsa_alg(card, 1400, flags, exponent); _sc_card_add_rsa_alg(card, 1536, flags, exponent); _sc_card_add_rsa_alg(card, 2048, flags, exponent); - default_key = - scconf_get_str(card->ctx->conf_blocks[0], "westcos_default_key", - DEFAULT_TRANSPORT_KEY); - if (default_key) { - priv_data = (priv_data_t *) (card->drv_data); - priv_data->default_key.key_reference = 0; - priv_data->default_key.key_len = - sizeof(priv_data->default_key.key_value); - r = sc_hex_to_bin(default_key, priv_data->default_key.key_value, - &(priv_data->default_key.key_len)); - if (r) - return (r); - } return 0; } diff --git a/src/libopensc/card.c b/src/libopensc/card.c index 5e03c9d8..51ecb2b7 100644 --- a/src/libopensc/card.c +++ b/src/libopensc/card.c @@ -970,10 +970,6 @@ int _sc_card_add_algorithm(sc_card_t *card, const sc_algorithm_info_t *info) } p = (sc_algorithm_info_t *) realloc(card->algorithms, (card->algorithm_count + 1) * sizeof(*info)); if (!p) { - if (card->algorithms) - free(card->algorithms); - card->algorithms = NULL; - card->algorithm_count = 0; return SC_ERROR_OUT_OF_MEMORY; } card->algorithms = p;