From 88bae5c923e440811f2e2c9f88029bc982455322 Mon Sep 17 00:00:00 2001 From: nils Date: Sat, 17 Jun 2006 12:24:04 +0000 Subject: [PATCH] remove iso logout function, remove dummy logout functions and remove logout call from sc_unlock() git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2971 c6295689-39f2-0310-b995-f0e70906c6a9 --- src/libopensc/card-belpic.c | 6 ++---- src/libopensc/card-cardos.c | 18 +++++++----------- src/libopensc/card-jcop.c | 8 +------- src/libopensc/card-muscle.c | 5 ----- src/libopensc/card-openpgp.c | 10 +--------- src/libopensc/card-piv.c | 12 ------------ src/libopensc/card-setcos.c | 10 ---------- src/libopensc/card.c | 34 +++++++++++----------------------- src/libopensc/cards.h | 1 + src/libopensc/iso7816.c | 22 +--------------------- src/libopensc/opensc.h | 8 ++++++++ src/libopensc/sec.c | 7 ++----- 12 files changed, 34 insertions(+), 107 deletions(-) diff --git a/src/libopensc/card-belpic.c b/src/libopensc/card-belpic.c index e0be4a2c..a17ccb29 100644 --- a/src/libopensc/card-belpic.c +++ b/src/libopensc/card-belpic.c @@ -1536,9 +1536,9 @@ static int belpic_compute_signature(sc_card_t *card, const u8 * data, return r; } +#if 0 static int belpic_logout(sc_card_t *card) { -#if 0 sc_apdu_t apdu; int r; @@ -1552,9 +1552,8 @@ static int belpic_logout(sc_card_t *card) SC_TEST_RET(card->ctx, r, "LOGOFF returned error"); SC_FUNC_RETURN(card->ctx, 1, r); -#endif - return 0; } +#endif static struct sc_card_driver *sc_get_driver(void) { @@ -1569,7 +1568,6 @@ static struct sc_card_driver *sc_get_driver(void) belpic_ops.read_binary = belpic_read_binary; belpic_ops.pin_cmd = belpic_pin_cmd; belpic_ops.set_security_env = belpic_set_security_env; - belpic_ops.logout = belpic_logout; belpic_ops.compute_signature = belpic_compute_signature; belpic_ops.get_challenge = iso_ops->get_challenge; diff --git a/src/libopensc/card-cardos.c b/src/libopensc/card-cardos.c index 93babc2f..05bc7552 100644 --- a/src/libopensc/card-cardos.c +++ b/src/libopensc/card-cardos.c @@ -28,12 +28,6 @@ #include -/* andreas says: hm, my card only works for small payloads */ -/* comment by okir: one of the examples in the developer guide - * also talks about copying data in chunks of 128. - * Either coincidence, or a known problem. */ -#define CARDOS_MAX_PAYLOAD 120 - static const struct sc_card_operations *iso_ops = NULL; struct sc_card_operations cardos_ops; @@ -48,9 +42,9 @@ static struct sc_atr_table cardos_atrs[] = { /* 4.0 */ { "3b:e2:00:ff:c1:10:31:fe:55:c8:02:9c", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL }, /* 4.01 */ - { "3b:f2:98:00:ff:c1:10:31:fe:55:c8:03:15", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL }, + { "3b:f2:98:00:ff:c1:10:31:fe:55:c8:03:15", NULL, NULL, SC_CARD_TYPE_CARDOS_M4_01, 0, NULL }, /* 4.01a */ - { "3b:f2:98:00:ff:c1:10:31:fe:55:c8:04:12", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL }, + { "3b:f2:98:00:ff:c1:10:31:fe:55:c8:04:12", NULL, NULL, SC_CARD_TYPE_CARDOS_M4_01, 0, NULL }, /* M4.2 */ { "3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a", NULL, NULL, SC_CARD_TYPE_CARDOS_M4_2, 0, NULL }, { "3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:75", NULL, NULL, SC_CARD_TYPE_CARDOS_M4_2, 0, NULL }, @@ -608,7 +602,8 @@ static int cardos_create_file(sc_card_t *card, sc_file_t *file) SC_FUNC_CALLED(card->ctx, 1); - if (card->type == SC_CARD_TYPE_CARDOS_GENERIC) { + if (card->type == SC_CARD_TYPE_CARDOS_GENERIC || + card->type == SC_CARD_TYPE_CARDOS_M4_01) { r = cardos_set_file_attributes(card, file); if (r != SC_SUCCESS) return r; @@ -1046,7 +1041,8 @@ cardos_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data, static int cardos_logout(sc_card_t *card) { - if (card->type == SC_CARD_TYPE_CARDOS_M4_2) { + if (card->type == SC_CARD_TYPE_CARDOS_M4_01 || + card->type == SC_CARD_TYPE_CARDOS_M4_2) { sc_apdu_t apdu; int r; sc_path_t path; @@ -1064,7 +1060,7 @@ static int cardos_logout(sc_card_t *card) return sc_check_sw(card, apdu.sw1, apdu.sw2); } else - return iso_ops->logout(card); + return SC_ERROR_NOT_SUPPORTED; } diff --git a/src/libopensc/card-jcop.c b/src/libopensc/card-jcop.c index 24a252fa..6cbd62a4 100644 --- a/src/libopensc/card-jcop.c +++ b/src/libopensc/card-jcop.c @@ -921,16 +921,11 @@ static int jcop_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr) return SC_ERROR_NOT_SUPPORTED; } - /* "The PINs are "global" in a PKCS#15 sense, meaning that they remain valid * until card reset! Selecting another applet doesn't invalidate the PINs, * you need to reset the card." - javacard@zurich.ibm.com, when asked about * how to invalidate logged in pins. -*/ -static int jcop_logout(sc_card_t *card) -{ - return 0; /* Can't */ -} + */ static struct sc_card_driver * sc_get_driver(void) { @@ -954,7 +949,6 @@ static struct sc_card_driver * sc_get_driver(void) jcop_ops.set_security_env = jcop_set_security_env; jcop_ops.compute_signature = jcop_compute_signature; jcop_ops.decipher = jcop_decipher; - jcop_ops.logout = jcop_logout; jcop_ops.process_fci = jcop_process_fci; jcop_ops.card_ctl = jcop_card_ctl; diff --git a/src/libopensc/card-muscle.c b/src/libopensc/card-muscle.c index 8996dccb..185b08d9 100644 --- a/src/libopensc/card-muscle.c +++ b/src/libopensc/card-muscle.c @@ -728,10 +728,6 @@ static int muscle_get_challenge(sc_card_t *card, u8 *rnd, size_t len) return msc_get_challenge(card, len, 0, NULL, rnd); } -static int muscle_logout(sc_card_t *card) -{ - return 0; -} static struct sc_card_driver * sc_get_driver(void) { @@ -745,7 +741,6 @@ static struct sc_card_driver * sc_get_driver(void) muscle_ops.match_card = muscle_match_card; muscle_ops.init = muscle_init; muscle_ops.finish = muscle_finish; - muscle_ops.logout = muscle_logout; muscle_ops.get_challenge = muscle_get_challenge; diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c index a5d8872c..e02e41c6 100644 --- a/src/libopensc/card-openpgp.c +++ b/src/libopensc/card-openpgp.c @@ -686,13 +686,6 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen, return apdu.resplen; } -static int -pgp_logout(sc_card_t *card) -{ - sc_debug(card->ctx, "OpenPGP card: logout not supported\n"); - return SC_ERROR_NOT_SUPPORTED; -} - /* Driver binding stuff */ static struct sc_card_driver * sc_get_driver(void) @@ -715,9 +708,8 @@ sc_get_driver(void) pgp_ops.set_security_env= pgp_set_security_env; pgp_ops.compute_signature= pgp_compute_signature; pgp_ops.decipher = pgp_decipher; - pgp_ops.logout = pgp_logout; - return &pgp_drv; + return &pgp_drv; } struct sc_card_driver * diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c index b6eb4640..60041215 100644 --- a/src/libopensc/card-piv.c +++ b/src/libopensc/card-piv.c @@ -168,17 +168,6 @@ static size_t put_tag_and_len(unsigned int tag, size_t len, u8 **ptr) return i; } - -static int piv_logout(sc_card_t * card) -{ - SC_FUNC_CALLED(card->ctx,1); - /* - * nothing to do here, as we dont have files on the card. - */ - return 0; -} - - /* * Send a command and receive data. Receive as much as the card indicates * in the first segment. There is always something to send. @@ -1366,7 +1355,6 @@ static struct sc_card_driver * sc_get_driver(void) piv_ops.finish = piv_finish; piv_ops.select_file = piv_select_file; /* must use get/put, could emulate? */ - piv_ops.logout = piv_logout; piv_ops.get_challenge = piv_get_challenge; piv_ops.read_binary = piv_read_binary; piv_ops.write_binary = piv_write_binary; diff --git a/src/libopensc/card-setcos.c b/src/libopensc/card-setcos.c index 47a389df..fa09749b 100644 --- a/src/libopensc/card-setcos.c +++ b/src/libopensc/card-setcos.c @@ -1060,13 +1060,6 @@ static int setcos_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr) return SC_ERROR_NOT_SUPPORTED; } -#if 0 -static int setcos_logout(sc_card_t *card) -{ - return 0; -} -#endif - static struct sc_card_driver *sc_get_driver(void) { struct sc_card_driver *iso_drv = sc_get_iso7816_driver(); @@ -1084,9 +1077,6 @@ static struct sc_card_driver *sc_get_driver(void) setcos_ops.process_fci = setcos_process_fci; setcos_ops.construct_fci = setcos_construct_fci; setcos_ops.card_ctl = setcos_card_ctl; -#if 0 - setcos_ops.logout = setcos_logout; -#endif return &setcos_drv; } diff --git a/src/libopensc/card.c b/src/libopensc/card.c index 9cbf3d00..e2b73c93 100644 --- a/src/libopensc/card.c +++ b/src/libopensc/card.c @@ -306,7 +306,9 @@ int sc_lock(sc_card_t *card) int sc_unlock(sc_card_t *card) { - int r = 0; + int r, r2; + + SC_FUNC_CALLED(card->ctx, 3); if (card == NULL) return SC_ERROR_INVALID_ARGUMENTS; @@ -314,33 +316,19 @@ int sc_unlock(sc_card_t *card) if (r != SC_SUCCESS) return r; assert(card->lock_count >= 1); - if (card->lock_count == 1) { - SC_FUNC_CALLED(card->ctx, 3); + if (--card->lock_count == 0) { + /* invalidate cache */ memset(&card->cache, 0, sizeof(card->cache)); card->cache_valid = 0; - if (card->ops->logout != NULL) { - /* XXX As this logout causes random asserts on card->lock_count >=0 - on card removal under firefox 1.5 */ - r = sc_mutex_unlock(card->ctx, card->mutex); - if (r != SC_SUCCESS) { - sc_error(card->ctx, "unable to release lock\n"); - return r; - } - sc_debug(card->ctx, "Calling card logout function\n"); - card->ops->logout(card); - r = sc_mutex_lock(card->ctx, card->mutex); - if (r != SC_SUCCESS) - return r; - } - } - /* Check again, lock count may have changed - * while we were in logout() */ - if (card->lock_count == 1) { + /* release reader lock */ if (card->reader->ops->unlock != NULL) r = card->reader->ops->unlock(card->reader, card->slot); } - card->lock_count--; - r = sc_mutex_unlock(card->ctx, card->mutex); + r2 = sc_mutex_unlock(card->ctx, card->mutex); + if (r2 != SC_SUCCESS) { + sc_error(card->ctx, "unable to release lock\n"); + r = (r == SC_SUCCESS) ? r2 : r; + } return r; } diff --git a/src/libopensc/cards.h b/src/libopensc/cards.h index 76709829..40f8c3e6 100644 --- a/src/libopensc/cards.h +++ b/src/libopensc/cards.h @@ -39,6 +39,7 @@ enum { /* cardos driver */ SC_CARD_TYPE_CARDOS_BASE = 1000, SC_CARD_TYPE_CARDOS_GENERIC, + SC_CARD_TYPE_CARDOS_M4_01, SC_CARD_TYPE_CARDOS_M4_2, SC_CARD_TYPE_CARDOS_M4_3, diff --git a/src/libopensc/iso7816.c b/src/libopensc/iso7816.c index 33b0efb9..40458c6c 100644 --- a/src/libopensc/iso7816.c +++ b/src/libopensc/iso7816.c @@ -961,26 +961,6 @@ static int iso7816_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data, return sc_check_sw(card, apdu->sw1, apdu->sw2); } -/* - * For some cards, selecting the MF clears all access rights gained - */ -static int iso7816_logout(sc_card_t *card) -{ - sc_path_t in_path; - in_path.value[0] = 0x3F; - in_path.value[1] = 0x00; - in_path.len = 2; - in_path.index = 0; - in_path.count = 2; - in_path.type = SC_PATH_TYPE_PATH; - - /* Force the SELECT FILE even if the card thinks - * it's already inside the MF */ - card->cache_valid = 0; - - return sc_select_file(card, &in_path, NULL); -} - static int no_match(sc_card_t *card) { return 0; @@ -1002,7 +982,7 @@ static struct sc_card_operations iso_ops = { iso7816_get_response, iso7816_get_challenge, NULL, /* verify */ - iso7816_logout, + NULL, /* logout */ iso7816_restore_security_env, iso7816_set_security_env, iso7816_decipher, diff --git a/src/libopensc/opensc.h b/src/libopensc/opensc.h index 352c16ad..662e7239 100644 --- a/src/libopensc/opensc.h +++ b/src/libopensc/opensc.h @@ -968,6 +968,14 @@ int sc_compute_signature(sc_card_t *card, const u8 * data, size_t data_len, u8 * out, size_t outlen); int sc_verify(sc_card_t *card, unsigned int type, int ref, const u8 *buf, size_t buflen, int *tries_left); +/** + * Resets the security status of the card (i.e. withdraw all granted + * access rights). Note: not all card operating systems support a logout + * command and in this case SC_ERROR_NOT_SUPPORTED is returned. + * @param card sc_card_t object + * @return SC_SUCCESS on success, SC_ERROR_NOT_SUPPORTED if the card + * doesn't support a logout command and an error code otherwise + */ int sc_logout(sc_card_t *card); int sc_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *, int *tries_left); int sc_change_reference_data(sc_card_t *card, unsigned int type, diff --git a/src/libopensc/sec.c b/src/libopensc/sec.c index 57e13037..ecb6e7b0 100644 --- a/src/libopensc/sec.c +++ b/src/libopensc/sec.c @@ -96,12 +96,9 @@ int sc_verify(sc_card_t *card, unsigned int type, int ref, int sc_logout(sc_card_t *card) { - int r; if (card->ops->logout == NULL) - /* Or should we return SC_ERROR_NOT_SUPPORTED? */ - SC_FUNC_RETURN(card->ctx, 2, SC_NO_ERROR); - r = card->ops->logout(card); - SC_FUNC_RETURN(card->ctx, 2, r); + return SC_ERROR_NOT_SUPPORTED; + return card->ops->logout(card); } int sc_change_reference_data(sc_card_t *card, unsigned int type,