Merge branch 'master' of https://github.com/LudovicRousseau/OpenSC
This commit is contained in:
commit
9ef95c71e6
|
@ -75,7 +75,7 @@ if test ${OSX_RELEASE} = "10.6"; then
|
||||||
(cd engine_pkcs11
|
(cd engine_pkcs11
|
||||||
git checkout origin/martin
|
git checkout origin/martin
|
||||||
test -x configure || ./bootstrap
|
test -x configure || ./bootstrap
|
||||||
PKG_CONFIG_PATH=${BUILDPATH}/build/lib/pkgconfig ./configure --disable-dependency-tracking --prefix=/Library/OpenSC && make
|
PKG_CONFIG_PATH=${BUILDPATH}/build/lib/pkgconfig:${PKG_CONFIG_PATH} ./configure --disable-dependency-tracking --prefix=/Library/OpenSC && make
|
||||||
make install DESTDIR=${BUILDPATH}/target)
|
make install DESTDIR=${BUILDPATH}/target)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -83,6 +83,9 @@ if ! test -e OpenSC.tokend; then
|
||||||
git clone http://github.com/martinpaljak/OpenSC.tokend.git
|
git clone http://github.com/martinpaljak/OpenSC.tokend.git
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# refresh remote branches, in case the script has changed the active branch and existing buildslave checkout is used.
|
||||||
|
git --git-dir OpenSC.tokend/.git --work-tree OpenSC.tokend fetch --all
|
||||||
|
|
||||||
case "${OSX_RELEASE}" in
|
case "${OSX_RELEASE}" in
|
||||||
"10.5") git --git-dir OpenSC.tokend/.git --work-tree OpenSC.tokend checkout --force origin/10.5-0.12.2; rm -rf OpenSC.tokend/build
|
"10.5") git --git-dir OpenSC.tokend/.git --work-tree OpenSC.tokend checkout --force origin/10.5-0.12.2; rm -rf OpenSC.tokend/build
|
||||||
if test ${INTEL_ONLY} = "yes"; then
|
if test ${INTEL_ONLY} = "yes"; then
|
||||||
|
|
|
@ -410,11 +410,12 @@ static int do_single_transmit(sc_card_t *card, sc_apdu_t *apdu)
|
||||||
/* set the new expected length */
|
/* set the new expected length */
|
||||||
apdu->resplen = olen;
|
apdu->resplen = olen;
|
||||||
apdu->le = nlen;
|
apdu->le = nlen;
|
||||||
/* as some reader/smartcards can't handle an immediate
|
/* Belpic V1 applets have a problem: if the card sends a 6C XX
|
||||||
* re-transmit so we optionally need to sleep for
|
* (only XX bytes available), and we resend the command too soon
|
||||||
* a while */
|
* (i.e. the reader is too fast), the card doesn't respond. So
|
||||||
if (card->wait_resend_apdu != 0)
|
* we build in a delay. */
|
||||||
msleep(card->wait_resend_apdu);
|
if (card->type == SC_CARD_TYPE_BELPIC_EID)
|
||||||
|
msleep(40);
|
||||||
/* re-transmit the APDU with new Le length */
|
/* re-transmit the APDU with new Le length */
|
||||||
r = card->reader->ops->transmit(card->reader, apdu);
|
r = card->reader->ops->transmit(card->reader, apdu);
|
||||||
if (r != SC_SUCCESS) {
|
if (r != SC_SUCCESS) {
|
||||||
|
|
|
@ -1756,7 +1756,7 @@ authentic_get_challenge(struct sc_card *card, unsigned char *rnd, size_t len)
|
||||||
int rv, nn;
|
int rv, nn;
|
||||||
|
|
||||||
LOG_FUNC_CALLED(ctx);
|
LOG_FUNC_CALLED(ctx);
|
||||||
if (!rnd)
|
if (!rnd && len)
|
||||||
return SC_ERROR_INVALID_ARGUMENTS;
|
return SC_ERROR_INVALID_ARGUMENTS;
|
||||||
|
|
||||||
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x84, 0x00, 0x00);
|
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x84, 0x00, 0x00);
|
||||||
|
|
|
@ -931,11 +931,6 @@ static int belpic_init(sc_card_t *card)
|
||||||
SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_NONE, 0);
|
SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_NONE, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* V1 applets have a problem: if the card sends a 6C XX (only XX bytes available),
|
|
||||||
* and we resend the command too soon (i.e. the reader is too fast), the card
|
|
||||||
* doesn't respond. So we build in a delay. */
|
|
||||||
card->wait_resend_apdu = 40;
|
|
||||||
|
|
||||||
/* State that we have an RNG */
|
/* State that we have an RNG */
|
||||||
card->caps |= SC_CARD_CAP_RNG;
|
card->caps |= SC_CARD_CAP_RNG;
|
||||||
|
|
||||||
|
|
|
@ -760,6 +760,9 @@ static int muscle_compute_signature(sc_card_t *card, const u8 *data,
|
||||||
|
|
||||||
static int muscle_get_challenge(sc_card_t *card, u8 *rnd, size_t len)
|
static int muscle_get_challenge(sc_card_t *card, u8 *rnd, size_t len)
|
||||||
{
|
{
|
||||||
|
if (len == 0)
|
||||||
|
return SC_SUCCESS;
|
||||||
|
else
|
||||||
return msc_get_challenge(card, len, 0, NULL, rnd);
|
return msc_get_challenge(card, len, 0, NULL, rnd);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1113,7 +1113,7 @@ static int rutoken_get_challenge(sc_card_t *card, u8 *rnd, size_t count)
|
||||||
sc_apdu_t apdu;
|
sc_apdu_t apdu;
|
||||||
u8 rbuf[32];
|
u8 rbuf[32];
|
||||||
size_t n;
|
size_t n;
|
||||||
int ret = SC_ERROR_INVALID_ARGUMENTS; /* if count == 0 */
|
int ret = SC_SUCCESS; /* if count == 0 */
|
||||||
|
|
||||||
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
|
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
|
||||||
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x84, 0x00, 0x00);
|
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x84, 0x00, 0x00);
|
||||||
|
|
|
@ -515,7 +515,7 @@ static int iso7816_get_challenge(sc_card_t *card, u8 *rnd, size_t len)
|
||||||
sc_apdu_t apdu;
|
sc_apdu_t apdu;
|
||||||
u8 buf[10];
|
u8 buf[10];
|
||||||
|
|
||||||
if (!rnd)
|
if (!rnd && len)
|
||||||
return SC_ERROR_INVALID_ARGUMENTS;
|
return SC_ERROR_INVALID_ARGUMENTS;
|
||||||
|
|
||||||
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT,
|
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT,
|
||||||
|
|
|
@ -422,7 +422,6 @@ typedef struct sc_card {
|
||||||
|
|
||||||
int type; /* Card type, for card driver internal use */
|
int type; /* Card type, for card driver internal use */
|
||||||
unsigned long caps, flags;
|
unsigned long caps, flags;
|
||||||
unsigned int wait_resend_apdu; /* Delay (msec) before responding to an SW = 6CXX */
|
|
||||||
int cla;
|
int cla;
|
||||||
size_t max_send_size; /* Max Lc supported by the card */
|
size_t max_send_size; /* Max Lc supported by the card */
|
||||||
size_t max_recv_size; /* Max Le supported by the card */
|
size_t max_recv_size; /* Max Le supported by the card */
|
||||||
|
|
|
@ -62,7 +62,6 @@ typedef struct sc_pkcs15_id sc_pkcs15_id_t;
|
||||||
#define SC_PKCS15_PIN_FLAG_INTEGRITY_PROTECTED 0x0200
|
#define SC_PKCS15_PIN_FLAG_INTEGRITY_PROTECTED 0x0200
|
||||||
#define SC_PKCS15_PIN_FLAG_CONFIDENTIALITY_PROTECTED 0x0400
|
#define SC_PKCS15_PIN_FLAG_CONFIDENTIALITY_PROTECTED 0x0400
|
||||||
#define SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA 0x0800
|
#define SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA 0x0800
|
||||||
#define SC_PKCS15_PIN_FLAG_VERIFY_RC_COUNTER 0x1000
|
|
||||||
|
|
||||||
#define SC_PKCS15_PIN_TYPE_BCD 0
|
#define SC_PKCS15_PIN_TYPE_BCD 0
|
||||||
#define SC_PKCS15_PIN_TYPE_ASCII_NUMERIC 1
|
#define SC_PKCS15_PIN_TYPE_ASCII_NUMERIC 1
|
||||||
|
|
|
@ -24,17 +24,6 @@ PIN user-puk {
|
||||||
attempts = 10;
|
attempts = 10;
|
||||||
}
|
}
|
||||||
|
|
||||||
# For CardOS 4.3B and 4.4, the Verify Retry Counter Package
|
|
||||||
# can be loaded at ADMINISTRATION life cycle phase to change
|
|
||||||
# the behavior of the VERIFY command in regard to return codes.
|
|
||||||
# When that package is loaded, the PIN can be created with this
|
|
||||||
# "verifyRC" flag if the return code must be ISO7816-4 compliant
|
|
||||||
# (63Cx with x being the value of the remaining retry counter
|
|
||||||
# when required verification has failed).
|
|
||||||
#PIN user-pin {
|
|
||||||
# flags = verifyRC;
|
|
||||||
#}
|
|
||||||
|
|
||||||
# Additional filesystem info.
|
# Additional filesystem info.
|
||||||
# This is added to the file system info specified in the
|
# This is added to the file system info specified in the
|
||||||
# main profile.
|
# main profile.
|
||||||
|
|
|
@ -409,7 +409,6 @@ cardos_store_pin(sc_profile_t *profile, sc_card_t *card,
|
||||||
const u8 *pin, size_t pin_len)
|
const u8 *pin, size_t pin_len)
|
||||||
{
|
{
|
||||||
struct sc_cardctl_cardos_obj_info args;
|
struct sc_cardctl_cardos_obj_info args;
|
||||||
struct sc_pkcs15_auth_info profile_auth;
|
|
||||||
unsigned char buffer[256];
|
unsigned char buffer[256];
|
||||||
unsigned char pinpadded[256];
|
unsigned char pinpadded[256];
|
||||||
struct tlv tlv;
|
struct tlv tlv;
|
||||||
|
@ -446,11 +445,6 @@ cardos_store_pin(sc_profile_t *profile, sc_card_t *card,
|
||||||
/* parameters */
|
/* parameters */
|
||||||
tlv_next(&tlv, 0x85);
|
tlv_next(&tlv, 0x85);
|
||||||
tlv_add(&tlv, 0x02); /* options byte */
|
tlv_add(&tlv, 0x02); /* options byte */
|
||||||
sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &profile_auth);
|
|
||||||
if (profile_auth.attrs.pin.flags & SC_PKCS15_PIN_FLAG_VERIFY_RC_COUNTER) {
|
|
||||||
/* Use 9 byte OCI parameters to be able to set VerifyRC bit */
|
|
||||||
tlv_add(&tlv, 0x04); /* options_2 byte with Bit n°2 set to return CurrentErrorCounter */
|
|
||||||
}
|
|
||||||
tlv_add(&tlv, attempts & 0xf); /* flags byte */
|
tlv_add(&tlv, attempts & 0xf); /* flags byte */
|
||||||
tlv_add(&tlv, CARDOS_ALGO_PIN); /* algorithm = pin-test */
|
tlv_add(&tlv, CARDOS_ALGO_PIN); /* algorithm = pin-test */
|
||||||
tlv_add(&tlv, attempts & 0xf); /* errcount = attempts */
|
tlv_add(&tlv, attempts & 0xf); /* errcount = attempts */
|
||||||
|
|
|
@ -191,7 +191,6 @@ static struct map pinFlagNames[] = {
|
||||||
{ "integrity-protected", SC_PKCS15_PIN_FLAG_INTEGRITY_PROTECTED },
|
{ "integrity-protected", SC_PKCS15_PIN_FLAG_INTEGRITY_PROTECTED },
|
||||||
{ "confidentiality-protected", SC_PKCS15_PIN_FLAG_CONFIDENTIALITY_PROTECTED },
|
{ "confidentiality-protected", SC_PKCS15_PIN_FLAG_CONFIDENTIALITY_PROTECTED },
|
||||||
{ "exchangeRefData", SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA },
|
{ "exchangeRefData", SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA },
|
||||||
{ "verifyRC", SC_PKCS15_PIN_FLAG_VERIFY_RC_COUNTER },
|
|
||||||
{ NULL, 0 }
|
{ NULL, 0 }
|
||||||
};
|
};
|
||||||
static struct map idStyleNames[] = {
|
static struct map idStyleNames[] = {
|
||||||
|
|
|
@ -483,6 +483,7 @@ int main(int argc, char * argv[])
|
||||||
action_count++;
|
action_count++;
|
||||||
break;
|
break;
|
||||||
case 't':
|
case 't':
|
||||||
|
need_session |= NEED_SESSION_RO;
|
||||||
do_test = 1;
|
do_test = 1;
|
||||||
action_count++;
|
action_count++;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in New Issue