OpenSC fork, with some Italian healthcare smart card utils

Go to file

Doug Engert 3fea6b7927 PIV detection of AID using Discovery Object before doing select AID Many OpenSC drivers try and detect during match if the card supports their AID by doing a SELECT FILE for the AID. But this can cause problems with cards such as Yubico that do not ignore SELECT AID commands for applications they do not support. Other cards may have the same problems. Selecting the wrong AID can also lose the security state. The card-piv.c will now uses the GET DATA to read the PIV Discovery Object '7E' which is a ISO standard template that will contain the AID of the currently active application. The driver will then double check that the template is for the PIV application. If the template contains the PIV AID, then no SELECT AID is done. PIV standards say there can only be one PIV application on a card. PIV standards also say PIV must be the the default application, but Yubico does not follow this. The command fails only then will a SELECT AID be done. Thus this can avoid the Yubico problem. This logic is used in both "match" and in the piv_card_reader_lock_obtained routine. Additional logic was in piv_card_reader_lock_obtained was added to handle when the card reset was received by some other program. Multiple programs may be trying to use the PIV application on the card, and thus multiple programs will all receive that the card was reset. The first program to receive the card was reset will do all of the above logic, and may leave the card in a state will cause other programs to not have to do much at all. The intent of all of this is to avoid sending extra commands to the card including SELECT AID that could change the card state when not needed. On branch piv-aid-discovery Changes to be committed: modified: card-piv.c		2018-02-22 09:37:46 -06:00
.github	use a better issue template	2017-07-18 22:32:10 +02:00
MacOSX	macOS: fixed detection of OpenPACE package	2017-12-19 12:52:50 +01:00
doc	Use only 'filename' for file arguments replacements	2018-02-07 11:13:09 +01:00
etc	OpenPGP: Implemented "keep alive" command	2018-02-07 11:57:48 +01:00
m4	opensc-notify: notify for card events	2017-08-02 19:04:09 +02:00
packaging/debian.templates	fix LGPL version	2013-09-29 20:55:41 +02:00
solaris	Thomas Uhle: modify Makefile so configure finds the include files	2009-12-03 07:05:15 +00:00
src	PIV detection of AID using Discovery Object before doing select AID	2018-02-22 09:37:46 -06:00
win32	SC-HSM: Don't block generic contactless ATR	2017-12-04 21:09:26 +01:00
.gitignore	Added (external) card driver for German ID card	2017-03-20 21:28:48 +01:00
.travis.yml	travis: fixed disabling of notifications for mingw	2017-08-03 00:16:58 +02:00
COPYING	- changed license to LGPL	2001-11-06 18:34:19 +00:00
Makefile.am	build: bootstrap script has expected content	2014-05-11 09:15:27 +02:00
Makefile.mak	fixed and cleaned up nmake Makefiles	2016-06-23 07:35:53 +02:00
NEWS	fixed date of 0.17.0 in NEWS	2017-07-19 09:31:54 +02:00
README	link README to README.md	2015-11-02 23:54:36 +01:00
README.md	include branch in CI links	2017-10-30 21:14:52 +01:00
appveyor.yml	win32: generate PDB files for releases	2017-11-21 10:54:48 +01:00
bootstrap	build: bootstrap script has expected content	2014-05-11 09:15:27 +02:00
bootstrap.ci	tools: print package revision	2016-03-04 14:16:06 +01:00
configure.ac	opensc-notify: register a desktop menu entry	2017-11-21 13:01:12 +01:00
version.m4	tools: print package revision	2016-03-04 14:16:06 +01:00

README.md

OpenSC documentation

Wiki is available online

Please take a look at the documentation before trying to use OpenSC.