Some pinpads do not support PIN size less than 4 or greater than 8.
PC/SC v2 part 10 allows to ask the driver/reader for the supported
values. This avoids to have the SECURE PIN CCID command rejected by the
reader.
This should fix OpenSC ticket #361 "card-entersafe should ask the pinpad
reader for the maximum pin size"
The timeout parameter of SCardGetStatusChange() is a DWORD (unsigned
int). An int timeout parameter was used instead.
The problem happens on 64-bits architectures where DWORD is 64-bits long
and int is only 32-bits long. The sign extension C mechanism transforms
the PC/SC value INFINITE into -1 instead of 4294967295.
See http://www.opensc-project.org/pipermail/opensc-devel/2011-June/016831.html
"Kobil KAAN Advanced Reader, "waiting for card" timeout"
* add new function path_to_filename() that converts a path into
filename, and returns a static buffer to it
* convert all occurrences where file names get generated
to using this function
Signed-off-by: Peter Marschall <peter@adpm.de>
Use the easier to read & shorter expression
path->type = (is_id) ? SC_PATH_TYPE_FILE_ID : SC_PATH_TYPE_PATH;
nstead of the longer, but equivalent if () .. else construction.
Signed-off-by: Peter Marschall <peter@adpm.de>
* allow double-quoted strings besides hexdata in ADPU generation
* detect errors in parameter parsing
* use utility function to print bytes sent,
fixing an error that only showed parts of the APDU wheni
it was generated from multiple arguments
Signed-off-by: Peter Marschall <peter@adpm.de>
Simplify argument handling in do_change() and do_unblock(),
making the functions shorter and deasier to understand.,
Signed-off-by: Peter Marschall <peter@adpm.de>
The variables "in_str" in do_update_binary() & do_update_record()
do not serve a purpose: use argv[x] directly & remove them.
Signed-off-by: Peter Marschall <peter@adpm.de>
Convert arg_to_path() to using the standard sc_hex_to_binary() instead of
the local hex2binary().
While at it, return erros on failed conversions.
Signed-off-by: Peter Marschall <peter@adpm.de>
Update do_update_record() to use parse_string_or_hexdata() instead of the old
hex2binary().
This change allows to use double-quoted strings in the "update_record" command.
Signed-off-by: Peter Marschall <peter@adpm.de>
do_update_binary() and do_update_record() expect a fixed number of parameters
each: adapt the checks for argc so that they do the right thing.
Signed-off-by: Peter Marschall <peter@adpm.de>
* add new function parse_string_or_hexdata() that parses
a double-quoted string or a hex-data string (e.g: AA:BB:CC)
into a buffer
* use parse_string_or_hexdata() wherever strings or hexdata
gets parsed into a buffer
Signed-off-by: Peter Marschall <peter@adpm.de>
* extend cmds struct by a new element args for a description of the arguments
* use args in help texts
* new function usage() for centralited dispaly of usage info
* harmonize argument strings for usage / help texts
* re-sort cmd list shown in help texts
* add function "help" to cwallow asking for for help
* space-police
Signed-off-by: Peter Marschall <peter@adpm.de>
* use ID<->name tables instead of arrays of strings where
the index was treated like some "magic" constant.
With the new mapping tables, the meaning is obvious.
* fix a bug with ac_ops_df[]: before the conversion, it was a list
of pointers to strings but was in one case treated like it was a mapping table.
With the conversion to a mapping table, and the adaption of other code parts
this bug got fixed "automagically" ;-)
* use common code to cleanly print ACLs for DFs & EFs
* harmonize EF structure names to the ones used in ISO 7816-4
Signed-off-by: Peter Marschall <peter@adpm.de>
Remove links pointing to the blob to be deleted from other blobs in the
blob tree structure, so that removing a subordinate blob does not hurt
its parent or siblings.
Signed-off-by: Peter Marschall <peter@adpm.de>
* get file as parameter & fail if it is NULL
* allow parent to be NULL
* do not rely on DO info to be passed as parameter,
search it yourself using the global DO info list for the card.
* infer file type automatically from DO info matching the file ID.
Signed-off-by: Peter Marschall <peter@adpm.de>
DO FF is a "catch-all" DO that returns all the infos contained in the other
DOs in one hierarchy.
It is hence duplicate and not necessary.
Signed-off-by: Peter Marschall <peter@adpm.de>
Also include forgotten DO C3 in keylength calculation.
It contains the parameters for the authentication key.
Signed-off-by: Peter Marschall <peter@adpm.de>
In PKCS#11 there is no CKA_ attribute dedicated to the NON-REPUDIATION flag.
We need this flag in PKCS#15/libopensc to make dinstinction between 'signature' and 'qualified signature' key slots.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5567 c6295689-39f2-0310-b995-f0e70906c6a9
can be loaded at ADMINISTRATION life cycle phase to change
the behavior of the VERIFY command in regard to return codes.
When that package is loaded, the return code of the VERIFY
will be ISO7816-4 compliant (63Cx with x being the value of
the remaining retry counter when required verification has failed).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5565 c6295689-39f2-0310-b995-f0e70906c6a9