From 4d2254a092f5be7db52cf10dfc478e22643bda9d Mon Sep 17 00:00:00 2001
From: Raul Metsma <raul@metsma.ee>
Date: Mon, 4 Feb 2019 10:47:13 +0200
Subject: [PATCH] Only EstEID 3.5 has EC 384 keys

Signed-off-by: Raul Metsma <raul@metsma.ee>
---
 src/libopensc/card-mcrd.c | 44 ++++++++++++++++++---------------------
 1 file changed, 20 insertions(+), 24 deletions(-)

diff --git a/src/libopensc/card-mcrd.c b/src/libopensc/card-mcrd.c
index 2cb0857d..d96fb3c5 100644
--- a/src/libopensc/card-mcrd.c
+++ b/src/libopensc/card-mcrd.c
@@ -333,31 +333,27 @@ static int mcrd_init(sc_card_t * card)
 		 * For some reason a reset is required as well... */
 		sc_reset(card, 0);
 
-		r = gp_select_aid(card, &EstEID_v3_AID);
-		if (r < 0)
-		{
-			r = gp_select_aid(card, &EstEID_v35_AID);
-			if (r >= 0) {
-				// Force EstEID 3.5 card recv size 255 with T=0 to avoid recursive read binary
-				// sc_read_binary cannot handle recursive 61 00 calls
-				if (card->reader && card->reader->active_protocol == SC_PROTO_T0)
-					card->max_recv_size = 255;
-			} else {
-				r = gp_select_aid(card, &AzeDIT_v35_AID);
-				if (r < 0) {
-					free(card->drv_data);
-					card->drv_data = NULL;
-					SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_INVALID_CARD);
-				}
-			}
-		}
 		flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_HASH_SHA1 | SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_SHA256;
-		/* EstEID v3.0 has 2048 bit keys */
-		_sc_card_add_rsa_alg(card, 2048, flags, 0);
-
-		flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW | SC_ALGORITHM_ECDSA_HASH_NONE;
-		ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
-		_sc_card_add_ec_alg(card, 384, flags, ext_flags, NULL);
+		if ((r = gp_select_aid(card, &EstEID_v3_AID)) >= 0) {
+			/* EstEID v3.0 has 2048 bit keys */
+			_sc_card_add_rsa_alg(card, 2048, flags, 0);
+		} else if ((r = gp_select_aid(card, &EstEID_v35_AID)) >= 0) {
+			/* EstEID v3.5 has 2048 bit keys or EC 384 */
+			_sc_card_add_rsa_alg(card, 2048, flags, 0);
+			flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW | SC_ALGORITHM_ECDSA_HASH_NONE;
+			ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
+			_sc_card_add_ec_alg(card, 384, flags, ext_flags, NULL);
+			// Force EstEID 3.5 card recv size 255 with T=0 to avoid recursive read binary
+			// sc_read_binary cannot handle recursive 61 00 calls
+			if (card->reader && card->reader->active_protocol == SC_PROTO_T0)
+				card->max_recv_size = 255;
+		} else if ((r = gp_select_aid(card, &AzeDIT_v35_AID)) >= 0) {
+			_sc_card_add_rsa_alg(card, 2048, flags, 0);
+		} else {
+			free(card->drv_data);
+			card->drv_data = NULL;
+			SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_INVALID_CARD);
+		}
 	} else {
 		flags = SC_ALGORITHM_RSA_RAW |SC_ALGORITHM_RSA_PAD_PKCS1 | SC_ALGORITHM_RSA_HASH_NONE;
 		_sc_card_add_rsa_alg(card, 512, flags, 0);