Let sc_get_challenge() do sc_lock() and loop through the card driver's
get_challenge() until enough bytes were collected. The card driver's
get_challenge() now returns the number of bytes collected (less or equal
than requested) or an error code.
- Allow more code re-use.
- PIV driver now uses ASN.1 parser for reading the random bytes
opensc-explorer.c:1727:8: warning: comparison of integers of different signs:
'int' and 'size_t' (aka 'unsigned long') [-Wsign-compare]
if(r > len) {
~ ^ ~~~
Some cards (e.g., BELPIC) have a hardcoded file length that does not
match the actual file length (e.g., 65535 bytes), and simply return the
data that is actually on the card when asked.
It is useful to still be able to do an ASN.1 decode in that case.
Signed-off-by: Wouter Verhelst <w@uter.be>
'PACE' is extremely card specific protocol and has not to be ostensibly
present in the common part of OpenSC:
* currently in OpenSC there is no card driver that supports or uses this protocol;
* amazing content of the common 'sc_perform_pace' -- beside the verbose logs
the only substantial action is to call the card/reader specific handler.
According to the current sources and the pull request 83
this 'common' procedure is called by the card driver or
card specific tool/operation.
* currently the 'PACE' can be thouroghly tested only by one person (Frank Morgner),
and only using the OpenSSL patched with the PACE specific patch.
So, at least a dedicated configuration option could be introduced when comiting PACE to the common part.
* common 'sc_perfom_pace' has the same role as the 'initialize-SM' handler of the existing SM framework
and can be implemented as card specific SM, as the others cards do.
This confirmed by Frank Morgner, the author of PACE commits and nPA card driver, himself.
(https://github.com/OpenSC/OpenSC/pull/83)
Harmonize the allowed PIN length in CHANGE & UNBLOCK with the one in VERIFY,
making sure they are large enough for OpenPGP, which allows up ro 32 characters,
and giving additional security margin for other cards.
In VERIFY, allow the user to enter the PIN unteractively if it was not given
on the command line, and if the card reader does not support PIN input.
If it was not given on the command line and the card reader supports PIN input,
then the bahaviour is unchanged: enter PIN via card reader.
When reading and printing file content, do not read it by small chunks,
but read an entire file.
It allows to verify how card driver reads the data of maximal size
that is allowed for one transaction ('max_recv_size').
Add 'echo' command that simply displays its arguments.
With the recently committed script interpreter feature and this echo command,
nice litte scripts can be written, like e.g.
$ cat opengpg-userinfo
#!/usr/bin/opensc-explorer
cd 0065
echo Name:
cat 005B
echo Language:
cat 5F2D
echo Gender:
cat 5F35
quit
* add new function path_to_filename() that converts a path into
filename, and returns a static buffer to it
* convert all occurrences where file names get generated
to using this function
Signed-off-by: Peter Marschall <peter@adpm.de>
Use the easier to read & shorter expression
path->type = (is_id) ? SC_PATH_TYPE_FILE_ID : SC_PATH_TYPE_PATH;
nstead of the longer, but equivalent if () .. else construction.
Signed-off-by: Peter Marschall <peter@adpm.de>
* allow double-quoted strings besides hexdata in ADPU generation
* detect errors in parameter parsing
* use utility function to print bytes sent,
fixing an error that only showed parts of the APDU wheni
it was generated from multiple arguments
Signed-off-by: Peter Marschall <peter@adpm.de>
Simplify argument handling in do_change() and do_unblock(),
making the functions shorter and deasier to understand.,
Signed-off-by: Peter Marschall <peter@adpm.de>