Reselect PKI-Applets after card reset

PKI-Applets may not be active if the card has been reset or unpowered.
The SELECT command used to activate the applet, is identical to the one
used during card matching or initialization.

src/libopensc/card-asepcos.c

@@ -1026,6 +1026,20 @@ static int asepcos_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *pdata,
 	return r;
 }
 
+static int asepcos_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0 && card->type == SC_CARD_TYPE_ASEPCOS_JAVA) {
+		/* in case of a Java card try to select the ASEPCOS applet */
+		r = asepcos_select_asepcos_applet(card);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 static struct sc_card_driver * sc_get_driver(void)
 {
 	if (iso_ops == NULL)
@@ -1042,6 +1056,7 @@ static struct sc_card_driver * sc_get_driver(void)
 	asepcos_ops.list_files        = asepcos_list_files;
 	asepcos_ops.card_ctl          = asepcos_card_ctl;
 	asepcos_ops.pin_cmd           = asepcos_pin_cmd;
+	asepcos_ops.card_reader_lock_obtained = asepcos_card_reader_lock_obtained;
 
 	return &asepcos_drv;
 }

src/libopensc/card-authentic.c

@@ -491,7 +491,6 @@ authentic_init(struct sc_card *card)
 	LOG_FUNC_RETURN(ctx, rv);
 }
 
-
 static int
 authentic_erase_binary(struct sc_card *card, unsigned int offs, size_t count, unsigned long flags)
 {
@@ -2115,6 +2114,21 @@ authentic_finish(struct sc_card *card)
 }
 
 
+static int authentic_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0
+			&& card->type == SC_CARD_TYPE_OBERTHUR_AUTHENTIC_3_2) {
+		r = authentic_select_aid(card, aid_AuthentIC_3_2, sizeof(aid_AuthentIC_3_2), NULL, NULL);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
+
 /* SM related */
 #ifdef ENABLE_SM
 static int
@@ -2367,6 +2381,7 @@ sc_get_driver(void)
 	authentic_ops.card_ctl = authentic_card_ctl;
 	authentic_ops.process_fci = authentic_process_fci;
 	authentic_ops.pin_cmd = authentic_pin_cmd;
+	authentic_ops.card_reader_lock_obtained = authentic_card_reader_lock_obtained;
 
 	return &authentic_drv;
 }

src/libopensc/card-coolkey.c

@@ -2287,6 +2287,7 @@ static int coolkey_init(sc_card_t *card)
 	SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_SUCCESS);
 }
 
+
 static int
 coolkey_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data, int *tries_left)
 {
@@ -2342,6 +2343,7 @@ coolkey_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data, int *tries_left)
 	return r;
 }
 
+
 static int
 coolkey_logout(sc_card_t *card)
 {
@@ -2358,6 +2360,20 @@ coolkey_logout(sc_card_t *card)
 	return SC_SUCCESS;
 }
 
+
+static int coolkey_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0) {
+		r = coolkey_select_applet(card);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 static struct sc_card_operations coolkey_ops;
 
 static struct sc_card_driver coolkey_drv = {
@@ -2388,6 +2404,7 @@ static struct sc_card_driver * sc_get_driver(void)
 	coolkey_ops.check_sw = coolkey_check_sw;
 	coolkey_ops.pin_cmd = coolkey_pin_cmd;
 	coolkey_ops.logout = coolkey_logout;
+	coolkey_ops.card_reader_lock_obtained = coolkey_card_reader_lock_obtained;
 
 	return &coolkey_drv;
 }

src/libopensc/card-gemsafeV1.c

@@ -566,6 +566,20 @@ static int gemsafe_get_challenge(sc_card_t *card, u8 *rnd, size_t len)
 	return r;
 }
 
+static int gemsafe_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+	gemsafe_exdata *exdata = (gemsafe_exdata *)card->drv_data;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0 && exdata) {
+		r = gp_select_applet(card, exdata->aid, exdata->aid_len);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 static struct sc_card_driver *sc_get_driver(void)
 {
 	struct sc_card_driver *iso_drv = sc_get_iso7816_driver();
@@ -585,6 +599,7 @@ static struct sc_card_driver *sc_get_driver(void)
 	gemsafe_ops.get_challenge 		 = gemsafe_get_challenge;
 	gemsafe_ops.process_fci	= gemsafe_process_fci;
 	gemsafe_ops.pin_cmd		 = iso_ops->pin_cmd;
+	gemsafe_ops.card_reader_lock_obtained = gemsafe_card_reader_lock_obtained;
 
 	return &gemsafe_drv;
 }

src/libopensc/card-gids.c

@@ -2047,13 +2047,27 @@ static int gids_card_ctl(sc_card_t * card, unsigned long cmd, void *ptr)
 	}
 }
 
+static int gids_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0) {
+		u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
+		size_t resplen = sizeof(rbuf);
+		r = gids_select_aid(card, gids_aid.value, gids_aid.len, rbuf, &resplen);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 static struct sc_card_driver *sc_get_driver(void)
 {
 
 	if (iso_ops == NULL)
 		iso_ops = sc_get_iso7816_driver()->ops;
 
-
 	gids_ops.match_card = gids_match_card;
 	gids_ops.init = gids_init;
 	gids_ops.finish = gids_finish;
@@ -2088,6 +2102,8 @@ static struct sc_card_driver *sc_get_driver(void)
 	gids_ops.put_data = NULL;
 	gids_ops.delete_record = NULL;
 	gids_ops.read_public_key = gids_read_public_key;
+	gids_ops.card_reader_lock_obtained = gids_card_reader_lock_obtained;
+
 	return &gids_drv;
 }
 

src/libopensc/card-isoApplet.c

@@ -1224,6 +1224,21 @@ isoApplet_get_challenge(struct sc_card *card, u8 *rnd, size_t len)
 	LOG_FUNC_RETURN(ctx, r);
 }
 
+static int isoApplet_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0) {
+		size_t rlen = SC_MAX_APDU_BUFFER_SIZE;
+		u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
+		r = isoApplet_select_applet(card, isoApplet_aid, ISOAPPLET_AID_LEN, rbuf, &rlen);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 static struct sc_card_driver *sc_get_driver(void)
 {
 	sc_card_driver_t *iso_drv = sc_get_iso7816_driver();
@@ -1246,6 +1261,7 @@ static struct sc_card_driver *sc_get_driver(void)
 	isoApplet_ops.set_security_env = isoApplet_set_security_env;
 	isoApplet_ops.compute_signature = isoApplet_compute_signature;
 	isoApplet_ops.get_challenge = isoApplet_get_challenge;
+	isoApplet_ops.card_reader_lock_obtained = isoApplet_card_reader_lock_obtained;
 
 	/* unsupported functions */
 	isoApplet_ops.write_binary = NULL;

src/libopensc/card-jpki.c

@@ -362,6 +362,19 @@ jpki_compute_signature(sc_card_t * card,
 	LOG_FUNC_RETURN(card->ctx, apdu.resplen);
 }
 
+static int jpki_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0) {
+		r = jpki_select_ap(card);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 static struct sc_card_driver *
 sc_get_driver(void)
 {
@@ -376,6 +389,7 @@ sc_get_driver(void)
 	jpki_ops.pin_cmd = jpki_pin_cmd;
 	jpki_ops.set_security_env = jpki_set_security_env;
 	jpki_ops.compute_signature = jpki_compute_signature;
+	jpki_ops.card_reader_lock_obtained = jpki_card_reader_lock_obtained;
 
 	return &jpki_drv;
 }

src/libopensc/card-muscle.c

@@ -810,6 +810,21 @@ static int muscle_check_sw(sc_card_t * card, unsigned int sw1, unsigned int sw2)
 	return iso_ops->check_sw(card, sw1, sw2);
 }
 
+static int muscle_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0) {
+		if (msc_select_applet(card, muscleAppletId, sizeof muscleAppletId) != 1) {
+			r = SC_ERROR_INVALID_CARD;
+		}
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
 
 static struct sc_card_driver * sc_get_driver(void)
 {
@@ -837,6 +852,7 @@ static struct sc_card_driver * sc_get_driver(void)
 	muscle_ops.select_file = muscle_select_file;
 	muscle_ops.delete_file = muscle_delete_file;
 	muscle_ops.list_files = muscle_list_files;
+	muscle_ops.card_reader_lock_obtained = muscle_card_reader_lock_obtained;
 
 	return &muscle_drv;
 }

src/libopensc/card-openpgp.c

@@ -378,7 +378,7 @@ static int
 pgp_init(sc_card_t *card)
 {
 	struct pgp_priv_data *priv;
-	sc_path_t	aid;
+	sc_path_t	path;
 	sc_file_t	*file = NULL;
 	struct do_info	*info;
 	int		r;
@@ -394,9 +394,9 @@ pgp_init(sc_card_t *card)
 	card->cla = 0x00;
 
 	/* select application "OpenPGP" */
-	sc_format_path("D276:0001:2401", &aid);
-	aid.type = SC_PATH_TYPE_DF_NAME;
-	if ((r = iso_ops->select_file(card, &aid, &file)) < 0) {
+	sc_format_path("D276:0001:2401", &path);
+	path.type = SC_PATH_TYPE_DF_NAME;
+	if ((r = iso_ops->select_file(card, &path, &file)) < 0) {
 		pgp_finish(card);
 		LOG_FUNC_RETURN(card->ctx, r);
 	}
@@ -2868,11 +2868,28 @@ pgp_update_binary(sc_card_t *card, unsigned int idx,
 }
 
 
-/**
- * ABI: driver binding stuff.
- */
-static struct sc_card_driver *
-sc_get_driver(void)
+static int pgp_card_reader_lock_obtained(sc_card_t *card, int was_reset)
+{
+	int r = SC_SUCCESS;
+
+	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+
+	if (was_reset > 0) {
+		sc_file_t	*file = NULL;
+		sc_path_t	path;
+		/* select application "OpenPGP" */
+		sc_format_path("D276:0001:2401", &path);
+		path.type = SC_PATH_TYPE_DF_NAME;
+		r = iso_ops->select_file(card, &path, &file);
+		sc_file_free(file);
+	}
+
+	LOG_FUNC_RETURN(card->ctx, r);
+}
+
+
+struct sc_card_driver *
+sc_get_openpgp_driver(void)
 {
 	struct sc_card_driver *iso_drv = sc_get_iso7816_driver();
 
@@ -2897,16 +2914,7 @@ sc_get_driver(void)
 	pgp_ops.card_ctl	= pgp_card_ctl;
 	pgp_ops.delete_file	= pgp_delete_file;
 	pgp_ops.update_binary	= pgp_update_binary;
+	pgp_ops.card_reader_lock_obtained = pgp_card_reader_lock_obtained;
 
 	return &pgp_drv;
 }
-
-
-/**
- * ABI: driver binding stuff.
- */
-struct sc_card_driver *
-sc_get_openpgp_driver(void)
-{
-	return sc_get_driver();
-}

src/libopensc/card-piv.c

@@ -2333,7 +2333,7 @@ static int piv_validate_general_authentication(sc_card_t *card,
 
 	u8 sbuf[4096]; /* needs work. for 3072 keys, needs 384+10 or so */
 	u8 *rbuf = NULL;
-	size_t rbuflen = 0;
+	size_t rbuflen;
 
 	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);