From 24e121ef261731069868ca403b818f1168237f53 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 13 Dec 2011 16:55:42 +0100 Subject: scd: Introduce a virtual reader table. The vreader table makes the code more clear by explicitly talking about APDU slots and reader indices. It also accommodates for future extensions. * scd/scdaemon.h (server_control_s): Remove READER_SLOT. * scd/scdaemon.c (scd_init_default_ctrl): Do not init READER_SLOT. * scd/app.c (check_application_conflict): Add arg SLOT. * scd/command.c (slot_status_s): Rename to vreader_s. (server_local_s): Add field VREADER_IDX as replacement for the READER_SLOT in server_control_s. Change all users. (slot_table): Rename to vreader_table. Change all users. (vreader_slot): New. (do_reset, cmd_apdu): Map vreader to apdu slot. (get_reader_slot): Rename to get_current_reader. Return -1 on error. (open_card): Map vreader toapdu slot. Pass slot to check_application_conflict. (scd_command_handler): Init VREADER_IDX. (update_reader_status_file): Reset SLOT field on error. --- scd/app.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'scd/app.c') diff --git a/scd/app.c b/scd/app.c index 6d652360c..6f0d7560b 100644 --- a/scd/app.c +++ b/scd/app.c @@ -213,18 +213,19 @@ application_notify_card_reset (int slot) used to request a specific application and the connection has already done a select_application. */ gpg_error_t -check_application_conflict (ctrl_t ctrl, const char *name) +check_application_conflict (ctrl_t ctrl, int slot, const char *name) { - int slot = ctrl->reader_slot; app_t app; + (void)ctrl; + if (slot < 0 || slot >= DIM (lock_table)) return gpg_error (GPG_ERR_INV_VALUE); app = lock_table[slot].initialized ? lock_table[slot].app : NULL; if (app && app->apptype && name) if ( ascii_strcasecmp (app->apptype, name)) - return gpg_error (GPG_ERR_CONFLICT); + return gpg_error (GPG_ERR_CONFLICT); return 0; } -- cgit v1.2.3 From dcd64131c60efd0189aa05d5dbce6b93547b04e3 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 14 Dec 2011 17:00:50 +0100 Subject: scd: Add the "undefined" stub application. * scd/app.c (select_application): Implement the "undefined" application. --- scd/app.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'scd/app.c') diff --git a/scd/app.c b/scd/app.c index 6f0d7560b..63ef4fa65 100644 --- a/scd/app.c +++ b/scd/app.c @@ -387,6 +387,14 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) if (err && is_app_allowed ("geldkarte") && (!name || !strcmp (name, "geldkarte"))) err = app_select_geldkarte (app); + if (err && is_app_allowed ("undefined") + && (name && !strcmp (name, "undefined"))) + { + /* We switch to the "undefined" application only if explicitly + requested. */ + app->apptype = "UNDEFINED"; + err = 0; + } if (err && name) err = gpg_error (GPG_ERR_NOT_SUPPORTED); @@ -422,6 +430,8 @@ get_supported_applications (void) "p15", "dinsig", "geldkarte", + /* Note: "undefined" is not listed here because it needs special + treatment by the client. */ NULL }; int idx; -- cgit v1.2.3 From 792e137ec7997a0ff5c54ff970611238d28d4ba8 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 14 Dec 2011 18:56:10 +0100 Subject: scd: Skip S/N reading for the "undefined" application. * scd/app.c (select_application): Skip serial number reading. --- scd/app.c | 97 ++++++++++++++++++++++++++++++++++----------------------------- 1 file changed, 52 insertions(+), 45 deletions(-) (limited to 'scd/app.c') diff --git a/scd/app.c b/scd/app.c index 63ef4fa65..31e56fb3f 100644 --- a/scd/app.c +++ b/scd/app.c @@ -242,11 +242,14 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) app_t app = NULL; unsigned char *result = NULL; size_t resultlen; + int want_undefined; (void)ctrl; *r_app = NULL; + want_undefined = (name && !strcmp (name, "undefined")); + err = lock_reader (slot, ctrl); if (err) return err; @@ -326,45 +329,49 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) /* Fixme: We should now first check whether a card is at all present. */ - /* Try to read the GDO file first to get a default serial number. */ - err = iso7816_select_file (slot, 0x3F00, 1, NULL, NULL); - if (!err) - err = iso7816_select_file (slot, 0x2F02, 0, NULL, NULL); - if (!err) - err = iso7816_read_binary (slot, 0, 0, &result, &resultlen); - if (!err) + /* Try to read the GDO file first to get a default serial number. + We skip this if the undefined application has been requested. */ + if (!want_undefined) { - size_t n; - const unsigned char *p; - - p = find_tlv_unchecked (result, resultlen, 0x5A, &n); - if (p) - resultlen -= (p-result); - if (p && n > resultlen && n == 0x0d && resultlen+1 == n) - { - /* The object it does not fit into the buffer. This is an - invalid encoding (or the buffer is too short. However, I - have some test cards with such an invalid encoding and - therefore I use this ugly workaround to return something - I can further experiment with. */ - log_info ("enabling BMI testcard workaround\n"); - n--; - } - - if (p && n <= resultlen) + err = iso7816_select_file (slot, 0x3F00, 1, NULL, NULL); + if (!err) + err = iso7816_select_file (slot, 0x2F02, 0, NULL, NULL); + if (!err) + err = iso7816_read_binary (slot, 0, 0, &result, &resultlen); + if (!err) { - /* The GDO file is pretty short, thus we simply reuse it for - storing the serial number. */ - memmove (result, p, n); - app->serialno = result; - app->serialnolen = n; - err = app_munge_serialno (app); - if (err) - goto leave; + size_t n; + const unsigned char *p; + + p = find_tlv_unchecked (result, resultlen, 0x5A, &n); + if (p) + resultlen -= (p-result); + if (p && n > resultlen && n == 0x0d && resultlen+1 == n) + { + /* The object it does not fit into the buffer. This is an + invalid encoding (or the buffer is too short. However, I + have some test cards with such an invalid encoding and + therefore I use this ugly workaround to return something + I can further experiment with. */ + log_info ("enabling BMI testcard workaround\n"); + n--; + } + + if (p && n <= resultlen) + { + /* The GDO file is pretty short, thus we simply reuse it for + storing the serial number. */ + memmove (result, p, n); + app->serialno = result; + app->serialnolen = n; + err = app_munge_serialno (app); + if (err) + goto leave; + } + else + xfree (result); + result = NULL; } - else - xfree (result); - result = NULL; } /* For certain error codes, there is no need to try more. */ @@ -373,7 +380,15 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) goto leave; /* Figure out the application to use. */ - err = gpg_error (GPG_ERR_NOT_FOUND); + if (want_undefined) + { + /* We switch to the "undefined" application only if explicitly + requested. */ + app->apptype = "UNDEFINED"; + err = 0; + } + else + err = gpg_error (GPG_ERR_NOT_FOUND); if (err && is_app_allowed ("openpgp") && (!name || !strcmp (name, "openpgp"))) @@ -387,14 +402,6 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) if (err && is_app_allowed ("geldkarte") && (!name || !strcmp (name, "geldkarte"))) err = app_select_geldkarte (app); - if (err && is_app_allowed ("undefined") - && (name && !strcmp (name, "undefined"))) - { - /* We switch to the "undefined" application only if explicitly - requested. */ - app->apptype = "UNDEFINED"; - err = 0; - } if (err && name) err = gpg_error (GPG_ERR_NOT_SUPPORTED); -- cgit v1.2.3 From 27089564b6453deaf7b4ffe7cc5f5f290b6d892b Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 15 Dec 2011 21:45:35 +0100 Subject: scd: Prefer application Geldkarte over DINSIG. * scd/app.c (select_application): Reorder application tests. -- Although the DINSIG application is available on most German cards, it is in reality not used. Thus showing the Geldkarte application is more desirable for a good user experience. --- scd/app.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'scd/app.c') diff --git a/scd/app.c b/scd/app.c index 31e56fb3f..76dc8b4de 100644 --- a/scd/app.c +++ b/scd/app.c @@ -397,11 +397,11 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) err = app_select_nks (app); if (err && is_app_allowed ("p15") && (!name || !strcmp (name, "p15"))) err = app_select_p15 (app); - if (err && is_app_allowed ("dinsig") && (!name || !strcmp (name, "dinsig"))) - err = app_select_dinsig (app); if (err && is_app_allowed ("geldkarte") && (!name || !strcmp (name, "geldkarte"))) err = app_select_geldkarte (app); + if (err && is_app_allowed ("dinsig") && (!name || !strcmp (name, "dinsig"))) + err = app_select_dinsig (app); if (err && name) err = gpg_error (GPG_ERR_NOT_SUPPORTED); @@ -435,8 +435,8 @@ get_supported_applications (void) "openpgp", "nks", "p15", - "dinsig", "geldkarte", + "dinsig", /* Note: "undefined" is not listed here because it needs special treatment by the client. */ NULL -- cgit v1.2.3