mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-18 14:17:03 +01:00
scd: On a Yubikey re-select the last app after the use of APDU.
* scd/app-common.h (struct card_ctx_s): Add maybe_check_aid flag. * scd/command.c (cmd_apdu): Set it. * scd/app.c (check_external_interference): Consult this flag. (maybe_switch_app): Do a re-select if this flag is set. -- After the gpg-card tool has issued a Yubikey specific command the current application is not anymore correctly selected. This then results in all kind of errors. We detect this now and try to re-select the last app.
This commit is contained in:
parent
98b8c518fa
commit
f7e00dc73d
@ -119,6 +119,7 @@ struct card_ctx_s {
|
|||||||
/* Various flags. */
|
/* Various flags. */
|
||||||
unsigned int reset_requested:1;
|
unsigned int reset_requested:1;
|
||||||
unsigned int periodical_check_needed:1;
|
unsigned int periodical_check_needed:1;
|
||||||
|
unsigned int maybe_check_aid:1;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
22
scd/app.c
22
scd/app.c
@ -1606,9 +1606,13 @@ check_external_interference (app_t app, ctrl_t ctrl)
|
|||||||
/*
|
/*
|
||||||
* Only when a user is using Yubikey with pcsc-shared configuration,
|
* Only when a user is using Yubikey with pcsc-shared configuration,
|
||||||
* we need this detection. Otherwise, the card/token is under full
|
* we need this detection. Otherwise, the card/token is under full
|
||||||
* control of scdaemon, there's no problem at all.
|
* control of scdaemon, there's no problem at all. However, if the
|
||||||
|
* APDU command has been used we better also check whether the AID
|
||||||
|
* is still valid.
|
||||||
*/
|
*/
|
||||||
if (!opt.pcsc_shared || app->card->cardtype != CARDTYPE_YUBIKEY)
|
if (app && app->card && app->card->maybe_check_aid)
|
||||||
|
app->card->maybe_check_aid = 0;
|
||||||
|
else if (!opt.pcsc_shared || app->card->cardtype != CARDTYPE_YUBIKEY)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (app->fnc.check_aid)
|
if (app->fnc.check_aid)
|
||||||
@ -1646,6 +1650,20 @@ maybe_switch_app (ctrl_t ctrl, card_t card, const char *keyref)
|
|||||||
|
|
||||||
if (!card->app)
|
if (!card->app)
|
||||||
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
|
||||||
|
|
||||||
|
if (card->maybe_check_aid && card->app->fnc.reselect
|
||||||
|
&& check_external_interference (card->app, ctrl))
|
||||||
|
{
|
||||||
|
if (DBG_APP)
|
||||||
|
log_debug ("slot %d, app %s: forced re-select due to direct APDU use\n",
|
||||||
|
card->slot, xstrapptype (card->app));
|
||||||
|
err = card->app->fnc.reselect (card->app, ctrl);
|
||||||
|
if (err)
|
||||||
|
log_error ("slot %d, app %s: forced re-select failed: %s - ignored\n",
|
||||||
|
card->slot, xstrapptype (card->app), gpg_strerror (err));
|
||||||
|
err = 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (!ctrl->current_apptype)
|
if (!ctrl->current_apptype)
|
||||||
{
|
{
|
||||||
/* For whatever reasons the current apptype has not been set -
|
/* For whatever reasons the current apptype has not been set -
|
||||||
|
@ -2195,6 +2195,7 @@ cmd_apdu (assuan_context_t ctx, char *line)
|
|||||||
unsigned char *result = NULL;
|
unsigned char *result = NULL;
|
||||||
size_t resultlen;
|
size_t resultlen;
|
||||||
|
|
||||||
|
card->maybe_check_aid = 1;
|
||||||
rc = apdu_send_direct (card->slot, exlen,
|
rc = apdu_send_direct (card->slot, exlen,
|
||||||
apdu, apdulen, handle_more,
|
apdu, apdulen, handle_more,
|
||||||
NULL, &result, &resultlen);
|
NULL, &result, &resultlen);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user