From b008274afdbe375b32a7e66dbd073e200f6f0587 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 4 Feb 2011 12:57:53 +0100 Subject: Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again. --- scd/ChangeLog | 108 ++++++++--------- scd/Makefile.am | 8 +- scd/apdu.c | 50 ++++---- scd/apdu.h | 9 +- scd/app-common.h | 11 +- scd/app-dinsig.c | 70 +++++------ scd/app-geldkarte.c | 42 +++---- scd/app-help.c | 4 +- scd/app-nks.c | 128 ++++++++++---------- scd/app-openpgp.c | 327 ++++++++++++++++++++++++++-------------------------- scd/app-p15.c | 276 ++++++++++++++++++++++---------------------- scd/app.c | 55 +++++---- scd/atr.c | 19 ++- scd/card-common.h | 2 +- scd/card-dinsig.c | 26 ++--- scd/card-p15.c | 48 ++++---- scd/card.c | 27 +++-- scd/ccid-driver.c | 274 +++++++++++++++++++++---------------------- scd/ccid-driver.h | 11 +- scd/command.c | 172 +++++++++++++-------------- scd/iso7816.c | 35 +++--- scd/iso7816.h | 2 +- scd/pcsc-wrapper.c | 124 ++++++++++---------- scd/sc-copykeys.c | 40 +++---- scd/scdaemon.c | 122 ++++++++++---------- scd/scdaemon.h | 14 +-- 26 files changed, 990 insertions(+), 1014 deletions(-) (limited to 'scd') diff --git a/scd/ChangeLog b/scd/ChangeLog index c9f92b428..0006f743c 100644 --- a/scd/ChangeLog +++ b/scd/ChangeLog @@ -188,7 +188,7 @@ * app-openpgp.c (change_keyattr): New. (do_writekey): Call it. - + * app-openpgp.c (does_key_exist): Add arg GENERATING. Change callers. @@ -291,7 +291,7 @@ * app-nks.c (do_decipher): Make it work for TCOS 3. * iso7816.c (iso7816_decipher): Add arg EXTENDED_MODE. * apdu.c (apdu_send): Add arg EXTENDED_MODE and change all callers. - (apdu_send_le): Ditto. + (apdu_send_le): Ditto. (apdu_send_direct): Ditto, but not yet functional. (send_le): Fix command chaining. Implement extended length option. * ccid-driver.c (ccid_transceive): Remove restriction on apdu length. @@ -375,7 +375,7 @@ (aid_nks): .. new. (aid_sigg): New. (switch_application): New. - (do_getattr, do_learn_status, do_readcert, do_sign, do_decipher) + (do_getattr, do_learn_status, do_readcert, do_sign, do_decipher) (do_change_pin, do_check_pin): Make sure we are in NKS mode. 2009-03-03 Werner Koch @@ -407,22 +407,22 @@ * ccid-driver.c (ccid_get_atr): Move debug output to .. (print_r2p_parameters): .. new. (print_r2p_header, print_pr_data, print_r2p_unknown) - (print_r2p_datablock, print_r2p_slotstatus, print_r2p_escape) + (print_r2p_datablock, print_r2p_slotstatus, print_r2p_escape) (print_r2p_datarate): New. (bulk_in): Call parameter printing. (ccid_set_debug_level): Add debug level 3. (convert_le_u16): New. - (print_p2r_header, print_p2r_iccpoweron, print_p2r_iccpoweroff) - (print_p2r_getslotstatus, print_p2r_xfrblock) - (print_p2r_getparameters, print_p2r_resetparameters) - (print_p2r_setparameters, print_p2r_escape, print_p2r_iccclock) - (print_p2r_to0apdu, print_p2r_secure, print_p2r_mechanical) + (print_p2r_header, print_p2r_iccpoweron, print_p2r_iccpoweroff) + (print_p2r_getslotstatus, print_p2r_xfrblock) + (print_p2r_getparameters, print_p2r_resetparameters) + (print_p2r_setparameters, print_p2r_escape, print_p2r_iccclock) + (print_p2r_to0apdu, print_p2r_secure, print_p2r_mechanical) (print_p2r_abort, print_p2r_setdatarate, print_r2p_unknown): New. (bulk_out): Add arg NO_DEBUG and change all callers to pass 0. Call parameter printing. (ccid_slot_status): Call with NO_DEBUG set. - (abort_cmd, send_escape_cmd, ccid_get_atr, ccid_get_atr) - (ccid_transceive_apdu_level, ccid_transceive) + (abort_cmd, send_escape_cmd, ccid_get_atr, ccid_get_atr) + (ccid_transceive_apdu_level, ccid_transceive) (ccid_transceive_secure): Remove old debug print code. 2009-02-12 Werner Koch @@ -473,7 +473,7 @@ 2008-12-18 Werner Koch - * ccid-driver.c (abort_cmd): New. + * ccid-driver.c (abort_cmd): New. (bulk_in): Call abort_cmd after severe errors. * apdu.c (reader_table_s): Add field ANY_STATUS. @@ -520,7 +520,7 @@ (update_reader_status_file): Disconnect if allowed. * app-common.h (app_ctx_s): Remove INITIALIZED. Make REF_COUNT - unsigned. + unsigned. * app.c (select_application): Remove INITIALIZED. (app_write_learn_status, app_readcert, app_readkey, app_getattr) (app_setattr, app_sign, app_decipher, app_writecert) @@ -537,7 +537,7 @@ * app.c (app_get_serial_and_stamp): Use bin2hex. * app-help.c (app_help_get_keygrip_string): Ditto. * app-p15.c (send_certinfo, send_keypairinfo, do_getattr): Ditto. - * app-openpgp.c (send_fpr_if_not_null, send_key_data) + * app-openpgp.c (send_fpr_if_not_null, send_key_data) (retrieve_fpr_from_card, send_keypair_info): Ditto. * app-nks.c (keygripstr_from_pk_file): Ditto. * command.c (cmd_apdu): Ditto. @@ -644,7 +644,7 @@ (do_change_pin): Do not change CHV2. Add reset code logic for v2 cards. * iso7816.c (iso7816_reset_retry_counter_with_rc): New. - + * app-openpgp.c (add_tlv, build_privkey_template): New. (do_writekey): Support v2 keys and other key lengths than 1024. * iso7816.c (iso7816_put_data_odd): New. @@ -762,7 +762,7 @@ * scdaemon.c (main): Pass STANDARD_SOCKET flag to create_server_socket. - + 2007-11-13 Werner Koch * scdaemon.c (start_connection_thread): Do not call @@ -1003,7 +1003,7 @@ 2006-09-06 Werner Koch - * apdu.c (pcsc_end_transaction): + * apdu.c (pcsc_end_transaction): * pcsc-wrapper.c (pcsc_end_transaction: Fixed dclaration. Reported by Bob Dunlop. @@ -1012,7 +1012,7 @@ Replaced all Assuan error codes by libgpg-error codes. Removed all map_to_assuan_status and map_assuan_err. - + * scdaemon.c (main): Call assuan_set_assuan_err_source to have Assuan switch to gpg-error codes. * command.c (set_error): Adjusted. @@ -1091,7 +1091,7 @@ 2006-02-09 Werner Koch - * command.c (get_reader_slot, do_reset) + * command.c (get_reader_slot, do_reset) (scd_update_reader_status_file): Rewrote. * app.c (release_application): Factored code out to .. @@ -1156,12 +1156,12 @@ * iso7816.h (struct iso7816_pininfo_s): New. * iso7816.c (map_sw): Support new code. (iso7816_check_keypad): New. - (iso7816_verify_kp, iso7816_change_reference_data_kp) + (iso7816_verify_kp, iso7816_change_reference_data_kp) (iso7816_reset_retry_counter_kp): New. Extended versions of the original functions. - * apdu.c (host_sw_string): Support new code. + * apdu.c (host_sw_string): Support new code. (reader_table_s): New field CHECK_KEYPAD. - (new_reader_slot, open_ct_reader, open_pcsc_reader) + (new_reader_slot, open_ct_reader, open_pcsc_reader) (open_ccid_reader, open_rapdu_reader): Initialize it. (check_ccid_keypad): New. (apdu_check_keypad): New. @@ -1170,7 +1170,7 @@ of the orginal function to use this one with a NULL for the new arg. (apdu_send_simple_kp): New. - (ct_send_apdu, pcsc_send_apdu, my_rapdu_send_apdu) + (ct_send_apdu, pcsc_send_apdu, my_rapdu_send_apdu) (send_apdu_ccid): New arg PININFO. (send_apdu_ccid): Use the new arg. @@ -1226,7 +1226,7 @@ * iso7816.c (iso7816_read_binary): Use Le=0 when reading all data. Handle 6C00 error and take 6B00 as indication for EOF. * apdu.h (SW_EXACT_LENGTH_P): New. - * apdu.c (new_reader_slot, reset_pcsc_reader, pcsc_get_status) + * apdu.c (new_reader_slot, reset_pcsc_reader, pcsc_get_status) (open_pcsc_reader): Set new reader state IS_T0. (apdu_send_le): When doing T=0 make sure not to send Lc and Le. Problem reported by Carl Meijer. @@ -1253,7 +1253,7 @@ 2005-06-06 Werner Koch - * scdaemon.c (main): New option --debug-allow-core-dump. + * scdaemon.c (main): New option --debug-allow-core-dump. 2005-06-03 Werner Koch @@ -1399,9 +1399,9 @@ variant. * app-openpgp.c (get_one_do, dump_all_do): Ditto. - + Removal of the old OpenSC based code. - + * app-p15.c: New. Basic support for pkcs15 cards without OpenSC. There are quite a couple of things missing but at least I can use my old TCOS cards from the Aegypten-1 development for signing. @@ -1409,7 +1409,7 @@ * Makefile.am (scdaemon_SOURCES): Removed card.c, card-common.h and card-p15.c because they are now obsolete. Added app-p15.c. Removed all OpenSC stuff. - * command.c (do_reset, open_card, cmd_serialno, cmd_learn) + * command.c (do_reset, open_card, cmd_serialno, cmd_learn) (cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkdecrypt): Removed all special cases for the old card.c based mechanisms. * scdaemon.c, apdu.c: Removed all special cases for OpenSC. @@ -1430,7 +1430,7 @@ 2005-04-12 Werner Koch Basic support for several sessions. - + * command.c (scd_command_handler): Replace the primary_connection stuff by a real connection list. Release the local context on exit. @@ -1438,7 +1438,7 @@ to all connections who registered an event signal. (cmd_lock, cmd_unlock, register_commands): New commands LOCK and UNLOCK. - (cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt, cmd_setattr) + (cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt, cmd_setattr) (cmd_genkey, cmd_passwd, cmd_checkpin): Return an error if reader is locked. (do_reset): Handle locking. @@ -1508,7 +1508,7 @@ * apdu.c: Added some PCSC error codes. (pcsc_error_to_sw): New. - (reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu) + (reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu) (open_pcsc_reader): Do proper error code mapping. 2005-03-16 Werner Koch @@ -1589,7 +1589,7 @@ * apdu.c [W32]: Disable use of pcsc_wrapper. * Makefile.am (scdaemon_LDADD): Reorder libs. - (sc_copykeys_LDADD): Add libassuan because it is needed for W32. + (sc_copykeys_LDADD): Add libassuan because it is needed for W32. 2004-12-06 Werner Koch @@ -1606,17 +1606,17 @@ This avoids problems with missing vasprintf implementations in gnupg 1.4. - * app-common.h (app_openpgp_storekey: Add prototype. + * app-common.h (app_openpgp_storekey: Add prototype. 2004-10-20 Werner Koch * sc-investigate: Removed. * Makefile.am (sc_investigate): Removed. - + * pcsc-wrapper.c (load_pcsc_driver): Load get_status_change func. (handle_open): Succeed even without a present card. (handle_status, handle_reset): New. - + * apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion. (pcsc_get_status): Implemented. (reset_pcsc_reader): Implemented. @@ -1631,7 +1631,7 @@ 2004-10-14 Werner Koch - * app-openpgp.c (parse_login_data): New. + * app-openpgp.c (parse_login_data): New. (app_select_openpgp): Call it. (do_setattr): Reparse it after change. @@ -1658,7 +1658,7 @@ * app-openpgp.c: Made all strings translatable. (verify_chv3) [GNUPG_MAJOR_VERSION]: Make opt.allow_admin - available for use in gnupg 2. + available for use in gnupg 2. (verify_chv3): Reimplemented countdown showing to use only functions from this module. Flush the CVH status cache on a successful read. @@ -1669,7 +1669,7 @@ (get_cached_data): Move local data initialization to .. (app_select_openpgp): .. here. Read some flags for later use. (do_getattr): New read-only attribute EXTCAP. - + * apdu.c (open_pcsc_reader): Do not print empty reader string. * ccid-driver.c (do_close_reader): Factored some code out from ... @@ -1754,21 +1754,21 @@ * Makefile.am: Make OpenSC lib link after libgcrypt. Do not link to pth. * apdu.c: Don't use Pth if we use OpenSC. - * sc-investigate.c, scdaemon.c: Disable use of pth if OpenSC is used. + * sc-investigate.c, scdaemon.c: Disable use of pth if OpenSC is used. * scdaemon.c (main): Bumbed thread stack size up to 512k. 2004-07-16 Werner Koch * apdu.c (reader_table_s): Add function pointers for the backends. - (apdu_close_reader, apdu_get_status, apdu_activate) + (apdu_close_reader, apdu_get_status, apdu_activate) (send_apdu): Make use of them. (new_reader_slot): Intialize them to NULL. (dump_ccid_reader_status, ct_dump_reader_status): New. (dump_pcsc_reader_status): New. - (open_ct_reader, open_pcsc_reader, open_ccid_reader) + (open_ct_reader, open_pcsc_reader, open_ccid_reader) (open_osc_reader, open_rapdu_reader): Intialize function pointers. - (ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu) + (ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu) (error_string): Removed. Replaced by apdu_strerror. (get_ccid_error_string): Removed. (ct_activate_card): Remove the unused loop. @@ -1899,7 +1899,7 @@ * apdu.h: New pseudo stati SW_HOST_NOT_SUPPORTED, SW_HOST_LOCKING_FAILED and SW_HOST_BUSY. * iso7816.c (map_sw): Map it. - + * ccid-driver.c (ccid_slot_status): Add arg STATUSBITS. * apdu.c (apdu_get_status): New. (ct_get_status, pcsc_get_status, ocsc_get_status): New stubs. @@ -1908,7 +1908,7 @@ (reset_ct_reader, reset_pcsc_reader, reset_osc_reader): New stubs. (reset_ccid_reader): New. (apdu_enum_reader): New. - + * apdu.c (lock_slot, trylock_slot, unlock_slot): New helpers. (new_reader_slot) [USE_GNU_PTH]: Init mutex. (apdu_reset, apdu_get_status, apdu_send_le): Run functions @@ -2001,7 +2001,7 @@ (cmd_serialno): Allow optional argument to select the desired application. - * app-nks.c: New. + * app-nks.c: New. * scdaemon.h (opt): Add READER_PORT. * scdaemon.c (main): Set it here. @@ -2172,12 +2172,12 @@ * ccid-driver.c, ccid-driver.h: New but far from being useful. * Makefile.am: Add above. * apdu.c: Add support for that ccid driver. - + 2003-08-26 Timo Schulz * apdu.c (new_reader_slot): Only set 'is_osc' when OpenSC is used. - + 2003-08-25 Werner Koch * command.c (cmd_setattr): Use a copy of LINE. @@ -2193,7 +2193,7 @@ 2003-08-18 Werner Koch - * Makefile.am: Add OPENSC_LIBS to all programs. + * Makefile.am: Add OPENSC_LIBS to all programs. * scdaemon.c, scdaemon.h: New option --disable-opensc. * card.c (card_open): Implement it. @@ -2233,7 +2233,7 @@ * scdaemon.c, scdaemon.h: New option --ctapi-driver. * sc-investigate.c, sc-copykeys.c: Ditto. - + 2003-07-31 Werner Koch * Makefile.am (scdaemon_LDADD): Added INTLLIBS. @@ -2309,7 +2309,7 @@ * app-openpgp.c (get_sig_counter): New. (do_sign): Print the signature counter and enable the PIN callback. - (do_genkey): Implement the PIN callback. + (do_genkey): Implement the PIN callback. 2003-07-01 Werner Koch @@ -2380,7 +2380,7 @@ * apdu.c, apdu.h: New * card.c, card-p15.c, card-dinsig.c: Allow build without OpenSC. - + * Makefile.am (LDFLAGS): Removed. * command.c (register_commands): Adjusted for new Assuan semantics. @@ -2413,7 +2413,7 @@ 2002-07-30 Werner Koch Changes to cope with OpenSC 0.7.0: - + * card.c: Removed the check for the packed opensc version. Changed include file names of opensc. (map_sc_err): Adjusted error codes for new opensc version. @@ -2421,7 +2421,7 @@ * card-dinsig.c: Ditto. * card-p15.c (p15_decipher): Add flags argument to OpenSC call. - + 2002-07-24 Werner Koch * card.c (find_simple_tlv, find_iccsn): New. @@ -2467,7 +2467,7 @@ * scdaemon.c scdaemon.h, command.c: New. Based on the code from the gpg-agent. - + Copyright 2002, 2003, 2004, 2005, 2007, 2008 Free Software Foundation, Inc. This file is free software; as a special exception the author gives diff --git a/scd/Makefile.am b/scd/Makefile.am index 923ebfee0..9153a4403 100644 --- a/scd/Makefile.am +++ b/scd/Makefile.am @@ -6,18 +6,18 @@ # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. -# +# # GnuPG is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program; if not, see . ## Process this file with automake to produce Makefile.in -bin_PROGRAMS = scdaemon +bin_PROGRAMS = scdaemon if ! HAVE_W32_SYSTEM libexec_PROGRAMS = gnupg-pcsc-wrapper endif @@ -66,4 +66,4 @@ scdaemon_LDADD = $(libcommonpth) ../gl/libgnu.a \ # gnupg_pcsc_wrapper_SOURCES = pcsc-wrapper.c gnupg_pcsc_wrapper_LDADD = $(DL_LIBS) -gnupg_pcsc_wrapper_CFLAGS = +gnupg_pcsc_wrapper_CFLAGS = diff --git a/scd/apdu.c b/scd/apdu.c index dcb0e23bb..8080b42a1 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -361,7 +361,7 @@ new_reader_slot (void) reader_table[reader].dump_status_reader = NULL; reader_table[reader].set_progress_cb = NULL; - reader_table[reader].used = 1; + reader_table[reader].used = 1; reader_table[reader].any_status = 0; reader_table[reader].last_status = 0; reader_table[reader].is_t0 = 1; @@ -412,8 +412,8 @@ host_sw_string (long err) case SW_HOST_GENERAL_ERROR: return "general error"; case SW_HOST_NO_READER: return "no reader"; case SW_HOST_ABORTED: return "aborted"; - case SW_HOST_NO_KEYPAD: return "no keypad"; - case SW_HOST_ALREADY_CONNECTED: return "already connected"; + case SW_HOST_NO_KEYPAD: return "no keypad"; + case SW_HOST_ALREADY_CONNECTED: return "already connected"; default: return "unknown host status error"; } } @@ -789,7 +789,7 @@ pcsc_error_to_sw (long ec) case PCSC_E_INVALID_TARGET: case PCSC_E_INVALID_VALUE: - case PCSC_E_INVALID_HANDLE: + case PCSC_E_INVALID_HANDLE: case PCSC_E_INVALID_PARAMETER: case PCSC_E_INSUFFICIENT_BUFFER: rc = SW_HOST_INV_VALUE; break; @@ -1003,7 +1003,7 @@ pcsc_get_status (int slot, unsigned int *status) #ifndef NEED_PCSC_WRAPPER static int pcsc_send_apdu_direct (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen, + unsigned char *buffer, size_t *buflen, struct pininfo_s *pininfo) { long err; @@ -1039,7 +1039,7 @@ pcsc_send_apdu_direct (int slot, unsigned char *apdu, size_t apdulen, #ifdef NEED_PCSC_WRAPPER static int pcsc_send_apdu_wrapped (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen, + unsigned char *buffer, size_t *buflen, struct pininfo_s *pininfo) { long err; @@ -1158,7 +1158,7 @@ pcsc_send_apdu_wrapped (int slot, unsigned char *apdu, size_t apdulen, BUFLEN. Returns: A status word. */ static int pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen, + unsigned char *buffer, size_t *buflen, struct pininfo_s *pininfo) { #ifdef NEED_PCSC_WRAPPER @@ -1287,7 +1287,7 @@ connect_pcsc_card (int slot) if (err) { reader_table[slot].pcsc.card = 0; - if (err != PCSC_E_NO_SMARTCARD) + if (err != PCSC_E_NO_SMARTCARD) log_error ("pcsc_connect failed: %s (0x%lx)\n", pcsc_error_string (err), err); } @@ -1337,7 +1337,7 @@ disconnect_pcsc_card (int slot) assert (slot >= 0 && slot < MAX_READER); if (!reader_table[slot].pcsc.card) - return 0; + return 0; err = pcsc_disconnect (reader_table[slot].pcsc.card, PCSC_LEAVE_CARD); if (err) @@ -2635,7 +2635,7 @@ apdu_connect (int slot) } else sw = 0; - + /* We need to call apdu_get_status_internal, so that the last-status machinery gets setup properly even if a card is inserted while scdaemon is fired up and apdu_get_status has not yet been called. @@ -2893,7 +2893,7 @@ send_apdu (int slot, unsigned char *apdu, size_t apdulen, if (reader_table[slot].send_apdu_reader) return reader_table[slot].send_apdu_reader (slot, apdu, apdulen, - buffer, buflen, + buffer, buflen, pininfo); else return SW_HOST_NOT_SUPPORTED; @@ -2921,7 +2921,7 @@ send_le (int slot, int class, int ins, int p0, int p1, { #define SHORT_RESULT_BUFFER_SIZE 258 /* We allocate 8 extra bytes as a safety margin towards a driver bug. */ - unsigned char short_result_buffer[SHORT_RESULT_BUFFER_SIZE+10]; + unsigned char short_result_buffer[SHORT_RESULT_BUFFER_SIZE+10]; unsigned char *result_buffer = NULL; size_t result_buffer_size; unsigned char *result; @@ -2959,16 +2959,16 @@ send_le (int slot, int class, int ins, int p0, int p1, if (lc > 16384) return SW_WRONG_LENGTH; /* Sanity check. */ if ((class&0xf0) != 0) - return SW_HOST_INV_VALUE; /* Upper 4 bits need to be 0. */ - use_chaining = extended_mode == -1? 255 : -extended_mode; + return SW_HOST_INV_VALUE; /* Upper 4 bits need to be 0. */ + use_chaining = extended_mode == -1? 255 : -extended_mode; use_chaining &= 0xff; } - else + else return SW_HOST_INV_VALUE; } else if (lc == -1 && extended_mode > 0) use_extended_length = 1; - + if (le != -1 && (le > (extended_mode > 0? 255:256) || le < 0)) { /* Expected Data does not fit into an APDU. What we do now @@ -2981,7 +2981,7 @@ send_le (int slot, int class, int ins, int p0, int p1, ; /* We are already using extended length. */ else if (extended_mode > 0) use_extended_length = 1; - else + else return SW_HOST_INV_VALUE; } @@ -3052,8 +3052,8 @@ send_le (int slot, int class, int ins, int p0, int p1, } if (le != -1) { - apdu[apdulen++] = ((le >> 8) & 0xff); - apdu[apdulen++] = (le & 0xff); + apdu[apdulen++] = ((le >> 8) & 0xff); + apdu[apdulen++] = (le & 0xff); } } else @@ -3107,7 +3107,7 @@ send_le (int slot, int class, int ins, int p0, int p1, return rc? rc : SW_HOST_INCOMPLETE_CARD_RESPONSE; } sw = (result[resultlen-2] << 8) | result[resultlen-1]; - if (!use_extended_length + if (!use_extended_length && !did_exact_length_hack && SW_EXACT_LENGTH_P (sw)) { apdu[apdulen-1] = (sw & 0x00ff); @@ -3123,7 +3123,7 @@ send_le (int slot, int class, int ins, int p0, int p1, apdu_buffer = NULL; apdu_buffer_size = 0; } - + /* Store away the returned data but strip the statusword. */ resultlen -= 2; if (DBG_CARD_IO) @@ -3266,7 +3266,7 @@ send_le (int slot, int class, int ins, int p0, int p1, that data will be put into *RETBUFLEN. The caller is reponsible for releasing the buffer even in case of errors. */ int -apdu_send_le(int slot, int extended_mode, +apdu_send_le(int slot, int extended_mode, int class, int ins, int p0, int p1, int lc, const char *data, int le, unsigned char **retbuf, size_t *retbuflen) @@ -3309,7 +3309,7 @@ apdu_send_simple (int slot, int extended_mode, int class, int ins, int p0, int p1, int lc, const char *data) { - return send_le (slot, class, ins, p0, p1, lc, data, -1, NULL, NULL, NULL, + return send_le (slot, class, ins, p0, p1, lc, data, -1, NULL, NULL, NULL, extended_mode); } @@ -3317,7 +3317,7 @@ apdu_send_simple (int slot, int extended_mode, /* Same as apdu_send_simple but uses the keypad of the reader. */ int apdu_send_simple_kp (int slot, int class, int ins, int p0, int p1, - int lc, const char *data, + int lc, const char *data, int pin_mode, int pinlen_min, int pinlen_max, int pin_padlen) { @@ -3349,7 +3349,7 @@ apdu_send_direct (int slot, size_t extended_length, unsigned char **retbuf, size_t *retbuflen) { #define SHORT_RESULT_BUFFER_SIZE 258 - unsigned char short_result_buffer[SHORT_RESULT_BUFFER_SIZE+10]; + unsigned char short_result_buffer[SHORT_RESULT_BUFFER_SIZE+10]; unsigned char *result_buffer = NULL; size_t result_buffer_size; unsigned char *result; diff --git a/scd/apdu.h b/scd/apdu.h index d79f8b48f..7c0188782 100644 --- a/scd/apdu.h +++ b/scd/apdu.h @@ -118,13 +118,13 @@ int apdu_send_simple (int slot, int extended_mode, int class, int ins, int p0, int p1, int lc, const char *data); int apdu_send_simple_kp (int slot, int class, int ins, int p0, int p1, - int lc, const char *data, + int lc, const char *data, int pin_mode, int pinlen_min, int pinlen_max, int pin_padlen); -int apdu_send (int slot, int extended_mode, +int apdu_send (int slot, int extended_mode, int class, int ins, int p0, int p1, int lc, const char *data, unsigned char **retbuf, size_t *retbuflen); -int apdu_send_le (int slot, int extended_mode, +int apdu_send_le (int slot, int extended_mode, int class, int ins, int p0, int p1, int lc, const char *data, int le, unsigned char **retbuf, size_t *retbuflen); @@ -135,6 +135,3 @@ int apdu_send_direct (int slot, size_t extended_length, #endif /*APDU_H*/ - - - diff --git a/scd/app-common.h b/scd/app-common.h index 4b2e13e3a..6a1e2a763 100644 --- a/scd/app-common.h +++ b/scd/app-common.h @@ -25,7 +25,7 @@ #if GNUPG_MAJOR_VERSION == 1 # ifdef ENABLE_AGENT_SUPPORT # include "assuan.h" -# endif +# endif #else # include #endif @@ -47,10 +47,10 @@ struct app_ctx_s { /* Flag indicating that a reset has been done for that application and that this context is merely lingering and just should not be reused. */ - int no_reuse; + int no_reuse; /* Used reader slot. */ - int slot; + int slot; /* If this is used by GnuPG 1.4 we need to know the assuan context in case we need to divert the operation to an already running @@ -150,7 +150,7 @@ char *get_supported_applications (void); void release_application (app_t app); gpg_error_t app_munge_serialno (app_t app); gpg_error_t app_get_serial_and_stamp (app_t app, char **serial, time_t *stamp); -gpg_error_t app_write_learn_status (app_t app, ctrl_t ctrl, +gpg_error_t app_write_learn_status (app_t app, ctrl_t ctrl, unsigned int flags); gpg_error_t app_readcert (app_t app, const char *certid, unsigned char **cert, size_t *certlen); @@ -223,6 +223,3 @@ gpg_error_t app_select_geldkarte (app_t app); #endif /*GNUPG_SCD_APP_COMMON_H*/ - - - diff --git a/scd/app-dinsig.c b/scd/app-dinsig.c index 46e9a6a9b..30beb8efb 100644 --- a/scd/app-dinsig.c +++ b/scd/app-dinsig.c @@ -22,7 +22,7 @@ used with an interface specification described in DIN V 66291-1. The AID to be used is: 'D27600006601'. - The file IDs for certificates utilize the generic format: + The file IDs for certificates utilize the generic format: Cxyz C being the hex digit 'C' (12). x being the service indicator: @@ -41,13 +41,13 @@ '8' .. 'D' := C.CA (certificate of a CA issue by the Root-CA). 'E' := C.RCA (self certified certificate of the Root-CA). 'F' := reserved. - + The file IDs used by default are: '1F00' EF.SSD (security service descriptor). [o,o] '2F02' EF.GDO (global data objects) [m,m] 'A000' EF.PROT (signature log). Cyclic file with 20 records of 53 byte. Read and update after user authentication. [o,o] - 'B000' EF.PK.RCA.DS (public keys of Root-CA). Size is 512b or size + 'B000' EF.PK.RCA.DS (public keys of Root-CA). Size is 512b or size of keys. [m (unless a 'C00E' is present),m] 'B001' EF.PK.CA.DS (public keys of CAs). Size is 512b or size of keys. [o,o] @@ -55,12 +55,12 @@ with n := 0 .. 7. Size is 2k or size of cert. Read and update allowed after user authentication. [m,m] 'C00m' EF.C.CA.DS (digital signature certificate of CA) - with m := 8 .. E. Size is 1k or size of cert. Read always + with m := 8 .. E. Size is 1k or size of cert. Read always allowed, update after user authentication. [o,o] 'C100' EF.C.ICC.AUT (AUT certificate of ICC) [o,m] 'C108' EF.C.CA.AUT (AUT certificate of CA) [o,m] 'D000' EF.DM (display message) [-,m] - + The letters in brackets indicate optional or mandatory files: The first for card terminals under full control and the second for "business" card terminals. @@ -101,15 +101,15 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) /* Return the certificate of the card holder. */ fid = 0xC000; - len = app_help_read_length_of_cert (app->slot, fid, &certoff); + len = app_help_read_length_of_cert (app->slot, fid, &certoff); if (!len) return 0; /* Card has not been personalized. */ sprintf (ct_buf, "%d", 101); sprintf (id_buf, "DINSIG.%04X", fid); send_status_info (ctrl, "CERTINFO", - ct_buf, strlen (ct_buf), - id_buf, strlen (id_buf), + ct_buf, strlen (ct_buf), + id_buf, strlen (id_buf), NULL, (size_t)0); /* Now we need to read the certificate, so that we can get the @@ -128,7 +128,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) xfree (der); return err; } - err = ksba_cert_init_from_mem (cert, der, derlen); + err = ksba_cert_init_from_mem (cert, der, derlen); xfree (der); der = NULL; if (err) { @@ -143,13 +143,13 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) log_error ("failed to calculate the keygrip for FID 0x%04X\n", fid); ksba_cert_release (cert); return gpg_error (GPG_ERR_CARD); - } + } ksba_cert_release (cert); sprintf (id_buf, "DINSIG.%04X", fid); send_status_info (ctrl, "KEYPAIRINFO", - hexkeygrip, 40, - id_buf, strlen (id_buf), + hexkeygrip, 40, + id_buf, strlen (id_buf), NULL, (size_t)0); return 0; } @@ -160,7 +160,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) /* Read the certificate with id CERTID (as returned by learn_status in the CERTINFO status lines) and return it in the freshly allocated buffer put into CERT and the length of the certificate put into - CERTLEN. + CERTLEN. FIXME: This needs some cleanups and caching with do_learn_status. */ @@ -179,11 +179,11 @@ do_readcert (app_t app, const char *certid, *cert = NULL; *certlen = 0; - if (strncmp (certid, "DINSIG.", 7) ) + if (strncmp (certid, "DINSIG.", 7) ) return gpg_error (GPG_ERR_INV_ID); certid += 7; if (!hexdigitp (certid) || !hexdigitp (certid+1) - || !hexdigitp (certid+2) || !hexdigitp (certid+3) + || !hexdigitp (certid+2) || !hexdigitp (certid+3) || certid[4]) return gpg_error (GPG_ERR_INV_ID); fid = xtoi_4 (certid); @@ -207,7 +207,7 @@ do_readcert (app_t app, const char *certid, fid, gpg_strerror (err)); return err; } - + if (!buflen || *buffer == 0xff) { log_info ("no certificate contained in FID 0x%04X\n", fid); @@ -235,13 +235,13 @@ do_readcert (app_t app, const char *certid, &ndef, &objlen, &hdrlen); if (err) goto leave; - + if (rootca) ; else if (class == CLASS_UNIVERSAL && tag == TAG_OBJECT_ID && !constructed) { const unsigned char *save_p; - + /* The certificate seems to be contained in a userCertificate container. Skip this and assume the following sequence is the certificate. */ @@ -255,7 +255,7 @@ do_readcert (app_t app, const char *certid, save_p = p; err = parse_ber_header (&p, &n, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); - if (err) + if (err) goto leave; if ( !(class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && constructed) ) return gpg_error (GPG_ERR_INV_OBJ); @@ -263,7 +263,7 @@ do_readcert (app_t app, const char *certid, assert (save_p + totobjlen <= buffer + buflen); memmove (buffer, save_p, totobjlen); } - + *cert = buffer; buffer = NULL; *certlen = totobjlen; @@ -284,7 +284,7 @@ verify_pin (app_t app, int rc; iso7816_pininfo_t pininfo; - if ( app->did_chv1 && !app->force_chv1 ) + if ( app->did_chv1 && !app->force_chv1 ) return 0; /* No need to verify it again. */ memset (&pininfo, 0, sizeof pininfo); @@ -304,7 +304,7 @@ verify_pin (app_t app, gpg_strerror (rc)); return rc; } - rc = iso7816_verify_kp (app->slot, 0x81, "", 0, &pininfo); + rc = iso7816_verify_kp (app->slot, 0x81, "", 0, &pininfo); /* Dismiss the prompt. */ pincb (pincb_arg, NULL, NULL); } @@ -355,7 +355,7 @@ verify_pin (app_t app, this. */ char paddedpin[8]; int i, ndigits; - + for (ndigits=0, s=pinvalue; *s; ndigits++, s++) ; i = 0; @@ -386,7 +386,7 @@ verify_pin (app_t app, If a PIN is required the PINCB will be used to ask for the PIN; that callback should return the PIN in an allocated buffer and store that in the 3rd argument. */ -static gpg_error_t +static gpg_error_t do_sign (app_t app, const char *keyidstr, int hashalgo, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -417,11 +417,11 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, /* Check that the provided ID is vaid. This is not really needed but we do it to to enforce correct usage by the caller. */ - if (strncmp (keyidstr, "DINSIG.", 7) ) + if (strncmp (keyidstr, "DINSIG.", 7) ) return gpg_error (GPG_ERR_INV_ID); keyidstr += 7; if (!hexdigitp (keyidstr) || !hexdigitp (keyidstr+1) - || !hexdigitp (keyidstr+2) || !hexdigitp (keyidstr+3) + || !hexdigitp (keyidstr+2) || !hexdigitp (keyidstr+3) || keyidstr[4]) return gpg_error (GPG_ERR_INV_ID); fid = xtoi_4 (keyidstr); @@ -439,7 +439,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, ; else if (hashalgo == GCRY_MD_RMD160 && !memcmp (indata, rmd160_prefix,15)) ; - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data, indata, indatalen); } @@ -459,7 +459,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, hashalgo = GCRY_MD_SHA256; datalen = indatalen; } - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data, indata, indatalen); } @@ -476,14 +476,14 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, datalen = len + indatalen; memcpy (data, sha256_prefix, len); } - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data+len, indata, indatalen); } rc = verify_pin (app, pincb, pincb_arg); if (!rc) - rc = iso7816_compute_ds (app->slot, 0, data, datalen, 0, + rc = iso7816_compute_ds (app->slot, 0, data, datalen, 0, outdata, outdatalen); return rc; } @@ -493,8 +493,8 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, #warning test function - works but may brick your card /* Handle the PASSWD command. CHVNOSTR is currently ignored; we always use VHV0. RESET_MODE is not yet implemented. */ -static gpg_error_t -do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, +static gpg_error_t +do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, unsigned int flags, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) @@ -526,14 +526,14 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, /* TRANSLATORS: Do not translate the "|*|" prefixes but keep it at the start of the string. We need this elsewhere to get some infos on the string. */ - err = pincb (pincb_arg, _("|N|Initial New PIN"), &pinvalue); + err = pincb (pincb_arg, _("|N|Initial New PIN"), &pinvalue); if (err) { log_error (_("error getting new PIN: %s\n"), gpg_strerror (err)); return err; } - err = iso7816_change_reference_data (app->slot, 0x81, + err = iso7816_change_reference_data (app->slot, 0x81, oldpin, oldpinlen, pinvalue, strlen (pinvalue)); xfree (pinvalue); @@ -550,7 +550,7 @@ app_select_dinsig (app_t app) static char const aid[] = { 0xD2, 0x76, 0x00, 0x00, 0x66, 0x01 }; int slot = app->slot; int rc; - + rc = iso7816_select_application (slot, aid, sizeof aid, 0); if (!rc) { diff --git a/scd/app-geldkarte.c b/scd/app-geldkarte.c index 6e8d07725..f8ee9f640 100644 --- a/scd/app-geldkarte.c +++ b/scd/app-geldkarte.c @@ -90,13 +90,13 @@ send_one_string (ctrl_t ctrl, const char *name, const char *string) /* Implement the GETATTR command. This is similar to the LEARN command but returns just one value via the status interface. */ -static gpg_error_t +static gpg_error_t do_getattr (app_t app, ctrl_t ctrl, const char *name) { gpg_error_t err; struct app_local_s *ld = app->app_local; char numbuf[100]; - + if (!strcmp (name, "X-KBLZ")) err = send_one_string (ctrl, name, ld->kblz); else if (!strcmp (name, "X-BANKINFO")) @@ -123,24 +123,24 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) } else if (!strcmp (name, "X-BALANCE")) { - snprintf (numbuf, sizeof numbuf, "%.2f", + snprintf (numbuf, sizeof numbuf, "%.2f", (double)ld->balance / 100 * ld->currency_mult100); err = send_one_string (ctrl, name, numbuf); } else if (!strcmp (name, "X-MAXAMOUNT")) { - snprintf (numbuf, sizeof numbuf, "%.2f", + snprintf (numbuf, sizeof numbuf, "%.2f", (double)ld->maxamount / 100 * ld->currency_mult100); err = send_one_string (ctrl, name, numbuf); } else if (!strcmp (name, "X-MAXAMOUNT1")) { - snprintf (numbuf, sizeof numbuf, "%.2f", + snprintf (numbuf, sizeof numbuf, "%.2f", (double)ld->maxamount1 / 100 * ld->currency_mult100); err = send_one_string (ctrl, name, numbuf); } else - err = gpg_error (GPG_ERR_INV_NAME); + err = gpg_error (GPG_ERR_INV_NAME); return err; } @@ -185,7 +185,7 @@ copy_bcd (const unsigned char *string, size_t length) if (!length) return xtrystrdup (""); - + /* Skip leading zeroes. */ for (; length && !*string; length--, string++) ; @@ -196,7 +196,7 @@ copy_bcd (const unsigned char *string, size_t length) { if (!needed && !(*s & 0xf0)) ; /* Skip the leading zero in the first nibble. */ - else + else { if ( ((*s >> 4) & 0x0f) > 9 ) { @@ -216,7 +216,7 @@ copy_bcd (const unsigned char *string, size_t length) return NULL; } } - + } if (!needed) /* If it is all zero, print a "0". */ needed++; @@ -227,12 +227,12 @@ copy_bcd (const unsigned char *string, size_t length) s = string; n = length; - needed = 0; + needed = 0; for (; n ; n--, s++) { if (!needed && !(*s & 0xf0)) ; /* Skip the leading zero in the first nibble. */ - else + else { *dst++ = '0' + ((*s >> 4) & 0x0f); needed++; @@ -247,7 +247,7 @@ copy_bcd (const unsigned char *string, size_t length) } } if (!needed) - *dst++ = '0'; + *dst++ = '0'; *dst = 0; return buffer; @@ -282,11 +282,11 @@ app_select_geldkarte (app_t app) size_t resultlen; struct app_local_s *ld; const char *banktype; - + err = iso7816_select_application (slot, aid, sizeof aid, 0); if (err) - goto leave; - + goto leave; + /* Read the first record of EF_ID (SFI=0x17). We require this record to be at least 24 bytes with the the first byte 0x67 and a correct filler byte. */ @@ -298,7 +298,7 @@ app_select_geldkarte (app_t app) err = gpg_error (GPG_ERR_NOT_FOUND); goto leave; } - + /* The short Bankleitzahl consists of 3 bytes at offset 1. */ switch (result[1]) { @@ -307,11 +307,11 @@ app_select_geldkarte (app_t app) case 0x25: banktype = "Sparkasse"; break; case 0x26: case 0x29: banktype = "Genossenschaftsbank"; break; - default: + default: err = gpg_error (GPG_ERR_NOT_FOUND); goto leave; /* Probably not a Geldkarte. */ } - + app->apptype = "GELDKARTE"; app->fnc.deinit = do_deinit; @@ -339,7 +339,7 @@ app_select_geldkarte (app_t app) goto leave; } - snprintf (ld->kblz, sizeof ld->kblz, "%02X-%02X%02X", + snprintf (ld->kblz, sizeof ld->kblz, "%02X-%02X%02X", result[1], result[2], result[3]); ld->banktype = banktype; ld->cardno = copy_bcd (result+4, 5); @@ -348,8 +348,8 @@ app_select_geldkarte (app_t app) err = gpg_err_code_from_syserror (); goto leave; } - - snprintf (ld->expires, sizeof ld->expires, "20%02X-%02X", + + snprintf (ld->expires, sizeof ld->expires, "20%02X-%02X", result[10], result[11]); snprintf (ld->validfrom, sizeof ld->validfrom, "20%02X-%02X-%02X", result[12], result[13], result[14]); diff --git a/scd/app-help.c b/scd/app-help.c index 3d9c605f6..2576d5cfa 100644 --- a/scd/app-help.c +++ b/scd/app-help.c @@ -120,7 +120,7 @@ app_help_read_length_of_cert (int slot, int fid, size_t *r_certoff) fid, gpg_strerror (err)); return 0; } - + if (!buflen || *buffer == 0xff) { log_info ("no certificate contained in FID 0x%04X\n", fid); @@ -178,5 +178,3 @@ app_help_read_length_of_cert (int slot, int fid, size_t *r_certoff) return resultlen; } - - diff --git a/scd/app-nks.c b/scd/app-nks.c index 076b9139f..c1b2aa376 100644 --- a/scd/app-nks.c +++ b/scd/app-nks.c @@ -188,8 +188,8 @@ keygripstr_from_pk_file (app_t app, int fid, char *r_gripstr) libgcrypt but we can't yet rely on it yet. */ for (i=0; i < 2; i++) { - while (buflen[i]-offset[i] > 1 - && !buffer[i][offset[i]] + while (buflen[i]-offset[i] > 1 + && !buffer[i][offset[i]] && !(buffer[i][offset[i]+1] & 0x80)) offset[i]++; } @@ -201,9 +201,9 @@ keygripstr_from_pk_file (app_t app, int fid, char *r_gripstr) { if ((buflen[i]-offset[i]) && (buffer[i][offset[i]] & 0x80)) { - unsigned char *newbuf; + unsigned char *newbuf; size_t newlen; - + newlen = 1 + buflen[i] - offset[i]; newbuf = xtrymalloc (newlen); if (!newlen) @@ -271,7 +271,7 @@ get_chv_status (app_t app, int sigg, int pwid) command[2] = 0x00; command[3] = pwid; - if (apdu_send_direct (app->slot, 0, (unsigned char *)command, + if (apdu_send_direct (app->slot, 0, (unsigned char *)command, 4, 0, &result, &resultlen)) rc = -1; /* Error. */ else if (resultlen < 2) @@ -299,7 +299,7 @@ get_chv_status (app_t app, int sigg, int pwid) /* Implement the GETATTR command. This is similar to the LEARN command but returns just one value via the status interface. */ -static gpg_error_t +static gpg_error_t do_getattr (app_t app, ctrl_t ctrl, const char *name) { static struct { @@ -322,7 +322,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++) ; if (!table[idx].name) - return gpg_error (GPG_ERR_INV_NAME); + return gpg_error (GPG_ERR_INV_NAME); switch (table[idx].special) { @@ -350,7 +350,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) two global passwords followed by the two SigG passwords. For the values, see the function get_chv_status. */ int tmp[4]; - + /* We use a helper array so that we can control that there is no superfluous application switch. Note that PW2.CH.SIG really has the identifier 0x83 and not 0x82 as one would @@ -358,8 +358,8 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) tmp[0] = get_chv_status (app, 0, 0x00); tmp[1] = get_chv_status (app, 0, 0x01); tmp[2] = get_chv_status (app, 1, 0x81); - tmp[3] = get_chv_status (app, 1, 0x83); - snprintf (buffer, sizeof buffer, + tmp[3] = get_chv_status (app, 1, 0x83); + snprintf (buffer, sizeof buffer, "%d %d %d %d", tmp[0], tmp[1], tmp[2], tmp[3]); send_status_info (ctrl, table[idx].name, buffer, strlen (buffer), NULL, 0); @@ -413,11 +413,11 @@ do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags, int is_sigg) context so that a following readcert does only need to read that many bytes. */ snprintf (ct_buf, sizeof ct_buf, "%d", filelist[i].certtype); - snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X", + snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X", tag, filelist[i].fid); send_status_info (ctrl, "CERTINFO", - ct_buf, strlen (ct_buf), - id_buf, strlen (id_buf), + ct_buf, strlen (ct_buf), + id_buf, strlen (id_buf), NULL, (size_t)0); } } @@ -434,8 +434,8 @@ do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags, int is_sigg) snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X", tag, filelist[i].fid); send_status_info (ctrl, "KEYPAIRINFO", - gripstr, 40, - id_buf, strlen (id_buf), + gripstr, 40, + id_buf, strlen (id_buf), NULL, (size_t)0); } } @@ -453,7 +453,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) err = switch_application (app, 0); if (err) return err; - + do_learn_status_core (app, ctrl, flags, 0); err = switch_application (app, 1); @@ -489,11 +489,11 @@ do_readcert (app_t app, const char *certid, *cert = NULL; *certlen = 0; - if (!strncmp (certid, "NKS-NKS3.", 9)) + if (!strncmp (certid, "NKS-NKS3.", 9)) ; - else if (!strncmp (certid, "NKS-DF01.", 9)) + else if (!strncmp (certid, "NKS-DF01.", 9)) ; - else if (!strncmp (certid, "NKS-SIGG.", 9)) + else if (!strncmp (certid, "NKS-SIGG.", 9)) is_sigg = 1; else return gpg_error (GPG_ERR_INV_ID); @@ -504,7 +504,7 @@ do_readcert (app_t app, const char *certid, certid += 9; if (!hexdigitp (certid) || !hexdigitp (certid+1) - || !hexdigitp (certid+2) || !hexdigitp (certid+3) + || !hexdigitp (certid+2) || !hexdigitp (certid+3) || certid[4]) return gpg_error (GPG_ERR_INV_ID); fid = xtoi_4 (certid); @@ -541,7 +541,7 @@ do_readcert (app_t app, const char *certid, fid, gpg_strerror (err)); return err; } - + if (!buflen || *buffer == 0xff) { log_info ("no certificate contained in FID 0x%04X\n", fid); @@ -569,13 +569,13 @@ do_readcert (app_t app, const char *certid, &ndef, &objlen, &hdrlen); if (err) goto leave; - + if (rootca) ; else if (class == CLASS_UNIVERSAL && tag == TAG_OBJECT_ID && !constructed) { const unsigned char *save_p; - + /* The certificate seems to be contained in a userCertificate container. Skip this and assume the following sequence is the certificate. */ @@ -589,7 +589,7 @@ do_readcert (app_t app, const char *certid, save_p = p; err = parse_ber_header (&p, &n, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); - if (err) + if (err) goto leave; if ( !(class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && constructed) ) return gpg_error (GPG_ERR_INV_OBJ); @@ -597,7 +597,7 @@ do_readcert (app_t app, const char *certid, assert (save_p + totobjlen <= buffer + buflen); memmove (buffer, save_p, totobjlen); } - + *cert = buffer; buffer = NULL; *certlen = totobjlen; @@ -628,7 +628,7 @@ do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen) if (!strcmp (keyid, "$IFDAUTHKEY") && app->app_local->nks_version >= 3) ; else /* Return the error code expected by cmd_readkey. */ - return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); + return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); /* Access the KEYD file which is always in the master directory. */ err = iso7816_select_path (app->slot, path, DIM (path), NULL, NULL); @@ -696,14 +696,14 @@ do_writekey (app_t app, ctrl_t ctrl, ; else return gpg_error (GPG_ERR_INV_ID); - + if (!force && !do_readkey (app, keyid, NULL, NULL)) return gpg_error (GPG_ERR_EEXIST); /* Parse the S-expression. */ err = get_rsa_pk_from_canon_sexp (keydata, keydatalen, &rsa_n, &rsa_n_len, &rsa_e, &rsa_e_len); - if (err) + if (err) goto leave; /* Check that the parameters match the requirements. */ @@ -732,7 +732,7 @@ do_writekey (app_t app, ctrl_t ctrl, /* Send the MSE:Store_Public_Key. */ err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); /* mse = xtrymalloc (1000); */ - + /* mse[0] = 0x80; /\* Algorithm reference. *\/ */ /* mse[1] = 1; */ /* mse[2] = 0x17; */ @@ -802,15 +802,15 @@ verify_pin (app_t app, int pwid, const char *desc, gpg_strerror (rc)); return rc; } - - rc = iso7816_verify_kp (app->slot, pwid, "", 0, &pininfo); + + rc = iso7816_verify_kp (app->slot, pwid, "", 0, &pininfo); pincb (pincb_arg, NULL, NULL); /* Dismiss the prompt. */ } else { char *pinvalue; - rc = pincb (pincb_arg, desc, &pinvalue); + rc = pincb (pincb_arg, desc, &pinvalue); if (rc) { log_info ("PIN callback returned error: %s\n", gpg_strerror (rc)); @@ -845,7 +845,7 @@ verify_pin (app_t app, int pwid, const char *desc, If a PIN is required the PINCB will be used to ask for the PIN; that callback should return the PIN in an allocated buffer and store that in the 3rd argument. */ -static gpg_error_t +static gpg_error_t do_sign (app_t app, const char *keyidstr, int hashalgo, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -876,11 +876,11 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, /* Check that the provided ID is valid. This is not really needed but we do it to enforce correct usage by the caller. */ - if (!strncmp (keyidstr, "NKS-NKS3.", 9) ) + if (!strncmp (keyidstr, "NKS-NKS3.", 9) ) ; - else if (!strncmp (keyidstr, "NKS-DF01.", 9) ) + else if (!strncmp (keyidstr, "NKS-DF01.", 9) ) ; - else if (!strncmp (keyidstr, "NKS-SIGG.", 9) ) + else if (!strncmp (keyidstr, "NKS-SIGG.", 9) ) is_sigg = 1; else return gpg_error (GPG_ERR_INV_ID); @@ -897,7 +897,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, } if (!hexdigitp (keyidstr) || !hexdigitp (keyidstr+1) - || !hexdigitp (keyidstr+2) || !hexdigitp (keyidstr+3) + || !hexdigitp (keyidstr+2) || !hexdigitp (keyidstr+3) || keyidstr[4]) return gpg_error (GPG_ERR_INV_ID); fid = xtoi_4 (keyidstr); @@ -914,7 +914,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, if (app->app_local->nks_version > 2 && (indatalen == 35 || indatalen == 47 || indatalen == 51 - || indatalen == 67 + || indatalen == 67 || indatalen == 83)) { /* The caller send data matching the length of the ASN.1 encoded @@ -931,7 +931,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, ; else if (hashalgo == GCRY_MD_RMD160 && !memcmp (indata,rmd160_prefix,15)) ; - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data, indata, indatalen); datalen = 35; @@ -942,7 +942,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, memcpy (data, sha1_prefix, 15); else if (hashalgo == GCRY_MD_RMD160) memcpy (data, rmd160_prefix, 15); - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data+15, indata, indatalen); datalen = 35; @@ -955,7 +955,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, if (app->app_local->nks_version > 2) { unsigned char mse[6]; - + mse[0] = 0x80; /* Algorithm reference. */ mse[1] = 1; mse[2] = 2; /* RSA, card does pkcs#1 v1.5 padding, no ASN.1 check. */ @@ -980,7 +980,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, /* Decrypt the data in INDATA and return the allocated result in OUTDATA. If a PIN is required the PINCB will be used to ask for the PIN; it should return the PIN in an allocated buffer and put it into PIN. */ -static gpg_error_t +static gpg_error_t do_decipher (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -997,11 +997,11 @@ do_decipher (app_t app, const char *keyidstr, /* Check that the provided ID is valid. This is not really needed but we do it to to enforce correct usage by the caller. */ - if (!strncmp (keyidstr, "NKS-NKS3.", 9) ) + if (!strncmp (keyidstr, "NKS-NKS3.", 9) ) ; - else if (!strncmp (keyidstr, "NKS-DF01.", 9) ) + else if (!strncmp (keyidstr, "NKS-DF01.", 9) ) ; - else if (!strncmp (keyidstr, "NKS-SIGG.", 9) ) + else if (!strncmp (keyidstr, "NKS-SIGG.", 9) ) is_sigg = 1; else return gpg_error (GPG_ERR_INV_ID); @@ -1012,7 +1012,7 @@ do_decipher (app_t app, const char *keyidstr, return rc; if (!hexdigitp (keyidstr) || !hexdigitp (keyidstr+1) - || !hexdigitp (keyidstr+2) || !hexdigitp (keyidstr+3) + || !hexdigitp (keyidstr+2) || !hexdigitp (keyidstr+3) || keyidstr[4]) return gpg_error (GPG_ERR_INV_ID); fid = xtoi_4 (keyidstr); @@ -1039,7 +1039,7 @@ do_decipher (app_t app, const char *keyidstr, } else { - static const unsigned char mse[] = + static const unsigned char mse[] = { 0x80, 1, 0x10, /* Select algorithm RSA. */ 0x84, 1, 0x81 /* Select local secret key 1 for decryption. */ @@ -1130,8 +1130,8 @@ parse_pwidstr (const char *pwidstr, int new_mode, int *r_sigg, int *r_pwid) /* Handle the PASSWD command. See parse_pwidstr() for allowed values for CHVNOSTR. */ -static gpg_error_t -do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, +static gpg_error_t +do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, unsigned int flags, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) @@ -1153,7 +1153,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, memset (&pininfo, 0, sizeof pininfo); pininfo.minlen = 6; pininfo.maxlen = 16; - + newdesc = parse_pwidstr (pwidstr, 1, &is_sigg, &pwid); if (!newdesc) return gpg_error (GPG_ERR_INV_ID); @@ -1204,7 +1204,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, /* Regular change mode: Ask for the old PIN. */ desc = parse_pwidstr (pwidstr, 0, &dummy1, &dummy2); } - err = pincb (pincb_arg, desc, &oldpin); + err = pincb (pincb_arg, desc, &oldpin); if (err) { log_error ("error getting old PIN: %s\n", gpg_strerror (err)); @@ -1216,14 +1216,14 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, goto leave; } - err = pincb (pincb_arg, newdesc, &newpin); + err = pincb (pincb_arg, newdesc, &newpin); if (err) { log_error (_("error getting new PIN: %s\n"), gpg_strerror (err)); goto leave; } newpinlen = strlen (newpin); - + err = basic_pin_checks (newpin, pininfo.minlen, pininfo.maxlen); if (err) goto leave; @@ -1246,8 +1246,8 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, wipememory (data, datalen); xfree (data); } - else - err = iso7816_change_reference_data (app->slot, pwid, + else + err = iso7816_change_reference_data (app->slot, pwid, oldpin, oldpinlen, newpin, newpinlen); leave: @@ -1258,7 +1258,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *pwidstr, /* Perform a simple verify operation. KEYIDSTR should be NULL or empty. */ -static gpg_error_t +static gpg_error_t do_check_pin (app_t app, const char *pwidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) @@ -1288,10 +1288,10 @@ get_nks_version (int slot) size_t resultlen; int type; - if (iso7816_apdu_direct (slot, "\x80\xaa\x06\x00\x00", 5, 0, + if (iso7816_apdu_direct (slot, "\x80\xaa\x06\x00\x00", 5, 0, &result, &resultlen)) return 2; /* NKS 2 does not support this command. */ - + /* Example value: 04 11 19 22 21 6A 20 80 03 03 01 01 01 00 00 00 vv tt ccccccccccccccccc aa bb cc vvvvvvvvvvv xx vendor (Philips) -+ | | | | | | | @@ -1332,7 +1332,7 @@ switch_application (app_t app, int enable_sigg) else err = iso7816_select_application (app->slot, aid_nks, sizeof aid_nks, 0); - if (!err && enable_sigg && app->app_local->nks_version >= 3 + if (!err && enable_sigg && app->app_local->nks_version >= 3 && !app->app_local->sigg_msig_checked) { /* Check whether this card is a mass signature card. */ @@ -1340,7 +1340,7 @@ switch_application (app_t app, int enable_sigg) size_t buflen; const unsigned char *tmpl; size_t tmpllen; - + app->app_local->sigg_msig_checked = 1; app->app_local->sigg_is_msig = 1; err = iso7816_select_file (app->slot, 0x5349, 0, NULL, NULL); @@ -1349,7 +1349,7 @@ switch_application (app_t app, int enable_sigg) if (!err) { tmpl = find_tlv (buffer, buflen, 0x7a, &tmpllen); - if (tmpl && tmpllen == 12 + if (tmpl && tmpllen == 12 && !memcmp (tmpl, "\x93\x02\x00\x01\xA4\x06\x83\x01\x81\x83\x01\x83", 12)) @@ -1359,7 +1359,7 @@ switch_application (app_t app, int enable_sigg) if (app->app_local->sigg_is_msig) log_info ("This is a mass signature card\n"); } - + if (!err) { app->app_local->need_app_select = 0; @@ -1379,7 +1379,7 @@ app_select_nks (app_t app) { int slot = app->slot; int rc; - + rc = iso7816_select_application (slot, aid_nks, sizeof aid_nks, 0); if (!rc) { @@ -1416,5 +1416,3 @@ app_select_nks (app_t app) do_deinit (app); return rc; } - - diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 029d99fb3..660519059 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -118,13 +118,13 @@ static struct { /* The format of RSA private keys. */ typedef enum - { + { RSA_UNKNOWN_FMT, RSA_STD, RSA_STD_N, RSA_CRT, RSA_CRT_N - } + } rsa_key_format_t; @@ -141,7 +141,7 @@ struct cache_s { struct app_local_s { /* A linked list with cached DOs. */ struct cache_s *cache; - + /* Keep track of the public keys. */ struct { @@ -166,7 +166,7 @@ struct app_local_s { } cardcap; /* Keep track of extended card capabilities. */ - struct + struct { unsigned int is_v2:1; /* This is a v2.0 compatible card. */ unsigned int get_challenge:1; @@ -195,7 +195,7 @@ struct app_local_s { of this strucuire is only valid if this is not 0. */ unsigned int e_bits; /* Size of the public exponent in bits. */ - rsa_key_format_t format; + rsa_key_format_t format; } keyattr[3]; }; @@ -213,7 +213,7 @@ static gpg_error_t do_auth (app_t app, const char *keyidstr, unsigned char **outdata, size_t *outdatalen); static void parse_algorithm_attribute (app_t app, int keyno); static gpg_error_t change_keyattr_from_string - (app_t app, + (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const void *value, size_t valuelen); @@ -253,7 +253,7 @@ do_deinit (app_t app) bypassed. With TRY_EXTLEN extended lengths APDUs are use if supported by the card. */ static gpg_error_t -get_cached_data (app_t app, int tag, +get_cached_data (app_t app, int tag, unsigned char **result, size_t *resultlen, int get_immediate, int try_extlen) { @@ -280,13 +280,13 @@ get_cached_data (app_t app, int tag, memcpy (p, c->data, c->length); *result = p; } - + *resultlen = c->length; - + return 0; } } - + if (try_extlen && app->app_local->cardcap.ext_lc_le) exmode = app->app_local->extcap.max_rsp_data; else @@ -313,7 +313,7 @@ get_cached_data (app_t app, int tag, /* Okay, cache it. */ for (c=app->app_local->cache; c; c = c->next) assert (c->tag != tag); - + c = xtrymalloc (sizeof *c + len); if (c) { @@ -439,7 +439,7 @@ get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes, { rc = get_cached_data (app, data_objects[i].get_from, &buffer, &buflen, - (data_objects[i].dont_cache + (data_objects[i].dont_cache || data_objects[i].get_immediate_in_v11), data_objects[i].try_extlen); if (!rc) @@ -463,7 +463,7 @@ get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes, if (!value) /* Not in a constructed DO, try simple. */ { rc = get_cached_data (app, tag, &buffer, &buflen, - (data_objects[i].dont_cache + (data_objects[i].dont_cache || data_objects[i].get_immediate_in_v11), data_objects[i].try_extlen); if (!rc) @@ -490,7 +490,7 @@ dump_all_do (int slot) int rc, i, j; unsigned char *buffer; size_t buflen; - + for (i=0; data_objects[i].tag; i++) { if (data_objects[i].get_from) @@ -501,7 +501,7 @@ dump_all_do (int slot) rc = iso7816_get_data (slot, 0, data_objects[i].tag, &buffer, &buflen); if (gpg_err_code (rc) == GPG_ERR_NO_OBJ) ; - else if (rc) + else if (rc) log_info ("DO `%s' not available: %s\n", data_objects[i].desc, gpg_strerror (rc)); else @@ -522,7 +522,7 @@ dump_all_do (int slot) { const unsigned char *value; size_t valuelen; - + if (j==i || data_objects[i].tag != data_objects[j].get_from) continue; value = find_tlv_unchecked (buffer, buflen, @@ -634,7 +634,7 @@ parse_login_data (app_t app) next: for (; buflen && *buffer != '\x18'; buflen--, buffer++) if (*buffer == '\n') - buflen = 1; + buflen = 1; } while (buflen); @@ -642,17 +642,17 @@ parse_login_data (app_t app) } /* Note, that FPR must be at least 20 bytes. */ -static gpg_error_t +static gpg_error_t store_fpr (app_t app, int keynumber, u32 timestamp, const unsigned char *m, size_t mlen, - const unsigned char *e, size_t elen, + const unsigned char *e, size_t elen, unsigned char *fpr, unsigned int card_version) { unsigned int n, nbits; unsigned char *buffer, *p; int tag, tag2; int rc; - + for (; mlen && !*m; mlen--, m++) /* strip leading zeroes */ ; for (; elen && !*e; elen--, e++) /* strip leading zeroes */ @@ -662,7 +662,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, p = buffer = xtrymalloc (3 + n); if (!buffer) return gpg_error_from_syserror (); - + *p++ = 0x99; /* ctb */ *p++ = n >> 8; /* 2 byte length header */ *p++ = n; @@ -680,7 +680,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, *p++ = nbits >> 8; *p++ = nbits; memcpy (p, e, elen); p += elen; - + gcry_md_hash_buffer (GCRY_MD_SHA1, fpr, buffer, n+3); xfree (buffer); @@ -712,11 +712,11 @@ store_fpr (app_t app, int keynumber, u32 timestamp, return rc; } - + static void send_fpr_if_not_null (ctrl_t ctrl, const char *keyword, int number, const unsigned char *fpr) -{ +{ int i; char buf[41]; char numbuf[25]; @@ -738,7 +738,7 @@ send_fpr_if_not_null (ctrl_t ctrl, const char *keyword, static void send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword, int number, const unsigned char *stamp) -{ +{ char numbuf1[50], numbuf2[50]; unsigned long value; @@ -753,11 +753,11 @@ send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword, } static void -send_key_data (ctrl_t ctrl, const char *name, +send_key_data (ctrl_t ctrl, const char *name, const unsigned char *a, size_t alen) { char *buf; - + buf = bin2hex (a, alen, NULL); if (!buf) { @@ -766,7 +766,7 @@ send_key_data (ctrl_t ctrl, const char *name, } send_status_info (ctrl, "KEY-DATA", - name, (size_t)strlen(name), + name, (size_t)strlen(name), buf, (size_t)strlen (buf), NULL, 0); xfree (buf); @@ -775,7 +775,7 @@ send_key_data (ctrl_t ctrl, const char *name, static void send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number) -{ +{ char buffer[200]; assert (number >=0 && number < DIM(app->app_local->keyattr)); @@ -792,7 +792,7 @@ send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number) /* Implement the GETATTR command. This is similar to the LEARN command but returns just one value via the status interface. */ -static gpg_error_t +static gpg_error_t do_getattr (app_t app, ctrl_t ctrl, const char *name) { static struct { @@ -809,7 +809,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) { "KEY-TIME", 0x00CD, 4 }, { "KEY-ATTR", 0x0000, -5 }, { "CA-FPR", 0x00C6, 3 }, - { "CHV-STATUS", 0x00C4, 1 }, + { "CHV-STATUS", 0x00C4, 1 }, { "SIG-COUNTER", 0x0093, 2 }, { "SERIALNO", 0x004F, -1 }, { "AID", 0x004F }, @@ -830,8 +830,8 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++) ; if (!table[idx].name) - return gpg_error (GPG_ERR_INV_NAME); - + return gpg_error (GPG_ERR_INV_NAME); + if (table[idx].special == -1) { /* The serial number is very special. We could have used the @@ -859,7 +859,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) char tmp[100]; snprintf (tmp, sizeof tmp, - "gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d", + "gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d", app->app_local->extcap.get_challenge, app->app_local->extcap.key_import, app->app_local->extcap.change_force_chv, @@ -882,7 +882,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) { char *serial; time_t stamp; - + if (!app_get_serial_and_stamp (app, &serial, &stamp)) { if (strlen (serial) > 16+12) @@ -893,7 +893,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) } xfree (serial); } - return gpg_error (GPG_ERR_INV_NAME); + return gpg_error (GPG_ERR_INV_NAME); } if (table[idx].special == -5) { @@ -908,9 +908,9 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) if (table[idx].special == 1) { char numbuf[7*23]; - + for (i=0,*numbuf=0; i < valuelen && i < 7; i++) - sprintf (numbuf+strlen (numbuf), " %d", value[i]); + sprintf (numbuf+strlen (numbuf), " %d", value[i]); send_status_info (ctrl, table[idx].name, numbuf, strlen (numbuf), NULL, 0); } @@ -1036,7 +1036,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid, found_key = 1; continue; } - + if ( !strcmp (fields[0], "sub") || !strcmp (fields[0], "pub") ) break; /* Next key - stop. */ @@ -1049,7 +1049,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid, err = gpg_error (GPG_ERR_GENERAL); goto leave; /* Error: Invalid key data record or not an RSA key. */ } - + err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_HEX, fields[3], 0, NULL); if (err) mpi = NULL; @@ -1061,7 +1061,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid, if (err) goto leave; } - + if (m_new && e_new) { *m = m_new; @@ -1136,10 +1136,10 @@ get_public_key (app_t app, int keyno) le_value = 256; /* Use legacy value. */ } - err = iso7816_read_public_key + err = iso7816_read_public_key (app->slot, exmode, (const unsigned char*)(keyno == 0? "\xB6" : - keyno == 1? "\xB8" : "\xA4"), 2, + keyno == 1? "\xB8" : "\xA4"), 2, le_value, &buffer, &buflen); if (err) @@ -1155,7 +1155,7 @@ get_public_key (app_t app, int keyno) log_error (_("response does not contain the public key data\n")); goto leave; } - + m = find_tlv (keydata, keydatalen, 0x0081, &mlen); if (!m) { @@ -1163,7 +1163,7 @@ get_public_key (app_t app, int keyno) log_error (_("response does not contain the RSA modulus\n")); goto leave; } - + e = find_tlv (keydata, keydatalen, 0x0082, &elen); if (!e) @@ -1266,7 +1266,7 @@ get_public_key (app_t app, int keyno) err = gpg_error_from_syserror (); goto leave; } - + sprintf (keybuf, "(10:public-key(3:rsa(1:n%u:", (unsigned int) mlen); keybuf_p = keybuf + strlen (keybuf); memcpy (keybuf_p, m, mlen); @@ -1277,7 +1277,7 @@ get_public_key (app_t app, int keyno) keybuf_p += elen; strcpy (keybuf_p, ")))"); keybuf_p += strlen (keybuf_p); - + app->app_local->pk[keyno].key = (unsigned char*)keybuf; app->app_local->pk[keyno].keylen = (keybuf_p - keybuf); @@ -1310,7 +1310,7 @@ send_keypair_info (app_t app, ctrl_t ctrl, int keyno) err = get_public_key (app, keyno); if (err) goto leave; - + assert (keyno >= 1 && keyno <= 3); if (!app->app_local->pk[keyno-1].key) goto leave; /* No such key - ignore. */ @@ -1320,19 +1320,19 @@ send_keypair_info (app_t app, ctrl_t ctrl, int keyno) grip); if (err) goto leave; - + bin2hex (grip, 20, gripstr); sprintf (idbuf, "OPENPGP.%d", keyno); - send_status_info (ctrl, "KEYPAIRINFO", - gripstr, 40, - idbuf, strlen (idbuf), + send_status_info (ctrl, "KEYPAIRINFO", + gripstr, 40, + idbuf, strlen (idbuf), NULL, (size_t)0); leave: #endif /* GNUPG_MAJOR_VERSION > 1 */ - return err; + return err; } @@ -1341,7 +1341,7 @@ static gpg_error_t do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) { (void)flags; - + do_getattr (app, ctrl, "EXTCAP"); do_getattr (app, ctrl, "DISP-NAME"); do_getattr (app, ctrl, "DISP-LANG"); @@ -1524,16 +1524,16 @@ verify_a_chv (app_t app, else prompt = _("||Please enter the PIN"); - + if (!opt.disable_keypad && !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) ) { /* The reader supports the verify command through the keypad. Note that the pincb appends a text to the prompt telling the user to use the keypad. */ - rc = pincb (pincb_arg, prompt, NULL); + rc = pincb (pincb_arg, prompt, NULL); prompt = NULL; - xfree (prompt_buffer); + xfree (prompt_buffer); prompt_buffer = NULL; if (rc) { @@ -1541,7 +1541,7 @@ verify_a_chv (app_t app, gpg_strerror (rc)); return rc; } - rc = iso7816_verify_kp (app->slot, 0x80+chvno, "", 0, &pininfo); + rc = iso7816_verify_kp (app->slot, 0x80+chvno, "", 0, &pininfo); /* Dismiss the prompt. */ pincb (pincb_arg, NULL, NULL); @@ -1550,9 +1550,9 @@ verify_a_chv (app_t app, else { /* The reader has no keypad or we don't want to use it. */ - rc = pincb (pincb_arg, prompt, pinvalue); + rc = pincb (pincb_arg, prompt, pinvalue); prompt = NULL; - xfree (prompt_buffer); + xfree (prompt_buffer); prompt_buffer = NULL; if (rc) { @@ -1560,7 +1560,7 @@ verify_a_chv (app_t app, gpg_strerror (rc)); return rc; } - + if (strlen (*pinvalue) < minlen) { log_error (_("PIN for CHV%d is too short;" @@ -1573,7 +1573,7 @@ verify_a_chv (app_t app, rc = iso7816_verify (app->slot, 0x80+chvno, *pinvalue, strlen (*pinvalue)); } - + if (rc) { log_error (_("verify CHV%d failed: %s\n"), chvno, gpg_strerror (rc)); @@ -1596,14 +1596,14 @@ verify_chv2 (app_t app, int rc; char *pinvalue; - if (app->did_chv2) + if (app->did_chv2) return 0; /* We already verified CHV2. */ rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue); if (rc) return rc; app->did_chv2 = 1; - + if (!app->did_chv1 && !app->force_chv1 && pinvalue) { /* For convenience we verify CHV1 here too. We do this only if @@ -1630,7 +1630,7 @@ verify_chv2 (app_t app, /* Build the prompt to enter the Admin PIN. The prompt depends on the current sdtate of the card. */ -static gpg_error_t +static gpg_error_t build_enter_admin_pin_prompt (app_t app, char **r_prompt) { void *relptr; @@ -1656,7 +1656,7 @@ build_enter_admin_pin_prompt (app_t app, char **r_prompt) } remaining = value[6]; xfree (relptr); - + log_info(_("%d Admin PIN attempts remaining before card" " is permanently locked\n"), remaining); @@ -1669,10 +1669,10 @@ build_enter_admin_pin_prompt (app_t app, char **r_prompt) } else prompt = xtrystrdup (_("|A|Please enter the Admin PIN")); - + if (!prompt) return gpg_error_from_syserror (); - + *r_prompt = prompt; return 0; } @@ -1693,8 +1693,8 @@ verify_chv3 (app_t app, return gpg_error (GPG_ERR_EACCES); } #endif - - if (!app->did_chv3) + + if (!app->did_chv3) { iso7816_pininfo_t pininfo; int minlen = 8; @@ -1712,7 +1712,7 @@ verify_chv3 (app_t app, && !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) ) { /* The reader supports the verify command through the keypad. */ - rc = pincb (pincb_arg, prompt, NULL); + rc = pincb (pincb_arg, prompt, NULL); xfree (prompt); prompt = NULL; if (rc) @@ -1721,7 +1721,7 @@ verify_chv3 (app_t app, gpg_strerror (rc)); return rc; } - rc = iso7816_verify_kp (app->slot, 0x83, "", 0, &pininfo); + rc = iso7816_verify_kp (app->slot, 0x83, "", 0, &pininfo); /* Dismiss the prompt. */ pincb (pincb_arg, NULL, NULL); } @@ -1729,7 +1729,7 @@ verify_chv3 (app_t app, { char *pinvalue; - rc = pincb (pincb_arg, prompt, &pinvalue); + rc = pincb (pincb_arg, prompt, &pinvalue); xfree (prompt); prompt = NULL; if (rc) @@ -1738,7 +1738,7 @@ verify_chv3 (app_t app, gpg_strerror (rc)); return rc; } - + if (strlen (pinvalue) < minlen) { log_error (_("PIN for CHV%d is too short;" @@ -1746,11 +1746,11 @@ verify_chv3 (app_t app, xfree (pinvalue); return gpg_error (GPG_ERR_BAD_PIN); } - + rc = iso7816_verify (app->slot, 0x83, pinvalue, strlen (pinvalue)); xfree (pinvalue); } - + if (rc) { log_error (_("verify CHV%d failed: %s\n"), 3, gpg_strerror (rc)); @@ -1765,7 +1765,7 @@ verify_chv3 (app_t app, /* Handle the SETATTR operation. All arguments are already basically checked. */ -static gpg_error_t +static gpg_error_t do_setattr (app_t app, const char *name, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -1804,7 +1804,7 @@ do_setattr (app_t app, const char *name, for (idx=0; table[idx].name && strcmp (table[idx].name, name); idx++) ; if (!table[idx].name) - return gpg_error (GPG_ERR_INV_NAME); + return gpg_error (GPG_ERR_INV_NAME); if (table[idx].need_v2 && !app->app_local->extcap.is_v2) return gpg_error (GPG_ERR_NOT_SUPPORTED); /* Not yet supported. */ @@ -1855,7 +1855,7 @@ do_setattr (app_t app, const char *name, callback. */ static gpg_error_t do_writecert (app_t app, ctrl_t ctrl, - const char *certidstr, + const char *certidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const unsigned char *certdata, size_t certdatalen) @@ -1893,8 +1893,8 @@ do_writecert (app_t app, ctrl_t ctrl, - 2 2 Verify Reset Code and set a new PW1. - 3 any Verify CHV3/PW3 and set a new CHV3/PW3. */ -static gpg_error_t -do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, +static gpg_error_t +do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, unsigned int flags, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) @@ -1932,7 +1932,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, /* On a v1.x card CHV1 and CVH2 should always have the same value, thus we enforce it here. */ int save_force = app->force_chv1; - + app->force_chv1 = 0; app->did_chv1 = 0; app->did_chv2 = 0; @@ -1958,7 +1958,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, rc = verify_chv3 (app, pincb, pincb_arg); if (rc) goto leave; - + if (chvno == 2) set_resetcode = 1; } @@ -2020,14 +2020,14 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, log_error (_("Reset Code not or not anymore available\n")); rc = gpg_error (GPG_ERR_BAD_PIN); goto leave; - } - + } + rc = pincb (pincb_arg, _("||Please enter the Reset Code for the card"), - &resetcode); + &resetcode); if (rc) { - log_info (_("PIN callback returned error: %s\n"), + log_info (_("PIN callback returned error: %s\n"), gpg_strerror (rc)); goto leave; } @@ -2054,10 +2054,10 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, /* TRANSLATORS: Do not translate the "|*|" prefixes but keep it at the start of the string. We need this elsewhere to get some infos on the string. */ - rc = pincb (pincb_arg, + rc = pincb (pincb_arg, set_resetcode? _("|RN|New Reset Code") : - chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"), - &pinvalue); + chvno == 3? _("|AN|New Admin PIN") : _("|N|New PIN"), + &pinvalue); if (rc) { log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc)); @@ -2121,7 +2121,7 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, { /* Version 2 cards. */ assert (chvno == 1 || chvno == 3); - + rc = iso7816_change_reference_data (app->slot, 0x80 + chvno, oldpinvalue, strlen (oldpinvalue), pinvalue, strlen (pinvalue)); @@ -2199,7 +2199,7 @@ does_key_exist (app_t app, int keyidx, int generating, int force) of tag and length. A LENGTH greater than 65535 is truncated. */ static size_t add_tlv (unsigned char *buffer, unsigned int tag, size_t length) -{ +{ unsigned char *p = buffer; assert (tag <= 0xffff); @@ -2325,15 +2325,15 @@ build_privkey_template (app_t app, int keyno, /* Right justify E. */ memmove (tp + rsa_e_reqlen - rsa_e_len, tp, rsa_e_len); memset (tp, 0, rsa_e_reqlen - rsa_e_len); - } + } tp += rsa_e_reqlen; - + memcpy (tp, rsa_p, rsa_p_len); tp += rsa_p_len; - + memcpy (tp, rsa_q, rsa_q_len); tp += rsa_q_len; - + if (app->app_local->keyattr[keyno].format == RSA_STD_N || app->app_local->keyattr[keyno].format == RSA_CRT_N) { @@ -2378,7 +2378,7 @@ change_keyattr (app_t app, int keyno, unsigned int nbits, xfree (relptr); return gpg_error (GPG_ERR_CARD); } - + /* We only change n_bits and don't touch anything else. Before we do so, we round up NBITS to a sensible way in the same way as gpg's key generation does it. This may help to sort out problems @@ -2413,8 +2413,8 @@ change_keyattr (app_t app, int keyno, unsigned int nbits, /* Helper to process an setattr command for name KEY-ATTR. It expects a string "--force " in (VALUE,VALUELEN). */ -static gpg_error_t -change_keyattr_from_string (app_t app, +static gpg_error_t +change_keyattr_from_string (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const void *value, size_t valuelen) @@ -2494,13 +2494,13 @@ do_writekey (app_t app, ctrl_t ctrl, keyno = 2; else return gpg_error (GPG_ERR_INV_ID); - + err = does_key_exist (app, keyno, 0, force); if (err) return err; - /* + /* Parse the S-expression */ buf = keydata; @@ -2548,10 +2548,10 @@ do_writekey (app_t app, ctrl_t ctrl, switch (*tok) { - case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break; - case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break; - case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break; - case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break; + case 'n': mpi = &rsa_n; mpi_len = &rsa_n_len; break; + case 'e': mpi = &rsa_e; mpi_len = &rsa_e_len; break; + case 'p': mpi = &rsa_p; mpi_len = &rsa_p_len; break; + case 'q': mpi = &rsa_q; mpi_len = &rsa_q_len;break; default: mpi = NULL; mpi_len = NULL; break; } if (mpi && *mpi) @@ -2623,7 +2623,7 @@ do_writekey (app_t app, ctrl_t ctrl, maxbits = app->app_local->keyattr[keyno].n_bits; nbits = rsa_n? count_bits (rsa_n, rsa_n_len) : 0; if (opt.verbose) - log_info ("RSA modulus size is %u bits (%u bytes)\n", + log_info ("RSA modulus size is %u bits (%u bytes)\n", nbits, (unsigned int)rsa_n_len); if (nbits && nbits != maxbits && app->app_local->extcap.algo_attr_change) @@ -2635,7 +2635,7 @@ do_writekey (app_t app, ctrl_t ctrl, } if (nbits != maxbits) { - log_error (_("RSA modulus missing or not of size %d bits\n"), + log_error (_("RSA modulus missing or not of size %d bits\n"), (int)maxbits); err = gpg_error (GPG_ERR_BAD_SECKEY); goto leave; @@ -2657,7 +2657,7 @@ do_writekey (app_t app, ctrl_t ctrl, nbits = rsa_p? count_bits (rsa_p, rsa_p_len) : 0; if (nbits != maxbits) { - log_error (_("RSA prime %s missing or not of size %d bits\n"), + log_error (_("RSA prime %s missing or not of size %d bits\n"), "P", (int)maxbits); err = gpg_error (GPG_ERR_BAD_SECKEY); goto leave; @@ -2665,12 +2665,12 @@ do_writekey (app_t app, ctrl_t ctrl, nbits = rsa_q? count_bits (rsa_q, rsa_q_len) : 0; if (nbits != maxbits) { - log_error (_("RSA prime %s missing or not of size %d bits\n"), + log_error (_("RSA prime %s missing or not of size %d bits\n"), "Q", (int)maxbits); err = gpg_error (GPG_ERR_BAD_SECKEY); goto leave; } - + /* We need to remove the cached public key. */ xfree (app->app_local->pk[keyno].key); app->app_local->pk[keyno].key = NULL; @@ -2683,7 +2683,7 @@ do_writekey (app_t app, ctrl_t ctrl, /* Build the private key template as described in section 4.3.3.7 of the OpenPGP card specs version 2.0. */ int exmode; - + err = build_privkey_template (app, keyno, rsa_n, rsa_n_len, rsa_e, rsa_e_len, @@ -2713,8 +2713,8 @@ do_writekey (app_t app, ctrl_t ctrl, /* Build the private key template as described in section 4.3.3.6 of the OpenPGP card specs version 1.1: 0xC0 public exponent - 0xC1 prime p - 0xC2 prime q + 0xC1 prime p + 0xC2 prime q */ assert (rsa_e_len <= 4); template_len = (1 + 1 + 4 @@ -2734,21 +2734,21 @@ do_writekey (app_t app, ctrl_t ctrl, /* Right justify E. */ memmove (tp+4-rsa_e_len, tp, rsa_e_len); memset (tp, 0, 4-rsa_e_len); - } + } tp += 4; - + *tp++ = 0xC1; *tp++ = rsa_p_len; memcpy (tp, rsa_p, rsa_p_len); tp += rsa_p_len; - + *tp++ = 0xC2; *tp++ = rsa_q_len; memcpy (tp, rsa_q, rsa_q_len); tp += rsa_q_len; - + assert (tp - template == template_len); - + /* Prepare for storing the key. */ err = verify_chv3 (app, pincb, pincb_arg); if (err) @@ -2764,7 +2764,7 @@ do_writekey (app_t app, ctrl_t ctrl, log_error (_("failed to store the key: %s\n"), gpg_strerror (err)); goto leave; } - + err = store_fpr (app, keyno, created_at, rsa_n, rsa_n_len, rsa_e, rsa_e_len, fprbuf, app->card_version); @@ -2779,7 +2779,7 @@ do_writekey (app_t app, ctrl_t ctrl, /* Handle the GENKEY command. */ -static gpg_error_t +static gpg_error_t do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, time_t createtime, gpg_error_t (*pincb)(void*, const char *, char **), @@ -2797,7 +2797,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, time_t start_at; int exmode; int le_value; - unsigned int keybits; + unsigned int keybits; if (keyno < 1 || keyno > 3) return gpg_error (GPG_ERR_INV_ID); @@ -2821,7 +2821,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, /* Because we send the key parameter back via status lines we need to put a limit on the max. allowed keysize. 2048 bit will already lead to a 527 byte long status line and thus a 4096 bit - key would exceed the Assuan line length limit. */ + key would exceed the Assuan line length limit. */ keybits = app->app_local->keyattr[keyno].n_bits; if (keybits > 3072) return gpg_error (GPG_ERR_TOO_LARGE); @@ -2839,7 +2839,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, le_value = app->app_local->extcap.max_rsp_data; /* No need to check le_value because it comes from a 16 bit value and thus can't create an overflow on a 32 bit - system. */ + system. */ } else { @@ -2849,10 +2849,10 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, log_info (_("please wait while key is being generated ...\n")); start_at = time (NULL); - rc = iso7816_generate_keypair + rc = iso7816_generate_keypair /* # warning key generation temporary replaced by reading an existing key. */ /* rc = iso7816_read_public_key */ - (app->slot, exmode, + (app->slot, exmode, (const unsigned char*)(keyno == 0? "\xB6" : keyno == 1? "\xB8" : "\xA4"), 2, le_value, @@ -2873,7 +2873,7 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, log_error (_("response does not contain the public key data\n")); goto leave; } - + m = find_tlv (keydata, keydatalen, 0x0081, &mlen); if (!m) { @@ -2950,7 +2950,7 @@ compare_fingerprint (app_t app, int keyno, unsigned char *sha1fpr) unsigned char *buffer; size_t buflen, n; int rc, i; - + assert (keyno >= 1 && keyno <= 3); rc = get_cached_data (app, 0x006E, &buffer, &buflen, 0, 0); @@ -3014,12 +3014,12 @@ check_against_given_fingerprint (app_t app, const char *fpr, int keyno) Note that this function may return the error code GPG_ERR_WRONG_CARD to indicate that the card currently present does not match the one required for the requested action (e.g. the - serial number does not match). - + serial number does not match). + As a special feature a KEYIDSTR of "OPENPGP.3" redirects the operation to the auth command. */ -static gpg_error_t +static gpg_error_t do_sign (app_t app, const char *keyidstr, int hashalgo, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -3071,7 +3071,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, { \ indata = (const char*)indata + sizeof b ## _prefix; \ indatalen -= sizeof b ## _prefix; \ - } + } if (indatalen == 20) ; /* Assume a plain SHA-1 or RMD160 digest has been given. */ @@ -3081,7 +3081,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, else X(SHA256, sha256, 32, app->app_local->extcap.is_v2) else X(SHA384, sha384, 48, app->app_local->extcap.is_v2) else X(SHA512, sha512, 64, app->app_local->extcap.is_v2) - else if ((indatalen == 28 || indatalen == 32 + else if ((indatalen == 28 || indatalen == 32 || indatalen == 48 || indatalen ==64) && app->app_local->extcap.is_v2) ; /* Assume a plain SHA-3 digest has been given. */ @@ -3110,7 +3110,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, else if (!*s) ; /* no fingerprint given: we allow this for now. */ else if (*s == '/') - fpr = s + 1; + fpr = s + 1; else return gpg_error (GPG_ERR_INV_ID); @@ -3141,7 +3141,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, assert (datalen <= sizeof data); \ memcpy (data, b ## _prefix, sizeof b ## _prefix); \ memcpy (data + sizeof b ## _prefix, indata, indatalen); \ - } + } X(SHA1, sha1, 1) else X(RMD160, rmd160, 1) @@ -3149,7 +3149,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, else X(SHA256, sha256, app->app_local->extcap.is_v2) else X(SHA384, sha384, app->app_local->extcap.is_v2) else X(SHA512, sha512, app->app_local->extcap.is_v2) - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); #undef X @@ -3166,7 +3166,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, log_info (_("signatures created so far: %lu\n"), sigcount); /* Check CHV if needed. */ - if (!app->did_chv1 || app->force_chv1 ) + if (!app->did_chv1 || app->force_chv1 ) { char *pinvalue; @@ -3207,7 +3207,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, else { exmode = 0; - le_value = 0; + le_value = 0; } rc = iso7816_compute_ds (app->slot, exmode, data, datalen, le_value, outdata, outdatalen); @@ -3224,7 +3224,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, GPG_ERR_WRONG_CARD to indicate that the card currently present does not match the one required for the requested action (e.g. the serial number does not match). */ -static gpg_error_t +static gpg_error_t do_auth (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -3256,13 +3256,13 @@ do_auth (app_t app, const char *keyidstr, else if (!*s) ; /* no fingerprint given: we allow this for now. */ else if (*s == '/') - fpr = s + 1; + fpr = s + 1; else return gpg_error (GPG_ERR_INV_ID); for (s=keyidstr, n=0; n < 16; s += 2, n++) tmp_sn[n] = xtoi_2 (s); - + if (app->serialnolen != 16) return gpg_error (GPG_ERR_INV_CARD); if (memcmp (app->serialno, tmp_sn, 16)) @@ -3292,7 +3292,7 @@ do_auth (app_t app, const char *keyidstr, else { exmode = 0; - le_value = 0; + le_value = 0; } rc = iso7816_internal_authenticate (app->slot, exmode, indata, indatalen, le_value, @@ -3302,7 +3302,7 @@ do_auth (app_t app, const char *keyidstr, } -static gpg_error_t +static gpg_error_t do_decipher (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -3333,13 +3333,13 @@ do_decipher (app_t app, const char *keyidstr, else if (!*s) ; /* no fingerprint given: we allow this for now. */ else if (*s == '/') - fpr = s + 1; + fpr = s + 1; else return gpg_error (GPG_ERR_INV_ID); - + for (s=keyidstr, n=0; n < 16; s += 2, n++) tmp_sn[n] = xtoi_2 (s); - + if (app->serialnolen != 16) return gpg_error (GPG_ERR_INV_CARD); if (memcmp (app->serialno, tmp_sn, 16)) @@ -3390,7 +3390,7 @@ do_decipher (app_t app, const char *keyidstr, fixbuf = xtrymalloc (fixuplen + indatalen); if (!fixbuf) return gpg_error_from_syserror (); - + memset (fixbuf, 0, fixuplen); memcpy (fixbuf+fixuplen, indata, indatalen); indata = fixbuf; @@ -3409,9 +3409,9 @@ do_decipher (app_t app, const char *keyidstr, le_value = 0; } else - exmode = le_value = 0; + exmode = le_value = 0; - rc = iso7816_decipher (app->slot, exmode, + rc = iso7816_decipher (app->slot, exmode, indata, indatalen, le_value, padind, outdata, outdatalen); xfree (fixbuf); @@ -3431,12 +3431,12 @@ do_decipher (app_t app, const char *keyidstr, There is a special mode if the keyidstr is "[CHV3]" with the "[CHV3]" being a literal string: The Admin Pin is checked if and only if the retry counter is still at 3. */ -static gpg_error_t +static gpg_error_t do_check_pin (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) { - unsigned char tmp_sn[20]; + unsigned char tmp_sn[20]; const char *s; int n; int admin_pin = 0; @@ -3447,7 +3447,7 @@ do_check_pin (app_t app, const char *keyidstr, /* Check whether an OpenPGP card of any version has been requested. */ if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12)) return gpg_error (GPG_ERR_INV_ID); - + for (s=keyidstr, n=0; hexdigitp (s); s++, n++) ; if (n != 32) @@ -3480,7 +3480,7 @@ do_check_pin (app_t app, const char *keyidstr, unsigned char *value; size_t valuelen; int count; - + relptr = get_one_do (app, 0x00C4, &value, &valuelen, NULL); if (!relptr || valuelen < 7) { @@ -3541,7 +3541,7 @@ show_caps (struct app_local_s *s) /* Parse the historical bytes in BUFFER of BUFLEN and store them in APPLOC. */ static void -parse_historical (struct app_local_s *apploc, +parse_historical (struct app_local_s *apploc, const unsigned char * buffer, size_t buflen) { /* Example buffer: 00 31 C5 73 C0 01 80 00 90 00 */ @@ -3553,9 +3553,9 @@ parse_historical (struct app_local_s *apploc, if (*buffer) { log_error ("warning: bad category indicator in historical bytes\n"); - return; + return; } - + /* Skip category indicator. */ buffer++; buflen--; @@ -3590,9 +3590,9 @@ parse_historical (struct app_local_s *apploc, /* Parse and optionally show the algorithm attributes for KEYNO. KEYNO must be in the range 0..2. */ -static void +static void parse_algorithm_attribute (app_t app, int keyno) -{ +{ unsigned char *buffer; size_t buflen; void *relptr; @@ -3601,7 +3601,7 @@ parse_algorithm_attribute (app_t app, int keyno) assert (keyno >=0 && keyno <= 2); app->app_local->keyattr[keyno].n_bits = 0; - + relptr = get_one_do (app, 0xC1+keyno, &buffer, &buflen, NULL); if (!relptr) { @@ -3628,7 +3628,7 @@ parse_algorithm_attribute (app_t app, int keyno) app->app_local->keyattr[keyno].format = (buffer[5] == 0? RSA_STD : buffer[5] == 1? RSA_STD_N : buffer[5] == 2? RSA_CRT : - buffer[5] == 3? RSA_CRT_N : + buffer[5] == 3? RSA_CRT_N : RSA_UNKNOWN_FMT); if (opt.verbose) @@ -3658,7 +3658,7 @@ app_select_openpgp (app_t app) unsigned char *buffer; size_t buflen; void *relptr; - + /* Note that the card can't cope with P2=0xCO, thus we need to pass a special flag value. */ rc = iso7816_select_application (slot, aid, sizeof aid, 0x0001); @@ -3751,7 +3751,7 @@ app_select_openpgp (app_t app) { /* Available with v2 cards. */ app->app_local->extcap.sm_aes128 = (buffer[1] == 1); - app->app_local->extcap.max_get_challenge + app->app_local->extcap.max_get_challenge = (buffer[2] << 8 | buffer[3]); app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]); app->app_local->extcap.max_cmd_data = (buffer[6] << 8 | buffer[7]); @@ -3772,7 +3772,7 @@ app_select_openpgp (app_t app) parse_algorithm_attribute (app, 0); parse_algorithm_attribute (app, 1); parse_algorithm_attribute (app, 2); - + if (opt.verbose > 1) dump_all_do (slot); @@ -3797,6 +3797,3 @@ leave: do_deinit (app); return rc; } - - - diff --git a/scd/app-p15.c b/scd/app-p15.c index f7c4cfee9..8e3081409 100644 --- a/scd/app-p15.c +++ b/scd/app-p15.c @@ -22,7 +22,7 @@ Unblock PUK: "222222111111" Reset PIN: "333333111111") - e.g. the APDUs 00:20:00:02:08:2C:33:33:33:11:11:11:FF + e.g. the APDUs 00:20:00:02:08:2C:33:33:33:11:11:11:FF and 00:24:01:01:08:24:12:34:FF:FF:FF:FF:FF should change the PIN into 1234. */ @@ -50,22 +50,22 @@ typedef enum CARD_TYPE_TCOS, CARD_TYPE_MICARDO, CARD_TYPE_BELPIC /* Belgian eID card specs. */ - } + } card_type_t; /* A list card types with ATRs noticed with these cards. */ #define X(a) ((unsigned char const *)(a)) -static struct +static struct { size_t atrlen; unsigned char const *atr; card_type_t type; } card_atr_list[] = { { 19, X("\x3B\xBA\x13\x00\x81\x31\x86\x5D\x00\x64\x05\x0A\x02\x01\x31\x80" - "\x90\x00\x8B"), + "\x90\x00\x8B"), CARD_TYPE_TCOS }, /* SLE44 */ { 19, X("\x3B\xBA\x14\x00\x81\x31\x86\x5D\x00\x64\x05\x14\x02\x02\x31\x80" - "\x90\x00\x91"), + "\x90\x00\x91"), CARD_TYPE_TCOS }, /* SLE66S */ { 19, X("\x3B\xBA\x96\x00\x81\x31\x86\x5D\x00\x64\x05\x60\x02\x03\x31\x80" "\x90\x00\x66"), @@ -96,7 +96,7 @@ static char const pkcs15be_aid[] = { 0xA0, 0, 0, 0x01, 0x77, /* The PIN types as defined in pkcs#15 v1.1 */ -typedef enum +typedef enum { PIN_TYPE_BCD = 0, PIN_TYPE_ASCII_NUMERIC = 1, @@ -130,10 +130,10 @@ typedef struct keyusage_flags_s keyusage_flags_t; us. To keep memory management, simple we use a linked list of items; i.e. one such object represents one certificate and the list the entire CDF. */ -struct cdf_object_s +struct cdf_object_s { /* Link to next item when used in a linked list. */ - struct cdf_object_s *next; + struct cdf_object_s *next; /* Length and allocated buffer with the Id of this object. */ size_t objidlen; @@ -143,7 +143,7 @@ struct cdf_object_s allocated memory IMAGE of IMAGELEN. */ size_t imagelen; unsigned char *image; - + /* Set to true if a length and offset is available. */ int have_off; /* The offset and length of the object. They are only valid if @@ -164,10 +164,10 @@ typedef struct cdf_object_s *cdf_object_t; by us. To keep memory management, simple we use a linked list of items; i.e. one such object represents one certificate and the list the entire PrKDF. */ -struct prkdf_object_s +struct prkdf_object_s { /* Link to next item when used in a linked list. */ - struct prkdf_object_s *next; + struct prkdf_object_s *next; /* Length and allocated buffer with the Id of this object. */ size_t objidlen; @@ -181,7 +181,7 @@ struct prkdf_object_s /* The key's usage flags. */ keyusage_flags_t usageflags; - /* The keyReference and a flag telling whether it is valid. */ + /* The keyReference and a flag telling whether it is valid. */ unsigned long key_reference; int key_reference_valid; @@ -204,10 +204,10 @@ typedef struct prkdf_object_s *prkdf_object_t; processing by us. To keep memory management, simple we use a linked list of items; i.e. one such object represents one authentication object and the list the entire AOKDF. */ -struct aodf_object_s +struct aodf_object_s { /* Link to next item when used in a linked list. */ - struct aodf_object_s *next; + struct aodf_object_s *next; /* Length and allocated buffer with the Id of this object. */ size_t objidlen; @@ -219,7 +219,7 @@ struct aodf_object_s unsigned char *authid; /* The PIN Flags. */ - struct + struct { unsigned int case_sensitive: 1; unsigned int local: 1; @@ -248,7 +248,7 @@ struct aodf_object_s unsigned long max_length; int max_length_valid; - /* The pinReference and a flag telling whether it is valid. */ + /* The pinReference and a flag telling whether it is valid. */ unsigned long pin_reference; int pin_reference_valid; @@ -273,7 +273,7 @@ typedef struct aodf_object_s *aodf_object_t; /* Context local to this application. */ -struct app_local_s +struct app_local_s { /* The home DF. Note, that we don't yet support a multilevel hierachy. Thus we assume this is directly below the MF. */ @@ -298,7 +298,7 @@ struct app_local_s unsigned short useful_certificates; unsigned short data_objects; unsigned short auth_objects; - } odf; + } odf; /* The PKCS#15 serialnumber from EF(TokeiNFo) or NULL. Malloced. */ unsigned char *serialno; @@ -403,7 +403,7 @@ do_deinit (app_t app) desctription of the EF to be used with error messages. On success BUFFER and BUFLEN contain the entire content of the EF. The caller must free BUFFER only on success. */ -static gpg_error_t +static gpg_error_t select_and_read_binary (int slot, unsigned short efid, const char *efid_desc, unsigned char **buffer, size_t *buflen) { @@ -428,7 +428,7 @@ select_and_read_binary (int slot, unsigned short efid, const char *efid_desc, /* This function calls select file to read a file using a complete - path which may or may not start at the master file (MF). */ + path which may or may not start at the master file (MF). */ static gpg_error_t select_ef_by_path (app_t app, const unsigned short *path, size_t pathlen) { @@ -440,7 +440,7 @@ select_ef_by_path (app_t app, const unsigned short *path, size_t pathlen) if (pathlen && *path != 0x3f00 ) log_debug ("WARNING: relative path selection not yet implemented\n"); - + if (app->app_local->direct_path_selection) { err = iso7816_select_path (app->slot, path+1, pathlen-1, NULL, NULL); @@ -594,11 +594,11 @@ prkdf_object_from_keyidstr (app_t app, const char *keyidstr, Example of such a file: A0 06 30 04 04 02 60 34 = Private Keys - A4 06 30 04 04 02 60 35 = Certificates + A4 06 30 04 04 02 60 35 = Certificates A5 06 30 04 04 02 60 36 = TrustedCertificates A7 06 30 04 04 02 60 37 = DataObjects A8 06 30 04 04 02 60 38 = AuthObjects - + These are all PathOrObjects using the path CHOICE element. The paths are octet strings of length 2. Using this Path CHOICE element is recommended, so we only implement that for now. @@ -631,7 +631,7 @@ read_ef_odf (app_t app, unsigned short odf_fid) { offset = 6; } - else if ( buflen >= 12 + else if ( buflen >= 12 && (p[0] & 0xf0) == 0xA0 && !memcmp (p+1, "\x0a\x30\x08\x04\x06\x3F\x00", 7) && app->app_local->home_df == ((p[8]<<8)|p[9]) ) @@ -678,7 +678,7 @@ read_ef_odf (app_t app, unsigned short odf_fid) case 6: app->app_local->odf.useful_certificates = value; break; case 7: app->app_local->odf.data_objects = value; break; case 8: app->app_local->odf.auth_objects = value; break; - default: + default: log_error ("unknown object type %d in ODF ignored\n", (p[0]&0x0f)); } offset += 2; @@ -710,7 +710,7 @@ parse_keyusage_flags (const unsigned char *der, size_t derlen, memset (usageflags, 0, sizeof *usageflags); if (!derlen) return gpg_error (GPG_ERR_INV_OBJ); - + unused = *der++; derlen--; if ((!derlen && unused) || unused/8 > derlen) return gpg_error (GPG_ERR_ENCODING_PROBLEM); @@ -719,28 +719,28 @@ parse_keyusage_flags (const unsigned char *der, size_t derlen, mask = 0; for (i=1; unused; i <<= 1, unused--) mask |= i; - + /* First octet */ if (derlen) { bits = *der++; derlen--; if (full) full--; - else + else { bits &= ~mask; - mask = 0; + mask = 0; } } else bits = 0; if ((bits & 0x80)) usageflags->encrypt = 1; if ((bits & 0x40)) usageflags->decrypt = 1; - if ((bits & 0x20)) usageflags->sign = 1; + if ((bits & 0x20)) usageflags->sign = 1; if ((bits & 0x10)) usageflags->sign_recover = 1; if ((bits & 0x08)) usageflags->wrap = 1; - if ((bits & 0x04)) usageflags->unwrap = 1; - if ((bits & 0x02)) usageflags->verify = 1; + if ((bits & 0x04)) usageflags->unwrap = 1; + if ((bits & 0x02)) usageflags->verify = 1; if ((bits & 0x01)) usageflags->verify_recover = 1; /* Second octet. */ @@ -749,10 +749,10 @@ parse_keyusage_flags (const unsigned char *der, size_t derlen, bits = *der++; derlen--; if (full) full--; - else + else { bits &= ~mask; - mask = 0; + mask = 0; } } else @@ -823,14 +823,14 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) int class, tag, constructed, ndef; prkdf_object_t prkdflist = NULL; int i; - + if (!fid) return gpg_error (GPG_ERR_NO_DATA); /* No private keys. */ - + err = select_and_read_binary (app->slot, fid, "PrKDF", &buffer, &buflen); if (err) return err; - + p = buffer; n = buflen; @@ -995,7 +995,7 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) /* Skip the native element. */ ppp += objlen; nnn -= objlen; - + err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); if (gpg_err_code (err) == GPG_ERR_EOF) @@ -1010,7 +1010,7 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) /* Skip the accessFlags. */ ppp += objlen; nnn -= objlen; - + err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); if (gpg_err_code (err) == GPG_ERR_EOF) @@ -1026,7 +1026,7 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*ppp++) & 0xff; + ul |= (*ppp++) & 0xff; nnn--; } key_reference = ul; @@ -1050,7 +1050,7 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) { pp += objlen; nn -= objlen; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1124,7 +1124,7 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) goto parse_error; } /* Create a new PrKDF list item. */ - prkdf = xtrycalloc (1, (sizeof *prkdf + prkdf = xtrycalloc (1, (sizeof *prkdf - sizeof(unsigned short) + objlen/2 * sizeof(unsigned short))); if (!prkdf) @@ -1175,15 +1175,15 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto parse_error; - + for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } prkdf->off = ul; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1192,11 +1192,11 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto parse_error; - + for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } prkdf->len = ul; @@ -1235,7 +1235,7 @@ read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result) if (prkdf->usageflags.non_repudiation) log_printf ("%snon_repudiation", s), s = ","; log_printf ("\n"); - + /* Put it into the list. */ prkdf->next = prkdflist; prkdflist = prkdf; @@ -1279,14 +1279,14 @@ read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result) int class, tag, constructed, ndef; cdf_object_t cdflist = NULL; int i; - + if (!fid) return gpg_error (GPG_ERR_NO_DATA); /* No certificates. */ - + err = select_and_read_binary (app->slot, fid, "CDF", &buffer, &buflen); if (err) return err; - + p = buffer; n = buflen; @@ -1303,7 +1303,7 @@ read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result) unsigned long ul; const unsigned char *objid; size_t objidlen; - + err = parse_ber_header (&p, &n, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); if (!err && (objlen > n || tag != TAG_SEQUENCE)) @@ -1410,7 +1410,7 @@ read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result) goto parse_error; } /* Create a new CDF list item. */ - cdf = xtrycalloc (1, (sizeof *cdf + cdf = xtrycalloc (1, (sizeof *cdf - sizeof(unsigned short) + objlen/2 * sizeof(unsigned short))); if (!cdf) @@ -1444,15 +1444,15 @@ read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto parse_error; - + for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } cdf->off = ul; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1461,11 +1461,11 @@ read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto parse_error; - + for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } cdf->len = ul; @@ -1480,7 +1480,7 @@ read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result) if (cdf->have_off) log_printf ("[%lu/%lu]", cdf->off, cdf->len); log_printf ("\n"); - + /* Put it into the list. */ cdf->next = cdflist; cdflist = cdf; @@ -1552,14 +1552,14 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) int class, tag, constructed, ndef; aodf_object_t aodflist = NULL; int i; - + if (!fid) return gpg_error (GPG_ERR_NO_DATA); /* No authentication objects. */ - + err = select_and_read_binary (app->slot, fid, "AODF", &buffer, &buflen); if (err) return err; - + p = buffer; n = buflen; @@ -1749,7 +1749,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) { unsigned int bits, mask; int unused, full; - + unused = *pp++; nn--; objlen--; if ((!objlen && unused) || unused/8 > objlen) { @@ -1761,7 +1761,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) mask = 0; for (i=1; unused; i <<= 1, unused--) mask |= i; - + /* The first octet */ bits = 0; if (objlen) @@ -1769,27 +1769,27 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) bits = *pp++; nn--; objlen--; if (full) full--; - else + else { bits &= ~mask; - mask = 0; + mask = 0; } } if ((bits & 0x80)) /* ASN.1 bit 0. */ aodf->pinflags.case_sensitive = 1; if ((bits & 0x40)) /* ASN.1 bit 1. */ aodf->pinflags.local = 1; - if ((bits & 0x20)) + if ((bits & 0x20)) aodf->pinflags.change_disabled = 1; - if ((bits & 0x10)) + if ((bits & 0x10)) aodf->pinflags.unblock_disabled = 1; - if ((bits & 0x08)) + if ((bits & 0x08)) aodf->pinflags.initialized = 1; - if ((bits & 0x04)) + if ((bits & 0x04)) aodf->pinflags.needs_padding = 1; - if ((bits & 0x02)) + if ((bits & 0x02)) aodf->pinflags.unblocking_pin = 1; - if ((bits & 0x01)) + if ((bits & 0x01)) aodf->pinflags.so_pin = 1; /* The second octet. */ bits = 0; @@ -1798,19 +1798,19 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) bits = *pp++; nn--; objlen--; if (full) full--; - else + else { bits &= ~mask; - mask = 0; + mask = 0; } } - if ((bits & 0x80)) + if ((bits & 0x80)) aodf->pinflags.disable_allowed = 1; - if ((bits & 0x40)) + if ((bits & 0x40)) aodf->pinflags.integrity_protected = 1; - if ((bits & 0x20)) + if ((bits & 0x20)) aodf->pinflags.confidentiality_protected = 1; - if ((bits & 0x10)) + if ((bits & 0x10)) aodf->pinflags.exchange_ref_data = 1; /* Skip remaining bits. */ pp += objlen; @@ -1833,7 +1833,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } aodf->pintype = ul; @@ -1853,7 +1853,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } aodf->min_length = ul; @@ -1873,7 +1873,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } aodf->stored_length = ul; @@ -1898,12 +1898,12 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } aodf->max_length = ul; aodf->max_length_valid = 1; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1926,12 +1926,12 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*pp++) & 0xff; + ul |= (*pp++) & 0xff; nn--; } aodf->pin_reference = ul; aodf->pin_reference_valid = 1; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1953,7 +1953,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) } aodf->pad_char = *pp++; nn--; aodf->pad_char_valid = 1; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1970,7 +1970,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) { pp += objlen; nn -= objlen; - + where = __LINE__; err = parse_ber_header (&pp, &nn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -1987,7 +1987,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) { const unsigned char *ppp = pp; size_t nnn = objlen; - + pp += objlen; nn -= objlen; @@ -2014,7 +2014,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) goto no_core; for (i=0; i < aodf->pathlen; i++, ppp += 2, nnn -= 2) aodf->path[i] = ((ppp[0] << 8) | ppp[1]); - + if (nnn) { /* An index and length follows. */ @@ -2027,15 +2027,15 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto parse_error; - + for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*ppp++) & 0xff; + ul |= (*ppp++) & 0xff; nnn--; } aodf->off = ul; - + where = __LINE__; err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); @@ -2044,17 +2044,17 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto parse_error; - + for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*ppp++) & 0xff; + ul |= (*ppp++) & 0xff; nnn--; } aodf->len = ul; } } - + /* Igonore further objects which might be there due to future extensions of pkcs#15. */ @@ -2126,7 +2126,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) log_printf ("[%lu/%lu]", aodf->off, aodf->len); } log_printf ("\n"); - + /* Put it into the list. */ aodf->next = aodflist; aodflist = aodf; @@ -2158,7 +2158,7 @@ read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result) -/* Read and parse the EF(TokenInfo). +/* Read and parse the EF(TokenInfo). TokenInfo ::= SEQUENCE { version INTEGER {v1(0)} (v1,...), @@ -2174,7 +2174,7 @@ TokenInfo ::= SEQUENCE { holderId [4] Label OPTIONAL, lastUpdate [5] LastUpdate OPTIONAL, preferredLanguage PrintableString OPTIONAL -- In accordance with - -- IETF RFC 1766 + -- IETF RFC 1766 } (CONSTRAINED BY { -- Each AlgorithmInfo.reference value must be unique --}) TokenFlags ::= BIT STRING { @@ -2217,12 +2217,12 @@ read_ef_tokeninfo (app_t app) size_t n, objlen, hdrlen; int class, tag, constructed, ndef; unsigned long ul; - + err = select_and_read_binary (app->slot, 0x5032, "TokenInfo", &buffer, &buflen); if (err) return err; - + p = buffer; n = buflen; @@ -2249,7 +2249,7 @@ read_ef_tokeninfo (app_t app) for (ul=0; objlen; objlen--) { ul <<= 8; - ul |= (*p++) & 0xff; + ul |= (*p++) & 0xff; n--; } if (ul) @@ -2266,7 +2266,7 @@ read_ef_tokeninfo (app_t app) err = gpg_error (GPG_ERR_INV_OBJ); if (err) goto leave; - + xfree (app->app_local->serialno); app->app_local->serialno = xtrymalloc (objlen); if (!app->app_local->serialno) @@ -2307,7 +2307,7 @@ read_p15_info (app_t app) return err; } } - + /* Read the ODF so that we know the location of all directory files. */ /* Fixme: We might need to get a non-standard ODF FID from TokenInfo. */ @@ -2319,13 +2319,13 @@ read_p15_info (app_t app) assert (!app->app_local->certificate_info); assert (!app->app_local->trusted_certificate_info); assert (!app->app_local->useful_certificate_info); - err = read_ef_cdf (app, app->app_local->odf.certificates, + err = read_ef_cdf (app, app->app_local->odf.certificates, &app->app_local->certificate_info); if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA) - err = read_ef_cdf (app, app->app_local->odf.trusted_certificates, + err = read_ef_cdf (app, app->app_local->odf.trusted_certificates, &app->app_local->trusted_certificate_info); if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA) - err = read_ef_cdf (app, app->app_local->odf.useful_certificates, + err = read_ef_cdf (app, app->app_local->odf.useful_certificates, &app->app_local->useful_certificate_info); if (gpg_err_code (err) == GPG_ERR_NO_DATA) err = 0; @@ -2378,7 +2378,7 @@ send_certinfo (app_t app, ctrl_t ctrl, const char *certtype, send_status_info (ctrl, "CERTINFO", certtype, strlen (certtype), - buf, strlen (buf), + buf, strlen (buf), NULL, (size_t)0); xfree (buf); } @@ -2480,7 +2480,7 @@ send_keypairinfo (app_t app, ctrl_t ctrl, prkdf_object_t keyinfo) assert (strlen (gripstr) == 40); send_status_info (ctrl, "KEYPAIRINFO", gripstr, 40, - buf, strlen (buf), + buf, strlen (buf), NULL, (size_t)0); } xfree (buf); @@ -2491,7 +2491,7 @@ send_keypairinfo (app_t app, ctrl_t ctrl, prkdf_object_t keyinfo) /* This is the handler for the LEARN command. */ -static gpg_error_t +static gpg_error_t do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags) { gpg_error_t err; @@ -2564,7 +2564,7 @@ readcert_by_cdf (app_t app, cdf_object_t cdf, log_printf (": %s\n", gpg_strerror (err)); goto leave; } - + /* Check whether this is really a certificate. */ p = buffer; n = buflen; @@ -2589,7 +2589,7 @@ readcert_by_cdf (app_t app, cdf_object_t cdf, &ndef, &objlen, &hdrlen); if (err) goto leave; - + if (!rootca && class == CLASS_UNIVERSAL && tag == TAG_OBJECT_ID && !constructed) { @@ -2606,7 +2606,7 @@ readcert_by_cdf (app_t app, cdf_object_t cdf, save_p = p; err = parse_ber_header (&p, &n, &class, &tag, &constructed, &ndef, &objlen, &hdrlen); - if (err) + if (err) goto leave; if ( !(class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && constructed) ) { @@ -2643,7 +2643,7 @@ readcert_by_cdf (app_t app, cdf_object_t cdf, buffer to be stored at R_CERT and its length at R_CERTLEN. A error code will be returned on failure and R_CERT and R_CERTLEN will be set to NULL/0. */ -static gpg_error_t +static gpg_error_t do_readcert (app_t app, const char *certid, unsigned char **r_cert, size_t *r_certlen) { @@ -2662,7 +2662,7 @@ do_readcert (app_t app, const char *certid, /* Implement the GETATTR command. This is similar to the LEARN command but returns just one value via the status interface. */ -static gpg_error_t +static gpg_error_t do_getattr (app_t app, ctrl_t ctrl, const char *name) { gpg_error_t err; @@ -2737,7 +2737,7 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name) } } - return gpg_error (GPG_ERR_INV_NAME); + return gpg_error (GPG_ERR_INV_NAME); } @@ -2763,14 +2763,14 @@ micardo_mse (app_t app, unsigned short fid) log_error ("error reading EF_keyD: %s\n", gpg_strerror (err)); return err; } - + for (recno = 1, se_num = -1; ; recno++) { unsigned char *buffer; size_t buflen; size_t n, nn; const unsigned char *p, *pp; - + err = iso7816_read_record (app->slot, recno, 1, 0, &buffer, &buflen); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) break; /* ready */ @@ -2805,8 +2805,8 @@ micardo_mse (app_t app, unsigned short fid) log_error ("CRT for keyfile %04hX not found\n", fid); return gpg_error (GPG_ERR_NOT_FOUND); } - - + + /* Restore the security environment to SE_NUM if needed */ if (se_num) { @@ -2837,13 +2837,13 @@ micardo_mse (app_t app, unsigned short fid) -/* Handler for the PKSIGN command. +/* Handler for the PKSIGN command. Create the signature and return the allocated result in OUTDATA. If a PIN is required, the PINCB will be used to ask for the PIN; that callback should return the PIN in an allocated buffer and store that as the 3rd argument. */ -static gpg_error_t +static gpg_error_t do_sign (app_t app, const char *keyidstr, int hashalgo, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -2892,7 +2892,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, /* Find the authentication object to this private key object. */ for (aodf = app->app_local->auth_object_info; aodf; aodf = aodf->next) - if (aodf->objidlen == prkdf->authidlen + if (aodf->objidlen == prkdf->authidlen && !memcmp (aodf->objid, prkdf->authid, prkdf->authidlen)) break; if (!aodf) @@ -2937,7 +2937,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, if (app->app_local->card_type == CARD_TYPE_BELPIC) { unsigned char mse[5]; - + mse[0] = 4; /* Length of the template. */ mse[1] = 0x80; /* Algorithm reference tag. */ if (hashalgo == MD_USER_TLS_MD5SHA1) @@ -2947,7 +2947,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, mse[3] = 0x84; /* Private key reference tag. */ mse[4] = prkdf->key_reference_valid? prkdf->key_reference : 0x82; - err = iso7816_manage_security_env (app->slot, + err = iso7816_manage_security_env (app->slot, 0x41, 0xB6, mse, sizeof mse); no_data_padding = 1; @@ -2987,7 +2987,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, if (strlen (pinvalue) < aodf->min_length) { log_error ("PIN is too short; minimum length is %lu\n", - aodf->min_length); + aodf->min_length); err = gpg_error (GPG_ERR_BAD_PIN); } else if (aodf->stored_length && strlen (pinvalue) > aodf->stored_length) @@ -3027,7 +3027,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, case PIN_TYPE_UTF8: break; case PIN_TYPE_HALF_NIBBLE_BCD: - errstr = "PIN type Half-Nibble-BCD is not supported"; + errstr = "PIN type Half-Nibble-BCD is not supported"; break; case PIN_TYPE_ISO9564_1: errstr = "PIN type ISO9564-1 is not supported"; @@ -3064,7 +3064,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, for (s=pinvalue; i < aodf->stored_length && *s && s[1]; s = s+2 ) paddedpin[i++] = (((*s - '0') << 4) | ((s[1] - '0') & 0x0f)); if (i < aodf->stored_length && *s) - paddedpin[i++] = (((*s - '0') << 4) + paddedpin[i++] = (((*s - '0') << 4) |((aodf->pad_char_valid?aodf->pad_char:0)&0x0f)); if (aodf->pinflags.needs_padding) @@ -3130,7 +3130,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, else if (hashalgo == GCRY_MD_RMD160 && !memcmp (indata, rmd160_prefix, 15)) ; - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data, indata, indatalen); } @@ -3141,7 +3141,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, memcpy (data, sha1_prefix, 15); else if (hashalgo == GCRY_MD_RMD160) memcpy (data, rmd160_prefix, 15); - else + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); memcpy (data+15, indata, indatalen); } @@ -3164,12 +3164,12 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, else if (prkdf->key_reference_valid) { unsigned char mse[3]; - + mse[0] = 0x84; /* Select asym. key. */ mse[1] = 1; mse[2] = prkdf->key_reference; - err = iso7816_manage_security_env (app->slot, + err = iso7816_manage_security_env (app->slot, 0x41, 0xB6, mse, sizeof mse); } @@ -3189,14 +3189,14 @@ do_sign (app_t app, const char *keyidstr, int hashalgo, } -/* Handler for the PKAUTH command. +/* Handler for the PKAUTH command. This is basically the same as the PKSIGN command but we first check that the requested key is suitable for authentication; that is, it must match the criteria used for the attribute $AUTHKEYID. See do_sign for calling conventions; there is no HASHALGO, though. */ -static gpg_error_t -do_auth (app_t app, const char *keyidstr, +static gpg_error_t +do_auth (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, const void *indata, size_t indatalen, @@ -3219,7 +3219,7 @@ do_auth (app_t app, const char *keyidstr, } algo = indatalen == 36? MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1; - return do_sign (app, keyidstr, algo, pincb, pincb_arg, + return do_sign (app, keyidstr, algo, pincb, pincb_arg, indata, indatalen, outdata, outdatalen); } @@ -3273,8 +3273,8 @@ read_home_df (int slot, int *r_belpic) } -/* - Select the PKCS#15 application on the card in SLOT. +/* + Select the PKCS#15 application on the card in SLOT. */ gpg_error_t app_select_p15 (app_t app) @@ -3388,7 +3388,7 @@ app_select_p15 (app_t app) unsigned char *p; /* FIXME: actually get it from EF(TokenInfo). */ - + p = xtrymalloc (3 + app->serialnolen); if (!p) rc = gpg_error (gpg_err_code_from_errno (errno)); diff --git a/scd/app.c b/scd/app.c index a23c4a546..6d652360c 100644 --- a/scd/app.c +++ b/scd/app.c @@ -69,7 +69,7 @@ print_progress_line (void *opaque, const char *what, int pc, int cur, int tot) never shares a reader (while performing one command). Returns 0 on success; only then the unlock_reader function must be called after returning from the handler. */ -static gpg_error_t +static gpg_error_t lock_reader (int slot, ctrl_t ctrl) { gpg_error_t err; @@ -89,7 +89,7 @@ lock_reader (int slot, ctrl_t ctrl) lock_table[slot].app = NULL; lock_table[slot].last_app = NULL; } - + if (!pth_mutex_acquire (&lock_table[slot].lock, 0, NULL)) { err = gpg_error_from_syserror (); @@ -188,7 +188,7 @@ application_notify_card_reset (int slot) return; /* FIXME: We are ignoring any error value here. */ - lock_reader (slot, NULL); + lock_reader (slot, NULL); /* Mark application as non-reusable. */ if (lock_table[slot].app) @@ -204,10 +204,10 @@ application_notify_card_reset (int slot) lock_table[slot].last_app = NULL; deallocate_app (app); } - unlock_reader (slot); + unlock_reader (slot); } - + /* This function is used by the serialno command to check for an application conflict which may appear if the serialno command is used to request a specific application and the connection has @@ -287,7 +287,7 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) lock_table[slot].app = app; lock_table[slot].last_app = NULL; } - else + else { /* No, this saved application can't be used - deallocate it. */ lock_table[slot].last_app = NULL; @@ -309,7 +309,7 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) unlock_reader (slot); return 0; /* Okay: We share that one. */ } - + /* Need to allocate a new one. */ app = xtrycalloc (1, sizeof *app); if (!app) @@ -370,7 +370,7 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app) if (gpg_err_code (err) == GPG_ERR_CARD_NOT_PRESENT || gpg_err_code (err) == GPG_ERR_ENODEV) goto leave; - + /* Figure out the application to use. */ err = gpg_error (GPG_ERR_NOT_FOUND); @@ -426,10 +426,10 @@ get_supported_applications (void) int idx; size_t nbytes; char *buffer, *p; - + for (nbytes=1, idx=0; list[idx]; idx++) nbytes += strlen (list[idx]) + 1 + 1; - + buffer = xtrymalloc (nbytes); if (!buffer) return NULL; @@ -506,22 +506,22 @@ release_application (app_t app) /* The serial number may need some cosmetics. Do it here. This function shall only be called once after a new serial number has - been put into APP->serialno. + been put into APP->serialno. Prefixes we use: - + FF 00 00 = For serial numbers starting with an FF FF 01 00 = Some german p15 cards return an empty serial number so the serial number from the EF(TokenInfo) is used instead. FF 7F 00 = No serialno. - + All other serial number not starting with FF are used as they are. */ gpg_error_t app_munge_serialno (app_t app) { if (app->serialnolen && app->serialno[0] == 0xff) - { + { /* The serial number starts with our special prefix. This requires that we put our default prefix "FF0000" in front. */ unsigned char *p = xtrymalloc (app->serialnolen + 3); @@ -534,7 +534,7 @@ app_munge_serialno (app_t app) app->serialno = p; } else if (!app->serialnolen) - { + { unsigned char *p = xtrymalloc (3); if (!p) return gpg_error_from_syserror (); @@ -554,7 +554,7 @@ app_munge_serialno (app_t app) no update time is available the returned value is 0. Caller must free SERIAL unless the function returns an error. If STAMP is not of interest, NULL may be passed. */ -gpg_error_t +gpg_error_t app_get_serial_and_stamp (app_t app, char **serial, time_t *stamp) { char *buf; @@ -637,7 +637,7 @@ app_readcert (app_t app, const char *certid, code returned. This function might not be supported by all applications. */ -gpg_error_t +gpg_error_t app_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen) { gpg_error_t err; @@ -663,7 +663,7 @@ app_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen) /* Perform a GETATTR operation. */ -gpg_error_t +gpg_error_t app_getattr (app_t app, ctrl_t ctrl, const char *name) { gpg_error_t err; @@ -684,7 +684,7 @@ app_getattr (app_t app, ctrl_t ctrl, const char *name) char *serial; time_t stamp; int rc; - + rc = app_get_serial_and_stamp (app, &serial, &stamp); if (rc) return rc; @@ -704,7 +704,7 @@ app_getattr (app_t app, ctrl_t ctrl, const char *name) } /* Perform a SETATTR operation. */ -gpg_error_t +gpg_error_t app_setattr (app_t app, const char *name, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -729,7 +729,7 @@ app_setattr (app_t app, const char *name, /* Create the signature and return the allocated result in OUTDATA. If a PIN is required the PINCB will be used to ask for the PIN; it should return the PIN in an allocated buffer and put it into PIN. */ -gpg_error_t +gpg_error_t app_sign (app_t app, const char *keyidstr, int hashalgo, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -761,7 +761,7 @@ app_sign (app_t app, const char *keyidstr, int hashalgo, return the allocated result in OUTDATA. If a PIN is required the PINCB will be used to ask for the PIN; it should return the PIN in an allocated buffer and put it into PIN. */ -gpg_error_t +gpg_error_t app_auth (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -793,7 +793,7 @@ app_auth (app_t app, const char *keyidstr, /* Decrypt the data in INDATA and return the allocated result in OUTDATA. If a PIN is required the PINCB will be used to ask for the PIN; it should return the PIN in an allocated buffer and put it into PIN. */ -gpg_error_t +gpg_error_t app_decipher (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, @@ -879,7 +879,7 @@ app_writekey (app_t app, ctrl_t ctrl, /* Perform a SETATTR operation. */ -gpg_error_t +gpg_error_t app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, time_t createtime, gpg_error_t (*pincb)(void*, const char *, char **), @@ -896,7 +896,7 @@ app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, err = lock_reader (app->slot, ctrl); if (err) return err; - err = app->fnc.genkey (app, ctrl, keynostr, flags, + err = app->fnc.genkey (app, ctrl, keynostr, flags, createtime, pincb, pincb_arg); unlock_reader (app->slot); if (opt.verbose) @@ -928,7 +928,7 @@ app_get_challenge (app_t app, size_t nbytes, unsigned char *buffer) /* Perform a CHANGE REFERENCE DATA or RESET RETRY COUNTER operation. */ -gpg_error_t +gpg_error_t app_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, int reset_mode, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) @@ -956,7 +956,7 @@ app_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, int reset_mode, /* Perform a VERIFY operation without doing anything lese. This may be used to initialze a the PIN cache for long lasting other operations. Its use is highly application dependent. */ -gpg_error_t +gpg_error_t app_check_pin (app_t app, const char *keyidstr, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg) @@ -978,4 +978,3 @@ app_check_pin (app_t app, const char *keyidstr, log_info ("operation check_pin result: %s\n", gpg_strerror (err)); return err; } - diff --git a/scd/atr.c b/scd/atr.c index f6efd8a95..16f26fb7d 100644 --- a/scd/atr.c +++ b/scd/atr.c @@ -33,7 +33,7 @@ static int const fi_table[16] = { 0, 372, 558, 744, 1116,1488, 1860, -1, -1, 512, 768, 1024, 1536, 2048, -1, -1 }; static int const di_table[16] = { -1, 1, 2, 4, 8, 16, -1, -1, 0, -1, -2, -4, -8, -16, -32, -64}; - + /* Dump the ATR of the card at SLOT in a human readable format to stream FP. */ @@ -50,7 +50,7 @@ atr_dump (int slot, FILE *fp) atr = atrbuffer = apdu_get_atr (slot, &atrlen); if (!atr) return gpg_error (GPG_ERR_GENERAL); - + fprintf (fp, "Info on ATR of length %u at slot %d\n", (unsigned int)atrlen, slot); if (!atrlen) @@ -59,7 +59,7 @@ atr_dump (int slot, FILE *fp) goto bailout; } - + if (*atr == 0x3b) fputs ("direct convention\n", fp); else if (*atr == 0x3f) @@ -98,21 +98,21 @@ atr_dump (int slot, FILE *fp) else fprintf (fp, "%d", val); fputs (" D=", fp); - val = di_table[*atr & 0x0f]; + val = di_table[*atr & 0x0f]; if (!val) fputs ("[impossible value]\n", fp); else if (val == -1) fputs ("RFU\n", fp); else if (val < 0 ) fprintf (fp, "1/%d\n", val); - else + else fprintf (fp, "%d\n", val); - + if (!--atrlen) goto bailout; atr++; } - + if (have_tb) { fprintf (fp, "TB1: II=%d PI1=%d%s\n", (*atr >> 5) & 3, *atr & 0x1f, @@ -249,7 +249,7 @@ atr_dump (int slot, FILE *fp) if (n_historical + 1 > atrlen) fputs ("error: ATR shorter than required for historical bytes " "and checksum\n", fp); - + if (n_historical) { fputs ("Historical:", fp); @@ -375,7 +375,7 @@ atr_get_historical (int slot, unsigned char historical[]) if (n_historical >= atrlen) goto leave; /* ATR shorter than required for historical bytes. */ - + if (n_historical) { for (idx=0; n_historical && atrlen; n_historical--, atrlen--, atr++) @@ -394,4 +394,3 @@ atr_get_historical (int slot, unsigned char historical[]) return result; } - diff --git a/scd/card-common.h b/scd/card-common.h index 78f2f6047..640cec776 100644 --- a/scd/card-common.h +++ b/scd/card-common.h @@ -54,7 +54,7 @@ struct card_ctx_s { const void *indata, size_t indatalen, unsigned char **outdata, size_t *outdatalen); } fnc; - + }; /*-- card.c --*/ diff --git a/scd/card-dinsig.c b/scd/card-dinsig.c index 0cbcd3169..5be006179 100644 --- a/scd/card-dinsig.c +++ b/scd/card-dinsig.c @@ -21,7 +21,7 @@ used with an interface specification described in DIN V 66291-1. The AID to be used is: 'D27600006601'. - The file IDs for certificates utilize the generic format: + The file IDs for certificates utilize the generic format: Cxyz C being the hex digit 'C' (12). x being the service indicator: @@ -40,13 +40,13 @@ '8' .. 'D' := C.CA (certificate of a CA issue by the Root-CA). 'E' := C.RCA (self certified certificate of the Root-CA). 'F' := reserved. - + The file IDs used by default are: '1F00' EF.SSD (security service descriptor). [o,o] '2F02' EF.GDO (global data objects) [m,m] 'A000' EF.PROT (signature log). Cyclic file with 20 records of 53 byte. Read and update after user authentication. [o,o] - 'B000' EF.PK.RCA.DS (public keys of Root-CA). Size is 512b or size + 'B000' EF.PK.RCA.DS (public keys of Root-CA). Size is 512b or size of keys. [m (unless a 'C00E' is present),m] 'B001' EF.PK.CA.DS (public keys of CAs). Size is 512b or size of keys. [o,o] @@ -54,12 +54,12 @@ with n := 0 .. 7. Size is 2k or size of cert. Read and update allowed after user authentication. [m,m] 'C00m' EF.C.CA.DS (digital signature certificate of CA) - with m := 8 .. E. Size is 1k or size of cert. Read always + with m := 8 .. E. Size is 1k or size of cert. Read always allowed, update after uder authentication. [o,o] 'C100' EF.C.ICC.AUT (AUT certificate of ICC) [o,m] 'C108' EF.C.CA.AUT (AUT certificate of CA) [o,m] 'D000' EF.DM (display message) [-,m] - + The letters in brackets indicate optional or mandatory files: The first for card terminals under full control and the second for "business" card terminals. @@ -118,7 +118,7 @@ dinsig_enum_keypairs (CARD card, int idx, return rc; } - rc = ksba_cert_init_from_mem (cert, buf, buflen); + rc = ksba_cert_init_from_mem (cert, buf, buflen); xfree (buf); if (rc) { @@ -132,7 +132,7 @@ dinsig_enum_keypairs (CARD card, int idx, log_error ("failed to calculate the keygrip at index %d\n", idx); ksba_cert_release (cert); return gpg_error (GPG_ERR_CARD); - } + } ksba_cert_release (cert); /* return the iD */ @@ -146,7 +146,7 @@ dinsig_enum_keypairs (CARD card, int idx, else strcpy (*keyid, "DINSIG-DF01.C200"); } - + return 0; } @@ -171,7 +171,7 @@ dinsig_read_cert (CARD card, const char *certidstr, return gpg_error (GPG_ERR_INV_ID); rc = sc_select_file (card->scard, &path, &file); - if (rc) + if (rc) { log_error ("sc_select_file failed: %s\n", sc_strerror (rc)); return map_sc_err (rc); @@ -184,7 +184,7 @@ dinsig_read_cert (CARD card, const char *certidstr, return gpg_error (GPG_ERR_CARD); } if (file->size < 20) /* check against a somewhat arbitrary length */ - { + { log_error ("certificate EF too short\n"); sc_file_free (file); return gpg_error (GPG_ERR_CARD); @@ -196,7 +196,7 @@ dinsig_read_cert (CARD card, const char *certidstr, sc_file_free (file); return tmperr; } - + rc = sc_read_binary (card->scard, 0, buf, file->size, 0); if (rc >= 0 && rc != file->size) { @@ -206,7 +206,7 @@ dinsig_read_cert (CARD card, const char *certidstr, return gpg_error (GPG_ERR_CARD); } sc_file_free (file); - if (rc < 0) + if (rc < 0) { log_error ("error reading certificate EF: %s\n", sc_strerror (rc)); xfree (buf); @@ -236,7 +236,7 @@ dinsig_read_cert (CARD card, const char *certidstr, } memmove (buf, buf+9, buflen-9); buflen -= 9; - } + } *cert = buf; *ncert = buflen; diff --git a/scd/card-p15.c b/scd/card-p15.c index 34a88f714..4af447278 100644 --- a/scd/card-p15.c +++ b/scd/card-p15.c @@ -41,7 +41,7 @@ struct p15private_s { /* Allocate private data. */ -static int +static int init_private_data (CARD card) { struct p15private_s *priv; @@ -62,10 +62,10 @@ init_private_data (CARD card) numer of objects and used this to figure out what the last object enumerated is. We now do an enum_objects just once and keep it in the private data. */ - rc = sc_pkcs15_get_objects (card->p15card, SC_PKCS15_TYPE_PRKEY_RSA, + rc = sc_pkcs15_get_objects (card->p15card, SC_PKCS15_TYPE_PRKEY_RSA, priv->prkey_rsa_objs, DIM (priv->prkey_rsa_objs)); - if (rc < 0) + if (rc < 0) { log_error ("private keys enumeration failed: %s\n", sc_strerror (rc)); xfree (priv); @@ -74,10 +74,10 @@ init_private_data (CARD card) priv->n_prkey_rsa_objs = rc; /* Read all certificate objects. */ - rc = sc_pkcs15_get_objects (card->p15card, SC_PKCS15_TYPE_CERT_X509, + rc = sc_pkcs15_get_objects (card->p15card, SC_PKCS15_TYPE_CERT_X509, priv->cert_objs, DIM (priv->cert_objs)); - if (rc < 0) + if (rc < 0) { log_error ("private keys enumeration failed: %s\n", sc_strerror (rc)); xfree (priv); @@ -117,7 +117,7 @@ p15_enum_keypairs (CARD card, int idx, ksba_cert_t cert; rc = init_private_data (card); - if (rc) + if (rc) return rc; priv = card->p15priv; nobjs = priv->n_prkey_rsa_objs; @@ -125,7 +125,7 @@ p15_enum_keypairs (CARD card, int idx, if (idx >= nobjs) return -1; pinfo = priv->prkey_rsa_objs[idx]->data; - + /* now we need to read the certificate so that we can calculate the keygrip */ rc = sc_pkcs15_find_cert_by_id (card->p15card, &pinfo->id, &tmpobj); @@ -166,7 +166,7 @@ p15_enum_keypairs (CARD card, int idx, log_error ("failed to calculate the keygrip of private key %d\n", idx); ksba_cert_release (cert); return gpg_error (GPG_ERR_CARD); - } + } ksba_cert_release (cert); rc = 0; @@ -181,7 +181,7 @@ p15_enum_keypairs (CARD card, int idx, p = stpcpy (p, "P15-5015."); bin2hex (pinfo->id.value, pinfo->id.len, p); } - + return rc; } @@ -196,7 +196,7 @@ p15_enum_certs (CARD card, int idx, char **certid, int *type) int nobjs; rc = init_private_data (card); - if (rc) + if (rc) return rc; priv = card->p15priv; nobjs = priv->n_cert_objs; @@ -205,7 +205,7 @@ p15_enum_certs (CARD card, int idx, char **certid, int *type) return -1; obj = priv->cert_objs[idx]; cinfo = obj->data; - + if (certid) { char *p; @@ -227,10 +227,10 @@ p15_enum_certs (CARD card, int idx, char **certid, int *type) *type = 101; else if (obj->df->type == SC_PKCS15_CDF_USEFUL) *type = 102; - else + else *type = 0; /* error -> unknown */ } - + return rc; } @@ -243,7 +243,7 @@ idstr_to_id (const char *idstr, struct sc_pkcs15_id *id) int n; /* For now we only support the standard DF */ - if (strncmp (idstr, "P15-5015.", 9) ) + if (strncmp (idstr, "P15-5015.", 9) ) return gpg_error (GPG_ERR_INV_ID); for (s=idstr+9, n=0; hexdigitp (s); s++, n++) ; @@ -282,7 +282,7 @@ p15_read_cert (CARD card, const char *certidstr, rc = sc_pkcs15_find_cert_by_id (card->p15card, &certid, &tmpobj); if (rc) { - log_info ("certificate '%s' not found: %s\n", + log_info ("certificate '%s' not found: %s\n", certidstr, sc_strerror (rc)); return -1; } @@ -344,7 +344,7 @@ p15_prepare_key (CARD card, const char *keyidstr, pin = pinobj->data; /* Fixme: pack this into a verification loop */ - /* Fixme: we might want to pass pin->min_length and + /* Fixme: we might want to pass pin->min_length and pin->stored_length */ rc = pincb (pincb_arg, pinobj->label, &pinvalue); if (rc) @@ -369,7 +369,7 @@ p15_prepare_key (CARD card, const char *keyidstr, /* See card.c for interface description */ -static int +static int p15_sign (CARD card, const char *keyidstr, int hashalgo, int (pincb)(void*, const char *, char **), void *pincb_arg, @@ -391,11 +391,11 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo, cryptflags = SC_ALGORITHM_RSA_PAD_PKCS1; - outbuflen = 1024; + outbuflen = 1024; outbuf = xtrymalloc (outbuflen); if (!outbuf) return gpg_error (gpg_err_code_from_errno (errno)); - + rc = sc_pkcs15_compute_signature (card->p15card, keyobj, cryptflags, indata, indatalen, @@ -419,7 +419,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo, /* See card.c for description */ -static int +static int p15_decipher (CARD card, const char *keyidstr, int (pincb)(void*, const char *, char **), void *pincb_arg, @@ -453,15 +453,15 @@ p15_decipher (CARD card, const char *keyidstr, } } - outbuflen = indatalen < 256? 256 : indatalen; + outbuflen = indatalen < 256? 256 : indatalen; outbuf = xtrymalloc (outbuflen); if (!outbuf) return gpg_error (gpg_err_code_from_errno (errno)); - rc = sc_pkcs15_decipher (card->p15card, keyobj, + rc = sc_pkcs15_decipher (card->p15card, keyobj, 0, - indata, indatalen, - outbuf, outbuflen); + indata, indatalen, + outbuf, outbuflen); if (rc < 0) { log_error ("failed to decipher the data: %s\n", sc_strerror (rc)); diff --git a/scd/card.c b/scd/card.c index a0213483f..1fb554421 100644 --- a/scd/card.c +++ b/scd/card.c @@ -66,7 +66,7 @@ card_help_get_keygrip (ksba_cert_t cert, unsigned char *array) int rc; ksba_sexp_t p; size_t n; - + p = ksba_cert_get_public_key (cert); if (!p) return -1; /* oops */ @@ -109,7 +109,7 @@ card_open (CARD *rcard) if (!card) return gpg_error (gpg_err_code_from_errno (errno)); card->reader = 0; - + rc = sc_establish_context (&card->ctx, "scdaemon"); if (rc) { @@ -154,7 +154,7 @@ card_open (CARD *rcard) goto leave; } - + leave: if (rc) card_close (card); @@ -195,7 +195,7 @@ card_close (CARD card) } #endif xfree (card); - } + } } /* Locate a simple TLV encoded data object in BUFFER of LENGTH and @@ -210,7 +210,7 @@ find_simple_tlv (const unsigned char *buffer, size_t length, const char *s = buffer; size_t n = length; size_t len; - + for (;;) { buffer = s; @@ -290,7 +290,7 @@ find_iccsn (const unsigned char *buffer, size_t length, char **serial) returned if this value is not availbale. For non-PKCS-15 cards a serial number is constructed by other means. Caller must free SERIAL unless the function returns an error. */ -int +int card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) { #ifdef HAVE_OPENSC @@ -311,7 +311,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) if (!card->fnc.initialized) { card->fnc.initialized = 1; - /* The first use of this card tries to figure out the type of the card + /* The first use of this card tries to figure out the type of the card and sets up the function pointers. */ rc = sc_pkcs15_bind (card->scard, &card->p15card); if (rc) @@ -326,7 +326,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) card_p15_bind (card); card->fnc.initialized = 1; } - + /* We should lookup the iso 7812-1 and 8583-3 - argh ISO practice is suppressing innovation - IETF rules! So we @@ -355,10 +355,10 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) return gpg_error (GPG_ERR_CARD); } buflen = file->size; - + rc = sc_read_binary (card->scard, 0, buf, buflen, 0); sc_file_free (file); - if (rc < 0) + if (rc < 0) { log_error ("error reading GDO file: %s\n", sc_strerror (rc)); return gpg_error (GPG_ERR_CARD); @@ -381,7 +381,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) if (!efser) efser = ""; - + xfree (*serial); *serial = NULL; p = xtrymalloc (strlen (efser) + 7); @@ -515,7 +515,7 @@ card_read_cert (CARD card, const char *certidstr, /* Create the signature and return the allocated result in OUTDATA. If a PIN is required the PINCB will be used to ask for the PIN; it should return the PIN in an allocated buffer and put it into PIN. */ -int +int card_sign (CARD card, const char *keyidstr, int hashalgo, int (pincb)(void*, const char *, char **), void *pincb_arg, @@ -543,7 +543,7 @@ card_sign (CARD card, const char *keyidstr, int hashalgo, /* Create the signature and return the allocated result in OUTDATA. If a PIN is required the PINCB will be used to ask for the PIN; it should return the PIN in an allocated buffer and put it into PIN. */ -int +int card_decipher (CARD card, const char *keyidstr, int (pincb)(void*, const char *, char **), void *pincb_arg, @@ -566,4 +566,3 @@ card_decipher (CARD card, const char *keyidstr, log_info ("card operation decipher result: %s\n", gpg_strerror (rc)); return rc; } - diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c index 98268c00c..2abb6b5b1 100644 --- a/scd/ccid-driver.c +++ b/scd/ccid-driver.c @@ -57,7 +57,7 @@ /* CCID (ChipCardInterfaceDevices) is a specification for accessing - smartcard via a reader connected to the USB. + smartcard via a reader connected to the USB. This is a limited driver allowing to use some CCID drivers directly without any other specila drivers. This is a fallback driver to be @@ -220,20 +220,20 @@ enum { }; static struct -{ +{ char *name; /* Device name. */ int type; } transports[] = { - { "/dev/cmx0", TRANSPORT_CM4040 }, - { "/dev/cmx1", TRANSPORT_CM4040 }, + { "/dev/cmx0", TRANSPORT_CM4040 }, + { "/dev/cmx1", TRANSPORT_CM4040 }, { NULL }, }; /* Store information on the driver's state. A pointer to such a structure is used as handle for most functions. */ -struct ccid_driver_s +struct ccid_driver_s { usb_dev_handle *idev; char *rid; @@ -271,7 +271,7 @@ struct ccid_driver_s static int initialized_usb; /* Tracks whether USB has been initialized. */ -static int debug_level; /* Flag to control the debug output. +static int debug_level; /* Flag to control the debug output. 0 = No debugging 1 = USB I/O info 2 = Level 1 + T=1 protocol tracing @@ -290,19 +290,19 @@ static int abort_cmd (ccid_driver_t handle, int seqno); /* Convert a little endian stored 4 byte value into an unsigned integer. */ -static unsigned int +static unsigned int convert_le_u32 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); } /* Convert a little endian stored 2 byte value into an unsigned integer. */ -static unsigned int +static unsigned int convert_le_u16 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8); + return buf[0] | (buf[1] << 8); } static void @@ -323,7 +323,7 @@ my_sleep (int seconds) may give up its timeslot. */ if (!seconds) { -# ifdef HAVE_W32_SYSTEM +# ifdef HAVE_W32_SYSTEM Sleep (0); # else sleep (0); @@ -331,7 +331,7 @@ my_sleep (int seconds) } pth_sleep (seconds); #else -# ifdef HAVE_W32_SYSTEM +# ifdef HAVE_W32_SYSTEM Sleep (seconds*1000); # else sleep (seconds); @@ -372,7 +372,7 @@ print_command_failed (const unsigned char *msg) switch (ec) { case 0x00: t = "Command not supported"; break; - + case 0xE0: t = "Slot busy"; break; case 0xEF: t = "PIN cancelled"; break; case 0xF0: t = "PIN timeout"; break; @@ -423,7 +423,7 @@ print_pr_data (const unsigned char *data, size_t datalen, size_t off) DEBUGOUT_LF (); } - + static void print_p2r_header (const char *name, const unsigned char *msg, size_t msglen) { @@ -647,7 +647,7 @@ print_r2p_slotstatus (const unsigned char *msg, size_t msglen) msg[9] == 3? " (stopped)":""); print_pr_data (msg, msglen, 10); } - + static void print_r2p_parameters (const unsigned char *msg, size_t msglen) @@ -771,7 +771,7 @@ parse_ccid_descriptor (ccid_driver_t handle, DEBUGOUT_1 (" bLength %5u\n", buf[0]); DEBUGOUT_1 (" bDescriptorType %5u\n", buf[1]); DEBUGOUT_2 (" bcdCCID %2x.%02x", buf[3], buf[2]); - if (buf[3] != 1 || buf[2] != 0) + if (buf[3] != 1 || buf[2] != 0) DEBUGOUT_CONT(" (Warning: Only accurate for version 1.0)"); DEBUGOUT_LF (); @@ -803,7 +803,7 @@ parse_ccid_descriptor (ccid_driver_t handle, us = convert_le_u32(buf+23); DEBUGOUT_1 (" dwMaxDataRate %7u bps\n", us); DEBUGOUT_1 (" bNumDataRatesSupp. %5u\n", buf[27]); - + us = convert_le_u32(buf+28); DEBUGOUT_1 (" dwMaxIFSD %5u\n", us); handle->max_ifsd = us; @@ -869,7 +869,7 @@ parse_ccid_descriptor (ccid_driver_t handle, { DEBUGOUT (" TPDU level exchange\n"); have_tpdu = 1; - } + } else if ((us & 0x00020000)) { DEBUGOUT (" Short APDU level exchange\n"); @@ -903,7 +903,7 @@ parse_ccid_descriptor (ccid_driver_t handle, DEBUGOUT_CONT ("none\n"); else DEBUGOUT_CONT_2 ("%u cols %u lines\n", buf[50], buf[51]); - + DEBUGOUT_1 (" bPINSupport %5u ", buf[52]); if ((buf[52] & 1)) { @@ -916,7 +916,7 @@ parse_ccid_descriptor (ccid_driver_t handle, handle->has_pinpad |= 2; } DEBUGOUT_LF (); - + DEBUGOUT_1 (" bMaxCCIDBusySlots %5u\n", buf[53]); if (buf[0] > 54) @@ -942,18 +942,18 @@ parse_ccid_descriptor (ccid_driver_t handle, lower than that: 64 - 10 CCID header - 4 T1frame - 2 reserved = 48 Product Ids: - 0xe001 - SCR 331 - 0x5111 - SCR 331-DI - 0x5115 - SCR 335 - 0xe003 - SPR 532 - The + 0xe001 - SCR 331 + 0x5111 - SCR 331-DI + 0x5115 - SCR 335 + 0xe003 - SPR 532 + The 0x5117 - SCR 3320 USB ID-000 reader seems to be very slow but enabling this workaround boosts the - performance to a a more or less acceptable level (tested by David). - + performance to a a more or less acceptable level (tested by David). + */ if (handle->id_vendor == VENDOR_SCM - && handle->max_ifsd > 48 + && handle->max_ifsd > 48 && ( (handle->id_product == 0xe001 && handle->bcd_device < 0x0516) ||(handle->id_product == 0x5111 && handle->bcd_device < 0x0620) ||(handle->id_product == 0x5115 && handle->bcd_device < 0x0514) @@ -992,7 +992,7 @@ get_escaped_usb_string (usb_dev_handle *idev, int idx, If we do don't find it we try to use English. Note that this is all in a 2 bute Unicode encoding using little endian. */ rc = usb_control_msg (idev, USB_ENDPOINT_IN, USB_REQ_GET_DESCRIPTOR, - (USB_DT_STRING << 8), 0, + (USB_DT_STRING << 8), 0, (char*)buf, sizeof buf, 1000 /* ms timeout */); if (rc < 4) langid = 0x0409; /* English. */ @@ -1014,7 +1014,7 @@ get_escaped_usb_string (usb_dev_handle *idev, int idx, n++; /* High byte set. */ else if (*s <= 0x20 || *s >= 0x7f || *s == '%' || *s == ':') n += 3 ; - else + else n++; } @@ -1033,7 +1033,7 @@ get_escaped_usb_string (usb_dev_handle *idev, int idx, sprintf (result+n, "%%%02X", *s); n += 3; } - else + else result[n++] = *s; } strcpy (result+n, suffix); @@ -1115,7 +1115,7 @@ scan_or_find_usb_device (int scan_mode, int ifc_no; int set_no; struct usb_config_descriptor *config; - struct usb_interface *interface; + struct usb_interface *interface; struct usb_interface_descriptor *ifcdesc; char *rid; usb_dev_handle *idev; @@ -1133,7 +1133,7 @@ scan_or_find_usb_device (int scan_mode, interface = config->interface + ifc_no; if (!interface) continue; - + for (set_no=0; set_no < interface->num_altsetting; set_no++) { ifcdesc = (interface->altsetting + set_no); @@ -1156,7 +1156,7 @@ scan_or_find_usb_device (int scan_mode, strerror (errno)); continue; /* with next setting. */ } - + rid = make_reader_id (idev, dev->descriptor.idVendor, dev->descriptor.idProduct, @@ -1166,7 +1166,7 @@ scan_or_find_usb_device (int scan_mode, if (scan_mode) { char *p; - + /* We are collecting infos about all available CCID readers. Store them and continue. */ @@ -1188,7 +1188,7 @@ scan_or_find_usb_device (int scan_mode, } else /* Out of memory. */ free (rid); - + rid = NULL; ++*count; } @@ -1232,7 +1232,7 @@ scan_or_find_usb_device (int scan_mode, } else free (rid); - + *r_idev = idev; return 1; /* Found requested device. */ } @@ -1246,7 +1246,7 @@ scan_or_find_usb_device (int scan_mode, } free (rid); } - + usb_close (idev); idev = NULL; return 0; @@ -1259,7 +1259,7 @@ scan_or_find_usb_device (int scan_mode, } /* Combination function to either scan all CCID devices or to find and - open one specific device. + open one specific device. The function returns 0 if a reader has been found or when a scan returned without error. @@ -1318,7 +1318,7 @@ scan_or_find_devices (int readerno, const char *readerid, if (r_rid) *r_rid = NULL; if (r_dev) - *r_dev = NULL; + *r_dev = NULL; if (ifcdesc_extra) *ifcdesc_extra = NULL; if (ifcdesc_extra_len) @@ -1331,7 +1331,7 @@ scan_or_find_devices (int readerno, const char *readerid, *r_fd = -1; /* See whether we want scan or find mode. */ - if (scan_mode) + if (scan_mode) { assert (r_rid); } @@ -1345,7 +1345,7 @@ scan_or_find_devices (int readerno, const char *readerid, busses = usb_busses; #endif - for (bus = busses; bus; bus = bus->next) + for (bus = busses; bus; bus = bus->next) { for (dev = bus->devices; dev; dev = dev->next) { @@ -1367,7 +1367,7 @@ scan_or_find_devices (int readerno, const char *readerid, return -1; /* error */ } *r_idev = idev; - return 0; + return 0; } } } @@ -1494,9 +1494,9 @@ ccid_get_reader_list (void) } -/* Open the reader with the internal number READERNO and return a +/* Open the reader with the internal number READERNO and return a pointer to be used as handle in HANDLE. Returns 0 on success. */ -int +int ccid_open_reader (ccid_driver_t *handle, const char *readerid) { int rc = 0; @@ -1592,7 +1592,7 @@ ccid_open_reader (ccid_driver_t *handle, const char *readerid) rc = CCID_DRIVER_ERR_NO_READER; goto leave; } - + rc = usb_claim_interface (idev, ifc_no); if (rc) { @@ -1626,7 +1626,7 @@ do_close_reader (ccid_driver_t handle) unsigned char msg[100]; size_t msglen; unsigned char seqno; - + if (!handle->powered_off) { msg[0] = PC_to_RDR_IccPowerOff; @@ -1637,7 +1637,7 @@ do_close_reader (ccid_driver_t handle) msg[9] = 0; /* RFU */ set_msg_len (msg, 0); msglen = 10; - + rc = bulk_out (handle, msg, msglen, 0); if (!rc) bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_SlotStatus, @@ -1661,12 +1661,12 @@ do_close_reader (ccid_driver_t handle) /* Reset a reader on HANDLE. This is useful in case a reader has been plugged of and inserted at a different port. By resetting the handle, the same reader will be get used. Note, that on error the - handle won't get released. + handle won't get released. This does not return an ATR, so ccid_get_atr should be called right after this one. */ -int +int ccid_shutdown_reader (ccid_driver_t handle) { int rc = 0; @@ -1704,7 +1704,7 @@ ccid_shutdown_reader (ccid_driver_t handle) rc = CCID_DRIVER_ERR_NO_READER; goto leave; } - + rc = usb_claim_interface (idev, ifc_no); if (rc) { @@ -1731,8 +1731,8 @@ ccid_shutdown_reader (ccid_driver_t handle) } -int -ccid_set_progress_cb (ccid_driver_t handle, +int +ccid_set_progress_cb (ccid_driver_t handle, void (*cb)(void *, const char *, int, int, int), void *cb_arg) { @@ -1746,7 +1746,7 @@ ccid_set_progress_cb (ccid_driver_t handle, /* Close the reader HANDLE. */ -int +int ccid_close_reader (ccid_driver_t handle) { if (!handle || (!handle->idev && handle->dev_fd == -1)) @@ -1774,7 +1774,7 @@ writen (int fd, const void *buf, size_t nbytes) { size_t nleft = nbytes; int nwritten; - + while (nleft > 0) { nwritten = write (fd, buf, nleft); @@ -1788,7 +1788,7 @@ writen (int fd, const void *buf, size_t nbytes) nleft -= nwritten; buf = (const char*)buf + nwritten; } - + return 0; } @@ -1857,10 +1857,10 @@ bulk_out (ccid_driver_t handle, unsigned char *msg, size_t msglen, break; } } - + if (handle->idev) { - rc = usb_bulk_write (handle->idev, + rc = usb_bulk_write (handle->idev, handle->ep_bulk_out, (char*)msg, msglen, 5000 /* ms timeout */); @@ -1897,7 +1897,7 @@ bulk_out (ccid_driver_t handle, unsigned char *msg, size_t msglen, return 0; DEBUGOUT_2 ("writen to %d failed: %s\n", handle->dev_fd, strerror (errno)); - + } return CCID_DRIVER_ERR_CARD_IO_ERROR; } @@ -1925,7 +1925,7 @@ bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length, retry: if (handle->idev) { - rc = usb_bulk_read (handle->idev, + rc = usb_bulk_read (handle->idev, handle->ep_bulk_in, (char*)buffer, length, timeout); @@ -1967,12 +1967,12 @@ bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length, abort_cmd (handle, seqno); return CCID_DRIVER_ERR_INV_VALUE; } - if (buffer[5] != 0) + if (buffer[5] != 0) { DEBUGOUT_1 ("unexpected bulk-in slot (%d)\n", buffer[5]); return CCID_DRIVER_ERR_INV_VALUE; } - if (buffer[6] != seqno) + if (buffer[6] != seqno) { DEBUGOUT_2 ("bulk-in seqno does not match (%d/%d)\n", seqno, buffer[6]); @@ -1985,7 +1985,7 @@ bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length, for the Cherry keyboard which sends a time extension request for each key hit. */ if ( !(buffer[7] & 0x03) && (buffer[7] & 0xC0) == 0x80) - { + { /* Card present and active, time extension requested. */ DEBUGOUT_2 ("time extension requested (%02X,%02X)\n", buffer[7], buffer[8]); @@ -2055,13 +2055,13 @@ abort_cmd (ccid_driver_t handle, int seqno) /* I don't know how to send an abort to non-USB devices. */ rc = CCID_DRIVER_ERR_NOT_SUPPORTED; } - + seqno &= 0xff; DEBUGOUT_1 ("sending abort sequence for seqno %d\n", seqno); /* Send the abort command to the control pipe. Note that we don't need to keep track of sent abort commands because there should never be another thread using the same slot concurrently. */ - rc = usb_control_msg (handle->idev, + rc = usb_control_msg (handle->idev, 0x21,/* bmRequestType: host-to-device, class specific, to interface. */ 1, /* ABORT */ @@ -2081,7 +2081,7 @@ abort_cmd (ccid_driver_t handle, int seqno) seqno--; /* Adjust for next increment. */ do { - seqno++; + seqno++; msg[0] = PC_to_RDR_Abort; msg[5] = 0; /* slot */ msg[6] = seqno; @@ -2091,24 +2091,24 @@ abort_cmd (ccid_driver_t handle, int seqno) msglen = 10; set_msg_len (msg, 0); - rc = usb_bulk_write (handle->idev, + rc = usb_bulk_write (handle->idev, handle->ep_bulk_out, (char*)msg, msglen, 5000 /* ms timeout */); if (rc == msglen) rc = 0; else if (rc == -1) - DEBUGOUT_1 ("usb_bulk_write error in abort_cmd: %s\n", + DEBUGOUT_1 ("usb_bulk_write error in abort_cmd: %s\n", strerror (errno)); else DEBUGOUT_1 ("usb_bulk_write failed in abort_cmd: %d\n", rc); if (rc) return rc; - - rc = usb_bulk_read (handle->idev, + + rc = usb_bulk_read (handle->idev, handle->ep_bulk_in, - (char*)msg, sizeof msg, + (char*)msg, sizeof msg, 5000 /*ms timeout*/); if (rc < 0) { @@ -2124,7 +2124,7 @@ abort_cmd (ccid_driver_t handle, int seqno) (unsigned int)msglen); return CCID_DRIVER_ERR_INV_VALUE; } - if (msg[5] != 0) + if (msg[5] != 0) { DEBUGOUT_1 ("unexpected bulk-in slot (%d) in abort_cmd\n", msg[5]); return CCID_DRIVER_ERR_INV_VALUE; @@ -2149,7 +2149,7 @@ abort_cmd (ccid_driver_t handle, int seqno) operation will get returned in RESULT and its length in RESULTLEN. If the response is larger than RESULTMAX, an error is returned and the required buffer length returned in RESULTLEN. */ -static int +static int send_escape_cmd (ccid_driver_t handle, const unsigned char *data, size_t datalen, unsigned char *result, size_t resultmax, size_t *resultlen) @@ -2201,7 +2201,7 @@ send_escape_cmd (ccid_driver_t handle, default: break; } - + return rc; } @@ -2227,14 +2227,14 @@ ccid_poll (ccid_driver_t handle) if (handle->idev) { - rc = usb_bulk_read (handle->idev, + rc = usb_bulk_read (handle->idev, handle->ep_intr, (char*)msg, sizeof msg, 0 /* ms timeout */ ); if (rc < 0 && errno == ETIMEDOUT) return 0; } - else + else return 0; if (rc < 0) @@ -2258,12 +2258,12 @@ ccid_poll (ccid_driver_t handle) for (i=1; i < msglen; i++) for (j=0; j < 4; j++) DEBUGOUT_CONT_3 (" %d:%c%c", - (i-1)*4+j, + (i-1)*4+j, (msg[i] & (1<<(j*2)))? 'p':'-', (msg[i] & (2<<(j*2)))? '*':' '); DEBUGOUT_LF (); } - else if (msg[0] == RDR_to_PC_HardwareError) + else if (msg[0] == RDR_to_PC_HardwareError) { DEBUGOUT ("hardware error occured\n"); } @@ -2278,7 +2278,7 @@ ccid_poll (ccid_driver_t handle) /* Note that this function won't return the error codes NO_CARD or CARD_INACTIVE */ -int +int ccid_slot_status (ccid_driver_t handle, int *statusbits) { int rc; @@ -2328,7 +2328,7 @@ ccid_slot_status (ccid_driver_t handle, int *statusbits) /* Return the ATR of the card. This is not a cached value and thus an actual reset is done. */ -int +int ccid_get_atr (ccid_driver_t handle, unsigned char *atr, size_t maxatrlen, size_t *atrlen) { @@ -2387,7 +2387,7 @@ ccid_get_atr (ccid_driver_t handle, handle->powered_off = 0; - + if (atr) { size_t n = msglen - 10; @@ -2462,7 +2462,7 @@ ccid_get_atr (ccid_driver_t handle, tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0; tpdu[1] = (0xc0 | 0 | 1); /* S-block request: change IFSD */ tpdu[2] = 1; - tpdu[3] = handle->max_ifsd? handle->max_ifsd : 32; + tpdu[3] = handle->max_ifsd? handle->max_ifsd : 32; tpdulen = 4; edc = compute_edc (tpdu, tpdulen, use_crc); if (use_crc) @@ -2472,7 +2472,7 @@ ccid_get_atr (ccid_driver_t handle, msg[0] = PC_to_RDR_XfrBlock; msg[5] = 0; /* slot */ msg[6] = seqno = handle->seqno++; - msg[7] = 0; + msg[7] = 0; msg[8] = 0; /* RFU */ msg[9] = 0; /* RFU */ set_msg_len (msg, tpdulen); @@ -2495,12 +2495,12 @@ ccid_get_atr (ccid_driver_t handle, RDR_to_PC_DataBlock, seqno, 5000, 0); if (rc) return rc; - + tpdu = msg + 10; tpdulen = msglen - 10; - - if (tpdulen < 4) - return CCID_DRIVER_ERR_ABORTED; + + if (tpdulen < 4) + return CCID_DRIVER_ERR_ABORTED; if (debug_level > 1) DEBUGOUT_4 ("T=1: got %c-block seq=%d err=%d%s\n", @@ -2525,7 +2525,7 @@ ccid_get_atr (ccid_driver_t handle, -static unsigned int +static unsigned int compute_edc (const unsigned char *data, size_t datalen, int use_crc) { if (use_crc) @@ -2535,7 +2535,7 @@ compute_edc (const unsigned char *data, size_t datalen, int use_crc) else { unsigned char crc = 0; - + for (; datalen; datalen--) crc ^= *data++; return crc; @@ -2580,7 +2580,7 @@ ccid_transceive_apdu_level (ccid_driver_t handle, extended APDU exchange level is not yet supported. */ if (apdulen > 261) return CCID_DRIVER_ERR_INV_VALUE; /* Invalid length. */ - + msg[0] = PC_to_RDR_XfrBlock; msg[5] = 0; /* slot */ msg[6] = seqno = handle->seqno++; @@ -2600,10 +2600,10 @@ ccid_transceive_apdu_level (ccid_driver_t handle, RDR_to_PC_DataBlock, seqno, 5000, 0); if (rc) return rc; - + apdu = msg + 10; apdulen = msglen - 10; - + if (resp) { if (apdulen > maxresplen) @@ -2613,11 +2613,11 @@ ccid_transceive_apdu_level (ccid_driver_t handle, (unsigned int)apdulen, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, apdu, apdulen); + + memcpy (resp, apdu, apdulen); *nresp = apdulen; } - + return 0; } @@ -2628,15 +2628,15 @@ ccid_transceive_apdu_level (ccid_driver_t handle, Block Structure: Prologue Field: - 1 byte Node Address (NAD) + 1 byte Node Address (NAD) 1 byte Protocol Control Byte (PCB) - 1 byte Length (LEN) + 1 byte Length (LEN) Information Field: 0-254 byte APDU or Control Information (INF) Epilogue Field: 1 byte Error Detection Code (EDC) - NAD: + NAD: bit 7 unused bit 4..6 Destination Node Address (DAD) bit 3 unused @@ -2651,7 +2651,7 @@ ccid_transceive_apdu_level (ccid_driver_t handle, Information Block (I-Block): bit 7 0 bit 6 Sequence number (yep, that is modulo 2) - bit 5 Chaining flag + bit 5 Chaining flag bit 4..0 reserved Received-Ready Block (R-Block): bit 7 1 @@ -2754,7 +2754,7 @@ ccid_transceive (ccid_driver_t handle, if (apdulen > handle->ifsc ) { apdulen = handle->ifsc; - apdu_buf += handle->ifsc; + apdu_buf += handle->ifsc; apdu_buflen -= handle->ifsc; tpdu[1] |= (1 << 5); /* Set more bit. */ } @@ -2801,14 +2801,14 @@ ccid_transceive (ccid_driver_t handle, : !!(msg[pcboff] & 0x40)), (!(msg[pcboff] & 0x80) && (msg[pcboff] & 0x20)? " [more]":"")); - + rc = bulk_out (handle, msg, msglen, 0); if (rc) return rc; msg = recv_buffer; rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen, - via_escape? RDR_to_PC_Escape : RDR_to_PC_DataBlock, + via_escape? RDR_to_PC_Escape : RDR_to_PC_DataBlock, seqno, 5000, 0); if (rc) return rc; @@ -2816,11 +2816,11 @@ ccid_transceive (ccid_driver_t handle, tpdu = msg + hdrlen; tpdulen = msglen - hdrlen; resyncing = 0; - - if (tpdulen < 4) + + if (tpdulen < 4) { usb_clear_halt (handle->idev, handle->ep_bulk_in); - return CCID_DRIVER_ERR_ABORTED; + return CCID_DRIVER_ERR_ABORTED; } if (debug_level > 1) @@ -2872,16 +2872,16 @@ ccid_transceive (ccid_driver_t handle, (unsigned int)n, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, p, n); + + memcpy (resp, p, n); resp += n; *nresp += n; maxresplen -= n; } - + if (!(tpdu[1] & 0x20)) return 0; /* No chaining requested - ready. */ - + msg = send_buffer; tpdu = msg + hdrlen; tpdu[0] = nad_byte; @@ -2895,8 +2895,8 @@ ccid_transceive (ccid_driver_t handle, } else if ((tpdu[1] & 0xc0) == 0x80) { /* This is a R-block. */ - if ( (tpdu[1] & 0x0f)) - { + if ( (tpdu[1] & 0x0f)) + { retries++; if (via_escape && retries == 1 && (msg[pcboff] & 0x0f)) { @@ -2946,7 +2946,7 @@ ccid_transceive (ccid_driver_t handle, return CCID_DRIVER_ERR_CARD_IO_ERROR; } } - else + else { /* This is a S-block. */ retries = 0; DEBUGOUT_2 ("T=1: S-block %s received cmd=%d\n", @@ -3010,14 +3010,14 @@ ccid_transceive (ccid_driver_t handle, /* Send the CCID Secure command to the reader. APDU_BUF should contain the APDU template. PIN_MODE defines how the pin gets formatted: - + 1 := The PIN is ASCII encoded and of variable length. The length of the PIN entered will be put into Lc by the reader. The APDU should me made up of 4 bytes without Lc. PINLEN_MIN and PINLEN_MAX define the limits for the pin length. 0 may be used t enable reasonable defaults. PIN_PADLEN should be 0. - + When called with RESP and NRESP set to NULL, the function will merely check whether the reader supports the secure command for the given APDU and PIN_MODE. */ @@ -3025,7 +3025,7 @@ int ccid_transceive_secure (ccid_driver_t handle, const unsigned char *apdu_buf, size_t apdu_buflen, int pin_mode, int pinlen_min, int pinlen_max, - int pin_padlen, + int pin_padlen, unsigned char *resp, size_t maxresplen, size_t *nresp) { int rc; @@ -3049,7 +3049,7 @@ ccid_transceive_secure (ccid_driver_t handle, return CCID_DRIVER_ERR_NOT_SUPPORTED; /* Not yet by our code. */ else return CCID_DRIVER_ERR_NO_KEYPAD; - + if (pin_mode != 1) return CCID_DRIVER_ERR_NOT_SUPPORTED; @@ -3063,7 +3063,7 @@ ccid_transceive_secure (ccid_driver_t handle, /* Note that the 25 is the maximum value the SPR532 allows. */ if (pinlen_min < 1 || pinlen_min > 25 - || pinlen_max < 1 || pinlen_max > 25 + || pinlen_max < 1 || pinlen_max > 25 || pinlen_min > pinlen_max) return CCID_DRIVER_ERR_INV_VALUE; @@ -3091,7 +3091,7 @@ ccid_transceive_secure (ccid_driver_t handle, if (testmode) return 0; /* Success */ - + msg = send_buffer; if (handle->id_vendor == VENDOR_SCM) { @@ -3121,7 +3121,7 @@ ccid_transceive_secure (ccid_driver_t handle, else { msg[13] = 0x00; /* bmPINBlockString: - 0 bits of pin length to insert. + 0 bits of pin length to insert. 0 bytes of PIN block size. */ msg[14] = 0x00; /* bmPINLengthFormat: Units are bytes, position is 0. */ @@ -3157,13 +3157,13 @@ ccid_transceive_secure (ccid_driver_t handle, rc = bulk_out (handle, msg, msglen, 0); if (rc) return rc; - + msg = recv_buffer; rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen, RDR_to_PC_DataBlock, seqno, 30000, 0); if (rc) return rc; - + tpdu = msg + 10; tpdulen = msglen - 10; @@ -3178,17 +3178,17 @@ ccid_transceive_secure (ccid_driver_t handle, (unsigned int)tpdulen, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, tpdu, tpdulen); + + memcpy (resp, tpdu, tpdulen); *nresp = tpdulen; } return 0; } - - if (tpdulen < 4) + + if (tpdulen < 4) { usb_clear_halt (handle->idev, handle->ep_bulk_in); - return CCID_DRIVER_ERR_ABORTED; + return CCID_DRIVER_ERR_ABORTED; } if (debug_level > 1) DEBUGOUT_4 ("T=1: got %c-block seq=%d err=%d%s\n", @@ -3223,22 +3223,22 @@ ccid_transceive_secure (ccid_driver_t handle, (unsigned int)n, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, p, n); + + memcpy (resp, p, n); resp += n; *nresp += n; maxresplen -= n; } - + if (!(tpdu[1] & 0x20)) return 0; /* No chaining requested - ready. */ - + DEBUGOUT ("chaining requested but not supported for Secure operation\n"); return CCID_DRIVER_ERR_CARD_IO_ERROR; } else if ((tpdu[1] & 0xc0) == 0x80) { /* This is a R-block. */ - if ( (tpdu[1] & 0x0f)) + if ( (tpdu[1] & 0x0f)) { /* Error: repeat last block */ DEBUGOUT ("No retries supported for Secure operation\n"); return CCID_DRIVER_ERR_CARD_IO_ERROR; @@ -3254,13 +3254,13 @@ ccid_transceive_secure (ccid_driver_t handle, return CCID_DRIVER_ERR_CARD_IO_ERROR; } } - else + else { /* This is a S-block. */ DEBUGOUT_2 ("T=1: S-block %s received cmd=%d for Secure operation\n", (tpdu[1] & 0x20)? "response": "request", (tpdu[1] & 0x1f)); return CCID_DRIVER_ERR_CARD_IO_ERROR; - } + } return 0; } @@ -3416,7 +3416,7 @@ main (int argc, char **argv) result, sizeof result, &resultlen); print_result (rc, result, resultlen); } - + if (!no_poll) ccid_poll (ccid); @@ -3437,7 +3437,7 @@ main (int argc, char **argv) { static unsigned char apdu[] = { 0, 0x20, 0, 0x81 }; - + if (ccid_transceive_secure (ccid, apdu, sizeof apdu, 1, 0, 0, 0, @@ -3446,7 +3446,7 @@ main (int argc, char **argv) else { fputs ("verifying CHV1 using the PINPad ....\n", stderr); - + rc = ccid_transceive_secure (ccid, apdu, sizeof apdu, 1, 0, 0, 0, @@ -3455,7 +3455,7 @@ main (int argc, char **argv) did_verify = 1; } } - + if (verify_123456 && !did_verify) { fputs ("verifying that CHV1 is 123456....\n", stderr); diff --git a/scd/ccid-driver.h b/scd/ccid-driver.h index 6bb1913e1..8b709aee8 100644 --- a/scd/ccid-driver.h +++ b/scd/ccid-driver.h @@ -59,7 +59,7 @@ /* The CID driver returns the same error codes as the status words used by GnuPG's apdu.h. For ease of maintenance they should always match. */ -#define CCID_DRIVER_ERR_OUT_OF_CORE 0x10001 +#define CCID_DRIVER_ERR_OUT_OF_CORE 0x10001 #define CCID_DRIVER_ERR_INV_VALUE 0x10002 #define CCID_DRIVER_ERR_INCOMPLETE_CARD_RESPONSE = 0x10003 #define CCID_DRIVER_ERR_NO_DRIVER 0x10004 @@ -80,7 +80,7 @@ typedef struct ccid_driver_s *ccid_driver_t; int ccid_set_debug_level (int level); char *ccid_get_reader_list (void); int ccid_open_reader (ccid_driver_t *handle, const char *readerid); -int ccid_set_progress_cb (ccid_driver_t handle, +int ccid_set_progress_cb (ccid_driver_t handle, void (*cb)(void *, const char *, int, int, int), void *cb_arg); int ccid_shutdown_reader (ccid_driver_t handle); @@ -93,8 +93,8 @@ int ccid_transceive (ccid_driver_t handle, unsigned char *resp, size_t maxresplen, size_t *nresp); int ccid_transceive_secure (ccid_driver_t handle, const unsigned char *apdu, size_t apdulen, - int pin_mode, - int pinlen_min, int pinlen_max, int pin_padlen, + int pin_mode, + int pinlen_min, int pinlen_max, int pin_padlen, unsigned char *resp, size_t maxresplen, size_t *nresp); int ccid_transceive_escape (ccid_driver_t handle, const unsigned char *data, size_t datalen, @@ -104,6 +104,3 @@ int ccid_transceive_escape (ccid_driver_t handle, #endif /*CCID_DRIVER_H*/ - - - diff --git a/scd/command.c b/scd/command.c index a44378d43..be11ccb77 100644 --- a/scd/command.c +++ b/scd/command.c @@ -75,7 +75,7 @@ static int reader_disabled; /* This structure is used to keep track of open readers (slots). */ -struct slot_status_s +struct slot_status_s { int valid; /* True if the other objects are valid. */ int slot; /* Slot number of the reader or -1 if not open. */ @@ -92,11 +92,11 @@ struct slot_status_s /* Data used to associate an Assuan context with local server data. This object describes the local properties of one session. */ -struct server_local_s +struct server_local_s { /* We keep a list of all active sessions with the anchor at SESSION_LIST (see below). This field is used for linking. */ - struct server_local_s *next_session; + struct server_local_s *next_session; /* This object is usually assigned to a CTRL object (which is globally visible). While enumerating all sessions we sometimes @@ -112,10 +112,10 @@ struct server_local_s #else int event_signal; /* Or 0 if not used. */ #endif - + /* True if the card has been removed and a reset is required to continue operation. */ - int card_removed; + int card_removed; /* Flag indicating that the application context needs to be released at the next opportunity. */ @@ -126,7 +126,7 @@ struct server_local_s /* If set to true we will be terminate ourself at the end of the this session. */ - int stopme; + int stopme; }; @@ -256,7 +256,7 @@ hex_to_buffer (const char *string, size_t *r_length) return NULL; for (s=string, n=0; *s; s++) { - if (spacep (s) || *s == ':') + if (spacep (s) || *s == ':') continue; if (hexdigitp (s) && hexdigitp (s+1)) { @@ -293,7 +293,7 @@ do_reset (ctrl_t ctrl, int send_reset) if (send_reset) { struct server_local_s *sl; - + for (sl=session_list; sl; sl = sl->next_session) if (sl->ctrl_backlink && sl->ctrl_backlink->reader_slot == slot) @@ -307,7 +307,7 @@ do_reset (ctrl_t ctrl, int send_reset) tell the application layer about it. */ if (slot != -1 && send_reset && !IS_LOCKED (ctrl) ) { - if (apdu_reset (slot)) + if (apdu_reset (slot)) { slot_table[slot].valid = 0; } @@ -345,7 +345,7 @@ do_reset (ctrl_t ctrl, int send_reset) static gpg_error_t reset_notify (assuan_context_t ctx, char *line) { - ctrl_t ctrl = assuan_get_pointer (ctx); + ctrl_t ctrl = assuan_get_pointer (ctx); (void) line; @@ -489,7 +489,7 @@ open_card (ctrl_t ctrl, const char *apptype) } -static const char hlp_serialno[] = +static const char hlp_serialno[] = "SERIALNO []\n" "\n" "Return the serial number of the card using a status reponse. This\n" @@ -544,7 +544,7 @@ cmd_serialno (assuan_context_t ctx, char *line) } -static const char hlp_learn[] = +static const char hlp_learn[] = "LEARN [--force] [--keypairinfo]\n" "\n" "Learn all useful information of the currently inserted card. When\n" @@ -632,7 +632,7 @@ cmd_learn (assuan_context_t ctx, char *line) char *serial_and_stamp; char *serial; time_t stamp; - + rc = app_get_serial_and_stamp (ctrl->app_ctx, &serial, &stamp); if (rc) return rc; @@ -643,11 +643,11 @@ cmd_learn (assuan_context_t ctx, char *line) return out_of_core (); rc = 0; assuan_write_status (ctx, "SERIALNO", serial_and_stamp); - + if (!has_option (line, "--force")) { char *command; - + rc = estream_asprintf (&command, "KNOWNCARDP %s", serial_and_stamp); if (rc < 0) { @@ -655,7 +655,7 @@ cmd_learn (assuan_context_t ctx, char *line) return out_of_core (); } rc = 0; - rc = assuan_inquire (ctx, command, NULL, NULL, 0); + rc = assuan_inquire (ctx, command, NULL, NULL, 0); xfree (command); if (rc) { @@ -663,13 +663,13 @@ cmd_learn (assuan_context_t ctx, char *line) log_error ("inquire KNOWNCARDP failed: %s\n", gpg_strerror (rc)); xfree (serial_and_stamp); - return rc; + return rc; } /* Not canceled, so we have to proceeed. */ } xfree (serial_and_stamp); } - + /* Let the application print out its collection of useful status information. */ if (!rc) @@ -715,7 +715,7 @@ cmd_readcert (assuan_context_t ctx, char *line) } -static const char hlp_readkey[] = +static const char hlp_readkey[] = "READKEY \n" "\n" "Return the public key for the given cert or key ID as a standard\n" @@ -753,7 +753,7 @@ cmd_readkey (assuan_context_t ctx, char *line) if (gpg_err_code (rc) != GPG_ERR_UNSUPPORTED_OPERATION) log_error ("app_readkey failed: %s\n", gpg_strerror (rc)); - else + else { rc = app_readcert (ctrl->app_ctx, line, &cert, &ncert); if (rc) @@ -763,7 +763,7 @@ cmd_readkey (assuan_context_t ctx, char *line) line = NULL; if (rc) goto leave; - + rc = ksba_cert_new (&kc); if (rc) { @@ -798,7 +798,7 @@ cmd_readkey (assuan_context_t ctx, char *line) -static const char hlp_setdata[] = +static const char hlp_setdata[] = "SETDATA \n" "\n" "The client should use this command to tell us the data he want to sign."; @@ -837,7 +837,7 @@ cmd_setdata (assuan_context_t ctx, char *line) -static gpg_error_t +static gpg_error_t pin_cb (void *opaque, const char *info, char **retstr) { assuan_context_t ctx = opaque; @@ -857,14 +857,14 @@ pin_cb (void *opaque, const char *info, char **retstr) rc = estream_asprintf (&command, "POPUPKEYPADPROMPT %s", info); if (rc < 0) return gpg_error (gpg_err_code_from_errno (errno)); - rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN); - xfree (command); + rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN); + xfree (command); } else { log_debug ("dismiss keypad entry prompt\n"); rc = assuan_inquire (ctx, "DISMISSKEYPADPROMPT", - &value, &valuelen, MAXLEN_PIN); + &value, &valuelen, MAXLEN_PIN); } if (!rc) xfree (value); @@ -880,8 +880,8 @@ pin_cb (void *opaque, const char *info, char **retstr) /* Fixme: Write an inquire function which returns the result in secure memory and check all further handling of the PIN. */ - rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN); - xfree (command); + rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN); + xfree (command); if (rc) return rc; @@ -896,7 +896,7 @@ pin_cb (void *opaque, const char *info, char **retstr) } -static const char hlp_pksign[] = +static const char hlp_pksign[] = "PKSIGN [--hash=[rmd160|sha{1,224,256,384,512}|md5]] \n" "\n" "The --hash option is optional; the default is SHA1."; @@ -925,7 +925,7 @@ cmd_pksign (assuan_context_t ctx, char *line) else if (has_option (line, "--hash=md5")) hash_algo = GCRY_MD_MD5; else if (!strstr (line, "--")) - hash_algo = GCRY_MD_SHA1; + hash_algo = GCRY_MD_SHA1; else return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm"); @@ -943,7 +943,7 @@ cmd_pksign (assuan_context_t ctx, char *line) keyidstr = xtrystrdup (line); if (!keyidstr) return out_of_core (); - + rc = app_sign (ctrl->app_ctx, keyidstr, hash_algo, pin_cb, ctx, @@ -968,7 +968,7 @@ cmd_pksign (assuan_context_t ctx, char *line) } -static const char hlp_pkauth[] = +static const char hlp_pkauth[] = "PKAUTH "; static gpg_error_t cmd_pkauth (assuan_context_t ctx, char *line) @@ -994,7 +994,7 @@ cmd_pkauth (assuan_context_t ctx, char *line) keyidstr = xtrystrdup (line); if (!keyidstr) return out_of_core (); - + rc = app_auth (ctrl->app_ctx, keyidstr, pin_cb, ctx, @@ -1018,7 +1018,7 @@ cmd_pkauth (assuan_context_t ctx, char *line) } -static const char hlp_pkdecrypt[] = +static const char hlp_pkdecrypt[] = "PKDECRYPT "; static gpg_error_t cmd_pkdecrypt (assuan_context_t ctx, char *line) @@ -1039,7 +1039,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line) if (!keyidstr) return out_of_core (); rc = app_decipher (ctrl->app_ctx, - keyidstr, + keyidstr, pin_cb, ctx, ctrl->in_data.value, ctrl->in_data.valuelen, &outdata, &outdatalen); @@ -1062,7 +1062,7 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line) } -static const char hlp_getattr[] = +static const char hlp_getattr[] = "GETATTR \n" "\n" "This command is used to retrieve data from a smartcard. The\n" @@ -1101,7 +1101,7 @@ cmd_getattr (assuan_context_t ctx, char *line) } -static const char hlp_setattr[] = +static const char hlp_setattr[] = "SETATTR \n" "\n" "This command is used to store data on a a smartcard. The allowed\n" @@ -1154,7 +1154,7 @@ cmd_setattr (assuan_context_t ctx, char *orig_line) } -static const char hlp_writecert[] = +static const char hlp_writecert[] = "WRITECERT \n" "\n" "This command is used to store a certifciate on a smartcard. The\n" @@ -1206,7 +1206,7 @@ cmd_writecert (assuan_context_t ctx, char *line) } /* Write the certificate to the card. */ - rc = app_writecert (ctrl->app_ctx, ctrl, certid, + rc = app_writecert (ctrl->app_ctx, ctrl, certid, pin_cb, ctx, certdata, certdatalen); xfree (certid); xfree (certdata); @@ -1216,7 +1216,7 @@ cmd_writecert (assuan_context_t ctx, char *line) } -static const char hlp_writekey[] = +static const char hlp_writekey[] = "WRITEKEY [--force] \n" "\n" "This command is used to store a secret key on a a smartcard. The\n" @@ -1283,7 +1283,7 @@ cmd_writekey (assuan_context_t ctx, char *line) } -static const char hlp_genkey[] = +static const char hlp_genkey[] = "GENKEY [--force] [--timestamp=] \n" "\n" "Generate a key on-card identified by NO, which is application\n" @@ -1357,7 +1357,7 @@ cmd_genkey (assuan_context_t ctx, char *line) } -static const char hlp_random[] = +static const char hlp_random[] = "RANDOM \n" "\n" "Get NBYTES of random from the card and send them back as data.\n" @@ -1374,7 +1374,7 @@ cmd_random (assuan_context_t ctx, char *line) unsigned char *buffer; if (!*line) - return set_error (GPG_ERR_ASS_PARAMETER, + return set_error (GPG_ERR_ASS_PARAMETER, "number of requested bytes missing"); nbytes = strtoul (line, NULL, 0); @@ -1440,7 +1440,7 @@ cmd_passwd (assuan_context_t ctx, char *line) if (!ctrl->app_ctx) return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); - + chvnostr = xtrystrdup (chvnostr); if (!chvnostr) return out_of_core (); @@ -1454,7 +1454,7 @@ cmd_passwd (assuan_context_t ctx, char *line) } -static const char hlp_checkpin[] = +static const char hlp_checkpin[] = "CHECKPIN \n" "\n" "Perform a VERIFY operation without doing anything else. This may\n" @@ -1508,7 +1508,7 @@ cmd_checkpin (assuan_context_t ctx, char *line) idstr = xtrystrdup (line); if (!idstr) return out_of_core (); - + rc = app_check_pin (ctrl->app_ctx, idstr, pin_cb, ctx); xfree (idstr); if (rc) @@ -1519,7 +1519,7 @@ cmd_checkpin (assuan_context_t ctx, char *line) } -static const char hlp_lock[] = +static const char hlp_lock[] = "LOCK [--wait]\n" "\n" "Grant exclusive card access to this session. Note that there is\n" @@ -1556,14 +1556,14 @@ cmd_lock (assuan_context_t ctx, char *line) goto retry; } #endif /*USE_GNU_PTH*/ - + if (rc) log_error ("cmd_lock failed: %s\n", gpg_strerror (rc)); return rc; } -static const char hlp_unlock[] = +static const char hlp_unlock[] = "UNLOCK\n" "\n" "Release exclusive card access."; @@ -1591,7 +1591,7 @@ cmd_unlock (assuan_context_t ctx, char *line) } -static const char hlp_getinfo[] = +static const char hlp_getinfo[] = "GETINFO \n" "\n" "Multi purpose command to return certain information. \n" @@ -1653,7 +1653,7 @@ cmd_getinfo (assuan_context_t ctx, char *line) if (!ctrl->server_local->card_removed && slot != -1) { struct slot_status_s *ss; - + if (!(slot >= 0 && slot < DIM(slot_table))) BUG (); @@ -1674,7 +1674,7 @@ cmd_getinfo (assuan_context_t ctx, char *line) #else char *s = NULL; #endif - + if (s) rc = assuan_send_data (ctx, s, strlen (s)); else @@ -1698,7 +1698,7 @@ cmd_getinfo (assuan_context_t ctx, char *line) } -static const char hlp_restart[] = +static const char hlp_restart[] = "RESTART\n" "\n" "Restart the current connection; this is a kind of warm reset. It\n" @@ -1729,7 +1729,7 @@ cmd_restart (assuan_context_t ctx, char *line) } -static const char hlp_disconnect[] = +static const char hlp_disconnect[] = "DISCONNECT\n" "\n" "Disconnect the card if it is not any longer used by other\n" @@ -1740,14 +1740,14 @@ cmd_disconnect (assuan_context_t ctx, char *line) ctrl_t ctrl = assuan_get_pointer (ctx); (void)line; - + ctrl->server_local->disconnect_allowed = 1; return 0; } -static const char hlp_apdu[] = +static const char hlp_apdu[] = "APDU [--atr] [--more] [--exlen[=N]] [hexstring]\n" "\n" "Send an APDU to the current reader. This command bypasses the high\n" @@ -1804,7 +1804,7 @@ cmd_apdu (assuan_context_t ctx, char *line) unsigned char *atr; size_t atrlen; char hexbuf[400]; - + atr = apdu_get_atr (ctrl->reader_slot, &atrlen); if (!atr || atrlen > sizeof hexbuf - 2 ) { @@ -1846,7 +1846,7 @@ cmd_apdu (assuan_context_t ctx, char *line) } -static const char hlp_killscd[] = +static const char hlp_killscd[] = "KILLSCD\n" "\n" "Commit suicide."; @@ -1880,8 +1880,8 @@ register_commands (assuan_context_t ctx) { "PKSIGN", cmd_pksign, hlp_pksign }, { "PKAUTH", cmd_pkauth, hlp_pkauth }, { "PKDECRYPT", cmd_pkdecrypt,hlp_pkdecrypt }, - { "INPUT", NULL }, - { "OUTPUT", NULL }, + { "INPUT", NULL }, + { "OUTPUT", NULL }, { "GETATTR", cmd_getattr, hlp_getattr }, { "SETATTR", cmd_setattr, hlp_setattr }, { "WRITECERT", cmd_writecert,hlp_writecert }, @@ -1907,7 +1907,7 @@ register_commands (assuan_context_t ctx) table[i].help); if (rc) return rc; - } + } assuan_set_hello_line (ctx, "GNU Privacy Guard's Smartcard server ready"); assuan_register_reset_notify (ctx, reset_notify); @@ -1925,7 +1925,7 @@ scd_command_handler (ctrl_t ctrl, int fd) int rc; assuan_context_t ctx = NULL; int stopme; - + rc = assuan_new (&ctx); if (rc) { @@ -1990,7 +1990,7 @@ scd_command_handler (ctrl_t ctrl, int fd) log_info ("Assuan accept problem: %s\n", gpg_strerror (rc)); break; } - + rc = assuan_process (ctx); if (rc) { @@ -2000,7 +2000,7 @@ scd_command_handler (ctrl_t ctrl, int fd) } /* Cleanup. We don't send an explicit reset to the card. */ - do_reset (ctrl, 0); + do_reset (ctrl, 0); /* Release the server object. */ if (session_list == ctrl->server_local) @@ -2008,7 +2008,7 @@ scd_command_handler (ctrl_t ctrl, int fd) else { struct server_local_s *sl; - + for (sl=session_list; sl->next_session; sl = sl->next_session) if (sl->next_session == ctrl->server_local) break; @@ -2043,10 +2043,10 @@ send_status_info (ctrl_t ctrl, const char *keyword, ...) char buf[950], *p; size_t n; assuan_context_t ctx = ctrl->server_local->assuan_ctx; - + va_start (arg_ptr, keyword); - p = buf; + p = buf; n = 0; while ( (value = va_arg (arg_ptr, const unsigned char *)) ) { @@ -2096,17 +2096,17 @@ static void send_client_notifications (void) { struct { - pid_t pid; + pid_t pid; #ifdef HAVE_W32_SYSTEM HANDLE handle; #else - int signo; + int signo; #endif } killed[50]; int killidx = 0; int kidx; struct server_local_s *sl; - + for (sl=session_list; sl; sl = sl->next_session) { if (sl->event_signal && sl->assuan_ctx) @@ -2114,9 +2114,9 @@ send_client_notifications (void) pid_t pid = assuan_get_pid (sl->assuan_ctx); #ifdef HAVE_W32_SYSTEM HANDLE handle = (void *)sl->event_signal; - + for (kidx=0; kidx < killidx; kidx++) - if (killed[kidx].pid == pid + if (killed[kidx].pid == pid && killed[kidx].handle == handle) break; if (kidx < killidx) @@ -2138,11 +2138,11 @@ send_client_notifications (void) } #else /*!HAVE_W32_SYSTEM*/ int signo = sl->event_signal; - + if (pid != (pid_t)(-1) && pid && signo > 0) { for (kidx=0; kidx < killidx; kidx++) - if (killed[kidx].pid == pid + if (killed[kidx].pid == pid && killed[kidx].signo == signo) break; if (kidx < killidx) @@ -2193,7 +2193,7 @@ update_reader_status_file (int set_card_removed_flag) if (!ss->valid || ss->slot == -1) continue; /* Not valid or reader not yet open. */ - + sw_apdu = apdu_get_status (ss->slot, 0, &status, &changed); if (sw_apdu == SW_HOST_NO_READER) { @@ -2206,7 +2206,7 @@ update_reader_status_file (int set_card_removed_flag) else if (sw_apdu) { /* Get status failed. Ignore that. */ - continue; + continue; } if (!ss->any || ss->status != status || ss->changed != changed ) @@ -2235,14 +2235,14 @@ update_reader_status_file (int set_card_removed_flag) fclose (fp); } xfree (fname); - + /* If a status script is executable, run it. */ { const char *args[9], *envs[2]; char numbuf1[30], numbuf2[30], numbuf3[30]; char *homestr, *envstr; gpg_error_t err; - + homestr = make_filename (opt.homedir, NULL); if (estream_asprintf (&envstr, "GNUPGHOME=%s", homestr) < 0) log_error ("out of core while building environment\n"); @@ -2255,16 +2255,16 @@ update_reader_status_file (int set_card_removed_flag) sprintf (numbuf2, "0x%04X", ss->status); sprintf (numbuf3, "0x%04X", status); args[0] = "--reader-port"; - args[1] = numbuf1; + args[1] = numbuf1; args[2] = "--old-code"; - args[3] = numbuf2; + args[3] = numbuf2; args[4] = "--new-code"; - args[5] = numbuf3; + args[5] = numbuf3; args[6] = "--status"; args[7] = ((status & 1)? "USABLE": (status & 4)? "ACTIVE": (status & 2)? "PRESENT": "NOCARD"); - args[8] = NULL; + args[8] = NULL; fname = make_filename (opt.homedir, "scd-event", NULL); err = gnupg_spawn_process_detached (fname, args, envs); @@ -2282,19 +2282,19 @@ update_reader_status_file (int set_card_removed_flag) SERIALNO request must be done in any case. */ if (ss->any && set_card_removed_flag) update_card_removed (idx, 1); - + ss->any = 1; /* Send a signal to all clients who applied for it. */ send_client_notifications (); } - + /* Check whether a disconnect is pending. */ if (opt.card_timeout) { for (sl=session_list; sl; sl = sl->next_session) if (!sl->disconnect_allowed) - break; + break; if (session_list && !sl) { /* FIXME: Use a real timeout. */ @@ -2303,7 +2303,7 @@ update_reader_status_file (int set_card_removed_flag) apdu_disconnect (ss->slot); } } - + } } diff --git a/scd/iso7816.c b/scd/iso7816.c index b55da4148..318fec8a2 100644 --- a/scd/iso7816.c +++ b/scd/iso7816.c @@ -174,17 +174,17 @@ iso7816_select_path (int slot, const unsigned short *path, size_t pathlen, int sw, p0, p1; unsigned char buffer[100]; int buflen; - + if (result || resultlen) { *result = NULL; *resultlen = 0; return gpg_error (GPG_ERR_NOT_IMPLEMENTED); } - + if (pathlen/2 >= sizeof buffer) return gpg_error (GPG_ERR_TOO_LARGE); - + for (buflen = 0; pathlen; pathlen--, path++) { buffer[buflen++] = (*path >> 8); @@ -231,7 +231,7 @@ iso7816_list_directory (int slot, int list_dirs, it maps the status word and does not return it in the result buffer. */ gpg_error_t -iso7816_apdu_direct (int slot, const void *apdudata, size_t apdudatalen, +iso7816_apdu_direct (int slot, const void *apdudata, size_t apdudatalen, int handle_more, unsigned char **result, size_t *resultlen) { @@ -273,7 +273,7 @@ iso7816_check_keypad (int slot, int command, iso7816_pininfo_t *pininfo) { int sw; - sw = apdu_check_keypad (slot, command, + sw = apdu_check_keypad (slot, command, pininfo->mode, pininfo->minlen, pininfo->maxlen, pininfo->padlen); return iso7816_map_sw (sw); @@ -494,7 +494,7 @@ iso7816_manage_security_env (int slot, int p1, int p2, if (p1 < 0 || p1 > 255 || p2 < 0 || p2 > 255 ) return gpg_error (GPG_ERR_INV_VALUE); - sw = apdu_send_simple (slot, 0, 0x00, CMD_MSE, p1, p2, + sw = apdu_send_simple (slot, 0, 0x00, CMD_MSE, p1, p2, data? datalen : -1, (const char*)data); return map_sw (sw); } @@ -521,7 +521,7 @@ iso7816_compute_ds (int slot, int extended_mode, else if (le >= 0 && le < 256) le = 256; - sw = apdu_send_le (slot, extended_mode, + sw = apdu_send_le (slot, extended_mode, 0x00, CMD_PSO, 0x9E, 0x9A, datalen, (const char*)data, le, @@ -546,7 +546,7 @@ iso7816_compute_ds (int slot, int extended_mode, at RESULT with its length stored at RESULTLEN. For LE see do_generate_keypair. */ gpg_error_t -iso7816_decipher (int slot, int extended_mode, +iso7816_decipher (int slot, int extended_mode, const unsigned char *data, size_t datalen, int le, int padind, unsigned char **result, size_t *resultlen) { @@ -569,10 +569,10 @@ iso7816_decipher (int slot, int extended_mode, buf = xtrymalloc (datalen + 1); if (!buf) return gpg_error (gpg_err_code_from_errno (errno)); - + *buf = padind; /* Padding indicator. */ memcpy (buf+1, data, datalen); - sw = apdu_send_le (slot, extended_mode, + sw = apdu_send_le (slot, extended_mode, 0x00, CMD_PSO, 0x80, 0x86, datalen+1, (char*)buf, le, result, resultlen); @@ -642,7 +642,7 @@ iso7816_internal_authenticate (int slot, int extended_mode, static gpg_error_t do_generate_keypair (int slot, int extended_mode, int read_only, const unsigned char *data, size_t datalen, - int le, + int le, unsigned char **result, size_t *resultlen) { int sw; @@ -673,7 +673,7 @@ do_generate_keypair (int slot, int extended_mode, int read_only, gpg_error_t iso7816_generate_keypair (int slot, int extended_mode, const unsigned char *data, size_t datalen, - int le, + int le, unsigned char **result, size_t *resultlen) { return do_generate_keypair (slot, extended_mode, 0, @@ -684,7 +684,7 @@ iso7816_generate_keypair (int slot, int extended_mode, gpg_error_t iso7816_read_public_key (int slot, int extended_mode, const unsigned char *data, size_t datalen, - int le, + int le, unsigned char **result, size_t *resultlen) { return do_generate_keypair (slot, extended_mode, 1, @@ -707,7 +707,7 @@ iso7816_get_challenge (int slot, int length, unsigned char *buffer) { result = NULL; n = length > 254? 254 : length; - sw = apdu_send_le (slot, 0, + sw = apdu_send_le (slot, 0, 0x00, CMD_GET_CHALLENGE, 0, 0, -1, NULL, n, &result, &resultlen); if (sw != SW_SUCCESS) @@ -818,7 +818,7 @@ iso7816_read_binary (int slot, size_t offset, size_t nmax, nmax = 0; } while ((read_all && sw != SW_EOF_REACHED) || (!read_all && nmax)); - + return 0; } @@ -851,7 +851,7 @@ iso7816_read_record (int slot, int recno, int reccount, int short_ef, buffer = NULL; bufferlen = 0; sw = apdu_send_le (slot, 0, 0x00, CMD_READ_RECORD, - recno, + recno, short_ef? short_ef : 0x04, -1, NULL, 0, &buffer, &bufferlen); @@ -867,7 +867,6 @@ iso7816_read_record (int slot, int recno, int reccount, int short_ef, } *result = buffer; *resultlen = bufferlen; - + return 0; } - diff --git a/scd/iso7816.h b/scd/iso7816.h index 85197124d..a37759dbe 100644 --- a/scd/iso7816.h +++ b/scd/iso7816.h @@ -56,7 +56,7 @@ gpg_error_t iso7816_select_path (int slot, gpg_error_t iso7816_list_directory (int slot, int list_dirs, unsigned char **result, size_t *resultlen); gpg_error_t iso7816_apdu_direct (int slot, - const void *apdudata, size_t apdudatalen, + const void *apdudata, size_t apdudatalen, int handle_more, unsigned char **result, size_t *resultlen); gpg_error_t iso7816_check_keypad (int slot, int command, diff --git a/scd/pcsc-wrapper.c b/scd/pcsc-wrapper.c index a7b219822..f2f6d52bc 100644 --- a/scd/pcsc-wrapper.c +++ b/scd/pcsc-wrapper.c @@ -27,7 +27,7 @@ pcsc interface but to a higher level one which resembles the code used in scdaemon (apdu.c) when not using Pth or while running under Windows. - + The interface is binary consisting of a command tag and the length of the parameter list. The calling process needs to pass the version number of the interface on the command line to make sure @@ -56,7 +56,7 @@ #define MYVERSION_LINE PGM " (GnuPG) " VERSION #define BUGREPORT_LINE "\nReport bugs to .\n" #else -#define MYVERSION_LINE PGM +#define MYVERSION_LINE PGM #define BUGREPORT_LINE "" #endif @@ -67,14 +67,14 @@ static int verbose; /* PC/SC constants and function pointer. */ -#define PCSC_SCOPE_USER 0 -#define PCSC_SCOPE_TERMINAL 1 -#define PCSC_SCOPE_SYSTEM 2 -#define PCSC_SCOPE_GLOBAL 3 +#define PCSC_SCOPE_USER 0 +#define PCSC_SCOPE_TERMINAL 1 +#define PCSC_SCOPE_SYSTEM 2 +#define PCSC_SCOPE_GLOBAL 3 -#define PCSC_PROTOCOL_T0 1 -#define PCSC_PROTOCOL_T1 2 -#define PCSC_PROTOCOL_RAW 4 +#define PCSC_PROTOCOL_T0 1 +#define PCSC_PROTOCOL_T1 2 +#define PCSC_PROTOCOL_RAW 4 #define PCSC_SHARE_EXCLUSIVE 1 #define PCSC_SHARE_SHARED 2 @@ -85,7 +85,7 @@ static int verbose; #define PCSC_UNPOWER_CARD 2 #define PCSC_EJECT_CARD 3 -#define PCSC_UNKNOWN 0x0001 +#define PCSC_UNKNOWN 0x0001 #define PCSC_ABSENT 0x0002 /* Card is absent. */ #define PCSC_PRESENT 0x0004 /* Card is present. */ #define PCSC_SWALLOWED 0x0008 /* Card is present and electrical connected. */ @@ -106,7 +106,7 @@ static int verbose; #define PCSC_STATE_MUTE 0x0200 /* Unresponsive card. */ struct pcsc_io_request_s { - unsigned long protocol; + unsigned long protocol; unsigned long pci_len; }; @@ -235,7 +235,7 @@ request_succeeded (const void *buffer, size_t buflen) fflush (stdout); } - + static unsigned long @@ -271,40 +271,40 @@ pcsc_error_string (long err) { case 0x0002: s = "cancelled"; break; case 0x000e: s = "can't dispose"; break; - case 0x0008: s = "insufficient buffer"; break; + case 0x0008: s = "insufficient buffer"; break; case 0x0015: s = "invalid ATR"; break; case 0x0003: s = "invalid handle"; break; - case 0x0004: s = "invalid parameter"; break; + case 0x0004: s = "invalid parameter"; break; case 0x0005: s = "invalid target"; break; - case 0x0011: s = "invalid value"; break; - case 0x0006: s = "no memory"; break; - case 0x0013: s = "comm error"; break; - case 0x0001: s = "internal error"; break; - case 0x0014: s = "unknown error"; break; - case 0x0007: s = "waited too long"; break; + case 0x0011: s = "invalid value"; break; + case 0x0006: s = "no memory"; break; + case 0x0013: s = "comm error"; break; + case 0x0001: s = "internal error"; break; + case 0x0014: s = "unknown error"; break; + case 0x0007: s = "waited too long"; break; case 0x0009: s = "unknown reader"; break; - case 0x000a: s = "timeout"; break; - case 0x000b: s = "sharing violation"; break; + case 0x000a: s = "timeout"; break; + case 0x000b: s = "sharing violation"; break; case 0x000c: s = "no smartcard"; break; - case 0x000d: s = "unknown card"; break; - case 0x000f: s = "proto mismatch"; break; - case 0x0010: s = "not ready"; break; - case 0x0012: s = "system cancelled"; break; + case 0x000d: s = "unknown card"; break; + case 0x000f: s = "proto mismatch"; break; + case 0x0010: s = "not ready"; break; + case 0x0012: s = "system cancelled"; break; case 0x0016: s = "not transacted"; break; - case 0x0017: s = "reader unavailable"; break; - case 0x0065: s = "unsupported card"; break; - case 0x0066: s = "unresponsive card"; break; - case 0x0067: s = "unpowered card"; break; - case 0x0068: s = "reset card"; break; - case 0x0069: s = "removed card"; break; - case 0x006a: s = "inserted card"; break; - case 0x001f: s = "unsupported feature"; break; - case 0x0019: s = "PCI too small"; break; - case 0x001a: s = "reader unsupported"; break; - case 0x001b: s = "duplicate reader"; break; - case 0x001c: s = "card unsupported"; break; - case 0x001d: s = "no service"; break; - case 0x001e: s = "service stopped"; break; + case 0x0017: s = "reader unavailable"; break; + case 0x0065: s = "unsupported card"; break; + case 0x0066: s = "unresponsive card"; break; + case 0x0067: s = "unpowered card"; break; + case 0x0068: s = "reset card"; break; + case 0x0069: s = "removed card"; break; + case 0x006a: s = "inserted card"; break; + case 0x001f: s = "unsupported feature"; break; + case 0x0019: s = "PCI too small"; break; + case 0x001a: s = "reader unsupported"; break; + case 0x001b: s = "duplicate reader"; break; + case 0x001c: s = "card unsupported"; break; + case 0x001d: s = "no service"; break; + case 0x001e: s = "service stopped"; break; default: s = "unknown PC/SC error code"; break; } return s; @@ -337,16 +337,16 @@ load_pcsc_driver (const char *libname) pcsc_set_timeout = dlsym (handle, "SCardSetTimeout"); if (!pcsc_establish_context - || !pcsc_release_context - || !pcsc_list_readers + || !pcsc_release_context + || !pcsc_list_readers || !pcsc_get_status_change - || !pcsc_connect - || !pcsc_reconnect + || !pcsc_connect + || !pcsc_reconnect || !pcsc_disconnect || !pcsc_status || !pcsc_begin_transaction || !pcsc_end_transaction - || !pcsc_transmit + || !pcsc_transmit /* || !pcsc_set_timeout */) { /* Note that set_timeout is currently not used and also not @@ -355,22 +355,22 @@ load_pcsc_driver (const char *libname) "apdu_open_reader: invalid PC/SC driver " "(%d%d%d%d%d%d%d%d%d%d%d%d)\n", !!pcsc_establish_context, - !!pcsc_release_context, - !!pcsc_list_readers, - !!pcsc_get_status_change, - !!pcsc_connect, - !!pcsc_reconnect, + !!pcsc_release_context, + !!pcsc_list_readers, + !!pcsc_get_status_change, + !!pcsc_connect, + !!pcsc_reconnect, !!pcsc_disconnect, !!pcsc_status, !!pcsc_begin_transaction, !!pcsc_end_transaction, - !!pcsc_transmit, + !!pcsc_transmit, !!pcsc_set_timeout ); dlclose (handle); exit (1); } } - + @@ -409,7 +409,7 @@ handle_open (unsigned char *argbuf, size_t arglen) request_failed (err); return; } - + err = pcsc_list_readers (pcsc_context, NULL, NULL, &nreader); if (!err) { @@ -477,8 +477,8 @@ handle_open (unsigned char *argbuf, size_t arglen) pcsc_protocol = 0; request_failed (err); return; - } - + } + current_atrlen = 0; if (!err) { @@ -658,9 +658,9 @@ handle_reset (unsigned char *argbuf, size_t arglen) pcsc_card = 0; request_failed (err); return; - } + } + - atrlen = 33; nreader = sizeof reader - 1; err = pcsc_status (pcsc_card, @@ -731,7 +731,7 @@ print_version (int with_help) "This is free software, and you are welcome to redistribute it\n" "under certain conditions. See the file COPYING for details.\n", stdout); - + if (with_help) fputs ("\n" "Usage: " PGM " [OPTIONS] API-NUMBER [LIBNAME]\n" @@ -741,7 +741,7 @@ print_version (int with_help) " --version print version of the program and exit\n" " --help display this help and exit\n" BUGREPORT_LINE, stdout ); - + exit (0); } @@ -752,7 +752,7 @@ main (int argc, char **argv) int last_argc = -1; int api_number = 0; int c; - + if (argc) { argc--; argv++; @@ -774,7 +774,7 @@ main (int argc, char **argv) verbose = 1; argc--; argv++; } - } + } if (argc != 1 && argc != 2) { fprintf (stderr, "usage: " PGM " API-NUMBER [LIBNAME]\n"); @@ -795,7 +795,7 @@ main (int argc, char **argv) { size_t arglen; unsigned char argbuffer[2048]; - + arglen = read_32 (stdin); if (arglen >= sizeof argbuffer - 1) { diff --git a/scd/sc-copykeys.c b/scd/sc-copykeys.c index b863b01b3..c30fd99f6 100644 --- a/scd/sc-copykeys.c +++ b/scd/sc-copykeys.c @@ -40,7 +40,7 @@ #define _(a) (a) -enum cmd_and_opt_values +enum cmd_and_opt_values { oVerbose = 'v', oReaderPort = 500, octapiDriver, @@ -51,7 +51,7 @@ aTest }; static ARGPARSE_OPTS opts[] = { - + { 301, NULL, 0, "@Options:\n " }, { oVerbose, "verbose", 0, "verbose" }, @@ -85,7 +85,7 @@ my_strusage (int level) "file-with-key\n" "Copy keys to a smartcards\n"); break; - + default: p = NULL; } return p; @@ -104,7 +104,7 @@ main (int argc, char **argv ) set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); - log_set_prefix ("sc-copykeys", 1); + log_set_prefix ("sc-copykeys", 1); /* check that the libraries are suitable. Do it here because the option parsing may need services of the library */ @@ -179,7 +179,7 @@ read_file (const char *fname, size_t *r_length) struct stat st; char *buf; size_t buflen; - + fp = fname? fopen (fname, "rb") : stdin; if (!fp) { @@ -187,10 +187,10 @@ read_file (const char *fname, size_t *r_length) fname? fname: "[stdin]", strerror (errno)); return NULL; } - + if (fstat (fileno(fp), &st)) { - log_error ("can't stat `%s': %s\n", + log_error ("can't stat `%s': %s\n", fname? fname: "[stdin]", strerror (errno)); if (fname) fclose (fp); @@ -201,7 +201,7 @@ read_file (const char *fname, size_t *r_length) buf = xmalloc (buflen+1); if (fread (buf, buflen, 1, fp) != 1) { - log_error ("error reading `%s': %s\n", + log_error ("error reading `%s': %s\n", fname? fname: "[stdin]", strerror (errno)); if (fname) fclose (fp); @@ -223,7 +223,7 @@ read_key (const char *fname) size_t buflen; gcry_sexp_t private; int rc; - + buf = read_file (fname, &buflen); if (!buf) return NULL; @@ -233,7 +233,7 @@ read_key (const char *fname) { log_error ("gcry_sexp_new failed: %s\n", gpg_strerror (rc)); return NULL; - } + } xfree (buf); return private; @@ -255,7 +255,7 @@ sexp_to_kparms (gcry_sexp_t sexp, unsigned long *created) *created = 0; list = gcry_sexp_find_token (sexp, "private-key", 0 ); if(!list) - return NULL; + return NULL; /* quick hack to get the creation time. */ l2 = gcry_sexp_find_token (list, "created", 0); @@ -281,7 +281,7 @@ sexp_to_kparms (gcry_sexp_t sexp, unsigned long *created) /* Parameter names used with RSA. */ elems = "nedpqu"; array = xcalloc (strlen(elems) + 1, sizeof *array); - for (idx=0, s=elems; *s; s++, idx++ ) + for (idx=0, s=elems; *s; s++, idx++ ) { l2 = gcry_sexp_find_token (list, s, 1); if (!l2) @@ -303,7 +303,7 @@ sexp_to_kparms (gcry_sexp_t sexp, unsigned long *created) return NULL; /* required parameter is invalid */ } } - + gcry_sexp_release (list); return array; } @@ -453,8 +453,8 @@ query_card (APP app) } } - xfree (serialno); - xfree (disp_name); + xfree (serialno); + xfree (disp_name); xfree (pubkey_url); xfree (fpr1); xfree (fpr2); @@ -497,7 +497,7 @@ pincb (void *arg, const char *prompt, char **pinvalue) (q #00f7a7c..[some bytes not shown]..61#) (u #304559a..[some bytes not shown]..9b#)) (uri http://foo.bar x-foo:whatever_you_want)) - + */ static void copykeys (APP app, const char *fname) @@ -520,7 +520,7 @@ copykeys (APP app, const char *fname) private = read_key (fname); if (!private) exit (1); - + mpis = sexp_to_kparms (private, &creation_date); if (!creation_date) { @@ -577,7 +577,7 @@ copykeys (APP app, const char *fname) /* Build the private key template as described in section 4.3.3.6 of the specs. 0xC0 public exponent - 0xC1 prime p + 0xC1 prime p 0xC2 prime q */ template = tp = xmalloc (1+2 + 1+1+4 + 1+1+64 + 1+1+64); *tp++ = 0xC0; @@ -595,7 +595,7 @@ copykeys (APP app, const char *fname) { memmove (tp+4-n, tp, 4-n); memset (tp, 0, 4-n); - } + } tp += 4; *tp++ = 0xC1; @@ -713,5 +713,3 @@ copykeys (APP app, const char *fname) gcry_mpi_release (rsa_n); exit (1); } - - diff --git a/scd/scdaemon.c b/scd/scdaemon.c index da1d7f478..57023958a 100644 --- a/scd/scdaemon.c +++ b/scd/scdaemon.c @@ -1,5 +1,5 @@ /* scdaemon.c - The GnuPG Smartcard Daemon - * Copyright (C) 2001, 2002, 2004, 2005, + * Copyright (C) 2001, 2002, 2004, 2005, * 2007, 2008, 2009 Free Software Foundation, Inc. * * This file is part of GnuPG. @@ -54,13 +54,13 @@ #include "gc-opt-flags.h" #include "asshelp.h" -enum cmd_and_opt_values +enum cmd_and_opt_values { aNull = 0, oCsh = 'c', oQuiet = 'q', oSh = 's', oVerbose = 'v', - + oNoVerbose = 500, aGPGConfList, aGPGConfTest, @@ -100,11 +100,11 @@ enum cmd_and_opt_values static ARGPARSE_OPTS opts[] = { ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"), ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"), - + ARGPARSE_group (301, N_("@Options:\n ")), ARGPARSE_s_n (oServer,"server", N_("run in server mode (foreground)")), - ARGPARSE_s_n (oMultiServer, "multi-server", + ARGPARSE_s_n (oMultiServer, "multi-server", N_("run in multi server mode (foreground)")), ARGPARSE_s_n (oDaemon, "daemon", N_("run in daemon mode (background)")), ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")), @@ -123,11 +123,11 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oDebugLogTid, "debug-log-tid", "@"), ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")), ARGPARSE_s_s (oLogFile, "log-file", N_("|FILE|write a log to FILE")), - ARGPARSE_s_s (oReaderPort, "reader-port", + ARGPARSE_s_s (oReaderPort, "reader-port", N_("|N|connect to reader at port N")), - ARGPARSE_s_s (octapiDriver, "ctapi-driver", + ARGPARSE_s_s (octapiDriver, "ctapi-driver", N_("|NAME|use NAME as ct-API driver")), - ARGPARSE_s_s (opcscDriver, "pcsc-driver", + ARGPARSE_s_s (opcscDriver, "pcsc-driver", N_("|NAME|use NAME as PC/SC driver")), ARGPARSE_s_n (oDisableCCID, "disable-ccid", #ifdef HAVE_LIBUSB @@ -136,15 +136,15 @@ static ARGPARSE_OPTS opts[] = { "@" #endif /* end --disable-ccid */), - ARGPARSE_s_u (oCardTimeout, "card-timeout", + ARGPARSE_s_u (oCardTimeout, "card-timeout", N_("|N|disconnect the card after N seconds of inactivity")), - ARGPARSE_s_n (oDisableKeypad, "disable-keypad", + ARGPARSE_s_n (oDisableKeypad, "disable-keypad", N_("do not use a reader's keypad")), ARGPARSE_s_n (oAllowAdmin, "allow-admin", "@"), - ARGPARSE_s_n (oDenyAdmin, "deny-admin", + ARGPARSE_s_n (oDenyAdmin, "deny-admin", N_("deny the use of admin card commands")), ARGPARSE_s_s (oDisableApplication, "disable-application", "@"), - + ARGPARSE_end () }; @@ -219,7 +219,7 @@ make_libversion (const char *libname, const char *(*getfnc)(const char*)) { const char *s; char *result; - + if (maybe_setuid) { gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */ @@ -262,7 +262,7 @@ my_strusage (int level) case 41: p = _("Syntax: scdaemon [options] [command [args]]\n" "Smartcard daemon for GnuPG\n"); break; - + default: p = NULL; } return p; @@ -311,7 +311,7 @@ set_debug (const char *level) /* Unless the "guru" string has been used we don't want to allow hashing debugging. The rationale is that people tend to select the highest debug value and would then clutter their - disk with debug files which may reveal confidential data. */ + disk with debug files which may reveal confidential data. */ if (numok) opt.debug &= ~(DBG_HASHING_VALUE); } @@ -335,17 +335,17 @@ set_debug (const char *level) if (opt.debug) log_info ("enabled debug flags:%s%s%s%s%s%s%s%s%s\n", - (opt.debug & DBG_COMMAND_VALUE)? " command":"", - (opt.debug & DBG_MPI_VALUE )? " mpi":"", - (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"", - (opt.debug & DBG_MEMORY_VALUE )? " memory":"", - (opt.debug & DBG_CACHE_VALUE )? " cache":"", - (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"", - (opt.debug & DBG_HASHING_VALUE)? " hashing":"", + (opt.debug & DBG_COMMAND_VALUE)? " command":"", + (opt.debug & DBG_MPI_VALUE )? " mpi":"", + (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"", + (opt.debug & DBG_MEMORY_VALUE )? " memory":"", + (opt.debug & DBG_CACHE_VALUE )? " cache":"", + (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"", + (opt.debug & DBG_HASHING_VALUE)? " hashing":"", (opt.debug & DBG_ASSUAN_VALUE )? " assuan":"", (opt.debug & DBG_CARD_IO_VALUE)? " cardio":""); } - + static void @@ -397,13 +397,13 @@ main (int argc, char **argv ) int allow_coredump = 0; int standard_socket = 0; struct assuan_malloc_hooks malloc_hooks; - + set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); /* Please note that we may running SUID(ROOT), so be very CAREFUL when adding any stuff between here and the call to INIT_SECMEM() somewhere after the option parsing */ - log_set_prefix ("scdaemon", 1|4); + log_set_prefix ("scdaemon", 1|4); /* Make sure that our subsystems are ready. */ i18n_init (); @@ -446,7 +446,7 @@ main (int argc, char **argv ) /* Set default options. */ opt.allow_admin = 1; - opt.pcsc_driver = DEFAULT_PCSC_DRIVER; + opt.pcsc_driver = DEFAULT_PCSC_DRIVER; #ifdef HAVE_W32_SYSTEM standard_socket = 1; /* Under Windows we always use a standard @@ -457,7 +457,7 @@ main (int argc, char **argv ) shell = getenv ("SHELL"); if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") ) csh_style = 1; - + opt.homedir = default_homedir (); /* Check whether we have a config file on the commandline */ @@ -486,15 +486,15 @@ main (int argc, char **argv ) gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); maybe_setuid = 0; - /* - Now we are working under our real uid + /* + Now we are working under our real uid */ if (default_config) configname = make_filename (opt.homedir, "scdaemon.conf", NULL ); - + argc = orig_argc; argv = orig_argv; pargs.argc = &argc; @@ -519,7 +519,7 @@ main (int argc, char **argv ) configname, strerror(errno) ); exit(2); } - xfree (configname); + xfree (configname); configname = NULL; } if (parse_debug && configname ) @@ -545,13 +545,13 @@ main (int argc, char **argv ) enable_core_dumps (); allow_coredump = 1; break; - case oDebugCCIDDriver: + case oDebugCCIDDriver: #ifdef HAVE_LIBUSB ccid_set_debug_level (ccid_set_debug_level (-1)+1); #endif /*HAVE_LIBUSB*/ break; case oDebugDisableTicker: ticker_disabled = 1; break; - case oDebugLogTid: + case oDebugLogTid: log_set_pid_suffix_cb (tid_log_callback); break; @@ -587,15 +587,15 @@ main (int argc, char **argv ) case oAllowAdmin: /* Dummy because allow is now the default. */ break; case oDenyAdmin: opt.allow_admin = 0; break; - + case oCardTimeout: opt.card_timeout = pargs.r.ret_ulong; break; case oDisableApplication: - add_to_strlist (&opt.disabled_applications, pargs.r.ret_str); + add_to_strlist (&opt.disabled_applications, pargs.r.ret_str); break; - default: - pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR; + default: + pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR; break; } } @@ -625,7 +625,7 @@ main (int argc, char **argv ) log_info ("NOTE: this is a development version!\n"); #endif - + if (atexit (cleanup)) { log_error ("atexit failed\n"); @@ -693,9 +693,9 @@ main (int argc, char **argv ) gnupg_sleep (debug_wait); log_debug ("... okay\n"); } - + if (pipe_server) - { + { /* This is the simple pipe based server */ ctrl_t ctrl; pth_attr_t tattr; @@ -704,7 +704,7 @@ main (int argc, char **argv ) #ifndef HAVE_W32_SYSTEM { struct sigaction sa; - + sa.sa_handler = SIG_IGN; sigemptyset (&sa.sa_mask); sa.sa_flags = 0; @@ -732,7 +732,7 @@ main (int argc, char **argv ) socket_name = create_socket_name (standard_socket, "S.scdaemon", "gpg-XXXXXX/S.scdaemon"); - + fd = FD2INT(create_server_socket (standard_socket, socket_name, &socket_nonce)); } @@ -789,17 +789,17 @@ main (int argc, char **argv ) fflush (NULL); #ifndef HAVE_W32_SYSTEM pid = fork (); - if (pid == (pid_t)-1) + if (pid == (pid_t)-1) { log_fatal ("fork failed: %s\n", strerror (errno) ); exit (1); } - else if (pid) + else if (pid) { /* we are the parent */ char *infostr; - + close (fd); - + /* create the info string: :: */ if (estream_asprintf (&infostr, "SCDAEMON_INFO=%s:%lu:1", socket_name, (ulong) pid) < 0) @@ -810,7 +810,7 @@ main (int argc, char **argv ) } *socket_name = 0; /* don't let cleanup() remove the socket - the child should do this from now on */ - if (argc) + if (argc) { /* run the program given on the commandline */ if (putenv (infostr)) { @@ -838,18 +838,18 @@ main (int argc, char **argv ) es_printf ( "%s; export SCDAEMON_INFO;\n", infostr); } xfree (infostr); - exit (0); + exit (0); } /* NOTREACHED */ } /* end parent */ - + /* This is the child. */ /* Detach from tty and put process into a new session. */ if (!nodetach ) - { + { /* Close stdin, stdout and stderr unless it is the log stream. */ - for (i=0; i <= 2; i++) + for (i=0; i <= 2; i++) { if ( log_test_fd (i) && i != fd) close (i); @@ -864,7 +864,7 @@ main (int argc, char **argv ) { struct sigaction sa; - + sa.sa_handler = SIG_IGN; sigemptyset (&sa.sa_mask); sa.sa_flags = 0; @@ -883,7 +883,7 @@ main (int argc, char **argv ) close (fd); } - + return 0; } @@ -950,7 +950,7 @@ handle_signal (int signo) "re-reading configuration and resetting cards\n"); /* reread_configuration (); */ break; - + case SIGUSR1: log_info ("SIGUSR1 received - printing internal information:\n"); /* Fixme: We need to see how to integrate pth dumping into our @@ -978,7 +978,7 @@ handle_signal (int signo) scd_exit (0); } break; - + case SIGINT: log_info ("SIGINT received - immediate shutdown\n"); log_info( "%s %s stopped\n", strusage(11), strusage(13)); @@ -1075,7 +1075,7 @@ create_server_socket (int is_standard_name, const char *name, scd_exit (2); } - serv_addr = xmalloc (sizeof (*serv_addr)); + serv_addr = xmalloc (sizeof (*serv_addr)); memset (serv_addr, 0, sizeof *serv_addr); serv_addr->sun_family = AF_UNIX; assert (strlen (name) + 1 < sizeof (serv_addr->sun_path)); @@ -1088,7 +1088,7 @@ create_server_socket (int is_standard_name, const char *name, remove (name); rc = assuan_sock_bind (fd, (struct sockaddr*) serv_addr, len); } - if (rc != -1 + if (rc != -1 && (rc=assuan_sock_get_nonce ((struct sockaddr*)serv_addr, len, nonce))) log_error (_("error getting nonce for the socket\n")); if (rc == -1) @@ -1107,7 +1107,7 @@ create_server_socket (int is_standard_name, const char *name, assuan_sock_close (fd); scd_exit (2); } - + if (opt.verbose) log_info (_("listening on socket `%s'\n"), serv_addr->sun_path); @@ -1125,7 +1125,7 @@ start_connection_thread (void *arg) if (ctrl->thread_startup.fd != GNUPG_INVALID_FD && assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce)) { - log_info (_("error reading nonce on fd %d: %s\n"), + log_info (_("error reading nonce on fd %d: %s\n"), FD2INT(ctrl->thread_startup.fd), strerror (errno)); assuan_sock_close (ctrl->thread_startup.fd); xfree (ctrl); @@ -1203,7 +1203,7 @@ handle_connections (int listen_fd) for (;;) { sigset_t oldsigs; - + if (shutdown_pending) { if (pth_ctrl (PTH_CTRL_GETTHREADS) == 1) @@ -1331,5 +1331,3 @@ handle_connections (int listen_fd) cleanup (); log_info (_("%s %s stopped\n"), strusage(11), strusage(13)); } - - diff --git a/scd/scdaemon.h b/scd/scdaemon.h index c42939643..0cf2f249d 100644 --- a/scd/scdaemon.h +++ b/scd/scdaemon.h @@ -72,7 +72,7 @@ struct #define DBG_CACHE_VALUE 64 /* debug the caching */ #define DBG_MEMSTAT_VALUE 128 /* show memory statistics */ #define DBG_HASHING_VALUE 512 /* debug hashing operations */ -#define DBG_ASSUAN_VALUE 1024 +#define DBG_ASSUAN_VALUE 1024 #define DBG_CARD_IO_VALUE 2048 #define DBG_COMMAND (opt.debug & DBG_COMMAND_VALUE) @@ -86,19 +86,19 @@ struct struct server_local_s; struct app_ctx_s; -struct server_control_s +struct server_control_s { /* Private data used to fire up the connection thread. We use this structure do avoid an extra allocation for just a few bytes. */ struct { gnupg_fd_t fd; } thread_startup; - + /* Local data of the server; used only in command.c. */ struct server_local_s *server_local; /* Slot of the open reader or -1 if not open. */ - int reader_slot; + int reader_slot; /* The application context used with this connection or NULL if none associated. Note that this is shared with the other connections: @@ -107,11 +107,11 @@ struct server_control_s struct app_ctx_s *app_ctx; /* Helper to store the value we are going to sign */ - struct + struct { - unsigned char *value; + unsigned char *value; int valuelen; - } in_data; + } in_data; }; typedef struct app_ctx_s *app_t; -- cgit v1.2.3