Changeset d888b3f in OpenSC
- Timestamp:
- 06/05/11 15:46:25 (12 months ago)
- Branches:
- master, staging
- Children:
- efc5760
- Parents:
- 32d035a
- git-author:
- vtarasov <vtarasov@…> (06/05/11 15:46:25)
- git-committer:
- vtarasov <vtarasov@…> (06/05/11 15:46:25)
- Location:
- src
- Files:
-
- 49 edited
-
libopensc/libopensc.exports (modified) (1 diff)
-
libopensc/p15card-helper.c (modified) (2 diffs)
-
libopensc/pkcs15-actalis.c (modified) (2 diffs)
-
libopensc/pkcs15-atrust-acos.c (modified) (2 diffs)
-
libopensc/pkcs15-esteid.c (modified) (2 diffs)
-
libopensc/pkcs15-gemsafeGPK.c (modified) (2 diffs)
-
libopensc/pkcs15-gemsafeV1.c (modified) (1 diff)
-
libopensc/pkcs15-infocamere.c (modified) (2 diffs)
-
libopensc/pkcs15-itacns.c (modified) (2 diffs)
-
libopensc/pkcs15-oberthur.c (modified) (6 diffs)
-
libopensc/pkcs15-openpgp.c (modified) (2 diffs)
-
libopensc/pkcs15-pin.c (modified) (33 diffs)
-
libopensc/pkcs15-piv.c (modified) (3 diffs)
-
libopensc/pkcs15-postecert.c (modified) (2 diffs)
-
libopensc/pkcs15-pteid.c (modified) (2 diffs)
-
libopensc/pkcs15-starcert.c (modified) (2 diffs)
-
libopensc/pkcs15-syn.c (modified) (2 diffs)
-
libopensc/pkcs15-tccardos.c (modified) (2 diffs)
-
libopensc/pkcs15-tcos.c (modified) (2 diffs)
-
libopensc/pkcs15-westcos.c (modified) (2 diffs)
-
libopensc/pkcs15.c (modified) (8 diffs)
-
libopensc/pkcs15.h (modified) (3 diffs)
-
pkcs11/framework-pkcs15.c (modified) (26 diffs)
-
pkcs15init/pkcs15-asepcos.c (modified) (12 diffs)
-
pkcs15init/pkcs15-cardos.c (modified) (12 diffs)
-
pkcs15init/pkcs15-cflex.c (modified) (4 diffs)
-
pkcs15init/pkcs15-entersafe.c (modified) (6 diffs)
-
pkcs15init/pkcs15-gpk.c (modified) (6 diffs)
-
pkcs15init/pkcs15-iasecc.c (modified) (1 diff)
-
pkcs15init/pkcs15-incrypto34.c (modified) (12 diffs)
-
pkcs15init/pkcs15-init.h (modified) (3 diffs)
-
pkcs15init/pkcs15-jcop.c (modified) (5 diffs)
-
pkcs15init/pkcs15-lib.c (modified) (32 diffs)
-
pkcs15init/pkcs15-miocos.c (modified) (3 diffs)
-
pkcs15init/pkcs15-muscle.c (modified) (2 diffs)
-
pkcs15init/pkcs15-myeid.c (modified) (3 diffs)
-
pkcs15init/pkcs15-oberthur.c (modified) (13 diffs)
-
pkcs15init/pkcs15-rtecp.c (modified) (5 diffs)
-
pkcs15init/pkcs15-rutoken.c (modified) (4 diffs)
-
pkcs15init/pkcs15-setcos.c (modified) (10 diffs)
-
pkcs15init/pkcs15-starcos.c (modified) (15 diffs)
-
pkcs15init/pkcs15-westcos.c (modified) (1 diff)
-
pkcs15init/profile.c (modified) (12 diffs)
-
pkcs15init/profile.h (modified) (3 diffs)
-
tests/pintest.c (modified) (1 diff)
-
tests/print.c (modified) (1 diff)
-
tools/pkcs15-crypt.c (modified) (2 diffs)
-
tools/pkcs15-init.c (modified) (15 diffs)
-
tools/pkcs15-tool.c (modified) (10 diffs)
Legend:
- Unmodified
- Added
- Removed
-
src/libopensc/libopensc.exports
rdce63c8 rd888b3f 181 181 sc_pkcs15_free_key_params 182 182 sc_pkcs15_free_object 183 sc_pkcs15_free_ pin_info183 sc_pkcs15_free_auth_info 184 184 sc_pkcs15_free_prkey 185 185 sc_pkcs15_free_prkey_info -
src/libopensc/p15card-helper.c
rd5679f5 rd888b3f 278 278 if(!pins) return SC_SUCCESS; 279 279 for (i = 0; pins[i].label; i++) { 280 struct sc_pkcs15_ pin_info pin_info;280 struct sc_pkcs15_auth_info pin_info; 281 281 struct sc_pkcs15_object pin_obj; 282 282 … … 284 284 memset(&pin_obj, 0, sizeof(pin_obj)); 285 285 286 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 286 287 sc_pkcs15_format_id(pins[i].id, &pin_info.auth_id); 287 pin_info.reference = pins[i].ref; 288 pin_info.flags = pins[i].flags; 289 pin_info.type = pins[i].type; 290 pin_info.min_length = pins[i].minlen; 291 pin_info.stored_length = pins[i].storedlen; 292 pin_info.max_length = pins[i].maxlen; 293 pin_info.pad_char = pins[i].pad_char; 288 289 pin_info.attrs.pin.reference = pins[i].ref; 290 pin_info.attrs.pin.flags = pins[i].flags; 291 pin_info.attrs.pin.type = pins[i].type; 292 pin_info.attrs.pin.min_length = pins[i].minlen; 293 pin_info.attrs.pin.stored_length = pins[i].storedlen; 294 pin_info.attrs.pin.max_length = pins[i].maxlen; 295 pin_info.attrs.pin.pad_char = pins[i].pad_char; 296 294 297 sc_format_path(pins[i].path, &pin_info.path); 295 298 pin_info.tries_left = -1; -
src/libopensc/pkcs15-actalis.c
r7124273 rd888b3f 78 78 int flags, int tries_left, const char pad_char, int obj_flags) 79 79 { 80 sc_pkcs15_ pin_info_t info;80 sc_pkcs15_auth_info_t info; 81 81 sc_pkcs15_object_t obj; 82 82 … … 85 85 86 86 info.auth_id = *id; 87 info.min_length = min_length; 88 info.max_length = max_length; 89 info.stored_length = max_length; 90 info.type = type; 91 info.reference = ref; 92 info.flags = flags; 87 info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 88 info.attrs.pin.min_length = min_length; 89 info.attrs.pin.max_length = max_length; 90 info.attrs.pin.stored_length = max_length; 91 info.attrs.pin.type = type; 92 info.attrs.pin.reference = ref; 93 info.attrs.pin.flags = flags; 94 info.attrs.pin.pad_char = pad_char; 93 95 info.tries_left = tries_left; 94 info.magic = SC_PKCS15_PIN_MAGIC;95 info.pad_char = pad_char;96 96 97 97 if (path) 98 98 info.path = *path; 99 99 if (type == SC_PKCS15_PIN_TYPE_BCD) 100 info. stored_length /= 2;100 info.attrs.pin.stored_length /= 2; 101 101 102 102 strlcpy(obj.label, label, sizeof(obj.label)); -
src/libopensc/pkcs15-atrust-acos.c
rf5a21e4 rd888b3f 221 221 /* set pins */ 222 222 for (i = 0; pins[i].label; i++) { 223 struct sc_pkcs15_ pin_info pin_info;223 struct sc_pkcs15_auth_info pin_info; 224 224 struct sc_pkcs15_object pin_obj; 225 225 … … 228 228 229 229 sc_pkcs15_format_id(pins[i].id, &pin_info.auth_id); 230 pin_info.reference = pins[i].ref; 231 pin_info.flags = pins[i].flags; 232 pin_info.type = pins[i].type; 233 pin_info.min_length = pins[i].minlen; 234 pin_info.stored_length = pins[i].storedlen; 235 pin_info.max_length = pins[i].maxlen; 236 pin_info.pad_char = pins[i].pad_char; 230 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 231 pin_info.attrs.pin.reference = pins[i].ref; 232 pin_info.attrs.pin.flags = pins[i].flags; 233 pin_info.attrs.pin.type = pins[i].type; 234 pin_info.attrs.pin.min_length = pins[i].minlen; 235 pin_info.attrs.pin.stored_length = pins[i].storedlen; 236 pin_info.attrs.pin.max_length = pins[i].maxlen; 237 pin_info.attrs.pin.pad_char = pins[i].pad_char; 237 238 sc_format_path(pins[i].path, &pin_info.path); 238 239 pin_info.tries_left = -1; -
src/libopensc/pkcs15-esteid.c
r5f1b3a2 rd888b3f 174 174 static const int esteid_pin_flags[3] = {0, 0, SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN}; 175 175 176 struct sc_pkcs15_ pin_info pin_info;176 struct sc_pkcs15_auth_info pin_info; 177 177 struct sc_pkcs15_object pin_obj; 178 178 … … 188 188 pin_info.auth_id.len = 1; 189 189 pin_info.auth_id.value[0] = esteid_pin_authid[i]; 190 pin_info.reference = esteid_pin_ref[i]; 191 pin_info.flags = esteid_pin_flags[i]; 192 pin_info.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 193 pin_info.min_length = esteid_pin_min[i]; 194 pin_info.stored_length = 12; 195 pin_info.max_length = 12; 196 pin_info.pad_char = '\0'; 190 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 191 pin_info.attrs.pin.reference = esteid_pin_ref[i]; 192 pin_info.attrs.pin.flags = esteid_pin_flags[i]; 193 pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 194 pin_info.attrs.pin.min_length = esteid_pin_min[i]; 195 pin_info.attrs.pin.stored_length = 12; 196 pin_info.attrs.pin.max_length = 12; 197 pin_info.attrs.pin.pad_char = '\0'; 197 198 pin_info.tries_left = (int)tries_left; 198 199 pin_info.max_tries = 3; -
src/libopensc/pkcs15-gemsafeGPK.c
r0f2a44b rd888b3f 431 431 432 432 for (i = 0; pins[i].label; i++) { 433 struct sc_pkcs15_ pin_info pin_info;433 struct sc_pkcs15_auth_info pin_info; 434 434 struct sc_pkcs15_object pin_obj; 435 435 … … 438 438 439 439 sc_pkcs15_format_id(pins[i].id, &pin_info.auth_id); 440 pin_info.reference = pins[i].ref; 441 pin_info.flags = pins[i].flags; 442 pin_info.type = pins[i].type; 443 pin_info.min_length = pins[i].minlen; 444 pin_info.stored_length = pins[i].storedlen; 445 pin_info.max_length = pins[i].maxlen; 446 pin_info.pad_char = pins[i].pad_char; 440 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 441 pin_info.attrs.pin.reference = pins[i].ref; 442 pin_info.attrs.pin.flags = pins[i].flags; 443 pin_info.attrs.pin.type = pins[i].type; 444 pin_info.attrs.pin.min_length = pins[i].minlen; 445 pin_info.attrs.pin.stored_length = pins[i].storedlen; 446 pin_info.attrs.pin.max_length = pins[i].maxlen; 447 pin_info.attrs.pin.pad_char = pins[i].pad_char; 447 448 sc_format_path(pins[i].path, &pin_info.path); 448 449 pin_info.path.value[2] = dfpath >> 8; -
src/libopensc/pkcs15-gemsafeV1.c
r3169f14 rd888b3f 433 433 int flags, int tries_left, const char pad_char, int obj_flags) 434 434 { 435 sc_pkcs15_ pin_info_t *info;435 sc_pkcs15_auth_info_t *info; 436 436 437 437 info = calloc(1, sizeof(*info)); 438 info->auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 438 439 info->auth_id = *id; 439 info->min_length = min_length; 440 info->max_length = max_length; 441 info->stored_length = max_length; 442 info->type = type; 443 info->reference = ref; 444 info->flags = flags; 440 info->attrs.pin.min_length = min_length; 441 info->attrs.pin.max_length = max_length; 442 info->attrs.pin.stored_length = max_length; 443 info->attrs.pin.type = type; 444 info->attrs.pin.reference = ref; 445 info->attrs.pin.flags = flags; 446 info->attrs.pin.pad_char = pad_char; 445 447 info->tries_left = tries_left; 446 info->magic = SC_PKCS15_PIN_MAGIC;447 info->pad_char = pad_char;448 448 449 449 if (path) -
src/libopensc/pkcs15-infocamere.c
ra576582 rd888b3f 73 73 int flags, int tries_left, const char pad_char, int obj_flags) 74 74 { 75 sc_pkcs15_ pin_info_t info;75 sc_pkcs15_auth_info_t info; 76 76 sc_pkcs15_object_t obj; 77 77 … … 79 79 memset(&obj, 0, sizeof(obj)); 80 80 81 info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 81 82 info.auth_id = *id; 82 info.min_length = min_length; 83 info.max_length = max_length; 84 info.stored_length = max_length; 85 info.type = type; 86 info.reference = ref; 87 info.flags = flags; 83 info.attrs.pin.min_length = min_length; 84 info.attrs.pin.max_length = max_length; 85 info.attrs.pin.stored_length = max_length; 86 info.attrs.pin.type = type; 87 info.attrs.pin.reference = ref; 88 info.attrs.pin.flags = flags; 89 info.attrs.pin.pad_char = pad_char; 88 90 info.tries_left = tries_left; 89 info.magic = SC_PKCS15_PIN_MAGIC;90 info.pad_char = pad_char;91 91 92 92 if (path) 93 93 info.path = *path; 94 94 if (type == SC_PKCS15_PIN_TYPE_BCD) 95 info. stored_length /= 2;95 info.attrs.pin.stored_length /= 2; 96 96 97 97 strlcpy(obj.label, label, sizeof(obj.label)); -
src/libopensc/pkcs15-itacns.c
rb435f60 rd888b3f 345 345 int flags) 346 346 { 347 struct sc_pkcs15_ pin_info pin_info;347 struct sc_pkcs15_auth_info pin_info; 348 348 struct sc_pkcs15_object pin_obj; 349 349 … … 351 351 352 352 memset(&pin_info, 0, sizeof(pin_info)); 353 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 353 354 pin_info.auth_id.len = 1; 354 355 pin_info.auth_id.value[0] = id; 355 pin_info. reference = reference;356 pin_info. flags = flags;357 pin_info. type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC;358 pin_info. min_length = 5;359 pin_info. stored_length = 8;360 pin_info. max_length = 8;361 pin_info. pad_char = 0xff;356 pin_info.attrs.pin.reference = reference; 357 pin_info.attrs.pin.flags = flags; 358 pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 359 pin_info.attrs.pin.min_length = 5; 360 pin_info.attrs.pin.stored_length = 8; 361 pin_info.attrs.pin.max_length = 8; 362 pin_info.attrs.pin.pad_char = 0xff; 362 363 if(path) 363 364 pin_info.path = *path; -
src/libopensc/pkcs15-oberthur.c
rf026db6 rd888b3f 295 295 struct sc_pkcs15_object *objs[0x10], *pin_obj = NULL; 296 296 const struct sc_acl_entry *acl = sc_file_get_acl_entry(file, SC_AC_OP_READ); 297 struct sc_pkcs15_pin_info *pinfo = NULL;298 297 int ii; 299 298 … … 302 301 303 302 for (ii=0; ii<rv; ii++) { 304 pinfo = (struct sc_pkcs15_pin_info *) objs[ii]->data;303 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) objs[ii]->data; 305 304 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "compare PIN/ACL refs:%i/%i, method:%i/%i", 306 pinfo->reference, acl->key_ref, pinfo->auth_method, acl->method);307 if ( pinfo->reference == (int)acl->key_ref && pinfo->auth_method == (unsigned)acl->method) {305 auth_info->attrs.pin.reference, acl->key_ref, auth_info->auth_method, acl->method); 306 if (auth_info->attrs.pin.reference == (int)acl->key_ref && auth_info->auth_method == (unsigned)acl->method) { 308 307 pin_obj = objs[ii]; 309 308 break; … … 912 911 { 913 912 struct sc_context *ctx = p15card->card->ctx; 914 struct sc_pkcs15_ pin_infoinfo;913 struct sc_pkcs15_auth_info auth_info; 915 914 struct sc_pkcs15_object obj; 916 915 struct sc_card *card = p15card->card; … … 943 942 944 943 /* add PIN */ 945 memset(& info, 0, sizeof(info));944 memset(&auth_info, 0, sizeof(auth_info)); 946 945 memset(&obj, 0, sizeof(obj)); 947 948 info.auth_id.len = 1; 949 info.auth_id.value[0] = 0xFF; 950 info.min_length = 4; 951 info.max_length = 64; 952 info.stored_length = 64; 953 info.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 954 info.reference = sopin_reference; 955 info.tries_left = tries_left; 956 info.auth_method = SC_AC_CHV; 957 info.magic = SC_PKCS15_PIN_MAGIC; 958 info.pad_char = 0xFF; 959 info.flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE 946 947 auth_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 948 auth_info.auth_method = SC_AC_CHV; 949 auth_info.auth_id.len = 1; 950 auth_info.auth_id.value[0] = 0xFF; 951 auth_info.attrs.pin.min_length = 4; 952 auth_info.attrs.pin.max_length = 64; 953 auth_info.attrs.pin.stored_length = 64; 954 auth_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 955 auth_info.attrs.pin.reference = sopin_reference; 956 auth_info.attrs.pin.pad_char = 0xFF; 957 auth_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE 960 958 | SC_PKCS15_PIN_FLAG_INITIALIZED 961 959 | SC_PKCS15_PIN_FLAG_NEEDS_PADDING 962 960 | SC_PKCS15_PIN_FLAG_SO_PIN; 961 auth_info.tries_left = tries_left; 963 962 964 963 strncpy(obj.label, "SO PIN", SC_PKCS15_MAX_LABEL_SIZE-1); … … 966 965 967 966 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Add PIN(%s,auth_id:%s,reference:%i)", obj.label, 968 sc_pkcs15_print_id(& info.auth_id), info.reference);969 rv = sc_pkcs15emu_add_pin_obj(p15card, &obj, & info);967 sc_pkcs15_print_id(&auth_info.auth_id), auth_info.attrs.pin.reference); 968 rv = sc_pkcs15emu_add_pin_obj(p15card, &obj, &auth_info); 970 969 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Oberthur init failed: cannot add PIN object"); 971 970 … … 974 973 if (rv == SC_ERROR_PIN_CODE_INCORRECT) { 975 974 /* add PIN */ 976 memset(& info, 0, sizeof(info));975 memset(&auth_info, 0, sizeof(auth_info)); 977 976 memset(&obj, 0, sizeof(obj)); 978 977 979 info.auth_id.len = sizeof(PinDomainID) > sizeof(info.auth_id.value) 980 ? sizeof(info.auth_id.value) : sizeof(PinDomainID); 981 memcpy(info.auth_id.value, PinDomainID, info.auth_id.len); 982 983 info.min_length = 4; 984 info.max_length = 64; 985 info.stored_length = 64; 986 info.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 987 info.reference = 0x81; 988 info.auth_method = SC_AC_CHV; 989 info.tries_left = tries_left; 990 info.magic = SC_PKCS15_PIN_MAGIC; 991 info.pad_char = 0xFF; 992 info.flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE 978 auth_info.auth_id.len = sizeof(PinDomainID) > sizeof(auth_info.auth_id.value) 979 ? sizeof(auth_info.auth_id.value) : sizeof(PinDomainID); 980 memcpy(auth_info.auth_id.value, PinDomainID, auth_info.auth_id.len); 981 auth_info.auth_method = SC_AC_CHV; 982 983 auth_info.attrs.pin.min_length = 4; 984 auth_info.attrs.pin.max_length = 64; 985 auth_info.attrs.pin.stored_length = 64; 986 auth_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 987 auth_info.attrs.pin.reference = 0x81; 988 auth_info.attrs.pin.pad_char = 0xFF; 989 auth_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE 993 990 | SC_PKCS15_PIN_FLAG_INITIALIZED 994 991 | SC_PKCS15_PIN_FLAG_NEEDS_PADDING 995 992 | SC_PKCS15_PIN_FLAG_LOCAL; 993 auth_info.tries_left = tries_left; 996 994 997 995 strncpy(obj.label, PIN_DOMAIN_LABEL, SC_PKCS15_MAX_LABEL_SIZE-1); 998 996 obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE; 999 997 1000 sc_format_path(AWP_PIN_DF, & info.path);1001 info.path.type = SC_PATH_TYPE_PATH;998 sc_format_path(AWP_PIN_DF, &auth_info.path); 999 auth_info.path.type = SC_PATH_TYPE_PATH; 1002 1000 1003 1001 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Add PIN(%s,auth_id:%s,reference:%i)", obj.label, 1004 sc_pkcs15_print_id(& info.auth_id), info.reference);1005 rv = sc_pkcs15emu_add_pin_obj(p15card, &obj, & info);1002 sc_pkcs15_print_id(&auth_info.auth_id), auth_info.attrs.pin.reference); 1003 rv = sc_pkcs15emu_add_pin_obj(p15card, &obj, &auth_info); 1006 1004 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Oberthur init failed: cannot add PIN object"); 1007 1005 } -
src/libopensc/pkcs15-openpgp.c
rf8fc900 rd888b3f 127 127 unsigned int flags; 128 128 129 struct sc_pkcs15_ pin_info pin_info;129 struct sc_pkcs15_auth_info pin_info; 130 130 struct sc_pkcs15_object pin_obj; 131 131 … … 141 141 } 142 142 143 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 143 144 pin_info.auth_id.len = 1; 144 145 pin_info.auth_id.value[0] = i + 1; 145 pin_info. reference = i + 1;146 pin_info. flags = flags;147 pin_info. type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC;148 pin_info. min_length = 0;149 pin_info. stored_length = buffer[1+i];150 pin_info. max_length = buffer[1+i];151 pin_info. pad_char = '\0';146 pin_info.attrs.pin.reference = i + 1; 147 pin_info.attrs.pin.flags = flags; 148 pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 149 pin_info.attrs.pin.min_length = 0; 150 pin_info.attrs.pin.stored_length = buffer[1+i]; 151 pin_info.attrs.pin.max_length = buffer[1+i]; 152 pin_info.attrs.pin.pad_char = '\0'; 152 153 sc_format_path("3F00", &pin_info.path); 153 154 pin_info.tries_left = buffer[4+i]; -
src/libopensc/pkcs15-pin.c
r3442649 rd888b3f 60 60 { 61 61 sc_context_t *ctx = p15card->card->ctx; 62 struct sc_pkcs15_ pin_info info;62 struct sc_pkcs15_auth_info info; 63 63 int r; 64 size_t flags_len = sizeof(info. flags);64 size_t flags_len = sizeof(info.attrs.pin.flags); 65 65 size_t padchar_len = 1; 66 66 struct sc_asn1_entry asn1_com_ao_attr[2], asn1_pin_attr[10], asn1_type_pin_attr[2]; … … 78 78 sc_format_asn1_entry(asn1_type_pin_attr + 0, asn1_pin_attr, NULL, 0); 79 79 80 sc_format_asn1_entry(asn1_pin_attr + 0, &info. flags, &flags_len, 0);81 sc_format_asn1_entry(asn1_pin_attr + 1, &info. type, NULL, 0);82 sc_format_asn1_entry(asn1_pin_attr + 2, &info. min_length, NULL, 0);83 sc_format_asn1_entry(asn1_pin_attr + 3, &info. stored_length, NULL, 0);84 sc_format_asn1_entry(asn1_pin_attr + 4, &info. max_length, NULL, 0);85 sc_format_asn1_entry(asn1_pin_attr + 5, &info. reference, NULL, 0);86 sc_format_asn1_entry(asn1_pin_attr + 6, &info. pad_char, &padchar_len, 0);80 sc_format_asn1_entry(asn1_pin_attr + 0, &info.attrs.pin.flags, &flags_len, 0); 81 sc_format_asn1_entry(asn1_pin_attr + 1, &info.attrs.pin.type, NULL, 0); 82 sc_format_asn1_entry(asn1_pin_attr + 2, &info.attrs.pin.min_length, NULL, 0); 83 sc_format_asn1_entry(asn1_pin_attr + 3, &info.attrs.pin.stored_length, NULL, 0); 84 sc_format_asn1_entry(asn1_pin_attr + 4, &info.attrs.pin.max_length, NULL, 0); 85 sc_format_asn1_entry(asn1_pin_attr + 5, &info.attrs.pin.reference, NULL, 0); 86 sc_format_asn1_entry(asn1_pin_attr + 6, &info.attrs.pin.pad_char, &padchar_len, 0); 87 87 /* We don't support lastPinChange yet. */ 88 88 sc_format_asn1_entry(asn1_pin_attr + 8, &info.path, NULL, 0); … … 92 92 /* Fill in defaults */ 93 93 memset(&info, 0, sizeof(info)); 94 info. reference = 0;94 info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 95 95 info.tries_left = -1; 96 96 … … 99 99 return r; 100 100 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, "ASN.1 decoding failed"); 101 info.magic = SC_PKCS15_PIN_MAGIC; 101 102 102 obj->type = SC_PKCS15_TYPE_AUTH_PIN; 103 103 obj->data = malloc(sizeof(info)); 104 104 if (obj->data == NULL) 105 105 SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY); 106 if (info.max_length == 0) { 106 107 if (info.attrs.pin.max_length == 0) { 107 108 if (p15card->card->max_pin_len != 0) 108 info. max_length = p15card->card->max_pin_len;109 else if (info. stored_length != 0)110 info. max_length = info.type != SC_PKCS15_PIN_TYPE_BCD ?111 info. stored_length : 2 * info.stored_length;109 info.attrs.pin.max_length = p15card->card->max_pin_len; 110 else if (info.attrs.pin.stored_length != 0) 111 info.attrs.pin.max_length = info.attrs.pin.type != SC_PKCS15_PIN_TYPE_BCD ? 112 info.attrs.pin.stored_length : 2 * info.attrs.pin.stored_length; 112 113 else 113 info. max_length = 8; /* shouldn't happen */114 info.attrs.pin.max_length = 8; /* shouldn't happen */ 114 115 } 115 116 … … 119 120 The same invalid encoding has some models of the proprietary PKCS#15 cards. 120 121 */ 121 if (info. reference < 0)122 info. reference += 256;122 if (info.attrs.pin.reference < 0) 123 info.attrs.pin.reference += 256; 123 124 124 125 info.auth_method = SC_AC_CHV; 125 126 126 if (info. flags & SC_PKCS15_PIN_FLAG_LOCAL) {127 if (info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_LOCAL) { 127 128 /* In OpenSC pkcs#15 framework 'path' is mandatory for the 'Local' PINs. 128 129 * If 'path' do not present in PinAttributes, … … 136 137 } 137 138 } 138 sc_debug(ctx, SC_LOG_DEBUG_ASN1, "decoded PIN(ref:%X,path:%s)", info. reference, sc_print_path(&info.path));139 sc_debug(ctx, SC_LOG_DEBUG_ASN1, "decoded PIN(ref:%X,path:%s)", info.attrs.pin.reference, sc_print_path(&info.path)); 139 140 140 141 memcpy(obj->data, &info, sizeof(info)); … … 148 149 struct sc_asn1_entry asn1_com_ao_attr[2], asn1_pin_attr[10], asn1_type_pin_attr[2]; 149 150 struct sc_asn1_entry asn1_pin[2]; 150 struct sc_pkcs15_pin_info *pin = 151 (struct sc_pkcs15_pin_info *) obj->data; 151 struct sc_pkcs15_auth_info *info = (struct sc_pkcs15_auth_info *) obj->data; 152 152 struct sc_asn1_pkcs15_object pin_obj = { (struct sc_pkcs15_object *) obj, 153 153 asn1_com_ao_attr, NULL, asn1_type_pin_attr }; … … 156 156 size_t padchar_len = 1; 157 157 158 if (info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 159 return SC_ERROR_NOT_SUPPORTED; 160 158 161 sc_copy_asn1_entry(c_asn1_pin, asn1_pin); 159 162 sc_copy_asn1_entry(c_asn1_type_pin_attr, asn1_type_pin_attr); … … 165 168 sc_format_asn1_entry(asn1_type_pin_attr + 0, asn1_pin_attr, NULL, 1); 166 169 167 flags_len = sizeof( pin->flags);168 sc_format_asn1_entry(asn1_pin_attr + 0, & pin->flags, &flags_len, 1);169 sc_format_asn1_entry(asn1_pin_attr + 1, & pin->type, NULL, 1);170 sc_format_asn1_entry(asn1_pin_attr + 2, & pin->min_length, NULL, 1);171 sc_format_asn1_entry(asn1_pin_attr + 3, & pin->stored_length, NULL, 1);172 if ( pin->max_length > 0)173 sc_format_asn1_entry(asn1_pin_attr + 4, & pin->max_length, NULL, 1);174 if ( pin->reference >= 0)175 sc_format_asn1_entry(asn1_pin_attr + 5, & pin->reference, NULL, 1);170 flags_len = sizeof(info->attrs.pin.flags); 171 sc_format_asn1_entry(asn1_pin_attr + 0, &info->attrs.pin.flags, &flags_len, 1); 172 sc_format_asn1_entry(asn1_pin_attr + 1, &info->attrs.pin.type, NULL, 1); 173 sc_format_asn1_entry(asn1_pin_attr + 2, &info->attrs.pin.min_length, NULL, 1); 174 sc_format_asn1_entry(asn1_pin_attr + 3, &info->attrs.pin.stored_length, NULL, 1); 175 if (info->attrs.pin.max_length > 0) 176 sc_format_asn1_entry(asn1_pin_attr + 4, &info->attrs.pin.max_length, NULL, 1); 177 if (info->attrs.pin.reference >= 0) 178 sc_format_asn1_entry(asn1_pin_attr + 5, &info->attrs.pin.reference, NULL, 1); 176 179 /* FIXME: check if pad_char present */ 177 sc_format_asn1_entry(asn1_pin_attr + 6, &pin->pad_char, &padchar_len, 1); 178 sc_format_asn1_entry(asn1_pin_attr + 8, &pin->path, NULL, pin->path.len ? 1 : 0); 179 180 sc_format_asn1_entry(asn1_com_ao_attr + 0, &pin->auth_id, NULL, 1); 181 182 assert(pin->magic == SC_PKCS15_PIN_MAGIC); 180 sc_format_asn1_entry(asn1_pin_attr + 6, &info->attrs.pin.pad_char, &padchar_len, 1); 181 sc_format_asn1_entry(asn1_pin_attr + 8, &info->path, NULL, info->path.len ? 1 : 0); 182 183 sc_format_asn1_entry(asn1_com_ao_attr + 0, &info->auth_id, NULL, 1); 184 183 185 r = sc_asn1_encode(ctx, asn1_pin, buf, buflen); 184 186 … … 187 189 188 190 static int _validate_pin(struct sc_pkcs15_card *p15card, 189 struct sc_pkcs15_ pin_info *pin,191 struct sc_pkcs15_auth_info *auth_info, 190 192 size_t pinlen) 191 193 { … … 193 195 assert(p15card != NULL); 194 196 195 if (pin->magic != SC_PKCS15_PIN_MAGIC) 196 return SC_ERROR_OBJECT_NOT_VALID; 197 197 /* Ignore validation of the non-PIN authentication objects */ 198 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 199 return SC_SUCCESS; 200 198 201 /* prevent buffer overflow from hostile card */ 199 if ( pin->stored_length > SC_MAX_PIN_SIZE)202 if (auth_info->attrs.pin.stored_length > SC_MAX_PIN_SIZE) 200 203 return SC_ERROR_BUFFER_TOO_SMALL; 201 204 … … 205 208 206 209 /* If pin is given, make sure it is within limits */ 207 max_length = pin->max_length != 0 ? pin->max_length : SC_MAX_PIN_SIZE;208 if (pinlen > max_length || pinlen < pin->min_length)210 max_length = auth_info->attrs.pin.max_length != 0 ? auth_info->attrs.pin.max_length : SC_MAX_PIN_SIZE; 211 if (pinlen > max_length || pinlen < auth_info->attrs.pin.min_length) 209 212 return SC_ERROR_INVALID_PIN_LENGTH; 210 213 … … 224 227 { 225 228 struct sc_context *ctx = p15card->card->ctx; 226 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *)pin_obj->data;229 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; 227 230 int r; 228 231 sc_card_t *card; … … 232 235 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "PIN(%p;len:%i)", pincode, pinlen); 233 236 234 r = _validate_pin(p15card, pin_info, pinlen); 237 /* TODO: verify other authentication objects */ 238 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 239 return SC_ERROR_NOT_SUPPORTED; 240 241 r = _validate_pin(p15card, auth_info, pinlen); 235 242 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, "PIN value do not conforms the PIN policy"); 236 243 … … 240 247 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, "sc_lock() failed"); 241 248 /* the path in the pin object is optional */ 242 if ( pin_info->path.len > 0) {243 r = sc_select_file(card, & pin_info->path, NULL);249 if (auth_info->path.len > 0) { 250 r = sc_select_file(card, &auth_info->path, NULL); 244 251 if (r) 245 252 goto out; … … 249 256 memset(&data, 0, sizeof(data)); 250 257 data.cmd = SC_PIN_CMD_VERIFY; 251 data.pin_type = pin_info->auth_method;252 data.pin_reference = pin_info->reference;253 data.pin1.min_length = pin_info->min_length;254 data.pin1.max_length = pin_info->max_length;255 data.pin1.pad_length = pin_info->stored_length;256 data.pin1.pad_char = pin_info->pad_char;258 data.pin_type = auth_info->auth_method; 259 data.pin_reference = auth_info->attrs.pin.reference; 260 data.pin1.min_length = auth_info->attrs.pin.min_length; 261 data.pin1.max_length = auth_info->attrs.pin.max_length; 262 data.pin1.pad_length = auth_info->attrs.pin.stored_length; 263 data.pin1.pad_char = auth_info->attrs.pin.pad_char; 257 264 data.pin1.data = pincode; 258 265 data.pin1.len = pinlen; 259 266 260 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_NEEDS_PADDING)267 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_NEEDS_PADDING) 261 268 data.flags |= SC_PIN_CMD_NEED_PADDING; 262 269 263 switch ( pin_info->type) {270 switch (auth_info->attrs.pin.type) { 264 271 case SC_PKCS15_PIN_TYPE_BCD: 265 272 data.pin1.encoding = SC_PIN_ENCODING_BCD; … … 276 283 if (!pincode && !pinlen) 277 284 data.flags |= SC_PIN_CMD_USE_PINPAD; 278 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)285 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 279 286 data.pin1.prompt = "Please enter SO PIN"; 280 287 else … … 282 289 } 283 290 284 r = sc_pin_cmd(card, &data, & pin_info->tries_left);291 r = sc_pin_cmd(card, &data, &auth_info->tries_left); 285 292 if (r == SC_SUCCESS) 286 293 sc_pkcs15_pincache_add(p15card, pin_obj, pincode, pinlen); … … 301 308 sc_card_t *card; 302 309 struct sc_pin_cmd_data data; 303 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *)pin_obj->data;310 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; 304 311 312 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 313 return SC_ERROR_NOT_SUPPORTED; 314 305 315 /* make sure the pins are in valid range */ 306 if ((r = _validate_pin(p15card, pin_info, oldpinlen)) != SC_SUCCESS)316 if ((r = _validate_pin(p15card, auth_info, oldpinlen)) != SC_SUCCESS) 307 317 return r; 308 if ((r = _validate_pin(p15card, pin_info, newpinlen)) != SC_SUCCESS)318 if ((r = _validate_pin(p15card, auth_info, newpinlen)) != SC_SUCCESS) 309 319 return r; 310 320 … … 313 323 SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "sc_lock() failed"); 314 324 /* the path in the pin object is optional */ 315 if ( pin_info->path.len > 0) {316 r = sc_select_file(card, & pin_info->path, NULL);325 if (auth_info->path.len > 0) { 326 r = sc_select_file(card, &auth_info->path, NULL); 317 327 if (r) 318 328 goto out; … … 323 333 data.cmd = SC_PIN_CMD_CHANGE; 324 334 data.pin_type = SC_AC_CHV; 325 data.pin_reference = pin_info->reference;335 data.pin_reference = auth_info->attrs.pin.reference; 326 336 data.pin1.data = oldpin; 327 337 data.pin1.len = oldpinlen; 328 data.pin1.pad_char = pin_info->pad_char;329 data.pin1.min_length = pin_info->min_length;330 data.pin1.max_length = pin_info->max_length;331 data.pin1.pad_length = pin_info->stored_length;338 data.pin1.pad_char = auth_info->attrs.pin.pad_char; 339 data.pin1.min_length = auth_info->attrs.pin.min_length; 340 data.pin1.max_length = auth_info->attrs.pin.max_length; 341 data.pin1.pad_length = auth_info->attrs.pin.stored_length; 332 342 data.pin2.data = newpin; 333 343 data.pin2.len = newpinlen; 334 data.pin2.pad_char = pin_info->pad_char;335 data.pin2.min_length = pin_info->min_length;336 data.pin2.max_length = pin_info->max_length;337 data.pin2.pad_length = pin_info->stored_length;338 339 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_NEEDS_PADDING)344 data.pin2.pad_char = auth_info->attrs.pin.pad_char; 345 data.pin2.min_length = auth_info->attrs.pin.min_length; 346 data.pin2.max_length = auth_info->attrs.pin.max_length; 347 data.pin2.pad_length = auth_info->attrs.pin.stored_length; 348 349 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_NEEDS_PADDING) 340 350 data.flags |= SC_PIN_CMD_NEED_PADDING; 341 351 342 switch ( pin_info->type) {352 switch (auth_info->attrs.pin.type) { 343 353 case SC_PKCS15_PIN_TYPE_BCD: 344 354 data.pin1.encoding = SC_PIN_ENCODING_BCD; … … 354 364 && p15card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) { 355 365 data.flags |= SC_PIN_CMD_USE_PINPAD; 356 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {366 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 357 367 data.pin1.prompt = "Please enter SO PIN"; 358 368 data.pin2.prompt = "Please enter new SO PIN"; … … 363 373 } 364 374 365 r = sc_pin_cmd(card, &data, & pin_info->tries_left);375 r = sc_pin_cmd(card, &data, &auth_info->tries_left); 366 376 if (r == SC_SUCCESS) 367 377 sc_pkcs15_pincache_add(p15card, pin_obj, newpin, newpinlen); … … 384 394 struct sc_pin_cmd_data data; 385 395 struct sc_pkcs15_object *puk_obj; 386 struct sc_pkcs15_pin_info *puk_info = NULL; 387 struct sc_pkcs15_pin_info *pin_info = (struct sc_pkcs15_pin_info *)pin_obj->data; 396 struct sc_pkcs15_auth_info *puk_info = NULL; 397 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; 398 399 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 400 return SC_ERROR_NOT_SUPPORTED; 388 401 389 402 /* make sure the pins are in valid range */ 390 if ((r = _validate_pin(p15card, pin_info, newpinlen)) != SC_SUCCESS)403 if ((r = _validate_pin(p15card, auth_info, newpinlen)) != SC_SUCCESS) 391 404 return r; 392 405 … … 400 413 if (r >= 0 && puk_obj) { 401 414 /* second step: get the pkcs15 info object of the puk */ 402 puk_info = (struct sc_pkcs15_ pin_info *)puk_obj->data;415 puk_info = (struct sc_pkcs15_auth_info *)puk_obj->data; 403 416 } 404 417 if (!puk_info) { 405 418 sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Unable to get puk object, using pin object instead!"); 406 puk_info = pin_info;419 puk_info = auth_info; 407 420 } 408 421 … … 414 427 SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "sc_lock() failed"); 415 428 /* the path in the pin object is optional */ 416 if ( pin_info->path.len > 0) {417 r = sc_select_file(card, & pin_info->path, NULL);429 if (auth_info->path.len > 0) { 430 r = sc_select_file(card, &auth_info->path, NULL); 418 431 if (r) 419 432 goto out; … … 424 437 data.cmd = SC_PIN_CMD_UNBLOCK; 425 438 data.pin_type = SC_AC_CHV; 426 data.pin_reference = pin_info->reference;439 data.pin_reference = auth_info->attrs.pin.reference; 427 440 data.pin1.data = puk; 428 441 data.pin1.len = puklen; 429 data.pin1.pad_char = pin_info->pad_char;430 data.pin1.min_length = pin_info->min_length;431 data.pin1.max_length = pin_info->max_length;432 data.pin1.pad_length = pin_info->stored_length;442 data.pin1.pad_char = auth_info->attrs.pin.pad_char; 443 data.pin1.min_length = auth_info->attrs.pin.min_length; 444 data.pin1.max_length = auth_info->attrs.pin.max_length; 445 data.pin1.pad_length = auth_info->attrs.pin.stored_length; 433 446 data.pin2.data = newpin; 434 447 data.pin2.len = newpinlen; 435 data.pin2.pad_char = puk_info-> pad_char;436 data.pin2.min_length = puk_info-> min_length;437 data.pin2.max_length = puk_info-> max_length;438 data.pin2.pad_length = puk_info-> stored_length;439 440 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_NEEDS_PADDING)448 data.pin2.pad_char = puk_info->attrs.pin.pad_char; 449 data.pin2.min_length = puk_info->attrs.pin.min_length; 450 data.pin2.max_length = puk_info->attrs.pin.max_length; 451 data.pin2.pad_length = puk_info->attrs.pin.stored_length; 452 453 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_NEEDS_PADDING) 441 454 data.flags |= SC_PIN_CMD_NEED_PADDING; 442 455 443 switch ( pin_info->type) {456 switch (auth_info->attrs.pin.type) { 444 457 case SC_PKCS15_PIN_TYPE_BCD: 445 458 data.pin1.encoding = SC_PIN_ENCODING_BCD; … … 450 463 } 451 464 452 switch (puk_info-> type) {465 switch (puk_info->attrs.pin.type) { 453 466 case SC_PKCS15_PIN_TYPE_BCD: 454 467 data.pin2.encoding = SC_PIN_ENCODING_BCD; … … 461 474 if(p15card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) { 462 475 data.flags |= SC_PIN_CMD_USE_PINPAD; 463 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {476 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 464 477 data.pin1.prompt = "Please enter PUK"; 465 478 data.pin2.prompt = "Please enter new SO PIN"; … … 470 483 } 471 484 472 r = sc_pin_cmd(card, &data, & pin_info->tries_left);485 r = sc_pin_cmd(card, &data, &auth_info->tries_left); 473 486 if (r == SC_SUCCESS) 474 487 sc_pkcs15_pincache_add(p15card, pin_obj, newpin, newpinlen); … … 479 492 } 480 493 481 void sc_pkcs15_free_ pin_info(sc_pkcs15_pin_info_t *pin)482 { 483 free( pin);494 void sc_pkcs15_free_auth_info(sc_pkcs15_auth_info_t *auth_info) 495 { 496 free(auth_info); 484 497 } 485 498 … … 490 503 { 491 504 struct sc_context *ctx = p15card->card->ctx; 492 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *)pin_obj->data;505 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; 493 506 struct sc_pkcs15_object *obj = NULL; 494 507 int r; … … 510 523 * "CommonObjectAttributes.accessControlRules" are not taken into account. */ 511 524 512 if (sc_pkcs15_compare_id(&obj->auth_id, & pin_info->auth_id)) {525 if (sc_pkcs15_compare_id(&obj->auth_id, &auth_info->auth_id)) { 513 526 /* Caching is refused, if the protected object requires user consent */ 514 527 if (obj->user_consent > 0) { -
src/libopensc/pkcs15-piv.c
ra9eba2b rd888b3f 764 764 sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "PIV-II adding pins..."); 765 765 for (i = 0; pins[i].label; i++) { 766 struct sc_pkcs15_ pin_info pin_info;766 struct sc_pkcs15_auth_info pin_info; 767 767 struct sc_pkcs15_object pin_obj; 768 768 const char * label; … … 772 772 memset(&pin_obj, 0, sizeof(pin_obj)); 773 773 774 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 774 775 sc_pkcs15_format_id(pins[i].id, &pin_info.auth_id); 775 pin_info. reference = pins[i].ref;776 pin_info. flags = pins[i].flags;777 pin_info. type = pins[i].type;778 pin_info. min_length = pins[i].minlen;779 pin_info. stored_length = pins[i].storedlen;780 pin_info. max_length = pins[i].maxlen;781 pin_info. pad_char = pins[i].pad_char;776 pin_info.attrs.pin.reference = pins[i].ref; 777 pin_info.attrs.pin.flags = pins[i].flags; 778 pin_info.attrs.pin.type = pins[i].type; 779 pin_info.attrs.pin.min_length = pins[i].minlen; 780 pin_info.attrs.pin.stored_length = pins[i].storedlen; 781 pin_info.attrs.pin.max_length = pins[i].maxlen; 782 pin_info.attrs.pin.pad_char = pins[i].pad_char; 782 783 sc_format_path(pins[i].path, &pin_info.path); 783 784 pin_info.tries_left = -1; … … 788 789 &pin_ref) == 0 && 789 790 pin_ref == 0x00) { /* must be 80 for PIV pin, or 00 for Global PIN */ 790 pin_info. reference = pin_ref;791 pin_info.attrs.pin.reference = pin_ref; 791 792 label = "Global PIN"; 792 793 } -
src/libopensc/pkcs15-postecert.c
r50f99a20 rd888b3f 68 68 int flags, int tries_left, const char pad_char, int obj_flags) 69 69 { 70 sc_pkcs15_ pin_info_t info;70 sc_pkcs15_auth_info_t info; 71 71 sc_pkcs15_object_t obj; 72 72 … … 75 75 76 76 info.auth_id = *id; 77 info.min_length = min_length; 78 info.max_length = max_length; 79 info.stored_length = max_length; 80 info.type = type; 81 info.reference = ref; 82 info.flags = flags; 77 info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 78 info.attrs.pin.min_length = min_length; 79 info.attrs.pin.max_length = max_length; 80 info.attrs.pin.stored_length = max_length; 81 info.attrs.pin.type = type; 82 info.attrs.pin.reference = ref; 83 info.attrs.pin.flags = flags; 84 info.attrs.pin.pad_char = pad_char; 83 85 info.tries_left = tries_left; 84 info.magic = SC_PKCS15_PIN_MAGIC;85 info.pad_char = pad_char;86 86 87 87 if (path) 88 88 info.path = *path; 89 89 if (type == SC_PKCS15_PIN_TYPE_BCD) 90 info. stored_length /= 2;90 info.attrs.pin.stored_length /= 2; 91 91 92 92 strlcpy(obj.label, label, sizeof(obj.label)); -
src/libopensc/pkcs15-pteid.c
r2a4cdd4 rd888b3f 152 152 static const char *pteid_pin_paths[2][3] = { {NULL, "3f005f00", NULL}, 153 153 {NULL, NULL, NULL} }; 154 struct sc_pkcs15_ pin_info pin_info;154 struct sc_pkcs15_auth_info pin_info; 155 155 struct sc_pkcs15_object pin_obj; 156 156 … … 158 158 memset(&pin_obj, 0, sizeof(pin_obj)); 159 159 160 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 160 161 pin_info.auth_id.len = 1; 161 162 pin_info.auth_id.value[0] = pteid_pin_authid[i]; 162 pin_info. reference = pteid_pin_ref[type][i];163 pin_info. flags = SC_PKCS15_PIN_FLAG_NEEDS_PADDING163 pin_info.attrs.pin.reference = pteid_pin_ref[type][i]; 164 pin_info.attrs.pin.flags = SC_PKCS15_PIN_FLAG_NEEDS_PADDING 164 165 | SC_PKCS15_PIN_FLAG_INITIALIZED 165 166 | SC_PKCS15_PIN_FLAG_CASE_SENSITIVE; 166 pin_info. type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC;167 pin_info. min_length = 4;168 pin_info. stored_length = 8;169 pin_info. max_length = 8;170 pin_info. pad_char = type == IAS_CARD ? 0x2F : 0xFF;167 pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 168 pin_info.attrs.pin.min_length = 4; 169 pin_info.attrs.pin.stored_length = 8; 170 pin_info.attrs.pin.max_length = 8; 171 pin_info.attrs.pin.pad_char = type == IAS_CARD ? 0x2F : 0xFF; 171 172 pin_info.tries_left = -1; 172 173 if (pteid_pin_paths[type][i] != NULL) -
src/libopensc/pkcs15-starcert.c
rf5a21e4 rd888b3f 204 204 /* set pins */ 205 205 for (i = 0; pins[i].label; i++) { 206 struct sc_pkcs15_ pin_info pin_info;206 struct sc_pkcs15_auth_info pin_info; 207 207 struct sc_pkcs15_object pin_obj; 208 208 … … 210 210 memset(&pin_obj, 0, sizeof(pin_obj)); 211 211 212 212 213 sc_pkcs15_format_id(pins[i].id, &pin_info.auth_id); 213 pin_info.reference = pins[i].ref; 214 pin_info.flags = pins[i].flags; 215 pin_info.type = pins[i].type; 216 pin_info.min_length = pins[i].minlen; 217 pin_info.stored_length = pins[i].storedlen; 218 pin_info.max_length = pins[i].maxlen; 219 pin_info.pad_char = pins[i].pad_char; 214 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 215 pin_info.attrs.pin.reference = pins[i].ref; 216 pin_info.attrs.pin.flags = pins[i].flags; 217 pin_info.attrs.pin.type = pins[i].type; 218 pin_info.attrs.pin.min_length = pins[i].minlen; 219 pin_info.attrs.pin.stored_length = pins[i].storedlen; 220 pin_info.attrs.pin.max_length = pins[i].maxlen; 221 pin_info.attrs.pin.pad_char = pins[i].pad_char; 220 222 sc_format_path(pins[i].path, &pin_info.path); 221 223 pin_info.tries_left = -1; -
src/libopensc/pkcs15-syn.c
r3169f14 rd888b3f 325 325 326 326 int sc_pkcs15emu_add_pin_obj(sc_pkcs15_card_t *p15card, 327 const sc_pkcs15_object_t *obj, const sc_pkcs15_ pin_info_t *in_pin)328 { 329 sc_pkcs15_ pin_info_t pin = *in_pin;330 331 pin. magic = SC_PKCS15_PIN_MAGIC;327 const sc_pkcs15_object_t *obj, const sc_pkcs15_auth_info_t *in_pin) 328 { 329 sc_pkcs15_auth_info_t pin = *in_pin; 330 331 pin.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 332 332 if(!pin.auth_method) /* or SC_AC_NONE */ 333 333 pin.auth_method = SC_AC_CHV; … … 413 413 case SC_PKCS15_TYPE_AUTH: 414 414 df_type = SC_PKCS15_AODF; 415 data_len = sizeof(struct sc_pkcs15_ pin_info);415 data_len = sizeof(struct sc_pkcs15_auth_info); 416 416 break; 417 417 case SC_PKCS15_TYPE_PRKEY: -
src/libopensc/pkcs15-tccardos.c
r7789948 rd888b3f 167 167 { 168 168 sc_pkcs15_object_t p15obj; 169 sc_pkcs15_ pin_info_t ainfo;169 sc_pkcs15_auth_info_t ainfo; 170 170 171 171 /* init data objects */ … … 175 175 ainfo.auth_id.value[0] = (u8)pinId; 176 176 ainfo.auth_id.len = 1; 177 ainfo.reference = (u8)pinId; 178 ainfo.flags = SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA; 177 ainfo.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 178 ainfo.attrs.pin.reference = (u8)pinId; 179 ainfo.attrs.pin.flags = SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA; 179 180 if ((key_descr & TC_CARDOS_PIN_MASK) == TC_CARDOS_LOCALPIN) 180 ainfo. flags |= SC_PKCS15_PIN_FLAG_LOCAL;181 ainfo. type = SC_PKCS15_PIN_TYPE_BCD; /* XXX */182 ainfo. min_length = 6; /* XXX */183 ainfo. stored_length = 8; /* XXX */184 ainfo. max_length = 8;185 ainfo. pad_char = 0;181 ainfo.attrs.pin.flags |= SC_PKCS15_PIN_FLAG_LOCAL; 182 ainfo.attrs.pin.type = SC_PKCS15_PIN_TYPE_BCD; /* XXX */ 183 ainfo.attrs.pin.min_length = 6; /* XXX */ 184 ainfo.attrs.pin.stored_length = 8; /* XXX */ 185 ainfo.attrs.pin.max_length = 8; 186 ainfo.attrs.pin.pad_char = 0; 186 187 ainfo.tries_left = 3; /* XXX */ 187 188 sc_format_path(TC_CARDOS_APP_DF, &ainfo.path); -
src/libopensc/pkcs15-tcos.c
rc97fc2e rd888b3f 190 190 sc_context_t *ctx=p15card->card->ctx; 191 191 sc_file_t *f; 192 struct sc_pkcs15_ pin_info pin_info;192 struct sc_pkcs15_auth_info pin_info; 193 193 struct sc_pkcs15_object pin_obj; 194 194 int r; … … 197 197 pin_info.auth_id.len = 1; 198 198 pin_info.auth_id.value[0] = id; 199 pin_info.reference = pin_reference; 200 pin_info.flags = pin_flags; 201 pin_info.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 202 pin_info.min_length = min_length; 203 pin_info.stored_length = 16; 204 pin_info.max_length = 16; 205 pin_info.pad_char = '\0'; 199 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 200 pin_info.attrs.pin.reference = pin_reference; 201 pin_info.attrs.pin.flags = pin_flags; 202 pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC; 203 pin_info.attrs.pin.min_length = min_length; 204 pin_info.attrs.pin.stored_length = 16; 205 pin_info.attrs.pin.max_length = 16; 206 pin_info.attrs.pin.pad_char = '\0'; 206 207 sc_format_path(path, &pin_info.path); 207 208 -
src/libopensc/pkcs15-westcos.c
rc9fae6f rd888b3f 73 73 for (i = 0; i < 1; i++) { 74 74 unsigned int flags; 75 struct sc_pkcs15_ pin_info pin_info;75 struct sc_pkcs15_auth_info pin_info; 76 76 struct sc_pkcs15_object pin_obj; 77 77 memset(&pin_info, 0, sizeof(pin_info)); … … 83 83 SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN; 84 84 } 85 pin_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 85 86 pin_info.auth_id.len = 1; 86 87 pin_info.auth_id.value[0] = i + 1; 87 pin_info. reference = i;88 pin_info. flags = flags;89 pin_info. type = SC_PKCS15_PIN_TYPE_BCD;90 pin_info. min_length = 4;91 pin_info. stored_length = 8;92 pin_info. max_length = 8;93 pin_info. pad_char = 0xff;88 pin_info.attrs.pin.reference = i; 89 pin_info.attrs.pin.flags = flags; 90 pin_info.attrs.pin.type = SC_PKCS15_PIN_TYPE_BCD; 91 pin_info.attrs.pin.min_length = 4; 92 pin_info.attrs.pin.stored_length = 8; 93 pin_info.attrs.pin.max_length = 8; 94 pin_info.attrs.pin.pad_char = 0xff; 94 95 pin_info.path = path; 95 96 pin_info.tries_left = -1; -
src/libopensc/pkcs15.c
rf9b1a1e rd888b3f 1073 1073 return sc_pkcs15_compare_id(&((struct sc_pkcs15_pubkey_info *) data)->id, id); 1074 1074 case SC_PKCS15_TYPE_AUTH_PIN: 1075 return sc_pkcs15_compare_id(&((struct sc_pkcs15_ pin_info *) data)->auth_id, id);1075 return sc_pkcs15_compare_id(&((struct sc_pkcs15_auth_info *) data)->auth_id, id); 1076 1076 case SC_PKCS15_TYPE_DATA_OBJECT: 1077 1077 return sc_pkcs15_compare_id(&((struct sc_pkcs15_data_info *) data)->id, id); … … 1114 1114 { 1115 1115 void *data = obj->data; 1116 struct sc_pkcs15_auth_info *auth_info; 1116 1117 unsigned int flags; 1117 1118 1118 1119 switch (obj->type) { 1119 1120 case SC_PKCS15_TYPE_AUTH_PIN: 1120 flags = ((struct sc_pkcs15_pin_info *) data)->flags; 1121 auth_info = (struct sc_pkcs15_auth_info *) obj->data; 1122 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1123 return 0; 1124 flags = auth_info->attrs.pin.flags; 1121 1125 break; 1122 1126 default: … … 1128 1132 static int compare_obj_reference(sc_pkcs15_object_t *obj, int value) 1129 1133 { 1134 struct sc_pkcs15_auth_info *auth_info; 1130 1135 void *data = obj->data; 1131 1136 int reference; … … 1133 1138 switch (obj->type) { 1134 1139 case SC_PKCS15_TYPE_AUTH_PIN: 1135 reference = ((struct sc_pkcs15_pin_info *) data)->reference; 1140 auth_info = (struct sc_pkcs15_auth_info *) obj->data; 1141 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1142 return 0; 1143 reference = auth_info->attrs.pin.reference; 1136 1144 break; 1137 1145 case SC_PKCS15_TYPE_PRKEY_RSA: … … 1165 1173 return sc_compare_path(&((struct sc_pkcs15_pubkey_info *) data)->path, path); 1166 1174 case SC_PKCS15_TYPE_AUTH_PIN: 1167 return sc_compare_path(&((struct sc_pkcs15_ pin_info *) data)->path, path);1175 return sc_compare_path(&((struct sc_pkcs15_auth_info *) data)->path, path); 1168 1176 case SC_PKCS15_TYPE_DATA_OBJECT: 1169 1177 return sc_compare_path(&((struct sc_pkcs15_data_info *) data)->path, path); … … 1318 1326 1319 1327 for (ii=0; ii<nn_objs; ii++) { 1320 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *)auth_objs[ii]->data;1321 1322 if ( pin_info->auth_method != auth_method)1328 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)auth_objs[ii]->data; 1329 1330 if (auth_info->auth_method != auth_method) 1323 1331 continue; 1324 if (pin_info->reference != reference) 1325 continue; 1326 1327 if (path && !sc_compare_path(&pin_info->path, path)) 1332 if (auth_info->auth_type == SC_PKCS15_PIN_AUTH_TYPE_PIN) 1333 if (auth_info->attrs.pin.reference != reference) 1334 continue; 1335 1336 if (path && !sc_compare_path(&auth_info->path, path)) 1328 1337 continue; 1329 1338 … … 1474 1483 break; 1475 1484 case SC_PKCS15_TYPE_AUTH: 1476 sc_pkcs15_free_ pin_info((sc_pkcs15_pin_info_t *)obj->data);1485 sc_pkcs15_free_auth_info((sc_pkcs15_auth_info_t *)obj->data); 1477 1486 break; 1478 1487 default: … … 2137 2146 break; 2138 2147 case SC_PKCS15_TYPE_AUTH_PIN: 2139 *out = ((struct sc_pkcs15_ pin_info *) obj->data)->auth_id;2148 *out = ((struct sc_pkcs15_auth_info *) obj->data)->auth_id; 2140 2149 break; 2141 2150 case SC_PKCS15_TYPE_DATA_OBJECT: -
src/libopensc/pkcs15.h
ra9eba2b rd888b3f 74 74 #define SC_PKCS15_PIN_AUTH_TYPE_SM_KEY 2 75 75 76 struct sc_pkcs15_pin_info { 77 struct sc_pkcs15_id auth_id; 78 int reference; 79 unsigned int flags, type; 80 unsigned int auth_method; 81 size_t min_length, stored_length, max_length; 82 u8 pad_char; 83 struct sc_path path; 84 int tries_left; 85 int max_tries; 86 87 unsigned int magic; 88 }; 89 typedef struct sc_pkcs15_pin_info sc_pkcs15_pin_info_t; 76 struct sc_pkcs15_pin_attributes { 77 unsigned int flags, type; 78 size_t min_length, stored_length, max_length; 79 int reference; 80 u8 pad_char; 81 }; 82 struct sc_pkcs15_authkey_attributes { 83 int derived; 84 struct sc_pkcs15_id skey_id; 85 }; 86 struct sc_pkcs15_biometric_attributes { 87 }; 88 struct sc_pkcs15_auth_info { 89 struct sc_pkcs15_id auth_id; 90 struct sc_path path; 91 unsigned auth_type; 92 union { 93 struct sc_pkcs15_pin_attributes pin; 94 struct sc_pkcs15_biometric_attributes bio; 95 struct sc_pkcs15_authkey_attributes authkey; 96 } attrs; 97 unsigned int auth_method; 98 int tries_left, max_tries; 99 }; 100 typedef struct sc_pkcs15_auth_info sc_pkcs15_auth_info_t; 90 101 91 102 #define SC_PKCS15_ALGO_OP_COMPUTE_CHECKSUM 0x01 … … 753 764 void sc_pkcs15_free_cert_info(sc_pkcs15_cert_info_t *cert); 754 765 void sc_pkcs15_free_data_info(sc_pkcs15_data_info_t *data); 755 void sc_pkcs15_free_ pin_info(sc_pkcs15_pin_info_t *pin);766 void sc_pkcs15_free_auth_info(sc_pkcs15_auth_info_t *auth_info); 756 767 void sc_pkcs15_free_object(sc_pkcs15_object_t *obj); 757 768 … … 835 846 /* some wrapper functions for sc_pkcs15emu_object_add */ 836 847 int sc_pkcs15emu_add_pin_obj(sc_pkcs15_card_t *, 837 const sc_pkcs15_object_t *, const sc_pkcs15_ pin_info_t *);848 const sc_pkcs15_object_t *, const sc_pkcs15_auth_info_t *); 838 849 int sc_pkcs15emu_add_rsa_prkey(sc_pkcs15_card_t *, 839 850 const sc_pkcs15_object_t *, const sc_pkcs15_prkey_info_t *); -
src/pkcs11/framework-pkcs15.c
rd43e692e rd888b3f 37 37 #define slot_data(p) ((struct pkcs15_slot_data *) (p)) 38 38 #define slot_data_auth(p) (((p) && slot_data(p)) ? slot_data(p)->auth_obj : NULL) 39 #define slot_data_ pin_info(p) (((p) && slot_data_auth(p))? \40 (struct sc_pkcs15_ pin_info *) slot_data_auth(p)->data : NULL)39 #define slot_data_auth_info(p) (((p) && slot_data_auth(p))? \ 40 (struct sc_pkcs15_auth_info *) slot_data_auth(p)->data : NULL) 41 41 42 42 #define check_attribute_buffer(attr,size) \ … … 318 318 struct sc_pkcs11_slot *slot; 319 319 struct sc_pkcs15_object *auth; 320 struct sc_pkcs15_ pin_info *pin_info;320 struct sc_pkcs15_auth_info *pin_info; 321 321 struct sc_pin_cmd_data data; 322 322 int r; … … 340 340 auth = slot_data_auth(slot->fw_data); 341 341 if (auth) { 342 pin_info = (struct sc_pkcs15_pin_info*) auth->data; 342 pin_info = (struct sc_pkcs15_auth_info*) auth->data; 343 344 if (pin_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) { 345 rv = CKR_FUNCTION_REJECTED; 346 goto out; 347 } 343 348 344 349 /* Try to update PIN info from card */ … … 346 351 data.cmd = SC_PIN_CMD_GET_INFO; 347 352 data.pin_type = SC_AC_CHV; 348 data.pin_reference = pin_info-> reference;353 data.pin_reference = pin_info->attrs.pin.reference; 349 354 350 355 r = sc_pin_cmd(slot->card->card, &data, NULL); … … 792 797 { 793 798 struct pkcs15_slot_data *fw_data; 794 struct sc_pkcs15_ pin_info *pin_info = NULL;799 struct sc_pkcs15_auth_info *pin_info = NULL; 795 800 char tmp[64]; 796 801 … … 810 815 811 816 if (auth != NULL) { 812 pin_info = (struct sc_pkcs15_pin_info*) auth->data; 813 814 if (auth->label[0]) { 815 snprintf(tmp, sizeof(tmp), "%s (%s)", 816 p15card->tokeninfo->label, auth->label); 817 } else { 818 snprintf(tmp, sizeof(tmp), "%s", p15card->tokeninfo->label); 819 } 820 slot->token_info.flags |= CKF_LOGIN_REQUIRED; 817 pin_info = (struct sc_pkcs15_auth_info*) auth->data; 818 819 if (pin_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) { 820 pin_info = NULL; 821 } 822 else { 823 if (auth->label[0]) 824 snprintf(tmp, sizeof(tmp), "%s (%s)", p15card->tokeninfo->label, auth->label); 825 else 826 snprintf(tmp, sizeof(tmp), "%s", p15card->tokeninfo->label); 827 slot->token_info.flags |= CKF_LOGIN_REQUIRED; 828 } 821 829 } else 822 830 snprintf(tmp, sizeof(tmp), "%s", p15card->tokeninfo->label); 823 831 strcpy_bp(slot->token_info.label, tmp, 32); 824 832 825 if (pin_info && pin_info->magic == SC_PKCS15_PIN_MAGIC) {826 slot->token_info.ulMaxPinLen = pin_info-> max_length;827 slot->token_info.ulMinPinLen = pin_info-> min_length;833 if (pin_info) { 834 slot->token_info.ulMaxPinLen = pin_info->attrs.pin.max_length; 835 slot->token_info.ulMinPinLen = pin_info->attrs.pin.min_length; 828 836 } else { 829 837 /* choose reasonable defaults */ … … 942 950 943 951 for (i = 0; i < auth_count; i++) { 944 struct sc_pkcs15_pin_info *pin_info = NULL; 945 946 pin_info = (struct sc_pkcs15_pin_info*) auths[i]->data; 952 struct sc_pkcs15_auth_info *pin_info = NULL; 953 954 pin_info = (struct sc_pkcs15_auth_info*) auths[i]->data; 955 956 /* Ignore all but PIN authentication objects */ 957 if (pin_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 958 continue; 947 959 948 960 /* Ignore any non-authentication PINs */ 949 if ((pin_info-> flags & SC_PKCS15_PIN_FLAG_SO_PIN) != 0)961 if ((pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) != 0) 950 962 continue; 951 963 952 964 /* Ignore unblocking pins for hacked module */ 953 if (hack_enabled && (pin_info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) != 0)965 if (hack_enabled && (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) != 0) 954 966 continue; 955 967 956 968 /* Ignore unblocking pins */ 957 969 if (!sc_pkcs11_conf.create_puk_slot) 958 if (pin_info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)970 if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 959 971 continue; 960 972 … … 1053 1065 struct sc_pkcs15_card *p15card = fw_data->p15_card; 1054 1066 struct sc_pkcs15_object *auth_object; 1055 struct sc_pkcs15_ pin_info *pin_info;1067 struct sc_pkcs15_auth_info *pin_info; 1056 1068 1057 1069 switch (userType) { … … 1126 1138 return CKR_USER_TYPE_INVALID; 1127 1139 } 1128 pin_info = (struct sc_pkcs15_pin_info *) auth_object->data; 1140 pin_info = (struct sc_pkcs15_auth_info *) auth_object->data; 1141 if (pin_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1142 return CKR_FUNCTION_REJECTED; 1129 1143 1130 1144 if (p11card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) { … … 1147 1161 * it cannot be correct. 1148 1162 */ 1149 if (ulPinLen < pin_info-> min_length ||1150 ulPinLen > pin_info-> max_length)1163 if (ulPinLen < pin_info->attrs.pin.min_length || 1164 ulPinLen > pin_info->attrs.pin.max_length) 1151 1165 return CKR_PIN_INCORRECT; 1152 1166 } … … 1260 1274 int rc; 1261 1275 struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; 1262 struct sc_pkcs15_ pin_info *pin_info;1276 struct sc_pkcs15_auth_info *auth_info; 1263 1277 struct sc_pkcs15_object *pin_obj; 1264 1278 … … 1266 1280 return CKR_USER_PIN_NOT_INITIALIZED; 1267 1281 1268 if (!( pin_info = slot_data_pin_info(fw_token)))1282 if (!(auth_info = slot_data_auth_info(fw_token))) 1269 1283 return CKR_USER_PIN_NOT_INITIALIZED; 1270 1284 1271 1285 sc_debug(context, SC_LOG_DEBUG_NORMAL, "Change '%s', reference %i; login type %i", 1272 pin_obj->label, pin_info->reference, login_user);1286 pin_obj->label, auth_info->attrs.pin.reference, login_user); 1273 1287 if (p11card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) { 1274 1288 /* pPin should be NULL in case of a pin pad reader, but … … 1281 1295 ulOldLen = ulNewLen = 0; 1282 1296 } 1283 else if (ulNewLen < pin_info->min_length || ulNewLen > pin_info->max_length) {1297 else if (ulNewLen < auth_info->attrs.pin.min_length || ulNewLen > auth_info->attrs.pin.max_length) { 1284 1298 return CKR_PIN_LEN_RANGE; 1285 1299 } … … 1311 1325 auth_count = rc; 1312 1326 for (i = 0; i < auth_count; i++) { 1313 pin_info = (struct sc_pkcs15_pin_info*) auths[i]->data;1314 if (( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN))1327 auth_info = (struct sc_pkcs15_auth_info*) auths[i]->data; 1328 if ((auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 1315 1329 break; 1316 1330 } … … 1340 1354 struct sc_profile *profile; 1341 1355 struct sc_pkcs15_object *auth_obj; 1342 struct sc_pkcs15_ pin_info *pin_info;1356 struct sc_pkcs15_auth_info *auth_info; 1343 1357 int rc; 1344 1358 … … 1346 1360 pPin, ulPinLen, sc_pkcs11_conf.pin_unblock_style); 1347 1361 1348 pin_info = slot_data_pin_info(slot->fw_data);1349 if ( pin_info && sc_pkcs11_conf.pin_unblock_style == SC_PKCS11_PIN_UNBLOCK_SO_LOGGED_INITPIN) {1362 auth_info = slot_data_auth_info(slot->fw_data); 1363 if (auth_info && sc_pkcs11_conf.pin_unblock_style == SC_PKCS11_PIN_UNBLOCK_SO_LOGGED_INITPIN) { 1350 1364 /* C_InitPIN is used to unblock User PIN or set it in the SO session .*/ 1351 1365 auth_obj = slot_data_auth(slot->fw_data); … … 1358 1372 * Something like sc_pkcs15_set_pin() should be introduced. 1359 1373 * For a while, use the 'libopensc' API to set PIN. */ 1360 rc = sc_reset_retry_counter(fw_data->p15_card->card, SC_AC_CHV, pin_info->reference,1374 rc = sc_reset_retry_counter(fw_data->p15_card->card, SC_AC_CHV, auth_info->attrs.pin.reference, 1361 1375 NULL, 0, pPin, ulPinLen); 1362 1376 } … … 1394 1408 pkcs15_init_slot(fw_data->p15_card, slot, auth_obj); 1395 1409 1396 pin_info = (sc_pkcs15_pin_info_t *) auth_obj->data;1410 auth_info = (sc_pkcs15_auth_info_t *) auth_obj->data; 1397 1411 return CKR_OK; 1398 1412 } … … 1408 1422 struct pkcs15_any_object *key_any_obj; 1409 1423 struct sc_pkcs15_object *key_obj; 1410 struct sc_pkcs15_ pin_info *pin;1424 struct sc_pkcs15_auth_info *pin; 1411 1425 CK_KEY_TYPE key_type; 1412 1426 struct sc_pkcs15_prkey_rsa *rsa; … … 1420 1434 /* See if the "slot" is pin protected. If so, get the 1421 1435 * PIN id */ 1422 if ((pin = slot_data_ pin_info(slot->fw_data)) != NULL)1436 if ((pin = slot_data_auth_info(slot->fw_data)) != NULL) 1423 1437 args.auth_id = pin->auth_id; 1424 1438 … … 1540 1554 struct pkcs15_any_object *key_any_obj; 1541 1555 struct sc_pkcs15_object *key_obj; 1542 struct sc_pkcs15_ pin_info *pin;1556 struct sc_pkcs15_auth_info *pin; 1543 1557 CK_KEY_TYPE key_type; 1544 1558 struct sc_pkcs15_pubkey_rsa *rsa; … … 1550 1564 /* See if the "slot" is pin protected. If so, get the 1551 1565 * PIN id */ 1552 if ((pin = slot_data_ pin_info(slot->fw_data)) != NULL)1566 if ((pin = slot_data_auth_info(slot->fw_data)) != NULL) 1553 1567 args.auth_id = pin->auth_id; 1554 1568 … … 1715 1729 struct pkcs15_any_object *data_any_obj; 1716 1730 struct sc_pkcs15_object *data_obj; 1717 struct sc_pkcs15_ pin_info *pin;1731 struct sc_pkcs15_auth_info *pin; 1718 1732 CK_BBOOL bValue; 1719 1733 int rc, rv; … … 1734 1748 rv = attr_extract(attr, &bValue, NULL); 1735 1749 if (bValue) { 1736 pin = slot_data_ pin_info(slot->fw_data);1750 pin = slot_data_auth_info(slot->fw_data); 1737 1751 if (pin == NULL) { 1738 1752 rv = CKR_TEMPLATE_INCOMPLETE; … … 1936 1950 { 1937 1951 struct sc_profile *profile = NULL; 1938 struct sc_pkcs15_ pin_info *pin;1952 struct sc_pkcs15_auth_info *pin; 1939 1953 struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; 1940 1954 struct sc_pkcs15init_keygen_args keygen_args; … … 1974 1988 /* 1. Convert the pkcs11 attributes to pkcs15init args */ 1975 1989 1976 if ((pin = slot_data_ pin_info(slot->fw_data)) != NULL)1990 if ((pin = slot_data_auth_info(slot->fw_data)) != NULL) 1977 1991 keygen_args.prkey_args.auth_id = pub_args.auth_id = pin->auth_id; 1978 1992 -
src/pkcs15init/pkcs15-asepcos.c
r65b65e5 rd888b3f 169 169 */ 170 170 static int asepcos_select_pin_reference(sc_profile_t *profile, 171 sc_pkcs15_card_t *p15card, sc_pkcs15_ pin_info_t *pinfo)172 { 173 if ( pinfo->flags & SC_PKCS15_PIN_FLAG_SO_PIN)171 sc_pkcs15_card_t *p15card, sc_pkcs15_auth_info_t *auth_info) 172 { 173 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 174 174 return SC_SUCCESS; 175 if ( pinfo->reference <= 0)176 pinfo->reference = 1;175 if (auth_info->attrs.pin.reference <= 0) 176 auth_info->attrs.pin.reference = 1; 177 177 /* as we want to use <fileid of PIN> + 1 for the PUK we need to 178 178 * ensure that all references are odd => if the reference is 179 179 * even add one */ 180 if (( pinfo->reference & 1) == 0)181 pinfo->reference++;180 if ((auth_info->attrs.pin.reference & 1) == 0) 181 auth_info->attrs.pin.reference++; 182 182 return SC_SUCCESS; 183 183 } … … 217 217 218 218 static int asepcos_do_store_pin(sc_profile_t *profile, sc_card_t *card, 219 sc_pkcs15_ pin_info_t *pinfo, const u8* pin, size_t pinlen,219 sc_pkcs15_auth_info_t *auth_info, const u8* pin, size_t pinlen, 220 220 int puk, int pinid) 221 221 { … … 223 223 u8 buf[64], sbuf[64], *p = buf, *q = sbuf; 224 224 int r, akn; 225 226 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 227 return SC_ERROR_OBJECT_NOT_VALID; 225 228 226 229 /* outter tag */ … … 238 241 *p++ = pinlen & 0xff; 239 242 /* max tries */ 240 *p++ = pinfo->tries_left & 0xff;243 *p++ = auth_info->tries_left & 0xff; 241 244 /* algorithm id and key key usage and padding bytes */ 242 245 *p++ = 0x00; … … 306 309 return r; 307 310 /* use the AKN as reference */ 308 pinfo->reference = akn;311 auth_info->attrs.pin.reference = akn; 309 312 /* set the correct PIN length */ 310 pinfo->min_length = 4;311 pinfo->stored_length = pinlen;312 pinfo->max_length = 16;313 auth_info->attrs.pin.min_length = 4; 314 auth_info->attrs.pin.stored_length = pinlen; 315 auth_info->attrs.pin.max_length = 16; 313 316 314 317 return r; … … 320 323 static int have_onepin(sc_profile_t *profile) 321 324 { 322 sc_pkcs15_pin_info_t sopin; 325 sc_pkcs15_auth_info_t sopin; 326 323 327 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &sopin); 324 if (!(sopin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 328 329 if (!(sopin.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 325 330 return 1; 326 331 else … … 343 348 const u8 *pin, size_t pin_len, const u8 *puk, size_t puk_len) 344 349 { 345 sc_pkcs15_ pin_info_t *pinfo = (sc_pkcs15_pin_info_t *) pin_obj->data;350 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 346 351 struct sc_card *card = p15card->card; 347 352 int r, pid, puk_id; … … 354 359 return SC_ERROR_INVALID_ARGUMENTS; 355 360 356 pid = (pinfo->reference & 0xff) | (((tpath.len >> 1) - 1) << 16); 361 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 362 return SC_ERROR_OBJECT_NOT_VALID; 363 364 pid = (auth_info->attrs.pin.reference & 0xff) | (((tpath.len >> 1) - 1) << 16); 357 365 358 366 /* get the ACL of the application DF */ … … 390 398 * the PIN as the PUK fileid is used in the PIN acl. 391 399 */ 392 struct sc_pkcs15_ pin_info puk_info;393 394 if ( pinfo->flags & SC_PKCS15_PIN_FLAG_SO_PIN)395 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &puk_ info);400 struct sc_pkcs15_auth_info puk_ainfo; 401 402 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 403 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &puk_ainfo); 396 404 else 397 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &puk_ info);405 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &puk_ainfo); 398 406 399 407 /* If a PUK we use "file id of the PIN" + 1 as the file id … … 401 409 */ 402 410 puk_id = pid + 1; 403 r = asepcos_do_store_pin(profile, card, &puk_ info, puk, puk_len, 0, puk_id);411 r = asepcos_do_store_pin(profile, card, &puk_ainfo, puk, puk_len, 0, puk_id); 404 412 if (r != SC_SUCCESS) 405 413 SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_VERBOSE, r); … … 407 415 puk_id = 0; 408 416 409 r = asepcos_do_store_pin(profile, card, pinfo, pin, pin_len, puk_id, pid);417 r = asepcos_do_store_pin(profile, card, auth_info, pin, pin_len, puk_id, pid); 410 418 if (r != SC_SUCCESS) 411 419 SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_VERBOSE, r); 412 420 413 421 #if 1 414 if ( pinfo->flags & SC_PKCS15_PIN_FLAG_SO_PIN ||422 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN || 415 423 (have_onepin(profile) && pid == 0x010001)) { 416 424 sc_cardctl_asepcos_activate_file_t st; … … 455 463 if (r != SC_SUCCESS) 456 464 return r; 457 pinfo->path = tpath;465 auth_info->path = tpath; 458 466 #endif 459 467 SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_VERBOSE, r); -
src/pkcs15init/pkcs15-cardos.c
rb21eeb46 rd888b3f 51 51 */ 52 52 static int cardos_store_pin(sc_profile_t *profile, sc_card_t *card, 53 sc_pkcs15_ pin_info_t *pin_info, int puk_id,53 sc_pkcs15_auth_info_t *auth_info, int puk_id, 54 54 const u8 *pin, size_t pin_len); 55 55 static int cardos_create_sec_env(sc_profile_t *, sc_card_t *, … … 153 153 static int 154 154 cardos_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 155 sc_pkcs15_ pin_info_t *pin_info)155 sc_pkcs15_auth_info_t *auth_info) 156 156 { 157 157 int preferred, current; 158 158 159 if ((current = pin_info->reference) < 0) 159 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 160 return SC_ERROR_OBJECT_NOT_VALID; 161 162 if ((current = auth_info->attrs.pin.reference) < 0) 160 163 current = CARDOS_PIN_ID_MIN; 161 164 162 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {165 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 163 166 preferred = 1; 164 167 } else { … … 173 176 if (current > preferred || preferred > CARDOS_PIN_ID_MAX) 174 177 return SC_ERROR_TOO_MANY_OBJECTS; 175 pin_info->reference = preferred;178 auth_info->attrs.pin.reference = preferred; 176 179 return 0; 177 180 } … … 186 189 const u8 *puk, size_t puk_len) 187 190 { 188 sc_pkcs15_ pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data;191 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 189 192 struct sc_card *card = p15card->card; 190 193 unsigned int puk_id = CARDOS_AC_NEVER; … … 194 197 return SC_ERROR_INVALID_ARGUMENTS; 195 198 199 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 200 return SC_ERROR_OBJECT_NOT_VALID; 201 196 202 r = sc_select_file(card, &df->path, NULL); 197 203 if (r < 0) … … 199 205 200 206 if (puk && puk_len) { 201 struct sc_pkcs15_ pin_info puk_info;207 struct sc_pkcs15_auth_info puk_ainfo; 202 208 203 209 sc_profile_get_pin_info(profile, 204 SC_PKCS15INIT_USER_PUK, &puk_ info);205 puk_ info.reference = puk_id = pin_info->reference + 1;210 SC_PKCS15INIT_USER_PUK, &puk_ainfo); 211 puk_ainfo.attrs.pin.reference = puk_id = auth_info->attrs.pin.reference + 1; 206 212 r = cardos_store_pin(profile, card, 207 &puk_ info, CARDOS_AC_NEVER,213 &puk_ainfo, CARDOS_AC_NEVER, 208 214 puk, puk_len); 209 215 } … … 211 217 if (r >= 0) { 212 218 r = cardos_store_pin(profile, card, 213 pin_info, puk_id, pin, pin_len);219 auth_info, puk_id, pin, pin_len); 214 220 } 215 221 … … 400 406 static int 401 407 cardos_store_pin(sc_profile_t *profile, sc_card_t *card, 402 sc_pkcs15_ pin_info_t *pin_info, int puk_id,408 sc_pkcs15_auth_info_t *auth_info, int puk_id, 403 409 const u8 *pin, size_t pin_len) 404 410 { … … 409 415 unsigned int attempts, minlen, maxlen; 410 416 int r; 417 418 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 419 return SC_ERROR_OBJECT_NOT_VALID; 411 420 412 421 /* We need to do padding because pkcs15-lib.c does it. … … 424 433 pin = pinpadded; 425 434 426 attempts = pin_info->tries_left;427 minlen = pin_info->min_length;435 attempts = auth_info->tries_left; 436 minlen = auth_info->attrs.pin.min_length; 428 437 429 438 tlv_init(&tlv, buffer, sizeof(buffer)); … … 432 441 tlv_next(&tlv, 0x83); 433 442 tlv_add(&tlv, 0x00); /* class byte: usage TEST, k=0 */ 434 tlv_add(&tlv, pin_info->reference);443 tlv_add(&tlv, auth_info->attrs.pin.reference); 435 444 436 445 /* parameters */ … … 462 471 tlv_next(&tlv, 0x86); 463 472 tlv_add(&tlv, 0x00); /* use: always */ 464 tlv_add(&tlv, pin_info->reference); /* change: PIN */473 tlv_add(&tlv, auth_info->attrs.pin.reference); /* change: PIN */ 465 474 tlv_add(&tlv, puk_id); /* unblock: PUK */ 466 475 -
src/pkcs15init/pkcs15-cflex.c
r18c1446 rd888b3f 186 186 static int 187 187 cflex_select_pin_reference(sc_profile_t *profike, sc_pkcs15_card_t *p15card, 188 sc_pkcs15_ pin_info_t *pin_info)188 sc_pkcs15_auth_info_t *auth_info) 189 189 { 190 190 int preferred; 191 191 192 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 192 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 193 return SC_ERROR_OBJECT_NOT_VALID; 194 195 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 193 196 preferred = 2; 194 197 } else { 195 198 preferred = 1; 196 199 } 197 if ( pin_info->reference <= preferred) {198 pin_info->reference = preferred;200 if (auth_info->attrs.pin.reference <= preferred) { 201 auth_info->attrs.pin.reference = preferred; 199 202 return 0; 200 203 } 201 204 202 if ( pin_info->reference > 2)205 if (auth_info->attrs.pin.reference > 2) 203 206 return SC_ERROR_INVALID_ARGUMENTS; 204 207 … … 218 221 { 219 222 struct sc_context *ctx = p15card->card->ctx; 220 sc_pkcs15_pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data; 223 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 224 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 221 225 sc_file_t *dummies[2]; 222 226 int ndummies, pin_type, puk_type, r; … … 224 228 225 229 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_NORMAL); 230 231 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 232 return SC_ERROR_OBJECT_NOT_VALID; 233 226 234 /* If the profile doesn't specify a reference for this PIN, guess */ 227 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {235 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 228 236 pin_type = SC_PKCS15INIT_SO_PIN; 229 237 puk_type = SC_PKCS15INIT_SO_PUK; 230 if (pin_ info->reference != 2)238 if (pin_attrs->reference != 2) 231 239 return SC_ERROR_INVALID_ARGUMENTS; 232 240 } else { 233 241 pin_type = SC_PKCS15INIT_USER_PIN; 234 242 puk_type = SC_PKCS15INIT_USER_PUK; 235 if (pin_ info->reference != 1)243 if (pin_attrs->reference != 1) 236 244 return SC_ERROR_INVALID_ARGUMENTS; 237 245 } 238 246 239 247 /* Get file definition from the profile */ 240 if (sc_profile_get_file(profile, (pin_ info->reference == 1)? "CHV1" : "CHV2", &file) < 0248 if (sc_profile_get_file(profile, (pin_attrs->reference == 1)? "CHV1" : "CHV2", &file) < 0 241 249 && sc_profile_get_file(profile, "CHV", &file) < 0) 242 250 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_FILE_NOT_FOUND, "profile does not define pin file ACLs"); … … 245 253 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, ndummies, "Unable to create dummy CHV file"); 246 254 247 r = cflex_create_pin_file(profile, p15card, &df->path, pin_ info->reference,255 r = cflex_create_pin_file(profile, p15card, &df->path, pin_attrs->reference, 248 256 pin, pin_len, sc_profile_get_pin_retries(profile, pin_type), 249 257 puk, puk_len, sc_profile_get_pin_retries(profile, puk_type), -
src/pkcs15init/pkcs15-entersafe.c
r891f983 rd888b3f 247 247 248 248 static int entersafe_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 249 sc_pkcs15_ pin_info_t *pin_info)249 sc_pkcs15_auth_info_t *auth_info) 250 250 { 251 251 SC_FUNC_CALLED(p15card->card->ctx, SC_LOG_DEBUG_VERBOSE); 252 252 253 if (pin_info->reference < ENTERSAFE_USER_PIN_ID) 254 pin_info->reference = ENTERSAFE_USER_PIN_ID; 255 if(pin_info->reference>ENTERSAFE_USER_PIN_ID) 253 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 254 return SC_ERROR_OBJECT_NOT_VALID; 255 256 if (auth_info->attrs.pin.reference < ENTERSAFE_USER_PIN_ID) 257 auth_info->attrs.pin.reference = ENTERSAFE_USER_PIN_ID; 258 if (auth_info->attrs.pin.reference > ENTERSAFE_USER_PIN_ID) 256 259 return SC_ERROR_TOO_MANY_OBJECTS; 260 257 261 SC_FUNC_RETURN(p15card->card->ctx, SC_LOG_DEBUG_VERBOSE,SC_SUCCESS); 258 262 } … … 265 269 struct sc_card *card = p15card->card; 266 270 int r; 267 sc_pkcs15_ pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data;271 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 268 272 269 273 SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE); 274 275 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 276 return SC_ERROR_OBJECT_NOT_VALID; 270 277 271 278 {/*pin*/ … … 275 282 return SC_ERROR_INVALID_ARGUMENTS; 276 283 277 data.key_id =pin_info->reference;284 data.key_id = auth_info->attrs.pin.reference; 278 285 data.usage=0x0B; 279 286 data.key_data.symmetric.EC=0x33; … … 297 304 return SC_ERROR_INVALID_ARGUMENTS; 298 305 299 data.key_id =pin_info->reference+1;306 data.key_id = auth_info->attrs.pin.reference+1; 300 307 data.usage=0x0B; 301 308 data.key_data.symmetric.EC=0x33; … … 428 435 { 429 436 struct sc_context *ctx = p15card->card->ctx; 430 struct sc_pkcs15_ pin_info profile_pin;437 struct sc_pkcs15_auth_info profile_auth; 431 438 struct sc_pkcs15_object *objs[32]; 432 439 int rv, nn, ii, update_df = 0; … … 439 446 nn = rv; 440 447 441 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &profile_ pin);448 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &profile_auth); 442 449 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to get PIN info"); 443 450 444 451 for (ii=0; ii<nn; ii++) { 445 struct sc_pkcs15_pin_info *pinfo = (struct sc_pkcs15_pin_info *) objs[ii]->data; 446 447 if (pinfo->reference == profile_pin.reference && pinfo->flags != profile_pin.flags) { 452 struct sc_pkcs15_auth_info *ainfo = (struct sc_pkcs15_auth_info *) objs[ii]->data; 453 struct sc_pkcs15_pin_attributes *pin_attrs = &ainfo->attrs.pin; 454 455 if (ainfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 456 continue; 457 458 if (pin_attrs->reference == profile_auth.attrs.pin.reference 459 && pin_attrs->flags != profile_auth.attrs.pin.flags) { 448 460 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Set flags of '%s'(flags:%X,ref:%i,id:%s) to %X", objs[ii]->label, 449 pin fo->flags, pinfo->reference, sc_pkcs15_print_id(&pinfo->auth_id),450 profile_ pin.flags);451 pin fo->flags = profile_pin.flags;461 pin_attrs->flags, pin_attrs->reference, sc_pkcs15_print_id(&ainfo->auth_id), 462 profile_auth.attrs.pin.flags); 463 pin_attrs->flags = profile_auth.attrs.pin.flags; 452 464 update_df = 1; 453 465 } -
src/pkcs15init/pkcs15-gpk.c
r9df8712 rd888b3f 163 163 static int 164 164 gpk_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 165 sc_pkcs15_ pin_info_t *pin_info)165 sc_pkcs15_auth_info_t *auth_info) 166 166 { 167 167 int preferred, current; 168 168 169 169 SC_FUNC_CALLED(p15card->card->ctx, SC_LOG_DEBUG_VERBOSE); 170 if ((current = pin_info->reference) < 0) 170 171 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 172 return SC_ERROR_OBJECT_NOT_VALID; 173 174 if ((current = auth_info->attrs.pin.reference) < 0) 171 175 current = 0; 172 176 173 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {177 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 174 178 preferred = GPK_PIN_SCOPE | 0; 175 179 } else { … … 186 190 if (current > preferred) 187 191 return SC_ERROR_TOO_MANY_OBJECTS; 188 pin_info->reference = preferred;192 auth_info->attrs.pin.reference = preferred; 189 193 SC_FUNC_RETURN(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, 0); 190 194 } … … 199 203 const u8 *puk, size_t puk_len) 200 204 { 201 sc_pkcs15_pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data; 205 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 206 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 202 207 u8 nulpin[8]; 203 208 int r; 204 209 205 210 SC_FUNC_CALLED(p15card->card->ctx, SC_LOG_DEBUG_VERBOSE); 206 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 211 212 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 213 return SC_ERROR_OBJECT_NOT_VALID; 214 215 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 207 216 /* SO PIN reference must be 0 */ 208 if (pin_ info->reference != (GPK_PIN_SCOPE | 0))217 if (pin_attrs->reference != (GPK_PIN_SCOPE | 0)) 209 218 return SC_ERROR_INVALID_ARGUMENTS; 210 219 } else { … … 215 224 * tell the caller to pick a different value. 216 225 */ 217 if ((pin_ info->reference & 1) || !(pin_info->reference & GPK_PIN_SCOPE))226 if ((pin_attrs->reference & 1) || !(pin_attrs->reference & GPK_PIN_SCOPE)) 218 227 return SC_ERROR_INVALID_PIN_REFERENCE; 219 if (pin_ info->reference >= (GPK_PIN_SCOPE + GPK_MAX_PINS))228 if (pin_attrs->reference >= (GPK_PIN_SCOPE + GPK_MAX_PINS)) 220 229 return SC_ERROR_TOO_MANY_OBJECTS; 221 230 } … … 239 248 memset(nulpin, 0, sizeof(nulpin)); 240 249 r = sc_change_reference_data(p15card->card, SC_AC_CHV, 241 pin_ info->reference,250 pin_attrs->reference, 242 251 nulpin, sizeof(nulpin), 243 252 pin, pin_len, NULL); … … 248 257 /* Current PUK is 00:00:00:00:00:00:00:00 */ 249 258 r = sc_change_reference_data(p15card->card, SC_AC_CHV, 250 pin_ info->reference + 1,259 pin_attrs->reference + 1, 251 260 nulpin, sizeof(nulpin), 252 261 puk, puk_len, NULL); -
src/pkcs15init/pkcs15-iasecc.c
rf026db6 rd888b3f 649 649 pin_ref = rv; 650 650 for (ii=0; ii<nn_pins; ii++) { 651 const struct sc_pkcs15_ pin_info *pin_info = (const struct sc_pkcs15_pin_info *) pin_objs[ii]->data;651 const struct sc_pkcs15_auth_info *auth_info = (const struct sc_pkcs15_auth_info *) pin_objs[ii]->data; 652 652 653 /* FIXME: make pin reference 'unsigned' */ 654 sc_log(ctx, "PIN refs %i/%i", pin_ref, pin_info->reference); 655 if (pin_ref == ((pin_info->reference + 0x100) % 0x100)) { 656 *auth_id = pin_info->auth_id; 653 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 654 continue; 655 656 sc_log(ctx, "PIN refs %i/%i", pin_ref, auth_info->attrs.pin.reference); 657 if (pin_ref == ((auth_info->attrs.pin.reference + 0x100) % 0x100)) { 658 *auth_id = auth_info->auth_id; 657 659 break; 658 660 } -
src/pkcs15init/pkcs15-incrypto34.c
rb4bdb72 rd888b3f 57 57 */ 58 58 static int incrypto34_store_pin(sc_profile_t *profile, sc_card_t *card, 59 sc_pkcs15_ pin_info_t *pin_info, int puk_id,59 sc_pkcs15_auth_info_t *auth_info, int puk_id, 60 60 const u8 *pin, size_t pin_len); 61 61 static int incrypto34_create_sec_env(sc_profile_t *, sc_card_t *, … … 173 173 static int 174 174 incrypto34_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 175 sc_pkcs15_ pin_info_t *pin_info)175 sc_pkcs15_auth_info_t *auth_info) 176 176 { 177 177 int preferred, current; 178 178 179 if ((current = pin_info->reference) < 0) 179 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 180 return SC_ERROR_OBJECT_NOT_VALID; 181 182 if ((current = auth_info->attrs.pin.reference) < 0) 180 183 current = INCRYPTO34_PIN_ID_MIN; 181 184 182 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {185 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 183 186 preferred = 1; 184 187 } else { … … 193 196 if (current > preferred || preferred > INCRYPTO34_PIN_ID_MAX) 194 197 return SC_ERROR_TOO_MANY_OBJECTS; 195 pin_info->reference = preferred;198 auth_info->attrs.pin.reference = preferred; 196 199 return 0; 197 200 } … … 206 209 const u8 *puk, size_t puk_len) 207 210 { 208 sc_pkcs15_ pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data;211 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 209 212 unsigned int puk_id = INCRYPTO34_AC_NEVER; 210 213 int r; … … 213 216 return SC_ERROR_INVALID_ARGUMENTS; 214 217 218 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 219 return SC_ERROR_OBJECT_NOT_VALID; 220 215 221 r = sc_select_file(p15card->card, &df->path, NULL); 216 222 if (r < 0) … … 218 224 219 225 if (puk && puk_len) { 220 struct sc_pkcs15_ pin_info puk_info;226 struct sc_pkcs15_auth_info puk_ainfo; 221 227 222 228 sc_profile_get_pin_info(profile, 223 SC_PKCS15INIT_USER_PUK, &puk_ info);224 puk_ info.reference = puk_id = pin_info->reference + 1;229 SC_PKCS15INIT_USER_PUK, &puk_ainfo); 230 puk_ainfo.attrs.pin.reference = puk_id = auth_info->attrs.pin.reference + 1; 225 231 r = incrypto34_store_pin(profile, p15card->card, 226 &puk_ info, INCRYPTO34_AC_NEVER,232 &puk_ainfo, INCRYPTO34_AC_NEVER, 227 233 puk, puk_len); 228 234 } … … 230 236 if (r >= 0) { 231 237 r = incrypto34_store_pin(profile, p15card->card, 232 pin_info, puk_id,238 auth_info, puk_id, 233 239 pin, pin_len); 234 240 } … … 384 390 static int 385 391 incrypto34_store_pin(sc_profile_t *profile, sc_card_t *card, 386 sc_pkcs15_ pin_info_t *pin_info, int puk_id,392 sc_pkcs15_auth_info_t *auth_info, int puk_id, 387 393 const u8 *pin, size_t pin_len) 388 394 { … … 392 398 struct tlv tlv; 393 399 unsigned int attempts, minlen, maxlen; 400 401 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 402 return SC_ERROR_OBJECT_NOT_VALID; 394 403 395 404 /* We need to do padding because pkcs15-lib.c does it. … … 404 413 pin = pinpadded; 405 414 406 attempts = pin_info->tries_left;407 minlen = pin_info->min_length;415 attempts = auth_info->tries_left; 416 minlen = auth_info->attrs.pin.min_length; 408 417 409 418 tlv_init(&tlv, buffer, sizeof(buffer)); … … 412 421 tlv_next(&tlv, 0x83); 413 422 tlv_add(&tlv, 0x00); /* class byte: usage TEST, k=0 */ 414 tlv_add(&tlv, pin_info->reference);423 tlv_add(&tlv, auth_info->attrs.pin.reference); 415 424 416 425 /* parameters */ … … 440 449 tlv_next(&tlv, 0x86); 441 450 tlv_add(&tlv, 0x00); /* use: always */ 442 tlv_add(&tlv, pin_info->reference); /* change: PIN */451 tlv_add(&tlv, auth_info->attrs.pin.reference); /* change: PIN */ 443 452 tlv_add(&tlv, puk_id); /* unblock: PUK */ 444 453 tlv_add(&tlv, 0xFF); /*RFU*/ -
src/pkcs15init/pkcs15-init.h
r2d43c60 rd888b3f 58 58 */ 59 59 int (*select_pin_reference)(struct sc_profile *, struct sc_pkcs15_card *, 60 struct sc_pkcs15_ pin_info *);60 struct sc_pkcs15_auth_info *); 61 61 62 62 /* … … 161 161 * one of the SC_PKCS15INIT_XXX_PIN/PUK macros. 162 162 */ 163 int (*get_pin)(struct sc_profile *, int, const struct sc_pkcs15_ pin_info *,163 int (*get_pin)(struct sc_profile *, int, const struct sc_pkcs15_auth_info *, 164 164 const char *, unsigned char *, size_t *); 165 165 … … 341 341 extern int sc_pkcs15init_fixup_file(struct sc_profile *, struct sc_pkcs15_card *, 342 342 struct sc_file *); 343 extern int sc_pkcs15init_get_pin_info(struct sc_profile *, int, struct sc_pkcs15_ pin_info *);343 extern int sc_pkcs15init_get_pin_info(struct sc_profile *, int, struct sc_pkcs15_auth_info *); 344 344 extern int sc_profile_get_pin_retries(struct sc_profile *, int); 345 345 extern int sc_pkcs15init_get_manufacturer(struct sc_profile *, -
src/pkcs15init/pkcs15-jcop.c
r98dd13f rd888b3f 74 74 static int 75 75 jcop_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 76 sc_pkcs15_ pin_info_t *pin_info) {76 sc_pkcs15_auth_info_t *auth_info) { 77 77 int preferred, current; 78 78 79 if ((current = pin_info->reference) < 0) 79 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 80 return SC_ERROR_OBJECT_NOT_VALID; 81 82 if ((current = auth_info->attrs.pin.reference) < 0) 80 83 current = 0; 81 84 82 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {85 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 83 86 preferred = 3; 84 87 } else { … … 91 94 if (current > preferred) 92 95 return SC_ERROR_TOO_MANY_OBJECTS; 93 pin_info->reference = preferred;96 auth_info->attrs.pin.reference = preferred; 94 97 return 0; 95 98 } … … 104 107 const unsigned char *puk, size_t puk_len) 105 108 { 106 sc_pkcs15_pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data; 109 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 110 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 107 111 unsigned char nulpin[16]; 108 112 unsigned char padpin[16]; 109 113 int r; 110 114 111 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 115 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 116 return SC_ERROR_OBJECT_NOT_VALID; 117 118 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 112 119 /* SO PIN reference must be 0 */ 113 if (pin_ info->reference != 3)120 if (pin_attrs->reference != 3) 114 121 return SC_ERROR_INVALID_ARGUMENTS; 115 122 } else { 116 if (pin_ info->reference >= 3)123 if (pin_attrs->reference >= 3) 117 124 return SC_ERROR_TOO_MANY_OBJECTS; 118 125 } … … 129 136 memcpy(padpin, pin, pin_len); 130 137 r = sc_change_reference_data(p15card->card, SC_AC_CHV, 131 pin_ info->reference,138 pin_attrs->reference, 132 139 nulpin, sizeof(nulpin), 133 140 padpin, sizeof(padpin), NULL); … … 135 142 return r; 136 143 137 pin_ info->flags &= ~SC_PKCS15_PIN_FLAG_LOCAL;144 pin_attrs->flags &= ~SC_PKCS15_PIN_FLAG_LOCAL; 138 145 return r; 139 146 } -
src/pkcs15init/pkcs15-lib.c
r2d43c60 rd888b3f 120 120 struct sc_pkcs15_id *, struct sc_path *); 121 121 static int sc_pkcs15init_qualify_pin(struct sc_card *, const char *, 122 unsigned int, struct sc_pkcs15_ pin_info *);122 unsigned int, struct sc_pkcs15_auth_info *); 123 123 static struct sc_pkcs15_df * find_df_by_type(struct sc_pkcs15_card *, 124 124 unsigned int); … … 411 411 nn_objs = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_AUTH_PIN, p15objects, 10); 412 412 for (i = 0; i < nn_objs; i++) { 413 struct sc_pkcs15_pin_info *pininfo = (struct sc_pkcs15_pin_info *) p15objects[i]->data; 413 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) p15objects[i]->data; 414 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 414 415 struct sc_file *file = NULL; 415 416 416 if (pin info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)417 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 417 418 continue; 418 if (pin info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)419 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 419 420 continue; 420 if (! pininfo->path.len)421 if (!auth_info->path.len) 421 422 continue; 422 423 423 r = sc_profile_get_file_by_path(profile, & pininfo->path, &file);424 r = sc_profile_get_file_by_path(profile, &auth_info->path, &file); 424 425 if (r == SC_ERROR_FILE_NOT_FOUND) { 425 if (!sc_select_file(p15card->card, & pininfo->path, &file)) {426 if (!sc_select_file(p15card->card, &auth_info->path, &file)) { 426 427 char pin_name[16]; 427 428 … … 696 697 struct sc_context *ctx = card->ctx; 697 698 struct sc_pkcs15_card *p15card = profile->p15_spec; 698 struct sc_pkcs15_pin_info pin_info, puk_info; 699 struct sc_pkcs15_auth_info pin_ainfo, puk_ainfo; 700 struct sc_pkcs15_pin_attributes *pin_attrs = &pin_ainfo.attrs.pin; 699 701 struct sc_pkcs15_object *pin_obj = NULL; 700 702 struct sc_app_info *app; … … 718 720 const char *pin_label; 719 721 720 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &pin_ info);721 r = sc_pkcs15init_qualify_pin(card, "SO PIN", args->so_pin_len, &pin_ info);722 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &pin_ainfo); 723 r = sc_pkcs15init_qualify_pin(card, "SO PIN", args->so_pin_len, &pin_ainfo); 722 724 LOG_TEST_RET(ctx, r, "Failed to qualify SO PIN"); 723 725 724 726 /* Path encoded only for local SO PIN */ 725 if (pin_ info.flags & SC_PKCS15_PIN_FLAG_LOCAL)726 pin_ info.path = df->path;727 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL) 728 pin_ainfo.path = df->path; 727 729 728 730 /* Select the PIN reference */ 729 731 if (profile->ops->select_pin_reference) { 730 r = profile->ops->select_pin_reference(profile, p15card, &pin_ info);732 r = profile->ops->select_pin_reference(profile, p15card, &pin_ainfo); 731 733 LOG_TEST_RET(ctx, r, "Failed to select card specific PIN reference"); 732 734 } 733 735 734 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &puk_ info);735 r = sc_pkcs15init_qualify_pin(card, "SO PUK", args->so_puk_len, &puk_ info);736 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &puk_ainfo); 737 r = sc_pkcs15init_qualify_pin(card, "SO PUK", args->so_puk_len, &puk_ainfo); 736 738 LOG_TEST_RET(ctx, r, "Failed to qulify SO PUK"); 737 739 738 740 if (!(pin_label = args->so_pin_label)) { 739 if (pin_ info.flags & SC_PKCS15_PIN_FLAG_SO_PIN)741 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 740 742 pin_label = "Security Officer PIN"; 741 743 else … … 744 746 745 747 if (args->so_puk_len == 0) 746 pin_info.flags |= SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED; 747 748 pin_obj = sc_pkcs15init_new_object(SC_PKCS15_TYPE_AUTH_PIN, 749 pin_label, NULL, &pin_info); 748 pin_attrs->flags |= SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED; 749 750 pin_obj = sc_pkcs15init_new_object(SC_PKCS15_TYPE_AUTH_PIN, pin_label, NULL, &pin_ainfo); 750 751 751 752 if (pin_obj) { … … 755 756 * but not yet written into the on-card PKCS#15. 756 757 */ 757 sc_log(ctx, "Add virtual SO_PIN('%s',flags:%X,reference:%i,path:'%s')", 758 pin_obj->label, pin_info.flags, pin_info.reference, 759 sc_print_path(&pin_info.path)); 758 sc_log(ctx, "Add virtual SO_PIN('%s',flags:%X,reference:%i,path:'%s')", pin_obj->label, 759 pin_attrs->flags, pin_attrs->reference, sc_print_path(&pin_ainfo.path)); 760 760 r = sc_pkcs15_add_object(p15card, pin_obj); 761 761 LOG_TEST_RET(ctx, r, "Failed to add 'SOPIN' AUTH object"); … … 861 861 struct sc_context *ctx = p15card->card->ctx; 862 862 struct sc_pkcs15_object *pin_obj; 863 struct sc_pkcs15_ pin_info *pin_info;863 struct sc_pkcs15_auth_info *auth_info; 864 864 int r; 865 865 char puk_label[0x30]; … … 892 892 LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot allocate PIN object"); 893 893 894 pin_info = (struct sc_pkcs15_pin_info *) pin_obj->data;895 896 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, pin_info);897 pin_info->auth_id = args->puk_id;894 auth_info = (struct sc_pkcs15_auth_info *) pin_obj->data; 895 896 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, auth_info); 897 auth_info->auth_id = args->puk_id; 898 898 899 899 /* Now store the PINs */ … … 915 915 916 916 int 917 sc_pkcs15init_store_pin(struct sc_pkcs15_card *p15card, 918 struct sc_profile *profile, 917 sc_pkcs15init_store_pin(struct sc_pkcs15_card *p15card, struct sc_profile *profile, 919 918 struct sc_pkcs15init_pinargs *args) 920 919 { 921 920 struct sc_context *ctx = p15card->card->ctx; 922 921 struct sc_pkcs15_object *pin_obj; 923 struct sc_pkcs15_ pin_info *pin_info;922 struct sc_pkcs15_auth_info *auth_info; 924 923 int r; 925 924 … … 950 949 LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot allocate PIN object"); 951 950 952 pin_info = (struct sc_pkcs15_pin_info *) pin_obj->data;953 954 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, pin_info);955 pin_info->auth_id = args->auth_id;951 auth_info = (struct sc_pkcs15_auth_info *) pin_obj->data; 952 953 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, auth_info); 954 auth_info->auth_id = args->auth_id; 956 955 957 956 /* Now store the PINs */ 958 sc_log(ctx, "Store PIN(%s,authID:%s)", pin_obj->label, sc_pkcs15_print_id(& pin_info->auth_id));957 sc_log(ctx, "Store PIN(%s,authID:%s)", pin_obj->label, sc_pkcs15_print_id(&auth_info->auth_id)); 959 958 r = sc_pkcs15init_create_pin(p15card, profile, pin_obj, args); 960 959 if (r < 0) … … 983 982 { 984 983 struct sc_context *ctx = p15card->card->ctx; 985 struct sc_pkcs15_pin_info *pin_info = (struct sc_pkcs15_pin_info *) pin_obj->data; 984 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) pin_obj->data; 985 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 986 986 struct sc_file *df = profile->df_info->file; 987 987 int r, retry = 0; … … 996 996 LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "PIN domains not supported."); 997 997 998 r = profile->ops->create_domain(profile, p15card, & pin_info->auth_id, &df);998 r = profile->ops->create_domain(profile, p15card, &auth_info->auth_id, &df); 999 999 LOG_TEST_RET(ctx, r, "Card specific create domain failed"); 1000 1000 } 1001 1001 1002 1002 /* Path encoded only for local PINs */ 1003 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_LOCAL)1004 pin_info->path = df->path;1003 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL) 1004 auth_info->path = df->path; 1005 1005 1006 1006 /* pin_info->reference = 0; */ … … 1009 1009 while (1) { 1010 1010 if (profile->ops->select_pin_reference) { 1011 r = profile->ops->select_pin_reference(profile, p15card, pin_info);1011 r = profile->ops->select_pin_reference(profile, p15card, auth_info); 1012 1012 LOG_TEST_RET(ctx, r, "Card specific select PIN reference failed"); 1013 1013 … … 1015 1015 } 1016 1016 1017 r = sc_pkcs15_find_pin_by_reference(p15card, &pin_info->path, 1018 pin_info->reference, NULL); 1017 r = sc_pkcs15_find_pin_by_reference(p15card, &auth_info->path, pin_attrs->reference, NULL); 1019 1018 if (r == SC_ERROR_OBJECT_NOT_FOUND) 1020 1019 break; … … 1024 1023 LOG_TEST_RET(ctx, SC_ERROR_TOO_MANY_OBJECTS, "Failed to allocate PIN reference."); 1025 1024 1026 pin_ info->reference++;1025 pin_attrs->reference++; 1027 1026 } 1028 1027 1029 1028 if (args->puk_len == 0) 1030 pin_ info->flags |= SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED;1029 pin_attrs->flags |= SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED; 1031 1030 1032 1031 sc_log(ctx, "create PIN with reference:%X, flags:%X, path:%s", 1033 pin_ info->reference, pin_info->flags, sc_print_path(&pin_info->path));1032 pin_attrs->reference, pin_attrs->flags, sc_print_path(&auth_info->path)); 1034 1033 r = profile->ops->create_pin(profile, p15card, 1035 1034 df, pin_obj, … … 1635 1634 { 1636 1635 struct sc_context *ctx = p15card->card->ctx; 1637 struct sc_pkcs15_ pin_info pinfo;1636 struct sc_pkcs15_auth_info auth_info; 1638 1637 struct sc_pkcs15_object *auth_objs[0x10]; 1639 1638 int r, ii, nn_objs; … … 1651 1650 nn_objs, auth_method, reference); 1652 1651 for (ii=0; ii<nn_objs; ii++) { 1653 struct sc_pkcs15_pin_info *pin_info = (struct sc_pkcs15_pin_info *)auth_objs[ii]->data; 1652 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)auth_objs[ii]->data; 1653 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 1654 1654 1655 1655 sc_log(ctx, "check PIN(%s,auth_method:%i,type:%i,reference:%i,flags:%X)", 1656 auth_objs[ii]->label, pin_info->auth_method, pin_info->type,1657 pin_ info->reference, pin_info->flags);1656 auth_objs[ii]->label, auth_info->auth_method, pin_attrs->type, 1657 pin_attrs->reference, pin_attrs->flags); 1658 1658 /* Find out if there is AUTH pkcs15 object with given 'type' and 'reference' */ 1659 if ( pin_info->auth_method == auth_method && pin_info->reference == reference)1660 LOG_FUNC_RETURN(ctx, pin_ info->reference);1659 if (auth_info->auth_method == auth_method && pin_attrs->reference == reference) 1660 LOG_FUNC_RETURN(ctx, pin_attrs->reference); 1661 1661 1662 1662 if (auth_method != SC_AC_SYMBOLIC) … … 1667 1667 switch (reference) { 1668 1668 case SC_PKCS15INIT_USER_PIN: 1669 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)1669 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1670 1670 continue; 1671 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)1671 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 1672 1672 continue; 1673 1673 break; 1674 1674 case SC_PKCS15INIT_SO_PIN: 1675 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)1675 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 1676 1676 continue; 1677 if (!(pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN))1677 if (!(pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 1678 1678 continue; 1679 1679 break; 1680 1680 case SC_PKCS15INIT_USER_PUK: 1681 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)1681 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1682 1682 continue; 1683 if (!(pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN))1683 if (!(pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) 1684 1684 continue; 1685 1685 break; 1686 1686 case SC_PKCS15INIT_SO_PUK: 1687 if (!(pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN))1687 if (!(pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) 1688 1688 continue; 1689 if (!(pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN))1689 if (!(pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 1690 1690 continue; 1691 1691 break; … … 1694 1694 } 1695 1695 1696 LOG_FUNC_RETURN(ctx, pin_ info->reference);1696 LOG_FUNC_RETURN(ctx, pin_attrs->reference); 1697 1697 1698 1698 } … … 1700 1700 /* 2. No existing pkcs15 PIN object 1701 1701 * -- check if profile defines some PIN with 'reference' as PIN reference. */ 1702 r = sc_profile_get_pin_id_by_reference(profile, auth_method, reference, & pinfo);1702 r = sc_profile_get_pin_id_by_reference(profile, auth_method, reference, &auth_info); 1703 1703 if (r < 0) 1704 1704 LOG_TEST_RET(ctx, SC_ERROR_OBJECT_NOT_FOUND, "PIN template not found"); 1705 1705 1706 LOG_FUNC_RETURN(ctx, pinfo.reference);1706 LOG_FUNC_RETURN(ctx, auth_info.attrs.pin.reference); 1707 1707 } 1708 1708 … … 2252 2252 return SC_SUCCESS; 2253 2253 case SC_PKCS15_TYPE_AUTH: 2254 *ret_path = ((struct sc_pkcs15_ pin_info *)obj->data)->path;2254 *ret_path = ((struct sc_pkcs15_auth_info *)obj->data)->path; 2255 2255 return SC_SUCCESS; 2256 2256 } … … 2609 2609 case SC_PKCS15_TYPE_AUTH: 2610 2610 object->flags = DEFAULT_PIN_FLAGS; 2611 data_size = sizeof(struct sc_pkcs15_ pin_info);2611 data_size = sizeof(struct sc_pkcs15_auth_info); 2612 2612 break; 2613 2613 case SC_PKCS15_TYPE_PRKEY: … … 2950 2950 struct sc_context *ctx = p15card->card->ctx; 2951 2951 struct sc_pkcs15_object *pin_obj = NULL; 2952 struct sc_pkcs15_ pin_info pin_info;2952 struct sc_pkcs15_auth_info auth_info; 2953 2953 struct sc_cardctl_default_key data; 2954 2954 size_t defsize = 0; … … 2977 2977 } 2978 2978 2979 memset(& pin_info, 0, sizeof(pin_info));2980 pin_info.auth_method = type;2981 pin_info.reference = reference;2982 pin_info.stored_length = *pinsize;2983 pin_info.max_length = *pinsize;2984 pin_info.min_length = *pinsize;2985 pin_info.magic = SC_PKCS15_PIN_MAGIC;2986 2987 pin_obj = sc_pkcs15init_new_object(SC_PKCS15_TYPE_AUTH_PIN, "Default transport key", NULL, & pin_info);2979 memset(&auth_info, 0, sizeof(auth_info)); 2980 auth_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 2981 auth_info.auth_method = type; 2982 auth_info.attrs.pin.reference = reference; 2983 auth_info.attrs.pin.stored_length = *pinsize; 2984 auth_info.attrs.pin.max_length = *pinsize; 2985 auth_info.attrs.pin.min_length = *pinsize; 2986 2987 pin_obj = sc_pkcs15init_new_object(SC_PKCS15_TYPE_AUTH_PIN, "Default transport key", NULL, &auth_info); 2988 2988 if (!pin_obj) 2989 2989 LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot allocate AUTH object"); … … 3007 3007 struct sc_context *ctx = p15card->card->ctx; 3008 3008 struct sc_pkcs15_object *pin_obj = NULL; 3009 struct sc_pkcs15_ pin_info pin_info;3009 struct sc_pkcs15_auth_info auth_info; 3010 3010 struct sc_path *path; 3011 3011 int r, use_pinpad = 0, pin_id = -1; … … 3033 3033 } 3034 3034 3035 memset(&pin_info, 0, sizeof(pin_info)); 3036 pin_info.auth_method = type; 3037 pin_info.reference = reference; 3035 memset(&auth_info, 0, sizeof(auth_info)); 3036 auth_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 3037 auth_info.auth_method = type; 3038 auth_info.attrs.pin.reference = reference; 3038 3039 3039 3040 pin_id = sc_pkcs15init_get_pin_reference(p15card, profile, type, reference); … … 3063 3064 3064 3065 if (!r && pin_obj) { 3065 memcpy(& pin_info, pin_obj->data, sizeof(pin_info));3066 memcpy(&auth_info, pin_obj->data, sizeof(auth_info)); 3066 3067 sc_log(ctx, "found PIN object '%s'", pin_obj->label); 3067 3068 } … … 3086 3087 case SC_AC_CHV: 3087 3088 if (callbacks.get_pin) { 3088 r = callbacks.get_pin(profile, pin_id, & pin_info, label, pinbuf, &pinsize);3089 r = callbacks.get_pin(profile, pin_id, &auth_info, label, pinbuf, &pinsize); 3089 3090 sc_log(ctx, "'get_pin' callback returned %i; pinsize:%i", r, pinsize); 3090 3091 } … … 3468 3469 if (r < 0) 3469 3470 return r; 3470 *path = ((struct sc_pkcs15_ pin_info *) obj->data)->path;3471 *path = ((struct sc_pkcs15_auth_info *) obj->data)->path; 3471 3472 return 0; 3472 3473 } … … 3474 3475 3475 3476 int 3476 sc_pkcs15init_get_pin_info(struct sc_profile *profile, 3477 int id, struct sc_pkcs15_pin_info *pin) 3477 sc_pkcs15init_get_pin_info(struct sc_profile *profile, int id, struct sc_pkcs15_auth_info *pin) 3478 3478 { 3479 3479 sc_profile_get_pin_info(profile, id, pin); … … 3527 3527 static int 3528 3528 sc_pkcs15init_qualify_pin(struct sc_card *card, const char *pin_name, 3529 unsigned int pin_len, struct sc_pkcs15_pin_info *pin_info) 3530 { 3531 if (pin_len == 0) 3529 unsigned int pin_len, struct sc_pkcs15_auth_info *auth_info) 3530 { 3531 struct sc_context *ctx = card->ctx; 3532 struct sc_pkcs15_pin_attributes *pin_attrs; 3533 3534 if (pin_len == 0 || auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 3532 3535 return 0; 3533 if (pin_len < pin_info->min_length) { 3534 sc_log(card->ctx, "%s too short (min length %u)", pin_name, pin_info->min_length); 3536 3537 pin_attrs = &auth_info->attrs.pin; 3538 3539 if (pin_len < pin_attrs->min_length) { 3540 sc_log(ctx, "%s too short (min length %u)", pin_name, pin_attrs->min_length); 3535 3541 return SC_ERROR_WRONG_LENGTH; 3536 3542 } 3537 if (pin_len > pin_ info->max_length) {3538 sc_log(c ard->ctx, "%s too long (max length %u)", pin_name, pin_info->max_length);3543 if (pin_len > pin_attrs->max_length) { 3544 sc_log(ctx, "%s too long (max length %u)", pin_name, pin_attrs->max_length); 3539 3545 return SC_ERROR_WRONG_LENGTH; 3540 3546 } … … 3705 3711 if (pin_obj != NULL) { 3706 3712 method = SC_AC_CHV; 3707 key_ref = ((struct sc_pkcs15_ pin_info *) pin_obj->data)->reference;3713 key_ref = ((struct sc_pkcs15_auth_info *) pin_obj->data)->attrs.pin.reference; 3708 3714 } 3709 3715 else { -
src/pkcs15init/pkcs15-miocos.c
r891f983 rd888b3f 137 137 static int 138 138 miocos_select_pin_reference(struct sc_profile *profile, sc_pkcs15_card_t *p15card, 139 struct sc_pkcs15_pin_info *pin_info) 140 { 141 142 if (pin_info->reference < MIOCOS_PIN_ID_MIN) 143 pin_info->reference = MIOCOS_PIN_ID_MIN; 139 struct sc_pkcs15_auth_info *auth_info) 140 { 141 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 142 return SC_ERROR_OBJECT_NOT_VALID; 143 144 if (auth_info->attrs.pin.reference < MIOCOS_PIN_ID_MIN) 145 auth_info->attrs.pin.reference = MIOCOS_PIN_ID_MIN; 144 146 145 147 return SC_SUCCESS; … … 156 158 { 157 159 struct sc_context *ctx = p15card->card->ctx; 158 struct sc_pkcs15_pin_info *pin_info = (struct sc_pkcs15_pin_info *)pin_obj->data; 159 struct sc_pkcs15_pin_info tmpinfo; 160 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; 161 struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; 162 struct sc_pkcs15_auth_info tmpinfo; 160 163 struct sc_cardctl_miocos_ac_info ac_info; 161 164 int r; … … 163 166 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 164 167 /* Ignore SOPIN */ 165 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)168 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 166 169 return SC_SUCCESS; 167 170 168 pin_info->path = profile->df_info->file->path;169 r = sc_select_file(p15card->card, & pin_info->path, NULL);171 auth_info->path = profile->df_info->file->path; 172 r = sc_select_file(p15card->card, &auth_info->path, NULL); 170 173 if (r) 171 174 return r; 172 175 memset(&ac_info, 0, sizeof(ac_info)); 173 ac_info.ref = pin_ info->reference;176 ac_info.ref = pin_attrs->reference; 174 177 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &tmpinfo); 175 178 ac_info.max_tries = tmpinfo.tries_left; -
src/pkcs15init/pkcs15-muscle.c
rd3a5a13 rd888b3f 93 93 { 94 94 sc_file_t *file; 95 sc_pkcs15_ pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data;95 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 96 96 int r; 97 97 98 if ((r = sc_select_file(p15card->card, &df->path, &file)) < 0) 98 99 return r; 99 100 if ((r = sc_pkcs15init_authenticate(profile, p15card, file, SC_AC_OP_WRITE)) < 0) 100 101 return r; 101 pin_info->flags &= ~SC_PKCS15_PIN_FLAG_LOCAL; 102 103 auth_info->attrs.pin.flags &= ~SC_PKCS15_PIN_FLAG_LOCAL; 102 104 return 0; 103 105 } … … 105 107 static int 106 108 muscle_select_pin_reference(sc_profile_t *profike, sc_pkcs15_card_t *p15card, 107 sc_pkcs15_ pin_info_t *pin_info)109 sc_pkcs15_auth_info_t *auth_info) 108 110 { 109 111 int preferred; 110 112 111 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 113 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 114 return SC_ERROR_OBJECT_NOT_VALID; 115 116 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 112 117 preferred = 0; 113 118 } else { 114 119 preferred = 1; 115 120 } 116 if ( pin_info->reference <= preferred) {117 pin_info->reference = preferred;121 if (auth_info->attrs.pin.reference <= preferred) { 122 auth_info->attrs.pin.reference = preferred; 118 123 return 0; 119 124 } 120 125 121 if ( pin_info->reference > 2)126 if (auth_info->attrs.pin.reference > 2) 122 127 return SC_ERROR_INVALID_ARGUMENTS; 123 128 -
src/pkcs15init/pkcs15-myeid.c
rd673e5f1 rd888b3f 247 247 static int 248 248 myeid_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 249 sc_pkcs15_ pin_info_t *pin_info)249 sc_pkcs15_auth_info_t *auth_info) 250 250 { 251 251 SC_FUNC_CALLED(p15card->card->ctx, SC_LOG_DEBUG_VERBOSE); 252 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 252 253 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 254 return SC_ERROR_OBJECT_NOT_VALID; 255 256 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 253 257 { 254 258 sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, 255 259 "PIN_FLAG_SO_PIN, ref (%d), tries_left (%d)", 256 pin_info->reference,pin_info->tries_left);260 auth_info->attrs.pin.reference, auth_info->tries_left); 257 261 } 258 262 else … … 260 264 sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, 261 265 "PIN_FLAG_PIN, ref (%d), tries_left (%d)", 262 pin_info->reference, pin_info->tries_left);263 264 } 265 266 if ( pin_info->reference <= 0 || pin_info->reference > MYEID_MAX_PINS)267 pin_info->reference = 1;266 auth_info->attrs.pin.reference, auth_info->tries_left); 267 268 } 269 270 if (auth_info->attrs.pin.reference <= 0 || auth_info->attrs.pin.reference > MYEID_MAX_PINS) 271 auth_info->attrs.pin.reference = 1; 268 272 269 273 SC_FUNC_RETURN(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, 0); … … 282 286 unsigned char data[20]; 283 287 struct sc_cardctl_myeid_data_obj data_obj; 284 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *)pin_obj->data;285 struct sc_pkcs15_ pin_info puk_info;288 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; 289 struct sc_pkcs15_auth_info puk_ainfo; 286 290 int r; 287 291 288 292 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 289 293 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "PIN('%s',ref:%i,flags:0x%X,pin_len:%d,puk_len:%d)\n", 290 pin_obj->label, pin_info->reference, pin_info->flags, pin_len, puk_len); 291 292 if (pin_info->reference >= MYEID_MAX_PINS) 294 pin_obj->label, auth_info->attrs.pin.reference, auth_info->attrs.pin.flags, pin_len, puk_len); 295 296 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 297 return SC_ERROR_OBJECT_NOT_VALID; 298 if (auth_info->attrs.pin.reference >= MYEID_MAX_PINS) 293 299 return SC_ERROR_INVALID_ARGUMENTS; 294 300 if (pin == NULL || puk == NULL || pin_len < 4 || puk_len < 4) 295 301 return SC_ERROR_INVALID_PIN_LENGTH; 296 302 297 sc_profile_get_pin_info(profile, ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)303 sc_profile_get_pin_info(profile, (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 298 304 ? SC_PKCS15INIT_SO_PUK : SC_PKCS15INIT_USER_PUK, 299 &puk_ info);305 &puk_ainfo); 300 306 301 307 memset(data, 0, sizeof(data)); 302 308 /* Make command to add a pin-record */ 303 309 data_obj.P1 = 0x01; 304 data_obj.P2 = pin_info->reference; /* myeid pin number */305 306 memset(data, pin_info->pad_char, 8);310 data_obj.P2 = auth_info->attrs.pin.reference; /* myeid pin number */ 311 312 memset(data, auth_info->attrs.pin.pad_char, 8); 307 313 memcpy(&data[0], (u8 *)pin, pin_len); /* copy pin */ 308 314 309 memset(&data[8], puk_ info.pad_char, 8);315 memset(&data[8], puk_ainfo.attrs.pin.pad_char, 8); 310 316 memcpy(&data[8], (u8 *)puk, puk_len); /* copy puk */ 311 317 312 if( pin_info->tries_left > 0 && pin_info->tries_left < 15)313 data[16] = pin_info->tries_left;318 if(auth_info->tries_left > 0 && auth_info->tries_left < 15) 319 data[16] = auth_info->tries_left; 314 320 else 315 321 data[16] = 5; /* default value */ 316 322 317 if(puk_ info.tries_left > 0 && puk_info.tries_left < 15)318 data[17] = puk_ info.tries_left;323 if(puk_ainfo.tries_left > 0 && puk_ainfo.tries_left < 15) 324 data[17] = puk_ainfo.tries_left; 319 325 else 320 326 data[17] = 5; /* default value */ -
src/pkcs15init/pkcs15-oberthur.c
r12a0613 rd888b3f 54 54 55 55 static int cosm_create_reference_data(struct sc_profile *, struct sc_pkcs15_card *, 56 struct sc_pkcs15_ pin_info *, const unsigned char *, size_t,56 struct sc_pkcs15_auth_info *, const unsigned char *, size_t, 57 57 const unsigned char *, size_t); 58 58 static int cosm_update_pin(struct sc_profile *, struct sc_pkcs15_card *, 59 struct sc_pkcs15_ pin_info *, const unsigned char *, size_t,59 struct sc_pkcs15_auth_info *, const unsigned char *, size_t, 60 60 const unsigned char *, size_t); 61 61 … … 270 270 static int 271 271 cosm_create_reference_data(struct sc_profile *profile, struct sc_pkcs15_card *p15card, 272 struct sc_pkcs15_ pin_info *pinfo,272 struct sc_pkcs15_auth_info *ainfo, 273 273 const unsigned char *pin, size_t pin_len, 274 274 const unsigned char *puk, size_t puk_len ) … … 276 276 struct sc_context *ctx = p15card->card->ctx; 277 277 struct sc_card *card = p15card->card; 278 struct sc_pkcs15_pin_info profile_pin; 279 struct sc_pkcs15_pin_info profile_puk; 278 struct sc_pkcs15_auth_info profile_auth_pin, profile_auth_puk; 280 279 struct sc_cardctl_oberthur_createpin_info args; 281 280 unsigned char *puk_buff = NULL; … … 292 291 if (puk && !puk_len) 293 292 return SC_ERROR_INVALID_ARGUMENTS; 294 295 rv = sc_select_file(card, &pinfo->path, NULL); 293 if (ainfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 294 return SC_ERROR_OBJECT_NOT_VALID; 295 296 rv = sc_select_file(card, &ainfo->path, NULL); 296 297 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot select file"); 297 298 298 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &profile_ pin);299 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &profile_ puk);299 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &profile_auth_pin); 300 sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &profile_auth_puk); 300 301 301 302 memset(&args, 0, sizeof(args)); 302 303 args.type = SC_AC_CHV; 303 args.ref = pinfo->reference;304 args.ref = ainfo->attrs.pin.reference; 304 305 args.pin = pin; 305 306 args.pin_len = pin_len; 306 307 307 if (!( pinfo->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {308 args.pin_tries = profile_ pin.tries_left;309 if (profile_ puk.tries_left > 0) {308 if (!(ainfo->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) { 309 args.pin_tries = profile_auth_pin.tries_left; 310 if (profile_auth_puk.tries_left > 0) { 310 311 args.puk = oberthur_puk; 311 312 args.puk_len = sizeof(oberthur_puk); … … 314 315 } 315 316 else { 316 args.pin_tries = profile_ puk.tries_left;317 args.pin_tries = profile_auth_puk.tries_left; 317 318 } 318 319 … … 320 321 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'CREATE_PIN' card specific command failed"); 321 322 322 if (!(pinfo->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) && (profile_puk.tries_left > 0)) { 323 if (!(ainfo->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 324 && (profile_auth_puk.tries_left > 0)) { 323 325 struct sc_file *file = NULL; 324 326 … … 345 347 static int 346 348 cosm_update_pin(struct sc_profile *profile, struct sc_pkcs15_card *p15card, 347 struct sc_pkcs15_ pin_info *pinfo, const unsigned char *pin, size_t pin_len,349 struct sc_pkcs15_auth_info *ainfo, const unsigned char *pin, size_t pin_len, 348 350 const unsigned char *puk, size_t puk_len ) 349 351 { … … 352 354 353 355 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 354 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "ref %i; flags 0x%X", pinfo->reference, pinfo->flags); 355 356 if (pinfo->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 357 if (pinfo->reference != 4) 356 if (ainfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 357 return SC_ERROR_OBJECT_NOT_VALID; 358 359 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "ref %i; flags 0x%X", ainfo->attrs.pin.reference, ainfo->attrs.pin.flags); 360 361 if (ainfo->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 362 if (ainfo->attrs.pin.reference != 4) 358 363 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_PIN_REFERENCE, "cosm_update_pin() invalid SOPIN reference"); 359 364 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update SOPIN ignored"); … … 361 366 } 362 367 else { 363 rv = cosm_create_reference_data(profile, p15card, pinfo, 364 pin, pin_len, puk, puk_len); 368 rv = cosm_create_reference_data(profile, p15card, ainfo, pin, pin_len, puk, puk_len); 365 369 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "cosm_update_pin() failed to change PIN"); 366 370 … … 379 383 static int 380 384 cosm_select_pin_reference(struct sc_profile *profile, struct sc_pkcs15_card *p15card, 381 struct sc_pkcs15_pin_info *pin_info) 382 { 383 struct sc_context *ctx = p15card->card->ctx; 385 struct sc_pkcs15_auth_info *auth_info) 386 { 387 struct sc_context *ctx = p15card->card->ctx; 388 struct sc_pkcs15_pin_attributes *pin_attrs; 384 389 struct sc_file *pinfile; 385 390 386 391 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 387 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "ref %i; flags %X", pin_info->reference, pin_info->flags); 392 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 393 return SC_ERROR_OBJECT_NOT_VALID; 394 395 pin_attrs = &auth_info->attrs.pin; 396 397 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "ref %i; flags %X", pin_attrs->reference, pin_attrs->flags); 388 398 if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pinfile) < 0) { 389 399 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Profile doesn't define \"%s\"", COSM_TITLE "-AppDF"); … … 391 401 } 392 402 393 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_LOCAL)394 pin_info->path = pinfile->path;403 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL) 404 auth_info->path = pinfile->path; 395 405 396 406 sc_file_free(pinfile); 397 407 398 if (pin_ info->reference <= 0) {399 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)400 pin_ info->reference = 4;401 else if (pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)402 pin_ info->reference = 4;408 if (pin_attrs->reference <= 0) { 409 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 410 pin_attrs->reference = 4; 411 else if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 412 pin_attrs->reference = 4; 403 413 else 404 pin_ info->reference = 1;405 406 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_LOCAL)407 pin_ info->reference |= 0x80;414 pin_attrs->reference = 1; 415 416 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL) 417 pin_attrs->reference |= 0x80; 408 418 } 409 419 … … 422 432 { 423 433 struct sc_context *ctx = p15card->card->ctx; 424 struct sc_pkcs15_pin_info *pin_info = (struct sc_pkcs15_pin_info *) pin_obj->data; 434 struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) pin_obj->data; 435 struct sc_pkcs15_pin_attributes *pin_attrs; 425 436 struct sc_file *pin_file; 426 437 int rv = 0; 427 438 428 439 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 429 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create '%s'; ref 0x%X; flags %X", pin_obj->label, pin_info->reference, pin_info->flags); 440 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 441 return SC_ERROR_OBJECT_NOT_VALID; 442 443 pin_attrs = &auth_info->attrs.pin; 444 445 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create '%s'; ref 0x%X; flags %X", pin_obj->label, pin_attrs->reference, pin_attrs->flags); 430 446 if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pin_file) < 0) 431 447 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "\""COSM_TITLE"-AppDF\" not defined"); 432 448 433 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_LOCAL)434 pin_info->path = pin_file->path;449 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL) 450 auth_info->path = pin_file->path; 435 451 436 452 sc_file_free(pin_file); 437 453 438 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {439 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {454 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 455 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) { 440 456 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_NOT_SUPPORTED, "SOPIN unblocking is not supported"); 441 457 } 442 458 else { 443 if (pin_ info->reference != 4)459 if (pin_attrs->reference != 4) 444 460 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_PIN_REFERENCE, "Invalid SOPIN reference"); 445 461 } 446 462 } 447 463 else { 448 if (pin_ info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {449 if (pin_ info->reference != 0x84)464 if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) { 465 if (pin_attrs->reference != 0x84) 450 466 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_PIN_REFERENCE, "Invalid User PUK reference"); 451 467 } 452 468 else { 453 if (pin_ info->reference != 0x81)469 if (pin_attrs->reference != 0x81) 454 470 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_PIN_REFERENCE, "Invalid User PIN reference"); 455 471 } … … 457 473 458 474 if (pin && pin_len) { 459 rv = cosm_update_pin(profile, p15card, pin_info, pin, pin_len, puk, puk_len);475 rv = cosm_update_pin(profile, p15card, auth_info, pin, pin_len, puk, puk_len); 460 476 SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Update PIN failed"); 461 477 } -
src/pkcs15init/pkcs15-rtecp.c
r438cf4b rd888b3f 142 142 */ 143 143 static int rtecp_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 144 sc_pkcs15_ pin_info_t *pin_info)144 sc_pkcs15_auth_info_t *auth_info) 145 145 { 146 146 int pin_ref; 147 147 148 if (!profile || !p15card || !p15card->card || !p15card->card->ctx || !pin_info) 149 return SC_ERROR_INVALID_ARGUMENTS; 150 151 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) 148 if (!profile || !p15card || !p15card->card || !p15card->card->ctx || !auth_info) 149 return SC_ERROR_INVALID_ARGUMENTS; 150 151 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 152 return SC_ERROR_OBJECT_NOT_VALID; 153 154 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 152 155 pin_ref = RTECP_SO_PIN_REF; 153 156 else 154 157 pin_ref = RTECP_USER_PIN_REF; 155 if ( pin_info->reference != pin_ref)158 if (auth_info->attrs.pin.reference != pin_ref) 156 159 SC_FUNC_RETURN(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_NOT_SUPPORTED); 157 160 … … 168 171 { 169 172 sc_context_t *ctx; 170 sc_pkcs15_ pin_info_t *pin_info;173 sc_pkcs15_auth_info_t *auth_info; 171 174 sc_file_t *file = NULL; 172 175 /* GCHV min-length Flags Attempts Reserve */ … … 191 194 return SC_ERROR_NOT_SUPPORTED; 192 195 } 193 pin_info = (sc_pkcs15_pin_info_t *)pin_obj->data; 194 if (pin_info->reference != RTECP_SO_PIN_REF 195 && pin_info->reference != RTECP_USER_PIN_REF) 196 197 auth_info = (sc_pkcs15_auth_info_t *)pin_obj->data; 198 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 199 return SC_ERROR_OBJECT_NOT_VALID; 200 201 if (auth_info->attrs.pin.reference != RTECP_SO_PIN_REF 202 && auth_info->attrs.pin.reference != RTECP_USER_PIN_REF) 196 203 { 197 204 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "PIN reference %i not found in standard" 198 " (Rutoken ECP) PINs\n", pin_info->reference);205 " (Rutoken ECP) PINs\n", auth_info->attrs.pin.reference); 199 206 return SC_ERROR_NOT_SUPPORTED; 200 207 } 201 208 202 snprintf(pin_sname, sizeof(pin_sname), "CHV%i", pin_info->reference);203 if ( pin_info->reference == RTECP_USER_PIN_REF) {209 snprintf(pin_sname, sizeof(pin_sname), "CHV%i", auth_info->attrs.pin.reference); 210 if (auth_info->attrs.pin.reference == RTECP_USER_PIN_REF) { 204 211 r = sc_profile_get_file(profile, pin_sname, &file); 205 212 if (!r) { … … 221 228 if (!file) 222 229 SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY); 223 file->id = pin_info->reference;230 file->id = auth_info->attrs.pin.reference; 224 231 file->size = pin_len; 225 232 assert(sizeof(sec)/sizeof(sec[0]) > 2); 226 sec[1] = ( pin_info->reference == RTECP_SO_PIN_REF) ? 0xFF : RTECP_SO_PIN_REF;227 sec[2] = (unsigned char) pin_info->reference | (reset_by_sopin ? RTECP_SO_PIN_REF : 0);233 sec[1] = (auth_info->attrs.pin.reference == RTECP_SO_PIN_REF) ? 0xFF : RTECP_SO_PIN_REF; 234 sec[2] = (unsigned char)auth_info->attrs.pin.reference | (reset_by_sopin ? RTECP_SO_PIN_REF : 0); 228 235 r = sc_file_set_sec_attr(file, sec, sizeof(sec)); 229 236 if (r == SC_SUCCESS) 230 237 { 231 238 assert(sizeof(prop)/sizeof(prop[0]) > 3); 232 prop[1] = (unsigned char) pin_info->min_length;233 prop[3] = 0x11 * (unsigned char)( pin_info->tries_left & 0x0F);239 prop[1] = (unsigned char)auth_info->attrs.pin.min_length; 240 prop[3] = 0x11 * (unsigned char)(auth_info->tries_left & 0x0F); 234 241 r = sc_file_set_prop_attr(file, prop, sizeof(prop)); 235 242 } … … 242 249 if (r == SC_SUCCESS) 243 250 r = sc_change_reference_data(p15card->card, SC_AC_CHV, 244 pin_info->reference, NULL, 0, pin, pin_len, NULL);251 auth_info->attrs.pin.reference, NULL, 0, pin, pin_len, NULL); 245 252 SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, r); 246 253 } -
src/pkcs15init/pkcs15-rutoken.c
r891f983 rd888b3f 95 95 static int 96 96 rutoken_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 97 sc_pkcs15_ pin_info_t *pin_info)97 sc_pkcs15_auth_info_t *auth_info) 98 98 { 99 99 int pin_ref; 100 100 unsigned int so_pin_flag; 101 101 102 if (!profile || !p15card || !p15card->card || !p15card->card->ctx || ! pin_info)102 if (!profile || !p15card || !p15card->card || !p15card->card->ctx || !auth_info) 103 103 return SC_ERROR_INVALID_ARGUMENTS; 104 104 105 105 SC_FUNC_CALLED(p15card->card->ctx, SC_LOG_DEBUG_VERBOSE); 106 106 107 pin_ref = pin_info->reference; 108 so_pin_flag = pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN; 107 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 108 return SC_ERROR_OBJECT_NOT_VALID; 109 110 pin_ref = auth_info->attrs.pin.reference; 111 so_pin_flag = auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN; 109 112 110 113 sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "PIN reference %i%s\n", … … 129 132 { 130 133 sc_context_t *ctx; 131 sc_pkcs15_ pin_info_t *pin_info;134 sc_pkcs15_auth_info_t *auth_info; 132 135 size_t i; 133 136 … … 147 150 return SC_ERROR_NOT_SUPPORTED; 148 151 } 149 pin_info = (sc_pkcs15_pin_info_t *)pin_obj->data; 152 153 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 154 return SC_ERROR_OBJECT_NOT_VALID; 155 156 auth_info = (sc_pkcs15_auth_info_t *)pin_obj->data; 150 157 for (i = 0; i < sizeof(do_pins)/sizeof(do_pins[0]); ++i) 151 if ( pin_info->reference == do_pins[i].id)158 if (auth_info->attrs.pin.reference == do_pins[i].id) 152 159 { 153 160 if (pin_len == sizeof(do_pins[i].pass) … … 163 170 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, 164 171 "PIN reference %i not found in standard (Rutoken) PINs\n", 165 pin_info->reference);172 auth_info->attrs.pin.reference); 166 173 return SC_ERROR_NOT_SUPPORTED; 167 174 } -
src/pkcs15init/pkcs15-setcos.c
r2202614 rd888b3f 37 37 38 38 static int setcos_create_pin_internal(sc_profile_t *, sc_pkcs15_card_t *, 39 int, sc_pkcs15_ pin_info_t *, const u8 *, size_t, const u8 *, size_t);39 int, sc_pkcs15_auth_info_t *, const u8 *, size_t, const u8 *, size_t); 40 40 41 41 … … 43 43 setcos_puk_retries(sc_profile_t *profile, int pin_ref) 44 44 { 45 sc_pkcs15_pin_info_t pin_info; 46 47 pin_info.reference = 1; /* Default SO PIN ref. */ 48 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &pin_info); 45 sc_pkcs15_auth_info_t auth_info; 46 47 auth_info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 48 auth_info.attrs.pin.reference = 1; /* Default SO PIN ref. */ 49 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &auth_info); 49 50 50 51 /* If pin_ref is the SO PIN, get the SO PUK info, otherwise the User PUK info */ 51 52 sc_profile_get_pin_info(profile, 52 pin_ref == pin_info.reference ? SC_PKCS15INIT_SO_PUK : SC_PKCS15INIT_USER_PUK,53 & pin_info);53 pin_ref == auth_info.attrs.pin.reference ? SC_PKCS15INIT_SO_PUK : SC_PKCS15INIT_USER_PUK, 54 &auth_info); 54 55 55 if (( pin_info.tries_left < 0) || (pin_info.tries_left > 15))56 if ((auth_info.tries_left < 0) || (auth_info.tries_left > 15)) 56 57 return 3; /* Little extra safety */ 57 return pin_info.tries_left;58 return auth_info.tries_left; 58 59 } 59 60 … … 163 164 static int 164 165 setcos_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 165 sc_pkcs15_pin_info_t *pin_info) 166 { 167 sc_pkcs15_pin_info_t pin_info_prof; 168 169 pin_info_prof.reference = 1; /* Default SO PIN ref. */ 170 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &pin_info_prof); 166 sc_pkcs15_auth_info_t *auth_info) 167 { 168 sc_pkcs15_auth_info_t auth_info_prof; 169 170 auth_info_prof.attrs.pin.reference = 1; /* Default SO PIN ref. */ 171 auth_info_prof.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 172 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &auth_info_prof); 171 173 172 174 /* For the SO pin, we take the first available pin reference = 1 */ 173 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)174 pin_info->reference = pin_info_prof.reference;175 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 176 auth_info->attrs.pin.reference = auth_info_prof.attrs.pin.reference; 175 177 /* sc_pkcs15init_create_pin() starts checking if -1 is an acceptable 176 178 * pin reference, which isn't for the SetCOS cards. And since the 177 179 * value 1 has been assigned to the SO pin, we'll jump to 2. */ 178 else if ( pin_info->reference <= 0)179 pin_info->reference = pin_info_prof.reference + 1;180 else if (auth_info->attrs.pin.reference <= 0) 181 auth_info->attrs.pin.reference = auth_info_prof.attrs.pin.reference + 1; 180 182 181 183 return 0; … … 193 195 { 194 196 struct sc_context *ctx = p15card->card->ctx; 195 sc_pkcs15_ pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data;197 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 196 198 sc_file_t *pinfile = NULL; 197 199 int r, ignore_ac = 0; 198 200 199 201 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 202 203 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 204 return SC_ERROR_OBJECT_NOT_VALID; 200 205 201 206 /* Create the global pin file if it doesn't exist yet */ … … 208 213 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "pinfile->status:%X", pinfile->status); 209 214 sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create PIN with reference:%X, flags:%X, path:%s", 210 pin_info->reference, pin_info->flags, sc_print_path(&pin_info->path));215 auth_info->attrs.pin.reference, auth_info->attrs.pin.flags, sc_print_path(&auth_info->path)); 211 216 212 217 if (pinfile->status == SC_FILE_STATUS_CREATION) 213 218 ignore_ac = 1; 214 219 215 r = setcos_create_pin_internal(profile, p15card, ignore_ac, pin_info,220 r = setcos_create_pin_internal(profile, p15card, ignore_ac, auth_info, 216 221 pin, pin_len, puk, puk_len); 217 222 … … 219 224 * change status of MF and 'pinfile' to 'Operational:Activated' 220 225 */ 221 if (ignore_ac && ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)) {226 if (ignore_ac && (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) { 222 227 sc_file_t *mf = profile->mf_info->file; 223 228 … … 497 502 static int 498 503 setcos_create_pin_internal(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 499 int ignore_ac, sc_pkcs15_ pin_info_t *pin_info,504 int ignore_ac, sc_pkcs15_auth_info_t *auth_info, 500 505 const u8 *pin, size_t pin_len, 501 506 const u8 *puk, size_t puk_len) … … 508 513 509 514 SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); 510 if (pin_info->reference >= SETCOS_MAX_PINS) 515 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 516 return SC_ERROR_OBJECT_NOT_VALID; 517 518 if (auth_info->attrs.pin.reference >= SETCOS_MAX_PINS) 511 519 return SC_ERROR_INVALID_ARGUMENTS; 512 520 if (pin == NULL || puk == NULL || pin_len < 4 || puk_len < 4) … … 530 538 531 539 /* setcos pin number */ 532 data[0] = pin_info->reference;533 534 memset(&data[1], pin_info->pad_char, 16); /* padding */540 data[0] = auth_info->attrs.pin.reference; 541 542 memset(&data[1], auth_info->attrs.pin.pad_char, 16); /* padding */ 535 543 memcpy(&data[1], (u8 *)pin, pin_len); /* copy pin*/ 536 544 memcpy(&data[9], (u8 *)puk, puk_len); /* copy puk */ 537 545 538 data[17] = pin_info->tries_left & 0x0F;539 data[18] = pin_info->tries_left & 0x0F;546 data[17] = auth_info->tries_left & 0x0F; 547 data[18] = auth_info->tries_left & 0x0F; 540 548 /* 0xF0: unlimited unblock tries */ 541 data[19] = 0xF0 | setcos_puk_retries(profile, pin_info->reference);549 data[19] = 0xF0 | setcos_puk_retries(profile, auth_info->attrs.pin.reference); 542 550 543 551 /* Allow an unlimited number of signatures after a pin verification. … … 545 553 data[20] = 0x00; 546 554 547 if ( pin_info->type == 0)555 if (auth_info->attrs.pin.type == 0) 548 556 data[21] = 0x01; /* BCD */ 549 557 else 550 558 data[21] = 0x00; /* ASCII */ 551 if (( pin_info->flags & 0x010) == 0) /* test for initial pin */559 if ((auth_info->attrs.pin.flags & 0x010) == 0) /* test for initial pin */ 552 560 data[21] |= 0x80; 553 561 -
src/pkcs15init/pkcs15-starcos.c
r80ed46d rd888b3f 50 50 51 51 static u8 get_so_ac(const sc_file_t *file, unsigned int op, 52 const sc_pkcs15_ pin_info_t *pin, unsigned int def,52 const sc_pkcs15_auth_info_t *auth, unsigned int def, 53 53 unsigned int need_global) 54 54 { … … 56 56 const sc_acl_entry_t *acl; 57 57 58 if ( pin->flags & SC_PKCS15_PIN_FLAG_LOCAL)58 if (auth->attrs.pin.flags & SC_PKCS15_PIN_FLAG_LOCAL) 59 59 is_global = 0; 60 60 if (!is_global && need_global) … … 84 84 sc_path_t tpath; 85 85 u8 *p = mf_data.data.mf.header, tmp = 0; 86 sc_pkcs15_ pin_info_t sopin;86 sc_pkcs15_auth_info_t sopin; 87 87 88 88 /* test if we already have a MF */ … … 181 181 sc_file_t *isf_file, *ipf_file; 182 182 u8 *p = df_data.data.df.header, tmp = 0; 183 sc_pkcs15_ pin_info_t sopin;183 sc_pkcs15_auth_info_t sopin; 184 184 185 185 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &sopin); … … 256 256 static int have_onepin(sc_profile_t *profile) 257 257 { 258 sc_pkcs15_ pin_info_t sopin;258 sc_pkcs15_auth_info_t sopin; 259 259 260 260 sc_profile_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &sopin); 261 if (!(sopin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 261 262 if (!(sopin.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 262 263 return 1; 263 264 else … … 273 274 #define STARCOS_MAX_GPIN_ID 0x0f 274 275 static int starcos_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, 275 sc_pkcs15_pin_info_t *pin_info) 276 { 277 int tmp = pin_info->reference; 276 sc_pkcs15_auth_info_t *auth_info) 277 { 278 int tmp; 279 280 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 281 return SC_ERROR_OBJECT_NOT_VALID; 282 283 tmp = auth_info->attrs.pin.reference; 278 284 279 285 if (have_onepin(profile)) { 280 286 /* we have the onepin profile */ 281 pin_info->reference = STARCOS_SOPIN_GID;287 auth_info->attrs.pin.reference = STARCOS_SOPIN_GID; 282 288 return SC_SUCCESS; 283 289 } 284 290 285 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_LOCAL) {291 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_LOCAL) { 286 292 /* use local KID */ 287 293 /* SO-pin */ 288 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)294 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 289 295 tmp = STARCOS_SOPIN_LID; 290 296 else { … … 300 306 /* use global KID */ 301 307 /* SO-pin */ 302 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)308 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 303 309 tmp = STARCOS_SOPIN_GID; 304 310 else { … … 312 318 } 313 319 } 314 pin_info->reference = tmp;320 auth_info->attrs.pin.reference = tmp; 315 321 316 322 return SC_SUCCESS; … … 350 356 sc_file_t *tfile; 351 357 const sc_acl_entry_t *acl_entry; 352 sc_pkcs15_ pin_info_t *pin_info = (sc_pkcs15_pin_info_t *) pin_obj->data;358 sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; 353 359 sc_starcos_wkey_data pin_d, puk_d; 354 360 u8 tpin[8]; … … 357 363 return SC_ERROR_INVALID_ARGUMENTS; 358 364 359 is_local = 0x80 & pin_info->reference; 365 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 366 return SC_ERROR_OBJECT_NOT_VALID; 367 368 is_local = 0x80 & auth_info->attrs.pin.reference; 360 369 if (is_local) 361 370 r = sc_select_file(card, &df->path, NULL); … … 370 379 acl_entry = sc_file_get_acl_entry(tfile, SC_AC_OP_WRITE); 371 380 if (acl_entry->method != SC_AC_NONE) { 372 if (( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) || have_onepin(profile))381 if ((auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) || have_onepin(profile)) 373 382 need_finalize = 1; 374 383 else … … 384 393 385 394 /* write PIN */ 386 tmp = pin_info->tries_left;387 pin_id = pin_info->reference;395 tmp = auth_info->tries_left; 396 pin_id = auth_info->attrs.pin.reference; 388 397 389 398 pin_d.mode = 0; /* install */ … … 395 404 pin_d.key_header[2] = 8; 396 405 pin_d.key_header[3] = STARCOS_AC_ALWAYS; 397 if ( pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)406 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 398 407 pin_d.key_header[4] = STARCOS_SOPIN_STATE; 399 408 else … … 403 412 pin_d.key_header[7] = 0x00; 404 413 pin_d.key_header[8] = 0x00; 405 akd = pin_info->min_length;414 akd = auth_info->attrs.pin.min_length; 406 415 if (akd < 4) 407 416 akd = 4; … … 420 429 421 430 if (puk && puk_len) { 422 sc_pkcs15_ pin_info_t puk_info;431 sc_pkcs15_auth_info_t puk_info; 423 432 424 433 if (puk_len > 8) -
src/pkcs15init/pkcs15-westcos.c
r891f983 rd888b3f 72 72 static int westcos_pkcs15_select_pin_reference(sc_profile_t *profile, 73 73 sc_pkcs15_card_t *p15card, 74 sc_pkcs15_pin_info_t *pin_info) 75 { 76 77 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 78 pin_info->reference = 1; 74 sc_pkcs15_auth_info_t *auth_info) 75 { 76 77 if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 78 return SC_ERROR_OBJECT_NOT_VALID; 79 80 if (auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 81 auth_info->attrs.pin.reference = 1; 79 82 } else { 80 pin_info->reference = 0;83 auth_info->attrs.pin.reference = 0; 81 84 } 82 85 -
src/pkcs15init/profile.c
rff7bb8f rd888b3f 489 489 void 490 490 sc_profile_get_pin_info(struct sc_profile *profile, 491 int id, struct sc_pkcs15_ pin_info *info)491 int id, struct sc_pkcs15_auth_info *info) 492 492 { 493 493 struct pin_info *pi; … … 517 517 518 518 for (pi = profile->pin_list; pi; pi = pi->next) { 519 if (pi->pin.reference == (int)reference) { 519 if (pi->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 520 continue; 521 if (pi->pin.attrs.pin.reference == (int)reference) { 520 522 *id = pi->id; 521 523 return 0; … … 779 781 sc_profile_get_pin_id_by_reference(struct sc_profile *profile, 780 782 unsigned auth_method, int reference, 781 struct sc_pkcs15_ pin_info *pin_info)783 struct sc_pkcs15_auth_info *auth_info) 782 784 { 783 785 struct pin_info *pinfo; … … 789 791 } 790 792 else { 793 if (pinfo->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 794 continue; 791 795 if (pinfo->pin.auth_method != auth_method) 792 796 continue; 793 if (pinfo->pin. reference != reference)797 if (pinfo->pin.attrs.pin.reference != reference) 794 798 continue; 795 799 } 796 800 797 if ( pin_info)798 * pin_info = pinfo->pin;801 if (auth_info) 802 *auth_info = pinfo->pin; 799 803 return pinfo->id; 800 804 } … … 1491 1495 return NULL; 1492 1496 pi->id = id; 1497 pi->pin.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 1493 1498 pi->pin.auth_method = SC_AC_CHV; 1494 pi->pin.type = (unsigned int)-1; 1495 pi->pin.flags = 0x32; 1496 pi->pin.max_length = 0; 1497 pi->pin.min_length = 0; 1498 pi->pin.stored_length = 0; 1499 pi->pin.pad_char = 0xA5; 1500 pi->pin.magic = SC_PKCS15_PIN_MAGIC; 1501 pi->pin.reference = -1; 1499 pi->pin.attrs.pin.type = (unsigned int)-1; 1500 pi->pin.attrs.pin.flags = 0x32; 1501 pi->pin.attrs.pin.max_length = 0; 1502 pi->pin.attrs.pin.min_length = 0; 1503 pi->pin.attrs.pin.stored_length = 0; 1504 pi->pin.attrs.pin.pad_char = 0xA5; 1505 pi->pin.attrs.pin.reference = -1; 1502 1506 pi->pin.tries_left = 3; 1503 1507 … … 1508 1512 static void set_pin_defaults(struct sc_profile *profile, struct pin_info *pi) 1509 1513 { 1510 struct sc_pkcs15_pin_info *info = &pi->pin; 1511 1512 if (info->type == (unsigned int) -1) 1513 info->type = profile->pin_encoding; 1514 if (info->max_length == 0) 1515 info->max_length = profile->pin_maxlen; 1516 if (info->min_length == 0) 1517 info->min_length = profile->pin_minlen; 1518 if (info->stored_length == 0) { 1519 info->stored_length = profile->pin_maxlen; 1514 struct sc_pkcs15_auth_info *info = &pi->pin; 1515 struct sc_pkcs15_pin_attributes *pin_attrs = &info->attrs.pin; 1516 1517 info->auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN; 1518 1519 if (pin_attrs->type == (unsigned int) -1) 1520 pin_attrs->type = profile->pin_encoding; 1521 if (pin_attrs->max_length == 0) 1522 pin_attrs->max_length = profile->pin_maxlen; 1523 if (pin_attrs->min_length == 0) 1524 pin_attrs->min_length = profile->pin_minlen; 1525 if (pin_attrs->stored_length == 0) { 1526 pin_attrs->stored_length = profile->pin_maxlen; 1520 1527 /* BCD encoded PIN takes half the space */ 1521 if ( info->type == SC_PKCS15_PIN_TYPE_BCD)1522 info->stored_length = (info->stored_length + 1) / 2;1523 } 1524 if ( info->pad_char == 0xA5)1525 info->pad_char = profile->pin_pad_char;1528 if (pin_attrs->type == SC_PKCS15_PIN_TYPE_BCD) 1529 pin_attrs->stored_length = (pin_attrs->stored_length + 1) / 2; 1530 } 1531 if (pin_attrs->pad_char == 0xA5) 1532 pin_attrs->pad_char = profile->pin_pad_char; 1526 1533 } 1527 1534 … … 1558 1565 if (map_str2int(cur, argv[0], &type, pinTypeNames)) 1559 1566 return 1; 1560 cur->pin->pin.type = type; 1567 if (cur->pin->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1568 return 1; 1569 cur->pin->pin.attrs.pin.type = type; 1561 1570 return 0; 1562 1571 } … … 1569 1578 if (get_uint(cur, argv[0], &reference)) 1570 1579 return 1; 1571 cur->pin->pin.reference = reference; 1580 if (cur->pin->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1581 return 1; 1582 cur->pin->pin.attrs.pin.reference = reference; 1572 1583 return 0; 1573 1584 } … … 1587 1598 if (get_uint(cur, argv[0], &len)) 1588 1599 return 1; 1589 cur->pin->pin.min_length = len; 1600 if (cur->pin->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1601 return 1; 1602 cur->pin->pin.attrs.pin.min_length = len; 1590 1603 return 0; 1591 1604 } … … 1598 1611 if (get_uint(cur, argv[0], &len)) 1599 1612 return 1; 1600 cur->pin->pin.max_length = len; 1613 if (cur->pin->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1614 return 1; 1615 cur->pin->pin.attrs.pin.max_length = len; 1601 1616 return 0; 1602 1617 } … … 1609 1624 if (get_uint(cur, argv[0], &len)) 1610 1625 return 1; 1611 cur->pin->pin.stored_length = len; 1626 if (cur->pin->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1627 return 1; 1628 cur->pin->pin.attrs.pin.stored_length = len; 1612 1629 return 0; 1613 1630 } … … 1619 1636 int i, r; 1620 1637 1621 cur->pin->pin.flags = 0; 1638 if (cur->pin->pin.auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1639 return -1; 1640 1641 cur->pin->pin.attrs.pin.flags = 0; 1622 1642 for (i = 0; i < argc; i++) { 1623 1643 if ((r = map_str2int(cur, argv[i], &flags, pinFlagNames)) < 0) 1624 1644 return r; 1625 cur->pin->pin. flags |= flags;1645 cur->pin->pin.attrs.pin.flags |= flags; 1626 1646 } 1627 1647 -
src/pkcs15init/profile.h
r7ab9b7f rd888b3f 56 56 struct file_info * file; /* obsolete */ 57 57 58 s c_pkcs15_pin_info_tpin;58 struct sc_pkcs15_auth_info pin; 59 59 }; 60 60 … … 132 132 void sc_profile_free(struct sc_profile *); 133 133 int sc_profile_build_pkcs15(struct sc_profile *); 134 void sc_profile_get_pin_info(struct sc_profile *, int, struct sc_pkcs15_ pin_info *);134 void sc_profile_get_pin_info(struct sc_profile *, int, struct sc_pkcs15_auth_info *); 135 135 int sc_profile_get_pin_id(struct sc_profile *, unsigned int, int *); 136 136 int sc_profile_get_file(struct sc_profile *, const char *, struct sc_file **); … … 143 143 int sc_profile_get_file_instance(struct sc_profile *, const char *, int, sc_file_t **); 144 144 int sc_profile_get_pin_id_by_reference(struct sc_profile *, unsigned, int, 145 struct sc_pkcs15_ pin_info *);145 struct sc_pkcs15_auth_info *); 146 146 int sc_profile_get_parent(struct sc_profile *profile, const char *, sc_file_t **); 147 147 -
src/tests/pintest.c
rf292467 rd888b3f 47 47 static int ask_and_verify_pin(struct sc_pkcs15_object *pin_obj) 48 48 { 49 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *) pin_obj->data;49 struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info *) pin_obj->data; 50 50 int i = 0; 51 51 char prompt[80]; 52 52 u8 *pass; 53 53 54 if (pin_info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {54 if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) { 55 55 printf("Skipping unblocking pin [%s]\n", pin_obj->label); 56 56 return 0; -
src/tests/print.c
r50f99a20 rd888b3f 54 54 "exchangeRefData" 55 55 }; 56 struct sc_pkcs15_ pin_info *pin;56 struct sc_pkcs15_auth_info *pin; 57 57 const int pf_count = sizeof(pin_flags) / sizeof(pin_flags[0]); 58 58 int i; 59 59 60 pin = (struct sc_pkcs15_ pin_info *) obj->data;60 pin = (struct sc_pkcs15_auth_info *) obj->data; 61 61 printf("\tAuth ID : %s\n", sc_pkcs15_print_id(&pin->auth_id)); 62 printf("\tFlags : [0x%02X]", pin->flags); 63 for (i = 0; i < pf_count; i++) 64 if (pin->flags & (1 << i)) { 65 printf(", %s", pin_flags[i]); 66 } 67 printf("\n"); 68 printf("\tLength : min_len:%lu, max_len:%lu, stored_len:%lu\n", 69 (unsigned long) pin->min_length, 70 (unsigned long) pin->max_length, 71 (unsigned long) pin->stored_length); 72 printf("\tPad char : 0x%02X\n", pin->pad_char); 73 printf("\tReference : %d\n", pin->reference); 74 printf("\tEncoding : "); 75 switch (pin->type) { 76 case SC_PKCS15_PIN_TYPE_BCD: 77 printf("BCD\n"); break; 78 case SC_PKCS15_PIN_TYPE_ASCII_NUMERIC: 79 printf("ASCII-numeric\n"); break; 80 case SC_PKCS15_PIN_TYPE_UTF8: 81 printf("UTF8\n"); break; 82 case SC_PKCS15_PIN_TYPE_HALFNIBBLE_BCD: 83 printf("half-nibble BCD\n"); break; 84 case SC_PKCS15_PIN_TYPE_ISO9564_1: 85 printf("ISO 9564-1\n"); break; 86 default: 87 printf("[encoding %d]\n", pin->type); 62 if (pin->auth_type == SC_PKCS15_PIN_AUTH_TYPE_PIN) { 63 printf("\tFlags : [0x%02X]", pin->attrs.pin.flags); 64 for (i = 0; i < pf_count; i++) 65 if (pin->attrs.pin.flags & (1 << i)) { 66 printf(", %s", pin_flags[i]); 67 } 68 printf("\n"); 69 printf("\tLength : min_len:%lu, max_len:%lu, stored_len:%lu\n", 70 (unsigned long) pin->attrs.pin.min_length, 71 (unsigned long) pin->attrs.pin.max_length, 72 (unsigned long) pin->attrs.pin.stored_length); 73 printf("\tPad char : 0x%02X\n", pin->attrs.pin.pad_char); 74 printf("\tReference : %d\n", pin->attrs.pin.reference); 75 printf("\tEncoding : "); 76 switch (pin->attrs.pin.type) { 77 case SC_PKCS15_PIN_TYPE_BCD: 78 printf("BCD\n"); break; 79 case SC_PKCS15_PIN_TYPE_ASCII_NUMERIC: 80 printf("ASCII-numeric\n"); break; 81 case SC_PKCS15_PIN_TYPE_UTF8: 82 printf("UTF8\n"); break; 83 case SC_PKCS15_PIN_TYPE_HALFNIBBLE_BCD: 84 printf("half-nibble BCD\n"); break; 85 case SC_PKCS15_PIN_TYPE_ISO9564_1: 86 printf("ISO 9564-1\n"); break; 87 default: 88 printf("[encoding %d]\n", pin->attrs.pin.type); 89 } 88 90 } 89 91 if (pin->path.len) -
src/tools/pkcs15-crypt.c
rc74d33d rd888b3f 125 125 char buf[80]; 126 126 char *pincode; 127 struct sc_pkcs15_pin_info *pinfo = (struct sc_pkcs15_pin_info *) obj->data; 128 127 struct sc_pkcs15_auth_info *pinfo = (struct sc_pkcs15_auth_info *) obj->data; 128 129 if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 130 return NULL; 131 129 132 if (opt_pincode != NULL) { 130 133 if (strcmp(opt_pincode, "-") == 0) … … 139 142 if (strlen(pincode) == 0) 140 143 return NULL; 141 if (strlen(pincode) < pinfo-> min_length ||142 strlen(pincode) > pinfo-> max_length)144 if (strlen(pincode) < pinfo->attrs.pin.min_length || 145 strlen(pincode) > pinfo->attrs.pin.max_length) 143 146 continue; 144 147 return strdup(pincode); -
src/tools/pkcs15-init.c
r71b1f55 rd888b3f 101 101 static void init_gost_params(struct sc_pkcs15init_keyarg_gost_params *, EVP_PKEY *); 102 102 static int get_pin_callback(struct sc_profile *profile, 103 int id, const struct sc_pkcs15_ pin_info *info,103 int id, const struct sc_pkcs15_auth_info *info, 104 104 const char *label, 105 105 u8 *pinbuf, size_t *pinsize); … … 389 389 const char * obj_label; /* O: object (PIN) label */ 390 390 union { 391 struct sc_pkcs15_ pin_info *pin;391 struct sc_pkcs15_auth_info *pin; 392 392 } info; 393 393 } sc_ui_hints_t; … … 684 684 { 685 685 struct sc_pkcs15init_initargs args; 686 sc_pkcs15_ pin_info_t info;686 sc_pkcs15_auth_info_t info; 687 687 sc_ui_hints_t hints; 688 688 const char *role = "so"; … … 690 690 691 691 memset(&hints, 0, sizeof(hints)); 692 memset(&info, 0, sizeof(info)); 692 693 hints.usage = SC_UI_USAGE_NEW_PIN; 693 694 hints.flags = SC_UI_PIN_RETYPE … … 710 711 sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_SO_PIN, &info); 711 712 712 if (!(info. flags & SC_PKCS15_PIN_FLAG_SO_PIN))713 if (!(info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 713 714 role = "user"; 714 715 else … … 716 717 717 718 718 if ((info. flags & SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED)719 && (info. flags & SC_PKCS15_PIN_FLAG_SO_PIN))719 if ((info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED) 720 && (info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 720 721 so_puk_disabled = 1; 721 722 … … 730 731 sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_SO_PUK, &info); 731 732 732 if (!(info. flags & SC_PKCS15_PIN_FLAG_SO_PIN))733 if (!(info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)) 733 734 role = "user"; 734 735 … … 765 766 { 766 767 struct sc_pkcs15init_pinargs args; 767 sc_pkcs15_ pin_info_t info;768 sc_pkcs15_auth_info_t info; 768 769 sc_ui_hints_t hints; 769 770 int r; … … 802 803 args.label = opt_label; 803 804 804 if (!(info. flags & SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED)805 if (!(info.attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED) 805 806 && opt_pins[1] == NULL) { 806 807 sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &info); … … 1627 1628 static int 1628 1629 get_pin_callback(struct sc_profile *profile, 1629 int id, const struct sc_pkcs15_ pin_info *info,1630 int id, const struct sc_pkcs15_auth_info *info, 1630 1631 const char *label, 1631 1632 u8 *pinbuf, size_t *pinsize) … … 1637 1638 int allocated = 0; 1638 1639 1639 if (label) { 1640 if (info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1641 return SC_ERROR_NOT_SUPPORTED; 1642 1643 if (label) 1640 1644 snprintf(namebuf, sizeof(namebuf), "PIN [%s]", label); 1641 } else { 1642 snprintf(namebuf, sizeof(namebuf), 1643 "Unspecified PIN [reference %u]", 1644 info->reference); 1645 } 1645 else 1646 snprintf(namebuf, sizeof(namebuf), "Unspecified PIN [reference %u]", info->attrs.pin.reference); 1646 1647 1647 1648 if (!ignore_cmdline_pins) { … … 1667 1668 } 1668 1669 else if (info->auth_method == SC_AC_CHV) { 1669 if (!(info-> flags & SC_PKCS15_PIN_FLAG_SO_PIN)1670 && !(info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {1670 if (!(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1671 && !(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) { 1671 1672 name = "User PIN"; 1672 1673 secret = opt_pins[OPT_PIN1 & 3]; 1673 1674 } 1674 else if (!(info-> flags & SC_PKCS15_PIN_FLAG_SO_PIN)1675 && (info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {1675 else if (!(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1676 && (info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) { 1676 1677 name = "User PUK"; 1677 1678 secret = opt_pins[OPT_PUK1 & 3]; 1678 1679 } 1679 else if ((info-> flags & SC_PKCS15_PIN_FLAG_SO_PIN)1680 && !(info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {1680 else if ((info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1681 && !(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) { 1681 1682 name = "Security officer PIN"; 1682 1683 secret = opt_pins[OPT_PIN2 & 3]; 1683 1684 } 1684 else if ((info-> flags & SC_PKCS15_PIN_FLAG_SO_PIN)1685 && (info-> flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {1685 else if ((info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1686 && (info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) { 1686 1687 name = "Security officer PIN unlock key"; 1687 1688 secret = opt_pins[OPT_PUK2 & 3]; … … 2718 2719 int get_pin(sc_ui_hints_t *hints, char **out) 2719 2720 { 2720 sc_pkcs15_ pin_info_t *pin_info;2721 sc_pkcs15_auth_info_t *pin_info; 2721 2722 const char *label; 2722 2723 int flags = hints->flags; 2723 2724 2724 2725 pin_info = hints->info.pin; 2726 if (pin_info && pin_info->auth_type == SC_PKCS15_PIN_AUTH_TYPE_PIN) 2727 return SC_ERROR_NOT_SUPPORTED; 2728 2725 2729 if (!(label = hints->obj_label)) { 2726 2730 if (pin_info == NULL) { 2727 2731 label = "PIN"; 2728 } else if (pin_info-> flags & SC_PKCS15_PIN_FLAG_SO_PIN) {2732 } else if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) { 2729 2733 label = "Security Officer PIN"; 2730 2734 } else { … … 2759 2763 2760 2764 if (pin_info && (flags & SC_UI_PIN_CHECK_LENGTH)) { 2761 if (strlen(pin) < pin_info-> min_length) {2765 if (strlen(pin) < pin_info->attrs.pin.min_length) { 2762 2766 fprintf(stderr, 2763 2767 "PIN too short (min %lu characters)\n", 2764 (unsigned long) pin_info-> min_length);2768 (unsigned long) pin_info->attrs.pin.min_length); 2765 2769 continue; 2766 2770 } 2767 if (pin_info-> max_length2768 && strlen(pin) > pin_info-> max_length) {2771 if (pin_info->attrs.pin.max_length 2772 && strlen(pin) > pin_info->attrs.pin.max_length) { 2769 2773 fprintf(stderr, 2770 2774 "PIN too long (max %lu characters)\n", 2771 (unsigned long) pin_info-> max_length);2775 (unsigned long) pin_info->attrs.pin.max_length); 2772 2776 continue; 2773 2777 } … … 2828 2832 2829 2833 for (ii=0;ii<r;ii++) { 2830 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *) objs[ii]->data;2831 2832 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)2834 struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info *) objs[ii]->data; 2835 2836 if (pin_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 2833 2837 continue; 2834 if (pin_info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 2838 if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 2839 continue; 2840 if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 2835 2841 continue; 2836 2842 -
src/tools/pkcs15-tool.c
re81c174 rd888b3f 963 963 static u8 * get_pin(const char *prompt, sc_pkcs15_object_t *pin_obj) 964 964 { 965 sc_pkcs15_ pin_info_t *pinfo = (sc_pkcs15_pin_info_t *) pin_obj->data;965 sc_pkcs15_auth_info_t *pinfo = (sc_pkcs15_auth_info_t *) pin_obj->data; 966 966 char *pincode = NULL; 967 967 size_t len = 0; … … 969 969 970 970 printf("%s [%s]: ", prompt, pin_obj->label); 971 if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 972 return NULL; 973 971 974 while (1) { 972 975 r = util_getpass(&pincode, &len, stdin); … … 975 978 if (!pincode || strlen(pincode) == 0) 976 979 return NULL; 977 if (strlen(pincode) < pinfo-> min_length) {980 if (strlen(pincode) < pinfo->attrs.pin.min_length) { 978 981 printf("PIN code too short, try again.\n"); 979 982 continue; 980 983 } 981 if (strlen(pincode) > pinfo-> max_length) {984 if (strlen(pincode) > pinfo->attrs.pin.max_length) { 982 985 printf("PIN code too long, try again.\n"); 983 986 continue; … … 1004 1007 1005 1008 for (ii=0;ii<r;ii++) { 1006 struct sc_pkcs15_ pin_info *pin_info = (struct sc_pkcs15_pin_info *) objs[ii]->data;1007 1008 if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN)1009 struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info *) objs[ii]->data; 1010 1011 if (pin_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1009 1012 continue; 1010 if (pin_info->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 1013 if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) 1014 continue; 1015 if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) 1011 1016 continue; 1012 1017 … … 1069 1074 const char *pin_types[] = {"bcd", "ascii-numeric", "UTF-8", 1070 1075 "halfnibble bcd", "iso 9664-1"}; 1071 const struct sc_pkcs15_ pin_info *pin = (const struct sc_pkcs15_pin_info *) obj->data;1076 const struct sc_pkcs15_auth_info *pin = (const struct sc_pkcs15_auth_info *) obj->data; 1072 1077 const size_t pf_count = NELEMENTS(pin_flags); 1073 1078 size_t i; … … 1078 1083 printf("\tAuth ID : %s\n", sc_pkcs15_print_id(&obj->auth_id)); 1079 1084 printf("\tID : %s\n", sc_pkcs15_print_id(&pin->auth_id)); 1080 printf("\tFlags : [0x%02X]", pin->flags); 1081 for (i = 0; i < pf_count; i++) 1082 if (pin->flags & (1 << i)) { 1083 printf(", %s", pin_flags[i]); 1084 } 1085 printf("\n"); 1086 printf("\tLength : min_len:%lu, max_len:%lu, stored_len:%lu\n", 1087 (unsigned long)pin->min_length, (unsigned long)pin->max_length, 1088 (unsigned long)pin->stored_length); 1089 printf("\tPad char : 0x%02X\n", pin->pad_char); 1090 printf("\tReference : %d\n", pin->reference); 1091 if (pin->type < NELEMENTS(pin_types)) 1092 printf("\tType : %s\n", pin_types[pin->type]); 1093 else 1094 printf("\tType : [encoding %d]\n", pin->type); 1085 if (pin->auth_type == SC_PKCS15_PIN_AUTH_TYPE_PIN) { 1086 printf("\tFlags : [0x%02X]", pin->attrs.pin.flags); 1087 for (i = 0; i < pf_count; i++) 1088 if (pin->attrs.pin.flags & (1 << i)) { 1089 printf(", %s", pin_flags[i]); 1090 } 1091 printf("\n"); 1092 printf("\tLength : min_len:%lu, max_len:%lu, stored_len:%lu\n", 1093 (unsigned long)pin->attrs.pin.min_length, (unsigned long)pin->attrs.pin.max_length, 1094 (unsigned long)pin->attrs.pin.stored_length); 1095 printf("\tPad char : 0x%02X\n", pin->attrs.pin.pad_char); 1096 printf("\tReference : %d\n", pin->attrs.pin.reference); 1097 if (pin->attrs.pin.type < NELEMENTS(pin_types)) 1098 printf("\tType : %s\n", pin_types[pin->attrs.pin.type]); 1099 else 1100 printf("\tType : [encoding %d]\n", pin->attrs.pin.type); 1101 } 1095 1102 if (pin->path.len || pin->path.aid.len) 1096 1103 printf("\tPath : %s\n", sc_print_path(&pin->path)); … … 1185 1192 static int unblock_pin(void) 1186 1193 { 1187 struct sc_pkcs15_ pin_info *pinfo = NULL;1194 struct sc_pkcs15_auth_info *pinfo = NULL; 1188 1195 sc_pkcs15_object_t *pin_obj; 1189 1196 u8 *pin, *puk; … … 1194 1201 if (!(pin_obj = get_pin_info())) 1195 1202 return 2; 1196 pinfo = (sc_pkcs15_pin_info_t *) pin_obj->data; 1203 pinfo = (sc_pkcs15_auth_info_t *) pin_obj->data; 1204 1205 if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1206 return 1; 1197 1207 1198 1208 puk = opt_puk; … … 1249 1259 { 1250 1260 sc_pkcs15_object_t *pin_obj; 1251 sc_pkcs15_ pin_info_t *pinfo = NULL;1261 sc_pkcs15_auth_info_t *pinfo = NULL; 1252 1262 u8 *pincode, *newpin; 1253 1263 int r, pinpad_present = 0; … … 1257 1267 if (!(pin_obj = get_pin_info())) 1258 1268 return 2; 1259 pinfo = (sc_pkcs15_pin_info_t *) pin_obj->data; 1269 1270 pinfo = (sc_pkcs15_auth_info_t *) pin_obj->data; 1271 if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) 1272 return 1; 1260 1273 1261 1274 if (pinfo->tries_left != -1) {
Note: See TracChangeset
for help on using the changeset viewer.
