From f331b35c4ee80a71acc7cbdcb5c873a012b24a9f Mon Sep 17 00:00:00 2001 From: vletoux Date: Fri, 17 Apr 2015 16:39:48 +0200 Subject: [PATCH] minidriver: make the parameter check be aware of pinpad capabilities --- src/minidriver/minidriver.c | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/src/minidriver/minidriver.c b/src/minidriver/minidriver.c index c60072c5..a91a261d 100644 --- a/src/minidriver/minidriver.c +++ b/src/minidriver/minidriver.c @@ -2377,17 +2377,17 @@ DWORD WINAPI CardAuthenticatePin(__in PCARD_DATA pCardData, return SCARD_E_INVALID_PARAMETER; if (wcscmp(wszCARD_USER_USER,pwszUserId) != 0 && wcscmp(wszCARD_USER_ADMIN,pwszUserId) != 0) return SCARD_E_INVALID_PARAMETER; - if (NULL == pbPin) + if (!(vs->reader->capabilities & SC_READER_CAP_PIN_PAD) && NULL == pbPin) return SCARD_E_INVALID_PARAMETER; - if (cbPin < 4 || cbPin > 12) + if (!(vs->reader->capabilities & SC_READER_CAP_PIN_PAD) && (cbPin < 4 || cbPin > 12)) return SCARD_W_WRONG_CHV; if (wcscmp(wszCARD_USER_ADMIN, pwszUserId) == 0) return SCARD_W_WRONG_CHV; if(pcAttemptsRemaining) - (*pcAttemptsRemaining) = 0; + (*pcAttemptsRemaining) = (DWORD) -1; wcstombs(type, pwszUserId, 100); type[10] = 0; @@ -2516,8 +2516,6 @@ DWORD WINAPI CardUnblockPin(__in PCARD_DATA pCardData, if (pwszUserId == NULL) return SCARD_E_INVALID_PARAMETER; - if (pbAuthenticationData == NULL) - return SCARD_E_INVALID_PARAMETER; if (wcscmp(wszCARD_USER_USER, pwszUserId) != 0 && wcscmp(wszCARD_USER_ADMIN,pwszUserId) != 0) return SCARD_E_INVALID_PARAMETER; if (wcscmp(wszCARD_USER_ADMIN, pwszUserId) == 0) @@ -2529,6 +2527,9 @@ DWORD WINAPI CardUnblockPin(__in PCARD_DATA pCardData, vs = (VENDOR_SPECIFIC*)(pCardData->pvVendorSpecific); + if ((!(vs->reader->capabilities & SC_READER_CAP_PIN_PAD)) && pbAuthenticationData == NULL) + return SCARD_E_INVALID_PARAMETER; + dw_rv = md_get_pin_by_role(pCardData, ROLE_USER, &pin_obj); if (dw_rv != SCARD_S_SUCCESS) { logprintf(pCardData, 2, "Cannot get User PIN object"); @@ -2574,14 +2575,19 @@ DWORD WINAPI CardChangeAuthenticator(__in PCARD_DATA pCardData, if (pwszUserId == NULL) return SCARD_E_INVALID_PARAMETER; - if (pbCurrentAuthenticator == NULL || cbCurrentAuthenticator == 0) { - logprintf(pCardData, 1, "Invalid current PIN data\n"); - return SCARD_E_INVALID_PARAMETER; - } + vs = (VENDOR_SPECIFIC*)(pCardData->pvVendorSpecific); + if (!vs) return SCARD_E_INVALID_PARAMETER; - if (pbNewAuthenticator == NULL || cbNewAuthenticator == 0) { - logprintf(pCardData, 1, "Invalid new PIN data\n"); - return SCARD_E_INVALID_PARAMETER; + if (!(vs->reader->capabilities & SC_READER_CAP_PIN_PAD)) { + if (pbCurrentAuthenticator == NULL || cbCurrentAuthenticator == 0) { + logprintf(pCardData, 1, "Invalid current PIN data\n"); + return SCARD_E_INVALID_PARAMETER; + } + + if (pbNewAuthenticator == NULL || cbNewAuthenticator == 0) { + logprintf(pCardData, 1, "Invalid new PIN data\n"); + return SCARD_E_INVALID_PARAMETER; + } } if (dwFlags != CARD_AUTHENTICATE_PIN_PIN) { @@ -2599,8 +2605,6 @@ DWORD WINAPI CardChangeAuthenticator(__in PCARD_DATA pCardData, pwszUserId, pbCurrentAuthenticator, cbCurrentAuthenticator, pbNewAuthenticator, cbNewAuthenticator, cRetryCount, dwFlags); - vs = (VENDOR_SPECIFIC*)(pCardData->pvVendorSpecific); - if (wcscmp(wszCARD_USER_USER, pwszUserId) == 0) dw_rv = md_get_pin_by_role(pCardData, ROLE_USER, &pin_obj); else if (wcscmp(wszCARD_USER_ADMIN,pwszUserId) == 0) @@ -3468,7 +3472,7 @@ DWORD WINAPI CardAuthenticateEx(__in PCARD_DATA pCardData, return SCARD_E_INVALID_PARAMETER; if(pcAttemptsRemaining) - (*pcAttemptsRemaining) = 0; + (*pcAttemptsRemaining) = (DWORD) -1; r = md_get_pin_by_role(pCardData, PinId, &pin_obj); if (r != SCARD_S_SUCCESS) {