2003-08-05 19:11:04 +02:00
|
|
|
|
/* app.c - Application selection.
|
2016-12-28 04:29:17 +01:00
|
|
|
|
* Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*
|
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
|
*
|
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 21:49:40 +02:00
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-08-05 19:11:04 +02:00
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
|
*
|
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
|
*
|
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
#include <string.h>
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
#include <npth.h>
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
#include "scdaemon.h"
|
2017-03-07 12:21:23 +01:00
|
|
|
|
#include "../common/exechelp.h"
|
2003-08-05 19:11:04 +02:00
|
|
|
|
#include "app-common.h"
|
|
|
|
|
|
#include "iso7816.h"
|
SCD: API cleanup for keypad handling.
* scd/iso7816.h (struct pininfo_s): Rename from iso7816_pininfo_s.
Change meaning of MODE.
(pininfo_t): Rename from iso7816_pininfo_t.
* scd/sc-copykeys.c: Include "iso7816.h".
* scd/scdaemon.c, scd/command.c: Likewise.
* scd/ccid-driver.c: Include "scdaemon.h" and "iso7816.h".
(ccid_transceive_secure): Follow the change of PININFO_T.
* scd/app.c: Include "apdu.h" after "iso7816.h".
* scd/iso7816.c (iso7816_check_keypad, iso7816_verify_kp)
(iso7816_change_reference_data_kp): Follow the change of API.
* scd/apdu.c (struct reader_table_s): Change API of CHECK_KEYPAD,
KEYPAD_VERIFY, KEYPAD_MODIFY to have arg of PININFO_T.
(check_pcsc_keypad, check_ccid_keypad): Likewise.
(apdu_check_keypad, apdu_keypad_verify, apdu_keypad_modify): Likewise.
(pcsc_keypad_verify, pcsc_keypad_modify, ct_send_apdu)
(pcsc_send_apdu_direct, pcsc_send_apdu_wrapped, pcsc_send_apdu)
(send_apdu_ccid, ccid_keypad_operation, my_rapdu_send_apdu, send_apdu)
(send_le): Follow the change of API.
* scd/apdu.h (apdu_check_keypad, apdu_keypad_verify)
(apdu_keypad_modify): Change the API.
* scd/app-dinsig.c, scd/app-nks.c, scd/app-openpgp.c: Follow the
change.
2013-01-09 06:10:08 +01:00
|
|
|
|
#include "apdu.h"
|
2017-03-07 12:21:23 +01:00
|
|
|
|
#include "../common/tlv.h"
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
static npth_mutex_t app_list_lock;
|
|
|
|
|
|
static app_t app_top;
|
2019-03-22 09:44:04 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The list of application names and there select function. Of no
|
|
|
|
|
|
* specfic application is selected the first available application on
|
|
|
|
|
|
* a card is selected. */
|
|
|
|
|
|
struct app_priority_list_s
|
|
|
|
|
|
{
|
|
|
|
|
|
char const *name;
|
|
|
|
|
|
gpg_error_t (*select_func)(app_t);
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static struct app_priority_list_s app_priority_list[] =
|
|
|
|
|
|
{{ "openpgp", app_select_openpgp },
|
|
|
|
|
|
{ "piv", app_select_piv },
|
|
|
|
|
|
{ "nks", app_select_nks },
|
|
|
|
|
|
{ "p15", app_select_p15 },
|
|
|
|
|
|
{ "geldkarte", app_select_geldkarte },
|
|
|
|
|
|
{ "dinsig", app_select_dinsig },
|
|
|
|
|
|
{ "sc-hsm", app_select_sc_hsm },
|
|
|
|
|
|
{ NULL, NULL }
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2006-02-09 19:29:31 +01:00
|
|
|
|
�
|
2019-03-28 17:05:20 +01:00
|
|
|
|
/* Initialization function to change the default app_priority_list.
|
|
|
|
|
|
* LIST is a list of comma or space separated strings with application
|
|
|
|
|
|
* names. Unknown names will only result in warning message.
|
|
|
|
|
|
* Application not mentioned in LIST are used in their original order
|
|
|
|
|
|
* after the given once. */
|
|
|
|
|
|
void
|
|
|
|
|
|
app_update_priority_list (const char *arg)
|
|
|
|
|
|
{
|
|
|
|
|
|
struct app_priority_list_s save;
|
|
|
|
|
|
char **names;
|
|
|
|
|
|
int i, j, idx;
|
|
|
|
|
|
|
|
|
|
|
|
names = strtokenize (arg, ", ");
|
|
|
|
|
|
if (!names)
|
|
|
|
|
|
log_fatal ("strtokenize failed: %s\n",
|
|
|
|
|
|
gpg_strerror (gpg_error_from_syserror ()));
|
|
|
|
|
|
|
|
|
|
|
|
idx = 0;
|
|
|
|
|
|
for (i=0; names[i]; i++)
|
|
|
|
|
|
{
|
|
|
|
|
|
ascii_strlwr (names[i]);
|
|
|
|
|
|
for (j=0; j < i; j++)
|
|
|
|
|
|
if (!strcmp (names[j], names[i]))
|
|
|
|
|
|
break;
|
|
|
|
|
|
if (j < i)
|
|
|
|
|
|
{
|
|
|
|
|
|
log_info ("warning: duplicate application '%s' in priority list\n",
|
|
|
|
|
|
names[i]);
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
for (j=idx; app_priority_list[j].name; j++)
|
|
|
|
|
|
if (!strcmp (names[i], app_priority_list[j].name))
|
|
|
|
|
|
break;
|
|
|
|
|
|
if (!app_priority_list[j].name)
|
|
|
|
|
|
{
|
|
|
|
|
|
log_info ("warning: unknown application '%s' in priority list\n",
|
|
|
|
|
|
names[i]);
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
save = app_priority_list[idx];
|
|
|
|
|
|
app_priority_list[idx] = app_priority_list[j];
|
|
|
|
|
|
app_priority_list[j] = save;
|
|
|
|
|
|
idx++;
|
|
|
|
|
|
}
|
|
|
|
|
|
log_assert (idx < DIM (app_priority_list));
|
|
|
|
|
|
|
|
|
|
|
|
xfree (names);
|
|
|
|
|
|
for (i=0; app_priority_list[i].name; i++)
|
|
|
|
|
|
log_info ("app priority %d: %s\n", i, app_priority_list[i].name);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2009-07-13 11:59:22 +02:00
|
|
|
|
static void
|
|
|
|
|
|
print_progress_line (void *opaque, const char *what, int pc, int cur, int tot)
|
|
|
|
|
|
{
|
|
|
|
|
|
ctrl_t ctrl = opaque;
|
|
|
|
|
|
char line[100];
|
|
|
|
|
|
|
|
|
|
|
|
if (ctrl)
|
|
|
|
|
|
{
|
|
|
|
|
|
snprintf (line, sizeof line, "%s %c %d %d", what, pc, cur, tot);
|
|
|
|
|
|
send_status_direct (ctrl, "PROGRESS", line);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2005-06-03 15:57:24 +02:00
|
|
|
|
/* Lock the reader SLOT. This function shall be used right before
|
|
|
|
|
|
calling any of the actual application functions to serialize access
|
|
|
|
|
|
to the reader. We do this always even if the reader is not
|
|
|
|
|
|
actually used. This allows an actual connection to assume that it
|
|
|
|
|
|
never shares a reader (while performing one command). Returns 0 on
|
|
|
|
|
|
success; only then the unlock_reader function must be called after
|
|
|
|
|
|
returning from the handler. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
static gpg_error_t
|
2016-12-28 04:29:17 +01:00
|
|
|
|
lock_app (app_t app, ctrl_t ctrl)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
{
|
2016-12-29 02:07:43 +01:00
|
|
|
|
if (npth_mutex_lock (&app->lock))
|
2005-05-18 12:48:06 +02:00
|
|
|
|
{
|
2016-12-29 02:07:43 +01:00
|
|
|
|
gpg_error_t err = gpg_error_from_syserror ();
|
2016-12-28 04:29:17 +01:00
|
|
|
|
log_error ("failed to acquire APP lock for %p: %s\n",
|
2016-12-29 02:07:43 +01:00
|
|
|
|
app, gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2005-05-18 12:48:06 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
apdu_set_progress_cb (app->slot, print_progress_line, ctrl);
|
2018-10-11 08:41:49 +02:00
|
|
|
|
apdu_set_prompt_cb (app->slot, popup_prompt, ctrl);
|
2009-07-13 11:59:22 +02:00
|
|
|
|
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Release a lock on the reader. See lock_reader(). */
|
|
|
|
|
|
static void
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app_t app)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
{
|
2016-12-28 04:29:17 +01:00
|
|
|
|
apdu_set_progress_cb (app->slot, NULL, NULL);
|
2018-10-11 08:41:49 +02:00
|
|
|
|
apdu_set_prompt_cb (app->slot, NULL, NULL);
|
2009-07-13 11:59:22 +02:00
|
|
|
|
|
2016-12-29 02:07:43 +01:00
|
|
|
|
if (npth_mutex_unlock (&app->lock))
|
|
|
|
|
|
{
|
|
|
|
|
|
gpg_error_t err = gpg_error_from_syserror ();
|
|
|
|
|
|
log_error ("failed to release APP lock for %p: %s\n",
|
|
|
|
|
|
app, gpg_strerror (err));
|
|
|
|
|
|
}
|
2005-06-03 15:57:24 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* This function may be called to print information pertaining to the
|
|
|
|
|
|
current state of this module to the log. */
|
|
|
|
|
|
void
|
|
|
|
|
|
app_dump_state (void)
|
|
|
|
|
|
{
|
2016-12-28 04:29:17 +01:00
|
|
|
|
app_t a;
|
2005-06-03 15:57:24 +02:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
npth_mutex_lock (&app_list_lock);
|
|
|
|
|
|
for (a = app_top; a; a = a->next)
|
|
|
|
|
|
log_info ("app_dump_state: app=%p type='%s'\n", a, a->apptype);
|
|
|
|
|
|
npth_mutex_unlock (&app_list_lock);
|
2005-06-03 15:57:24 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-28 03:06:33 +02:00
|
|
|
|
/* Check whether the application NAME is allowed. This does not mean
|
2004-08-05 11:24:36 +02:00
|
|
|
|
we have support for it though. */
|
|
|
|
|
|
static int
|
|
|
|
|
|
is_app_allowed (const char *name)
|
|
|
|
|
|
{
|
|
|
|
|
|
strlist_t l;
|
|
|
|
|
|
|
|
|
|
|
|
for (l=opt.disabled_applications; l; l = l->next)
|
|
|
|
|
|
if (!strcmp (l->d, name))
|
|
|
|
|
|
return 0; /* no */
|
|
|
|
|
|
return 1; /* yes */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2004-09-09 09:28:47 +02:00
|
|
|
|
|
2015-12-04 06:13:23 +01:00
|
|
|
|
static gpg_error_t
|
2016-12-28 04:29:17 +01:00
|
|
|
|
check_conflict (app_t app, const char *name)
|
2015-12-04 06:13:23 +01:00
|
|
|
|
{
|
|
|
|
|
|
if (!app || !name || (app->apptype && !ascii_strcasecmp (app->apptype, name)))
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
2019-02-21 08:40:59 +01:00
|
|
|
|
if (app->apptype && !strcmp (app->apptype, "UNDEFINED"))
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
log_info ("application '%s' in use - can't switch\n",
|
|
|
|
|
|
app->apptype? app->apptype : "<null>");
|
|
|
|
|
|
|
|
|
|
|
|
return gpg_error (GPG_ERR_CONFLICT);
|
2006-02-09 19:29:31 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
2008-11-03 11:54:18 +01:00
|
|
|
|
/* This function is used by the serialno command to check for an
|
2006-02-09 19:29:31 +01:00
|
|
|
|
application conflict which may appear if the serialno command is
|
|
|
|
|
|
used to request a specific application and the connection has
|
|
|
|
|
|
already done a select_application. */
|
|
|
|
|
|
gpg_error_t
|
2016-12-28 04:29:17 +01:00
|
|
|
|
check_application_conflict (const char *name, app_t app)
|
2006-02-09 19:29:31 +01:00
|
|
|
|
{
|
2016-12-28 04:29:17 +01:00
|
|
|
|
return check_conflict (app, name);
|
|
|
|
|
|
}
|
2011-12-13 16:55:42 +01:00
|
|
|
|
|
2006-02-09 19:29:31 +01:00
|
|
|
|
|
2005-02-24 18:36:11 +01:00
|
|
|
|
gpg_error_t
|
2016-12-28 04:29:17 +01:00
|
|
|
|
app_reset (app_t app, ctrl_t ctrl, int send_reset)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2017-02-16 03:49:37 +01:00
|
|
|
|
gpg_error_t err = 0;
|
2008-10-20 15:53:23 +02:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
if (send_reset)
|
2006-02-09 19:29:31 +01:00
|
|
|
|
{
|
2017-02-17 03:50:40 +01:00
|
|
|
|
int sw;
|
|
|
|
|
|
|
|
|
|
|
|
lock_app (app, ctrl);
|
|
|
|
|
|
sw = apdu_reset (app->slot);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
if (sw)
|
|
|
|
|
|
err = gpg_error (GPG_ERR_CARD_RESET);
|
2015-12-04 06:13:23 +01:00
|
|
|
|
|
2017-02-17 03:50:40 +01:00
|
|
|
|
app->reset_requested = 1;
|
|
|
|
|
|
unlock_app (app);
|
|
|
|
|
|
|
2017-02-15 10:23:01 +01:00
|
|
|
|
scd_kick_the_loop ();
|
|
|
|
|
|
gnupg_sleep (1);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
|
|
|
|
|
else
|
2005-06-03 15:57:24 +02:00
|
|
|
|
{
|
2016-12-28 04:29:17 +01:00
|
|
|
|
ctrl->app_ctx = NULL;
|
2017-02-17 03:50:40 +01:00
|
|
|
|
release_application (app, 0);
|
2005-06-03 15:57:24 +02:00
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
return err;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static gpg_error_t
|
2017-01-27 10:01:52 +01:00
|
|
|
|
app_new_register (int slot, ctrl_t ctrl, const char *name,
|
2017-01-27 16:18:11 +01:00
|
|
|
|
int periodical_check_needed)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
|
|
|
|
|
gpg_error_t err = 0;
|
|
|
|
|
|
app_t app = NULL;
|
|
|
|
|
|
unsigned char *result = NULL;
|
|
|
|
|
|
size_t resultlen;
|
|
|
|
|
|
int want_undefined;
|
2019-03-22 09:44:04 +01:00
|
|
|
|
int i;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
2006-02-09 19:29:31 +01:00
|
|
|
|
/* Need to allocate a new one. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
app = xtrycalloc (1, sizeof *app);
|
|
|
|
|
|
if (!app)
|
|
|
|
|
|
{
|
2006-09-14 18:50:33 +02:00
|
|
|
|
err = gpg_error_from_syserror ();
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("error allocating context: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
app->slot = slot;
|
2017-01-26 14:02:41 +01:00
|
|
|
|
app->card_status = (unsigned int)-1;
|
2016-12-29 02:07:43 +01:00
|
|
|
|
|
|
|
|
|
|
if (npth_mutex_init (&app->lock, NULL))
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
|
|
|
|
|
err = gpg_error_from_syserror ();
|
2016-12-29 02:07:43 +01:00
|
|
|
|
log_error ("error initializing mutex: %s\n", gpg_strerror (err));
|
2016-12-28 04:29:17 +01:00
|
|
|
|
xfree (app);
|
|
|
|
|
|
return err;
|
|
|
|
|
|
}
|
2004-01-27 17:40:42 +01:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
|
|
|
|
|
if (err)
|
|
|
|
|
|
{
|
|
|
|
|
|
xfree (app);
|
|
|
|
|
|
return err;
|
|
|
|
|
|
}
|
2005-05-18 12:48:06 +02:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
want_undefined = (name && !strcmp (name, "undefined"));
|
2004-01-27 17:40:42 +01:00
|
|
|
|
|
2011-12-14 18:56:10 +01:00
|
|
|
|
/* Try to read the GDO file first to get a default serial number.
|
|
|
|
|
|
We skip this if the undefined application has been requested. */
|
|
|
|
|
|
if (!want_undefined)
|
2004-01-27 17:40:42 +01:00
|
|
|
|
{
|
2017-03-06 05:39:46 +01:00
|
|
|
|
err = iso7816_select_file (slot, 0x3F00, 1);
|
2019-01-20 11:45:57 +01:00
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_CARD)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* Might be SW==0x7D00. Let's test whether it is a Yubikey
|
|
|
|
|
|
* by selecting its manager application and then reading the
|
|
|
|
|
|
* config. */
|
|
|
|
|
|
static char const yk_aid[] =
|
|
|
|
|
|
{ 0xA0, 0x00, 0x00, 0x05, 0x27, 0x47, 0x11, 0x17 }; /*MGR*/
|
2019-03-27 17:34:50 +01:00
|
|
|
|
static char const otp_aid[] =
|
|
|
|
|
|
{ 0xA0, 0x00, 0x00, 0x05, 0x27, 0x20, 0x01 }; /*OTP*/
|
2019-01-20 11:45:57 +01:00
|
|
|
|
unsigned char *buf;
|
|
|
|
|
|
size_t buflen;
|
2019-03-27 17:34:50 +01:00
|
|
|
|
const unsigned char *s0;
|
|
|
|
|
|
unsigned char formfactor;
|
2019-01-20 11:45:57 +01:00
|
|
|
|
size_t n;
|
|
|
|
|
|
|
|
|
|
|
|
if (!iso7816_select_application (slot, yk_aid, sizeof yk_aid,
|
|
|
|
|
|
0x0001)
|
|
|
|
|
|
&& !iso7816_apdu_direct (slot, "\x00\x1d\x00\x00\x00", 5, 0,
|
|
|
|
|
|
NULL, &buf, &buflen))
|
|
|
|
|
|
{
|
2019-01-29 13:28:10 +01:00
|
|
|
|
app->cardtype = "yubikey";
|
2019-01-20 11:45:57 +01:00
|
|
|
|
if (opt.verbose)
|
|
|
|
|
|
{
|
|
|
|
|
|
log_info ("Yubico: config=");
|
|
|
|
|
|
log_printhex (buf, buflen, "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* We skip the first byte which seems to be the total
|
|
|
|
|
|
* length of the config data. */
|
|
|
|
|
|
if (buflen > 1)
|
|
|
|
|
|
{
|
|
|
|
|
|
s0 = find_tlv (buf+1, buflen-1, 0x04, &n); /* Form factor */
|
2019-03-27 17:34:50 +01:00
|
|
|
|
formfactor = (s0 && n == 1)? *s0 : 0;
|
|
|
|
|
|
|
|
|
|
|
|
s0 = find_tlv (buf+1, buflen-1, 0x02, &n); /* Serial */
|
|
|
|
|
|
if (s0 && n >= 4)
|
2019-01-20 11:45:57 +01:00
|
|
|
|
{
|
2019-03-27 17:34:50 +01:00
|
|
|
|
app->serialno = xtrymalloc (3 + 1 + n);
|
|
|
|
|
|
if (app->serialno)
|
2019-01-20 11:45:57 +01:00
|
|
|
|
{
|
2019-03-27 17:34:50 +01:00
|
|
|
|
app->serialnolen = 3 + 1 + n;
|
|
|
|
|
|
app->serialno[0] = 0xff;
|
|
|
|
|
|
app->serialno[1] = 0x02;
|
|
|
|
|
|
app->serialno[2] = 0x0;
|
|
|
|
|
|
app->serialno[3] = formfactor;
|
|
|
|
|
|
memcpy (app->serialno + 4, s0, n);
|
|
|
|
|
|
/* Note that we do not clear the error
|
|
|
|
|
|
* so that no further serial number
|
|
|
|
|
|
* testing is done. After all we just
|
|
|
|
|
|
* set the serial number. */
|
2019-01-20 11:45:57 +01:00
|
|
|
|
}
|
2019-03-27 17:34:50 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
s0 = find_tlv (buf+1, buflen-1, 0x05, &n); /* version */
|
|
|
|
|
|
if (s0 && n == 3)
|
|
|
|
|
|
app->cardversion = ((s0[0]<<16)|(s0[1]<<8)|s0[2]);
|
|
|
|
|
|
else if (!s0)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* No version - this is not a Yubikey 5. We now
|
|
|
|
|
|
* switch to the OTP app and take the first
|
|
|
|
|
|
* three bytes of the reponse as version
|
|
|
|
|
|
* number. */
|
|
|
|
|
|
xfree (buf);
|
|
|
|
|
|
buf = NULL;
|
|
|
|
|
|
if (!iso7816_select_application_ext (slot,
|
|
|
|
|
|
otp_aid, sizeof otp_aid,
|
|
|
|
|
|
1, &buf, &buflen)
|
|
|
|
|
|
&& buflen > 3)
|
|
|
|
|
|
app->cardversion = ((buf[0]<<16)|(buf[1]<<8)|buf[2]);
|
2019-01-20 11:45:57 +01:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
xfree (buf);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2011-12-14 18:56:10 +01:00
|
|
|
|
if (!err)
|
2017-03-06 05:39:46 +01:00
|
|
|
|
err = iso7816_select_file (slot, 0x2F02, 0);
|
2011-12-14 18:56:10 +01:00
|
|
|
|
if (!err)
|
|
|
|
|
|
err = iso7816_read_binary (slot, 0, 0, &result, &resultlen);
|
|
|
|
|
|
if (!err)
|
2004-01-27 17:40:42 +01:00
|
|
|
|
{
|
2011-12-14 18:56:10 +01:00
|
|
|
|
size_t n;
|
|
|
|
|
|
const unsigned char *p;
|
|
|
|
|
|
|
|
|
|
|
|
p = find_tlv_unchecked (result, resultlen, 0x5A, &n);
|
|
|
|
|
|
if (p)
|
|
|
|
|
|
resultlen -= (p-result);
|
|
|
|
|
|
if (p && n > resultlen && n == 0x0d && resultlen+1 == n)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* The object it does not fit into the buffer. This is an
|
|
|
|
|
|
invalid encoding (or the buffer is too short. However, I
|
|
|
|
|
|
have some test cards with such an invalid encoding and
|
|
|
|
|
|
therefore I use this ugly workaround to return something
|
|
|
|
|
|
I can further experiment with. */
|
|
|
|
|
|
log_info ("enabling BMI testcard workaround\n");
|
|
|
|
|
|
n--;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (p && n <= resultlen)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* The GDO file is pretty short, thus we simply reuse it for
|
|
|
|
|
|
storing the serial number. */
|
|
|
|
|
|
memmove (result, p, n);
|
|
|
|
|
|
app->serialno = result;
|
|
|
|
|
|
app->serialnolen = n;
|
|
|
|
|
|
err = app_munge_serialno (app);
|
|
|
|
|
|
if (err)
|
|
|
|
|
|
goto leave;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
xfree (result);
|
|
|
|
|
|
result = NULL;
|
2004-01-27 17:40:42 +01:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2005-02-24 18:36:11 +01:00
|
|
|
|
/* Figure out the application to use. */
|
2011-12-14 18:56:10 +01:00
|
|
|
|
if (want_undefined)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* We switch to the "undefined" application only if explicitly
|
|
|
|
|
|
requested. */
|
|
|
|
|
|
app->apptype = "UNDEFINED";
|
2019-01-25 19:12:32 +01:00
|
|
|
|
/* Clear the error so that we don't run through the application
|
|
|
|
|
|
* selection chain. */
|
2011-12-14 18:56:10 +01:00
|
|
|
|
err = 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
2019-01-25 19:12:32 +01:00
|
|
|
|
{
|
|
|
|
|
|
/* For certain error codes, there is no need to try more. */
|
|
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_CARD_NOT_PRESENT
|
|
|
|
|
|
|| gpg_err_code (err) == GPG_ERR_ENODEV)
|
|
|
|
|
|
goto leave;
|
|
|
|
|
|
|
|
|
|
|
|
/* Set a default error so that we run through the application
|
2019-03-22 09:44:04 +01:00
|
|
|
|
* selection chain. */
|
2019-01-25 19:12:32 +01:00
|
|
|
|
err = gpg_error (GPG_ERR_NOT_FOUND);
|
|
|
|
|
|
}
|
2005-05-18 12:48:06 +02:00
|
|
|
|
|
2019-03-22 09:44:04 +01:00
|
|
|
|
/* Find the first available app if NAME is NULL or the one matching
|
|
|
|
|
|
* NAME but only if that application is also enabled. */
|
|
|
|
|
|
for (i=0; err && app_priority_list[i].name; i++)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (is_app_allowed (app_priority_list[i].name)
|
|
|
|
|
|
&& (!name || !strcmp (name, app_priority_list[i].name)))
|
|
|
|
|
|
err = app_priority_list[i].select_func (app);
|
|
|
|
|
|
}
|
2014-12-15 17:38:40 +01:00
|
|
|
|
if (err && name && gpg_err_code (err) != GPG_ERR_OBJ_TERM_STATE)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
err = gpg_error (GPG_ERR_NOT_SUPPORTED);
|
2004-01-27 17:40:42 +01:00
|
|
|
|
|
2004-09-09 09:28:47 +02:00
|
|
|
|
leave:
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2004-01-27 17:40:42 +01:00
|
|
|
|
if (name)
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_info ("can't select application '%s': %s\n",
|
2005-05-18 12:48:06 +02:00
|
|
|
|
name, gpg_strerror (err));
|
2004-01-27 17:40:42 +01:00
|
|
|
|
else
|
|
|
|
|
|
log_info ("no supported card application found: %s\n",
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_strerror (err));
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
xfree (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-01-27 16:18:11 +01:00
|
|
|
|
app->periodical_check_needed = periodical_check_needed;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
app->next = app_top;
|
|
|
|
|
|
app_top = app;
|
|
|
|
|
|
unlock_app (app);
|
2005-02-24 18:36:11 +01:00
|
|
|
|
return 0;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
/* If called with NAME as NULL, select the best fitting application
|
|
|
|
|
|
and return a context; otherwise select the application with NAME
|
|
|
|
|
|
and return a context. Returns an error code and stores NULL at
|
|
|
|
|
|
R_APP if no application was found or no card is present. */
|
|
|
|
|
|
gpg_error_t
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
select_application (ctrl_t ctrl, const char *name, app_t *r_app,
|
|
|
|
|
|
int scan, const unsigned char *serialno_bin,
|
|
|
|
|
|
size_t serialno_bin_len)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
gpg_error_t err = 0;
|
2017-03-27 06:56:02 +02:00
|
|
|
|
app_t a, a_prev = NULL;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
|
|
|
|
|
*r_app = NULL;
|
|
|
|
|
|
|
2018-11-28 06:59:44 +01:00
|
|
|
|
npth_mutex_lock (&app_list_lock);
|
|
|
|
|
|
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
if (scan || !app_top)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
struct dev_list *l;
|
2017-11-21 03:52:54 +01:00
|
|
|
|
int new_app = 0;
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
|
2017-01-31 04:56:11 +01:00
|
|
|
|
/* Scan the devices to find new device(s). */
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
err = apdu_dev_list_start (opt.reader_port, &l);
|
|
|
|
|
|
if (err)
|
2018-11-28 06:59:44 +01:00
|
|
|
|
{
|
|
|
|
|
|
npth_mutex_unlock (&app_list_lock);
|
|
|
|
|
|
return err;
|
|
|
|
|
|
}
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
|
|
|
|
|
|
while (1)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
int slot;
|
2017-01-31 04:56:11 +01:00
|
|
|
|
int periodical_check_needed_this;
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
|
2017-02-13 03:09:13 +01:00
|
|
|
|
slot = apdu_open_reader (l, !app_top);
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
if (slot < 0)
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2017-01-31 04:56:11 +01:00
|
|
|
|
periodical_check_needed_this = apdu_connect (slot);
|
|
|
|
|
|
if (periodical_check_needed_this < 0)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
2017-01-27 10:01:52 +01:00
|
|
|
|
/* We close a reader with no card. */
|
|
|
|
|
|
err = gpg_error (GPG_ERR_ENODEV);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
else
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
{
|
2017-01-27 16:18:11 +01:00
|
|
|
|
err = app_new_register (slot, ctrl, name,
|
2017-01-31 04:56:11 +01:00
|
|
|
|
periodical_check_needed_this);
|
2017-11-21 03:52:54 +01:00
|
|
|
|
new_app++;
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
}
|
2017-01-27 10:01:52 +01:00
|
|
|
|
|
|
|
|
|
|
if (err)
|
|
|
|
|
|
apdu_close_reader (slot);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-01-27 10:01:52 +01:00
|
|
|
|
apdu_dev_list_finish (l);
|
2017-01-31 04:56:11 +01:00
|
|
|
|
|
2017-11-21 03:52:54 +01:00
|
|
|
|
/* If new device(s), kick the scdaemon loop. */
|
|
|
|
|
|
if (new_app)
|
2017-01-31 04:56:11 +01:00
|
|
|
|
scd_kick_the_loop ();
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
for (a = app_top; a; a = a->next)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
lock_app (a, ctrl);
|
|
|
|
|
|
if (serialno_bin == NULL)
|
|
|
|
|
|
break;
|
|
|
|
|
|
if (a->serialnolen == serialno_bin_len
|
|
|
|
|
|
&& !memcmp (a->serialno, serialno_bin, a->serialnolen))
|
|
|
|
|
|
break;
|
|
|
|
|
|
unlock_app (a);
|
2017-03-27 06:56:02 +02:00
|
|
|
|
a_prev = a;
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (a)
|
|
|
|
|
|
{
|
|
|
|
|
|
err = check_conflict (a, name);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
if (!err)
|
|
|
|
|
|
{
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
a->ref_count++;
|
|
|
|
|
|
*r_app = a;
|
2017-03-27 06:56:02 +02:00
|
|
|
|
if (a_prev)
|
|
|
|
|
|
{
|
|
|
|
|
|
a_prev->next = a->next;
|
|
|
|
|
|
a->next = app_top;
|
|
|
|
|
|
app_top = a;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
unlock_app (a);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
2016-12-30 07:17:50 +01:00
|
|
|
|
else
|
|
|
|
|
|
err = gpg_error (GPG_ERR_ENODEV);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
scd: Add --demand option for SERIALNO.
* scd/app.c (select_application): Add SERIALNO_BIN and SERIALNO_BIN_LEN
arguments. Return matched APP with a serial number when specified.
* scd/command.c (open_card): Modify for the implicit open only.
(open_card_with_request): New for explicit open and support match with a
serial number.
(cmd_serialno): Support --demand option.
(cmd_learn, cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkauth)
(cmd_pkdecrypt, cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_apdu): Follow
the change of open_card.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-16 02:26:16 +01:00
|
|
|
|
npth_mutex_unlock (&app_list_lock);
|
|
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
return err;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2009-02-27 15:36:59 +01:00
|
|
|
|
char *
|
|
|
|
|
|
get_supported_applications (void)
|
|
|
|
|
|
{
|
|
|
|
|
|
int idx;
|
|
|
|
|
|
size_t nbytes;
|
|
|
|
|
|
char *buffer, *p;
|
2019-03-28 17:05:20 +01:00
|
|
|
|
const char *s;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2019-03-28 17:05:20 +01:00
|
|
|
|
for (nbytes=1, idx=0; (s=app_priority_list[idx].name); idx++)
|
|
|
|
|
|
nbytes += strlen (s) + 1 + 1;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2009-02-27 15:36:59 +01:00
|
|
|
|
buffer = xtrymalloc (nbytes);
|
|
|
|
|
|
if (!buffer)
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
2019-03-28 17:05:20 +01:00
|
|
|
|
for (p=buffer, idx=0; (s=app_priority_list[idx].name); idx++)
|
|
|
|
|
|
if (is_app_allowed (s))
|
|
|
|
|
|
p = stpcpy (stpcpy (p, s), ":\n");
|
2009-02-27 15:36:59 +01:00
|
|
|
|
*p = 0;
|
|
|
|
|
|
|
|
|
|
|
|
return buffer;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
/* Deallocate the application. */
|
2006-02-09 19:29:31 +01:00
|
|
|
|
static void
|
|
|
|
|
|
deallocate_app (app_t app)
|
|
|
|
|
|
{
|
2016-12-28 04:29:17 +01:00
|
|
|
|
app_t a, a_prev = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
for (a = app_top; a; a = a->next)
|
|
|
|
|
|
if (a == app)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (a_prev == NULL)
|
|
|
|
|
|
app_top = a->next;
|
|
|
|
|
|
else
|
|
|
|
|
|
a_prev->next = a->next;
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
a_prev = a;
|
|
|
|
|
|
|
|
|
|
|
|
if (app->ref_count)
|
|
|
|
|
|
log_error ("trying to release context used yet (%d)\n", app->ref_count);
|
|
|
|
|
|
|
2006-02-09 19:29:31 +01:00
|
|
|
|
if (app->fnc.deinit)
|
|
|
|
|
|
{
|
|
|
|
|
|
app->fnc.deinit (app);
|
|
|
|
|
|
app->fnc.deinit = NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
xfree (app->serialno);
|
2017-02-17 03:50:40 +01:00
|
|
|
|
|
|
|
|
|
|
unlock_app (app);
|
2006-02-09 19:29:31 +01:00
|
|
|
|
xfree (app);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2005-06-03 15:57:24 +02:00
|
|
|
|
/* Free the resources associated with the application APP. APP is
|
|
|
|
|
|
allowed to be NULL in which case this is a no-op. Note that we are
|
2006-02-09 19:29:31 +01:00
|
|
|
|
using reference counting to track the users of the application and
|
2006-03-01 12:05:47 +01:00
|
|
|
|
actually deferring the deallocation to allow for a later reuse by
|
2006-02-09 19:29:31 +01:00
|
|
|
|
a new connection. */
|
2004-01-27 17:40:42 +01:00
|
|
|
|
void
|
2017-02-17 03:50:40 +01:00
|
|
|
|
release_application (app_t app, int locked_already)
|
2004-01-27 17:40:42 +01:00
|
|
|
|
{
|
|
|
|
|
|
if (!app)
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
2015-12-04 06:13:23 +01:00
|
|
|
|
/* We don't deallocate app here. Instead, we keep it. This is
|
|
|
|
|
|
useful so that a card does not get reset even if only one session
|
|
|
|
|
|
is using the card - this way the PIN cache and other cached data
|
|
|
|
|
|
are preserved. */
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
2017-02-17 03:50:40 +01:00
|
|
|
|
if (!locked_already)
|
|
|
|
|
|
lock_app (app, NULL);
|
|
|
|
|
|
|
2017-02-15 10:23:01 +01:00
|
|
|
|
if (!app->ref_count)
|
|
|
|
|
|
log_bug ("trying to release an already released context\n");
|
|
|
|
|
|
|
|
|
|
|
|
--app->ref_count;
|
2017-02-17 03:50:40 +01:00
|
|
|
|
if (!locked_already)
|
|
|
|
|
|
unlock_app (app);
|
2004-01-27 17:40:42 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2004-09-09 09:28:47 +02:00
|
|
|
|
/* The serial number may need some cosmetics. Do it here. This
|
|
|
|
|
|
function shall only be called once after a new serial number has
|
2011-02-04 12:57:53 +01:00
|
|
|
|
been put into APP->serialno.
|
2004-09-09 09:28:47 +02:00
|
|
|
|
|
|
|
|
|
|
Prefixes we use:
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-09-09 09:28:47 +02:00
|
|
|
|
FF 00 00 = For serial numbers starting with an FF
|
|
|
|
|
|
FF 01 00 = Some german p15 cards return an empty serial number so the
|
2005-04-27 14:09:21 +02:00
|
|
|
|
serial number from the EF(TokenInfo) is used instead.
|
2019-01-20 11:45:57 +01:00
|
|
|
|
FF 02 00 = Serial number from Yubikey config
|
2009-01-27 12:30:02 +01:00
|
|
|
|
FF 7F 00 = No serialno.
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-09-09 09:28:47 +02:00
|
|
|
|
All other serial number not starting with FF are used as they are.
|
|
|
|
|
|
*/
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t
|
2004-09-09 09:28:47 +02:00
|
|
|
|
app_munge_serialno (app_t app)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (app->serialnolen && app->serialno[0] == 0xff)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2004-09-09 09:28:47 +02:00
|
|
|
|
/* The serial number starts with our special prefix. This
|
|
|
|
|
|
requires that we put our default prefix "FF0000" in front. */
|
|
|
|
|
|
unsigned char *p = xtrymalloc (app->serialnolen + 3);
|
|
|
|
|
|
if (!p)
|
2009-01-27 12:30:02 +01:00
|
|
|
|
return gpg_error_from_syserror ();
|
2004-09-09 09:28:47 +02:00
|
|
|
|
memcpy (p, "\xff\0", 3);
|
|
|
|
|
|
memcpy (p+3, app->serialno, app->serialnolen);
|
|
|
|
|
|
app->serialnolen += 3;
|
|
|
|
|
|
xfree (app->serialno);
|
|
|
|
|
|
app->serialno = p;
|
|
|
|
|
|
}
|
2009-01-27 12:30:02 +01:00
|
|
|
|
else if (!app->serialnolen)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2009-01-27 12:30:02 +01:00
|
|
|
|
unsigned char *p = xtrymalloc (3);
|
|
|
|
|
|
if (!p)
|
|
|
|
|
|
return gpg_error_from_syserror ();
|
|
|
|
|
|
memcpy (p, "\xff\x7f", 3);
|
|
|
|
|
|
app->serialnolen = 3;
|
|
|
|
|
|
xfree (app->serialno);
|
|
|
|
|
|
app->serialno = p;
|
|
|
|
|
|
}
|
2004-09-09 09:28:47 +02:00
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-01-18 07:48:50 +01:00
|
|
|
|
/* Retrieve the serial number of the card. The serial number is
|
|
|
|
|
|
returned as a malloced string (hex encoded) in SERIAL. Caller must
|
|
|
|
|
|
free SERIAL unless the function returns an error. */
|
|
|
|
|
|
char *
|
|
|
|
|
|
app_get_serialno (app_t app)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2017-01-18 07:48:50 +01:00
|
|
|
|
char *serial;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2017-01-18 07:48:50 +01:00
|
|
|
|
if (!app)
|
|
|
|
|
|
return NULL;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2009-01-27 12:30:02 +01:00
|
|
|
|
if (!app->serialnolen)
|
2017-01-18 07:48:50 +01:00
|
|
|
|
serial = xtrystrdup ("FF7F00");
|
2009-01-27 12:30:02 +01:00
|
|
|
|
else
|
2017-01-18 07:48:50 +01:00
|
|
|
|
serial = bin2hex (app->serialno, app->serialnolen, NULL);
|
2008-11-03 11:54:18 +01:00
|
|
|
|
|
2017-01-18 07:48:50 +01:00
|
|
|
|
return serial;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-03-05 17:40:08 +01:00
|
|
|
|
/* Write out the application specific status lines for the LEARN
|
2003-08-05 19:11:04 +02:00
|
|
|
|
command. */
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t
|
2009-03-18 12:18:56 +01:00
|
|
|
|
app_write_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!app)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
|
|
|
|
|
if (!app->fnc.learn_status)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2004-01-27 17:40:42 +01:00
|
|
|
|
|
2019-01-29 13:28:10 +01:00
|
|
|
|
/* We do not send CARD and APPTYPE if only keypairinfo is requested. */
|
2019-03-05 17:40:08 +01:00
|
|
|
|
if (!(flags &1))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (app->cardtype)
|
|
|
|
|
|
send_status_direct (ctrl, "CARDTYPE", app->cardtype);
|
|
|
|
|
|
if (app->cardversion)
|
|
|
|
|
|
send_status_printf (ctrl, "CARDVERSION", "%X", app->cardversion);
|
|
|
|
|
|
if (app->apptype)
|
|
|
|
|
|
send_status_direct (ctrl, "APPTYPE", app->apptype);
|
|
|
|
|
|
if (app->appversion)
|
|
|
|
|
|
send_status_printf (ctrl, "APPVERSION", "%X", app->appversion);
|
|
|
|
|
|
}
|
2019-01-29 13:28:10 +01:00
|
|
|
|
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
2009-03-18 12:18:56 +01:00
|
|
|
|
err = app->fnc.learn_status (app, ctrl, flags);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
|
/* Read the certificate with id CERTID (as returned by learn_status in
|
|
|
|
|
|
the CERTINFO status lines) and return it in the freshly allocated
|
|
|
|
|
|
buffer put into CERT and the length of the certificate put into
|
|
|
|
|
|
CERTLEN. */
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_readcert (app_t app, ctrl_t ctrl, const char *certid,
|
2004-01-27 17:40:42 +01:00
|
|
|
|
unsigned char **cert, size_t *certlen)
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
|
if (!app)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2004-01-27 17:40:42 +01:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.readcert)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.readcert (app, certid, cert, certlen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2004-01-27 17:40:42 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2005-02-22 18:29:07 +01:00
|
|
|
|
/* Read the key with ID KEYID. On success a canonical encoded
|
2019-04-03 17:31:09 +02:00
|
|
|
|
* S-expression with the public key will get stored at PK and its
|
|
|
|
|
|
* length (for assertions) at PKLEN; the caller must release that
|
|
|
|
|
|
* buffer. On error NULL will be stored at PK and PKLEN and an error
|
|
|
|
|
|
* code returned. If the key is not required NULL may be passed for
|
|
|
|
|
|
* PK; this makse send if the APP_READKEY_FLAG_INFO has also been set.
|
|
|
|
|
|
*
|
|
|
|
|
|
* This function might not be supported by all applications. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
2019-04-03 17:31:09 +02:00
|
|
|
|
app_readkey (app_t app, ctrl_t ctrl, const char *keyid, unsigned int flags,
|
2016-11-04 05:45:57 +01:00
|
|
|
|
unsigned char **pk, size_t *pklen)
|
2005-02-22 18:29:07 +01:00
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
2005-02-22 18:29:07 +01:00
|
|
|
|
if (pk)
|
|
|
|
|
|
*pk = NULL;
|
|
|
|
|
|
if (pklen)
|
|
|
|
|
|
*pklen = 0;
|
|
|
|
|
|
|
2019-04-03 17:31:09 +02:00
|
|
|
|
if (!app || !keyid)
|
2005-02-22 18:29:07 +01:00
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2005-02-22 18:29:07 +01:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.readkey)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
2019-04-03 17:31:09 +02:00
|
|
|
|
err= app->fnc.readkey (app, ctrl, keyid, flags, pk, pklen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2005-02-22 18:29:07 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2003-09-30 19:35:05 +02:00
|
|
|
|
/* Perform a GETATTR operation. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
2006-09-06 18:35:52 +02:00
|
|
|
|
app_getattr (app_t app, ctrl_t ctrl, const char *name)
|
2003-09-30 19:35:05 +02:00
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
2003-09-30 19:35:05 +02:00
|
|
|
|
if (!app || !name || !*name)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-09-30 19:35:05 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
2005-02-24 22:40:48 +01:00
|
|
|
|
|
2019-01-29 13:28:10 +01:00
|
|
|
|
if (app->cardtype && name && !strcmp (name, "CARDTYPE"))
|
|
|
|
|
|
{
|
|
|
|
|
|
send_status_direct (ctrl, "CARDTYPE", app->cardtype);
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
2005-02-24 22:40:48 +01:00
|
|
|
|
if (app->apptype && name && !strcmp (name, "APPTYPE"))
|
|
|
|
|
|
{
|
2017-01-18 07:48:50 +01:00
|
|
|
|
send_status_direct (ctrl, "APPTYPE", app->apptype);
|
2005-02-24 22:40:48 +01:00
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
if (name && !strcmp (name, "SERIALNO"))
|
|
|
|
|
|
{
|
|
|
|
|
|
char *serial;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2017-01-18 07:48:50 +01:00
|
|
|
|
serial = app_get_serialno (app);
|
|
|
|
|
|
if (!serial)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
|
|
|
|
|
|
|
|
|
|
|
send_status_direct (ctrl, "SERIALNO", serial);
|
2005-02-24 22:40:48 +01:00
|
|
|
|
xfree (serial);
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2003-09-30 19:35:05 +02:00
|
|
|
|
if (!app->fnc.getattr)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
2019-01-29 13:28:10 +01:00
|
|
|
|
err = app->fnc.getattr (app, ctrl, name);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2003-09-30 19:35:05 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
/* Perform a SETATTR operation. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_setattr (app_t app, ctrl_t ctrl, const char *name,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void *pincb_arg,
|
|
|
|
|
|
const unsigned char *value, size_t valuelen)
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!app || !name || !*name || !value)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.setattr)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.setattr (app, name, pincb, pincb_arg, value, valuelen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Create the signature and return the allocated result in OUTDATA.
|
|
|
|
|
|
If a PIN is required the PINCB will be used to ask for the PIN; it
|
|
|
|
|
|
should return the PIN in an allocated buffer and put it into PIN. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void *pincb_arg,
|
|
|
|
|
|
const void *indata, size_t indatalen,
|
|
|
|
|
|
unsigned char **outdata, size_t *outdatalen )
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.sign)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.sign (app, keyidstr, hashalgo,
|
|
|
|
|
|
pincb, pincb_arg,
|
|
|
|
|
|
indata, indatalen,
|
|
|
|
|
|
outdata, outdatalen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt.verbose)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("operation sign result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Create the signature using the INTERNAL AUTHENTICATE command and
|
|
|
|
|
|
return the allocated result in OUTDATA. If a PIN is required the
|
|
|
|
|
|
PINCB will be used to ask for the PIN; it should return the PIN in
|
|
|
|
|
|
an allocated buffer and put it into PIN. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_auth (app_t app, ctrl_t ctrl, const char *keyidstr,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void *pincb_arg,
|
|
|
|
|
|
const void *indata, size_t indatalen,
|
|
|
|
|
|
unsigned char **outdata, size_t *outdatalen )
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.auth)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.auth (app, keyidstr,
|
|
|
|
|
|
pincb, pincb_arg,
|
|
|
|
|
|
indata, indatalen,
|
|
|
|
|
|
outdata, outdatalen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt.verbose)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("operation auth result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Decrypt the data in INDATA and return the allocated result in OUTDATA.
|
|
|
|
|
|
If a PIN is required the PINCB will be used to ask for the PIN; it
|
|
|
|
|
|
should return the PIN in an allocated buffer and put it into PIN. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void *pincb_arg,
|
|
|
|
|
|
const void *indata, size_t indatalen,
|
2013-08-26 17:29:54 +02:00
|
|
|
|
unsigned char **outdata, size_t *outdatalen,
|
|
|
|
|
|
unsigned int *r_info)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2013-08-26 17:29:54 +02:00
|
|
|
|
*r_info = 0;
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.decipher)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.decipher (app, keyidstr,
|
|
|
|
|
|
pincb, pincb_arg,
|
|
|
|
|
|
indata, indatalen,
|
2013-08-26 17:29:54 +02:00
|
|
|
|
outdata, outdatalen,
|
|
|
|
|
|
r_info);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt.verbose)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("operation decipher result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2008-09-23 11:57:45 +02:00
|
|
|
|
/* Perform the WRITECERT operation. */
|
|
|
|
|
|
gpg_error_t
|
|
|
|
|
|
app_writecert (app_t app, ctrl_t ctrl,
|
|
|
|
|
|
const char *certidstr,
|
|
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
|
|
|
|
|
void *pincb_arg,
|
|
|
|
|
|
const unsigned char *data, size_t datalen)
|
|
|
|
|
|
{
|
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
|
|
|
|
|
if (!app || !certidstr || !*certidstr || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2008-09-23 11:57:45 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.writecert)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2008-09-23 11:57:45 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.writecert (app, ctrl, certidstr,
|
|
|
|
|
|
pincb, pincb_arg, data, datalen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2008-09-23 11:57:45 +02:00
|
|
|
|
if (opt.verbose)
|
|
|
|
|
|
log_info ("operation writecert result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2005-05-20 22:39:36 +02:00
|
|
|
|
/* Perform the WRITEKEY operation. */
|
|
|
|
|
|
gpg_error_t
|
|
|
|
|
|
app_writekey (app_t app, ctrl_t ctrl,
|
|
|
|
|
|
const char *keyidstr, unsigned int flags,
|
|
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
|
|
|
|
|
void *pincb_arg,
|
|
|
|
|
|
const unsigned char *keydata, size_t keydatalen)
|
|
|
|
|
|
{
|
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
|
|
|
|
|
if (!app || !keyidstr || !*keyidstr || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2005-05-20 22:39:36 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.writekey)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-20 22:39:36 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.writekey (app, ctrl, keyidstr, flags,
|
|
|
|
|
|
pincb, pincb_arg, keydata, keydatalen);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-20 22:39:36 +02:00
|
|
|
|
if (opt.verbose)
|
|
|
|
|
|
log_info ("operation writekey result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
/* Perform a SETATTR operation. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
2019-02-06 14:07:42 +01:00
|
|
|
|
app_genkey (app_t app, ctrl_t ctrl, const char *keynostr,
|
|
|
|
|
|
const char *keytype, unsigned int flags, time_t createtime,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void *pincb_arg)
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
if (!app || !keynostr || !*keynostr || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.genkey)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
2019-02-06 14:07:42 +01:00
|
|
|
|
err = app->fnc.genkey (app, ctrl, keynostr, keytype, flags,
|
2007-07-05 18:58:19 +02:00
|
|
|
|
createtime, pincb, pincb_arg);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt.verbose)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("operation genkey result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2015-11-16 12:41:46 +01:00
|
|
|
|
/* Perform a GET CHALLENGE operation. This function is special as it
|
2003-08-05 19:11:04 +02:00
|
|
|
|
directly accesses the card without any application specific
|
|
|
|
|
|
wrapper. */
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_get_challenge (app_t app, ctrl_t ctrl, size_t nbytes, unsigned char *buffer)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!app || !nbytes || !buffer)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = iso7816_get_challenge (app->slot, nbytes, buffer);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Perform a CHANGE REFERENCE DATA or RESET RETRY COUNTER operation. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
2019-02-06 12:24:30 +01:00
|
|
|
|
app_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|
|
|
|
|
unsigned int flags,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void *pincb_arg)
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
if (!app || !chvnostr || !*chvnostr || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.change_pin)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
2019-02-06 12:24:30 +01:00
|
|
|
|
err = app->fnc.change_pin (app, ctrl, chvnostr, flags, pincb, pincb_arg);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (opt.verbose)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("operation change_pin result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2019-01-21 14:06:51 +01:00
|
|
|
|
/* Perform a VERIFY operation without doing anything else. This may
|
2017-04-28 03:06:33 +02:00
|
|
|
|
be used to initialize a the PIN cache for long lasting other
|
2003-10-21 19:12:50 +02:00
|
|
|
|
operations. Its use is highly application dependent. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
gpg_error_t
|
scd: Clean up internal API for APP.
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-12-22 13:14:26 +01:00
|
|
|
|
app_check_pin (app_t app, ctrl_t ctrl, const char *keyidstr,
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t (*pincb)(void*, const char *, char **),
|
2003-10-21 19:12:50 +02:00
|
|
|
|
void *pincb_arg)
|
|
|
|
|
|
{
|
2005-05-18 12:48:06 +02:00
|
|
|
|
gpg_error_t err;
|
2003-10-21 19:12:50 +02:00
|
|
|
|
|
|
|
|
|
|
if (!app || !keyidstr || !*keyidstr || !pincb)
|
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
2008-11-03 20:09:34 +01:00
|
|
|
|
if (!app->ref_count)
|
2003-10-21 19:12:50 +02:00
|
|
|
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
|
|
|
|
|
if (!app->fnc.check_pin)
|
|
|
|
|
|
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
err = lock_app (app, ctrl);
|
2005-05-18 12:48:06 +02:00
|
|
|
|
if (err)
|
|
|
|
|
|
return err;
|
|
|
|
|
|
err = app->fnc.check_pin (app, keyidstr, pincb, pincb_arg);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
unlock_app (app);
|
2003-10-21 19:12:50 +02:00
|
|
|
|
if (opt.verbose)
|
2005-05-18 12:48:06 +02:00
|
|
|
|
log_info ("operation check_pin result: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2003-10-21 19:12:50 +02:00
|
|
|
|
}
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
|
report_change (int slot, int old_status, int cur_status)
|
|
|
|
|
|
{
|
|
|
|
|
|
char *homestr, *envstr;
|
|
|
|
|
|
char *fname;
|
|
|
|
|
|
char templ[50];
|
|
|
|
|
|
FILE *fp;
|
|
|
|
|
|
|
|
|
|
|
|
snprintf (templ, sizeof templ, "reader_%d.status", slot);
|
|
|
|
|
|
fname = make_filename (gnupg_homedir (), templ, NULL );
|
|
|
|
|
|
fp = fopen (fname, "w");
|
|
|
|
|
|
if (fp)
|
|
|
|
|
|
{
|
|
|
|
|
|
fprintf (fp, "%s\n",
|
|
|
|
|
|
(cur_status & 1)? "USABLE":
|
|
|
|
|
|
(cur_status & 4)? "ACTIVE":
|
|
|
|
|
|
(cur_status & 2)? "PRESENT": "NOCARD");
|
|
|
|
|
|
fclose (fp);
|
|
|
|
|
|
}
|
|
|
|
|
|
xfree (fname);
|
|
|
|
|
|
|
|
|
|
|
|
homestr = make_filename (gnupg_homedir (), NULL);
|
|
|
|
|
|
if (gpgrt_asprintf (&envstr, "GNUPGHOME=%s", homestr) < 0)
|
|
|
|
|
|
log_error ("out of core while building environment\n");
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
const char *args[9], *envs[2];
|
|
|
|
|
|
char numbuf1[30], numbuf2[30], numbuf3[30];
|
|
|
|
|
|
|
|
|
|
|
|
envs[0] = envstr;
|
|
|
|
|
|
envs[1] = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
sprintf (numbuf1, "%d", slot);
|
|
|
|
|
|
sprintf (numbuf2, "0x%04X", old_status);
|
|
|
|
|
|
sprintf (numbuf3, "0x%04X", cur_status);
|
|
|
|
|
|
args[0] = "--reader-port";
|
|
|
|
|
|
args[1] = numbuf1;
|
|
|
|
|
|
args[2] = "--old-code";
|
|
|
|
|
|
args[3] = numbuf2;
|
|
|
|
|
|
args[4] = "--new-code";
|
|
|
|
|
|
args[5] = numbuf3;
|
|
|
|
|
|
args[6] = "--status";
|
|
|
|
|
|
args[7] = ((cur_status & 1)? "USABLE":
|
|
|
|
|
|
(cur_status & 4)? "ACTIVE":
|
|
|
|
|
|
(cur_status & 2)? "PRESENT": "NOCARD");
|
|
|
|
|
|
args[8] = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
fname = make_filename (gnupg_homedir (), "scd-event", NULL);
|
|
|
|
|
|
err = gnupg_spawn_process_detached (fname, args, envs);
|
|
|
|
|
|
if (err && gpg_err_code (err) != GPG_ERR_ENOENT)
|
|
|
|
|
|
log_error ("failed to run event handler '%s': %s\n",
|
|
|
|
|
|
fname, gpg_strerror (err));
|
|
|
|
|
|
xfree (fname);
|
|
|
|
|
|
xfree (envstr);
|
|
|
|
|
|
}
|
|
|
|
|
|
xfree (homestr);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-01-31 04:56:11 +01:00
|
|
|
|
int
|
2016-12-28 04:29:17 +01:00
|
|
|
|
scd_update_reader_status_file (void)
|
|
|
|
|
|
{
|
|
|
|
|
|
app_t a, app_next;
|
2017-01-27 16:18:11 +01:00
|
|
|
|
int periodical_check_needed = 0;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
|
|
|
|
|
npth_mutex_lock (&app_list_lock);
|
|
|
|
|
|
for (a = app_top; a; a = app_next)
|
|
|
|
|
|
{
|
2017-01-27 10:01:52 +01:00
|
|
|
|
int sw;
|
|
|
|
|
|
unsigned int status;
|
|
|
|
|
|
|
2017-02-17 03:50:40 +01:00
|
|
|
|
lock_app (a, NULL);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
app_next = a->next;
|
2017-01-27 10:01:52 +01:00
|
|
|
|
|
2017-02-17 03:50:40 +01:00
|
|
|
|
if (a->reset_requested)
|
2017-02-15 10:23:01 +01:00
|
|
|
|
status = 0;
|
|
|
|
|
|
else
|
2017-01-27 10:01:52 +01:00
|
|
|
|
{
|
2017-02-15 10:23:01 +01:00
|
|
|
|
sw = apdu_get_status (a->slot, 0, &status);
|
|
|
|
|
|
if (sw == SW_HOST_NO_READER)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* Most likely the _reader_ has been unplugged. */
|
|
|
|
|
|
status = 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (sw)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* Get status failed. Ignore that. */
|
|
|
|
|
|
if (a->periodical_check_needed)
|
|
|
|
|
|
periodical_check_needed = 1;
|
2017-02-17 03:50:40 +01:00
|
|
|
|
unlock_app (a);
|
2017-02-15 10:23:01 +01:00
|
|
|
|
continue;
|
|
|
|
|
|
}
|
2017-01-27 10:01:52 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (a->card_status != status)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
2017-01-27 10:01:52 +01:00
|
|
|
|
report_change (a->slot, a->card_status, status);
|
|
|
|
|
|
send_client_notifications (a, status == 0);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
2017-01-27 10:01:52 +01:00
|
|
|
|
if (status == 0)
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
2017-01-27 10:01:52 +01:00
|
|
|
|
log_debug ("Removal of a card: %d\n", a->slot);
|
|
|
|
|
|
apdu_close_reader (a->slot);
|
|
|
|
|
|
deallocate_app (a);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
2017-01-27 10:01:52 +01:00
|
|
|
|
else
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
2017-01-27 10:01:52 +01:00
|
|
|
|
a->card_status = status;
|
2017-01-27 16:18:11 +01:00
|
|
|
|
if (a->periodical_check_needed)
|
|
|
|
|
|
periodical_check_needed = 1;
|
2017-02-17 03:50:40 +01:00
|
|
|
|
unlock_app (a);
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-01-27 10:01:52 +01:00
|
|
|
|
else
|
|
|
|
|
|
{
|
2017-01-27 16:18:11 +01:00
|
|
|
|
if (a->periodical_check_needed)
|
|
|
|
|
|
periodical_check_needed = 1;
|
2017-02-17 03:50:40 +01:00
|
|
|
|
unlock_app (a);
|
2017-01-27 10:01:52 +01:00
|
|
|
|
}
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
|
|
|
|
|
npth_mutex_unlock (&app_list_lock);
|
2017-01-27 10:01:52 +01:00
|
|
|
|
|
2017-01-31 04:56:11 +01:00
|
|
|
|
return periodical_check_needed;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* This function must be called once to initialize this module. This
|
|
|
|
|
|
has to be done before a second thread is spawned. We can't do the
|
|
|
|
|
|
static initialization because Pth emulation code might not be able
|
|
|
|
|
|
to do a static init; in particular, it is not possible for W32. */
|
2016-12-29 02:07:43 +01:00
|
|
|
|
gpg_error_t
|
2016-12-28 04:29:17 +01:00
|
|
|
|
initialize_module_command (void)
|
|
|
|
|
|
{
|
2016-12-29 02:07:43 +01:00
|
|
|
|
gpg_error_t err;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
|
2016-12-29 02:07:43 +01:00
|
|
|
|
if (npth_mutex_init (&app_list_lock, NULL))
|
2016-12-28 04:29:17 +01:00
|
|
|
|
{
|
2016-12-29 02:07:43 +01:00
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
|
log_error ("app: error initializing mutex: %s\n", gpg_strerror (err));
|
|
|
|
|
|
return err;
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
2016-12-29 02:07:43 +01:00
|
|
|
|
|
|
|
|
|
|
return apdu_init ();
|
2016-12-28 04:29:17 +01:00
|
|
|
|
}
|
scd: Support multiple readers by CCID driver.
* scd/apdu.c (new_reader_slot): Lock is now in apdu_dev_list_start.
(close_pcsc_reader_direct, close_ccid_reader): RDRNAME is handled...
(apdu_close_reader): ... by this function now.
(apdu_prepare_exit): Likewise.
(open_ccid_reader): Open with dev_list.
(apdu_dev_list_start, apdu_dev_list_finish): New.
(apdu_open_one_reader): New.
(apdu_open_reader): Support multiple readers.
* scd/app.c (select_application): With SCAN, opening all readers
available, and register as new APP.
(app_write_learn_status): app->ref_count == 0 is valid for APP which is
not yet used.
(app_list_start, app_list_finish): New.
* scd/ccid-driver.c (struct ccid_driver_s): Remove RID and BCD_DEVICE.
Add BAI.
(parse_ccid_descriptor): BCD_DEVICE is now on the arguments.
(ccid_dev_scan, ccid_dev_scan_finish): New.
(ccid_get_BAI, ccid_compare_BAI, ccid_open_usb_reader): New.
(ccid_open_reader): Support multiple readers.
(ccid_set_progress_cb, ccid_close_reader): No RID any more.
--
With this change, multiple readers/tokens are supported by the internal
CCID driver of GnuPG. Until the changes of upper layers (scdaemon,
gpg-agent, and gpg front end), only a single reader is used, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-01-06 01:14:13 +01:00
|
|
|
|
|
2017-01-18 07:19:38 +01:00
|
|
|
|
void
|
|
|
|
|
|
app_send_card_list (ctrl_t ctrl)
|
|
|
|
|
|
{
|
|
|
|
|
|
app_t a;
|
|
|
|
|
|
char buf[65];
|
|
|
|
|
|
|
|
|
|
|
|
npth_mutex_lock (&app_list_lock);
|
|
|
|
|
|
for (a = app_top; a; a = a->next)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (DIM (buf) < 2 * a->serialnolen + 1)
|
2017-01-18 07:48:50 +01:00
|
|
|
|
continue;
|
2017-01-18 07:19:38 +01:00
|
|
|
|
|
|
|
|
|
|
bin2hex (a->serialno, a->serialnolen, buf);
|
|
|
|
|
|
send_status_direct (ctrl, "SERIALNO", buf);
|
|
|
|
|
|
}
|
|
|
|
|
|
npth_mutex_unlock (&app_list_lock);
|
|
|
|
|
|
}
|
2019-04-25 07:49:49 +02:00
|
|
|
|
|
|
|
|
|
|
/* Execute an action for each app. ACTION can be one of:
|
|
|
|
|
|
KEYGRIP_ACTION_SEND_DATA: send data if KEYGRIP_STR matches
|
|
|
|
|
|
KEYGRIP_ACTION_WRITE_STATUS: write status if KEYGRIP_STR matches
|
|
|
|
|
|
KEYGRIP_ACTION_LOOKUP: Return matching APP
|
|
|
|
|
|
*/
|
|
|
|
|
|
app_t
|
|
|
|
|
|
app_do_with_keygrip (ctrl_t ctrl, int action, const char *keygrip_str)
|
|
|
|
|
|
{
|
|
|
|
|
|
app_t a;
|
|
|
|
|
|
|
|
|
|
|
|
npth_mutex_lock (&app_list_lock);
|
|
|
|
|
|
|
|
|
|
|
|
for (a = app_top; a; a = a->next)
|
|
|
|
|
|
if (a->fnc.with_keygrip
|
|
|
|
|
|
&& !a->fnc.with_keygrip (a, ctrl, action, keygrip_str))
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
npth_mutex_unlock (&app_list_lock);
|
|
|
|
|
|
return a;
|
|
|
|
|
|
}
|