Remove never set constants and their handling in cardos driver

This commit is contained in:
Jakub Jelen 2019-11-25 11:12:59 +01:00 committed by Frank Morgner
parent 2bab09ac03
commit afe255c5b2
2 changed files with 12 additions and 32 deletions

View File

@ -876,6 +876,7 @@ cardos_compute_signature(sc_card_t *card, const u8 *data, size_t datalen,
sc_context_t *ctx;
int do_rsa_pure_sig = 0;
int do_rsa_sig = 0;
size_t i;
assert(card != NULL && data != NULL && out != NULL);
@ -897,23 +898,13 @@ cardos_compute_signature(sc_card_t *card, const u8 *data, size_t datalen,
* and www.crysys.hu/infsec/M40_Manual_E_2001_10.pdf)
*/
if (card->caps & SC_CARD_CAP_ONLY_RAW_HASH_STRIPPED){
sc_log(ctx, "Forcing RAW_HASH_STRIPPED");
do_rsa_sig = 1;
}
else if (card->caps & SC_CARD_CAP_ONLY_RAW_HASH){
sc_log(ctx, "Forcing RAW_HASH");
do_rsa_sig = 1;
}
else {
/* check the the algorithmIDs from the AlgorithmInfo */
size_t i;
for(i=0; i<algorithm_ids_in_tokeninfo_count;++i){
unsigned int id = algorithm_ids_in_tokeninfo[i];
if(id == 0x86 || id == 0x88)
do_rsa_sig = 1;
else if(id == 0x8C || id == 0x8A)
do_rsa_pure_sig = 1;
/* check the the algorithmIDs from the AlgorithmInfo */
for (i = 0; i < algorithm_ids_in_tokeninfo_count; ++i) {
unsigned int id = algorithm_ids_in_tokeninfo[i];
if (id == 0x86 || id == 0x88) {
do_rsa_sig = 1;
} else if (id == 0x8C || id == 0x8A) {
do_rsa_pure_sig = 1;
}
}
@ -955,18 +946,11 @@ cardos_compute_signature(sc_card_t *card, const u8 *data, size_t datalen,
--stripped_datalen;
}
}
if (!(card->caps & (SC_CARD_CAP_ONLY_RAW_HASH_STRIPPED | SC_CARD_CAP_ONLY_RAW_HASH)) || card->caps & SC_CARD_CAP_ONLY_RAW_HASH ) {
sc_log(ctx, "trying to sign raw hash value with prefix");
r = do_compute_signature(card, stripped_data, stripped_datalen, out, outlen);
if (r >= SC_SUCCESS) {
free(buf);
LOG_FUNC_RETURN(ctx, r);
}
}
if (card->caps & SC_CARD_CAP_ONLY_RAW_HASH) {
sc_log(ctx, "Failed to sign raw hash value with prefix when forcing");
sc_log(ctx, "trying to sign raw hash value with prefix");
r = do_compute_signature(card, stripped_data, stripped_datalen, out, outlen);
if (r >= SC_SUCCESS) {
free(buf);
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
LOG_FUNC_RETURN(ctx, r);
}
sc_log(ctx, "trying to sign stripped raw hash value (card is responsible for prefix)");
r = sc_pkcs1_strip_digest_info_prefix(NULL, stripped_data, stripped_datalen, stripped_data, &stripped_datalen);

View File

@ -544,10 +544,6 @@ struct sc_reader_operations {
* instead of relying on the ACL info in the profile files. */
#define SC_CARD_CAP_USE_FCI_AC 0x00000010
/* D-TRUST CardOS cards special flags */
#define SC_CARD_CAP_ONLY_RAW_HASH 0x00000040
#define SC_CARD_CAP_ONLY_RAW_HASH_STRIPPED 0x00000080
/* Card (or card driver) supports an protected authentication mechanism */
#define SC_CARD_CAP_PROTECTED_AUTHENTICATION_PATH 0x00000100