[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-235-g5c5e52d
by Werner Koch
cvs at cvs.gnupg.org
Wed Aug 21 17:18:32 CEST 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 5c5e52df4b92e23045ac87abac09357de58920d4 (commit)
via 7bde2bf3b0ddb5d3515a44879e1a7ddb581a5c0b (commit)
from 50c98c7ed6b542857ee2f902eca36cda37407737 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5c5e52df4b92e23045ac87abac09357de58920d4
Author: Werner Koch <wk at gnupg.org>
Date: Wed Aug 21 16:45:48 2013 +0200
scd: Make SPRx32 pinpad work with PC/SC on Windows.
* scd/apdu.c (CM_IOCTL_GET_FEATURE_REQUEST): Use SCARD_CTL_CODE.
(SCARD_CTL_CODE): Define if not defined.
(reader_table_s): Add is_spr532.
(new_reader_slot): Clear it.
(check_pcsc_pinpad): Set it.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Add fix for SPR532.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/scd/apdu.c b/scd/apdu.c
index ca45fc1..e05869f 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -134,6 +134,7 @@ struct reader_table_s {
int last_status;
int status;
int is_t0; /* True if we know that we are running T=0. */
+ int is_spr532; /* True if we know that the reader is a SPR532. */
unsigned char atr[33];
size_t atrlen; /* A zero length indicates that the ATR has
not yet been read; i.e. the card is not
@@ -237,7 +238,12 @@ static char (* DLSTDCALL CT_close) (unsigned short ctn);
#define PCSC_E_NO_SERVICE 0x8010001D
#define PCSC_W_REMOVED_CARD 0x80100069
-#define CM_IOCTL_GET_FEATURE_REQUEST (0x42000000 + 3400)
+/* Fix pcsc-lite ABI incompatibilty. */
+#ifndef SCARD_CTL_CODE
+# define SCARD_CTL_CODE(code) (0x42000000 + (code))
+#endif
+
+#define CM_IOCTL_GET_FEATURE_REQUEST SCARD_CTL_CODE(3400)
#define FEATURE_VERIFY_PIN_DIRECT 0x06
#define FEATURE_MODIFY_PIN_DIRECT 0x07
@@ -393,6 +399,7 @@ new_reader_slot (void)
reader_table[reader].any_status = 0;
reader_table[reader].last_status = 0;
reader_table[reader].is_t0 = 1;
+ reader_table[reader].is_spr532 = 0;
#ifdef NEED_PCSC_WRAPPER
reader_table[reader].pcsc.req_fd = -1;
reader_table[reader].pcsc.rsp_fd = -1;
@@ -2008,7 +2015,10 @@ check_pcsc_pinpad (int slot, int command, pininfo_t *pininfo)
Alternatively use the USB ids to detect known readers. */
if (reader_table[slot].rdrname
&& strstr (reader_table[slot].rdrname, "SPRx32"))
- pininfo->fixedlen = 0;
+ {
+ reader_table[slot].is_spr532 = 1;
+ pininfo->fixedlen = 0;
+ }
check_again:
if (command == ISO7816_VERIFY)
@@ -2067,6 +2077,7 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1,
int len = PIN_VERIFY_STRUCTURE_SIZE + pininfo->fixedlen;
unsigned char result[2];
pcsc_dword_t resultlen = 2;
+ int no_lc;
if (!reader_table[slot].atrlen
&& (sw = reset_pcsc_reader (slot)))
@@ -2090,6 +2101,8 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1,
if (!pin_verify)
return SW_HOST_OUT_OF_CORE;
+ no_lc = (!pininfo->fixedlen && reader_table[slot].is_spr532);
+
pin_verify[0] = 0x00; /* bTimerOut */
pin_verify[1] = 0x00; /* bTimerOut2 */
pin_verify[2] = 0x82; /* bmFormatString: Byte, pos=0, left, ASCII. */
@@ -2106,8 +2119,8 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1,
pin_verify[11] = 0x00; /* bMsgIndex */
pin_verify[12] = 0x00; /* bTeoPrologue[0] */
pin_verify[13] = 0x00; /* bTeoPrologue[1] */
- pin_verify[14] = pininfo->fixedlen + 0x05; /* bTeoPrologue[2] */
- pin_verify[15] = pininfo->fixedlen + 0x05; /* ulDataLength */
+ pin_verify[14] = pininfo->fixedlen + 0x05 - no_lc; /* bTeoPrologue[2] */
+ pin_verify[15] = pininfo->fixedlen + 0x05 - no_lc; /* ulDataLength */
pin_verify[16] = 0x00; /* ulDataLength */
pin_verify[17] = 0x00; /* ulDataLength */
pin_verify[18] = 0x00; /* ulDataLength */
@@ -2118,6 +2131,8 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1,
pin_verify[23] = pininfo->fixedlen; /* abData[4] */
if (pininfo->fixedlen)
memset (&pin_verify[24], 0xff, pininfo->fixedlen);
+ else if (no_lc)
+ len--;
if (DBG_CARD_IO)
log_debug ("send secure: c=%02X i=%02X p1=%02X p2=%02X len=%d pinmax=%d\n",
@@ -2150,6 +2165,7 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1,
int len = PIN_MODIFY_STRUCTURE_SIZE + 2 * pininfo->fixedlen;
unsigned char result[2];
pcsc_dword_t resultlen = 2;
+ int no_lc;
if (!reader_table[slot].atrlen
&& (sw = reset_pcsc_reader (slot)))
@@ -2173,6 +2189,8 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1,
if (!pin_modify)
return SW_HOST_OUT_OF_CORE;
+ no_lc = (!pininfo->fixedlen && reader_table[slot].is_spr532);
+
pin_modify[0] = 0x00; /* bTimerOut */
pin_modify[1] = 0x00; /* bTimerOut2 */
pin_modify[2] = 0x82; /* bmFormatString: Byte, pos=0, left, ASCII. */
@@ -2193,15 +2211,15 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1,
if (pininfo->minlen && pininfo->maxlen && pininfo->minlen == pininfo->maxlen)
pin_modify[10] |= 0x01; /* Max size reached. */
pin_modify[11] = 0xff; /* bNumberMessage: Default */
- pin_modify[12] = 0x09; /* wLangId: 0x0409: US English */
+ pin_modify[12] = 0x09; /* wLangId: 0x0409: US English */
pin_modify[13] = 0x04; /* wLangId: 0x0409: US English */
pin_modify[14] = 0x00; /* bMsgIndex1 */
pin_modify[15] = 0x00; /* bMsgIndex2 */
pin_modify[16] = 0x00; /* bMsgIndex3 */
pin_modify[17] = 0x00; /* bTeoPrologue[0] */
pin_modify[18] = 0x00; /* bTeoPrologue[1] */
- pin_modify[19] = 2 * pininfo->fixedlen + 0x05; /* bTeoPrologue[2] */
- pin_modify[20] = 2 * pininfo->fixedlen + 0x05; /* ulDataLength */
+ pin_modify[19] = 2 * pininfo->fixedlen + 0x05 - no_lc; /* bTeoPrologue[2] */
+ pin_modify[20] = 2 * pininfo->fixedlen + 0x05 - no_lc; /* ulDataLength */
pin_modify[21] = 0x00; /* ulDataLength */
pin_modify[22] = 0x00; /* ulDataLength */
pin_modify[23] = 0x00; /* ulDataLength */
@@ -2212,6 +2230,8 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1,
pin_modify[28] = 2 * pininfo->fixedlen; /* abData[4] */
if (pininfo->fixedlen)
memset (&pin_modify[29], 0xff, 2 * pininfo->fixedlen);
+ else if (no_lc)
+ len--;
if (DBG_CARD_IO)
log_debug ("send secure: c=%02X i=%02X p1=%02X p2=%02X len=%d pinmax=%d\n",
commit 7bde2bf3b0ddb5d3515a44879e1a7ddb581a5c0b
Author: Werner Koch <wk at gnupg.org>
Date: Wed Aug 21 15:44:52 2013 +0200
scd: Improve --enable-pinpad-varlen.
* tools/gpgconf-comp.c (gc_options_scdaemon): Add
enable-pinpad-varlen.
* scd/apdu.c (check_pcsc_pinpad): Detect SPRx32 reader.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/doc/scdaemon.texi b/doc/scdaemon.texi
index ed2cc51..f454f14 100644
--- a/doc/scdaemon.texi
+++ b/doc/scdaemon.texi
@@ -290,10 +290,10 @@ than 0.
@item --enable-pinpad-varlen
@opindex enable-pinpad-varlen
Please specify this option when the card reader supports variable
-length input for pinpad (default is no). For known readers listed in
-ccid-driver, this option is not needed. Note that if your card reader
-doesn't supports variable length input but you want to use it, you
-need to specify your pinpad request on your card.
+length input for pinpad (default is no). For known readers (listed in
+ccid-driver.c and apdu.c), this option is not needed. Note that if
+your card reader doesn't supports variable length input but you want
+to use it, you need to specify your pinpad request on your card.
@item --disable-pinpad
diff --git a/scd/apdu.c b/scd/apdu.c
index 133058d..ca45fc1 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -2002,7 +2002,13 @@ check_pcsc_pinpad (int slot, int command, pininfo_t *pininfo)
pcsc_dword_t len = 256;
int sw;
- (void)pininfo; /* XXX: Identify reader and set pininfo->fixedlen. */
+ /* Hack to identify the SCM SPR532 and SPR332 readers which support
+ variable length PIN input.
+ FIXME: Figure out whether there is a feature attribute for this.
+ Alternatively use the USB ids to detect known readers. */
+ if (reader_table[slot].rdrname
+ && strstr (reader_table[slot].rdrname, "SPRx32"))
+ pininfo->fixedlen = 0;
check_again:
if (command == ISO7816_VERIFY)
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 0b3c9c0..ffe7eab 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -620,6 +620,10 @@ static gc_option_t gc_options_scdaemon[] =
{ "disable-pinpad", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
"gnupg", "do not use a reader's pinpad",
GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
+ { "enable-pinpad-varlen",
+ GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
+ "gnupg", "use variable length input for pinpad",
+ GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
{ "card-timeout", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
"gnupg", "|N|disconnect the card after N seconds of inactivity",
GC_ARG_TYPE_UINT32, GC_BACKEND_SCDAEMON },
-----------------------------------------------------------------------
Summary of changes:
doc/scdaemon.texi | 8 ++++----
scd/apdu.c | 40 +++++++++++++++++++++++++++++++++-------
tools/gpgconf-comp.c | 4 ++++
3 files changed, 41 insertions(+), 11 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list