By default 'default' card driver is disabled ...

'Default' card driver is explicitely enabled for 'opensc-explorer' and 'opensc-tool' tools. #175
OpenSC · Aug 2, 2013 · 1a97292 · 1a97292
1 parent de4dd05
commit 1a97292
Show file tree

Hide file tree

Showing 8 changed files with 100 additions and 48 deletions.
diff --git a/etc/opensc.conf.in b/etc/opensc.conf.in
@@ -45,6 +45,12 @@ app default {
 	#
 	# paranoid_memory = false;
 
+        # Enable default card driver
+        # Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
+        #
+        # Default: false
+        # enable_default_driver = true;
+
 	# CT-API module configuration.
 	reader_driver ctapi {
 		# module @libdir@/libtowitoko.so {

diff --git a/etc/opensc.conf.win.in b/etc/opensc.conf.win.in
@@ -45,6 +45,12 @@ app default {
 	#
 	# paranoid_memory = false;
 
+        # Enable default card driver
+        # Default card driver is explicitely enabled for the 'opensc-explorer' and 'opensc-tool'.
+        #
+        # Default: false
+        # enable_default_driver = true;
+
 	# CT-API module configuration.
 	reader_driver ctapi {
 		# module @libdir@/libtowitoko.so {

diff --git a/src/libopensc/card-default.c b/src/libopensc/card-default.c
@@ -32,22 +32,29 @@ static struct sc_card_driver default_drv = {
 	NULL, 0, NULL
 };
 
-static int default_match_card(sc_card_t *card)
+
+static int
+default_match_card(struct sc_card *card)
 {
 	return 1;		/* always match */
 }
 
-static int autodetect_class(sc_card_t *card)
+
+static int
+autodetect_class(struct sc_card *card)
 {
+	struct sc_context *ctx = card->ctx;
 	int classes[] = { 0x00, 0xC0, 0xB0, 0xA0 };
 	int class_count = sizeof(classes)/sizeof(int);
-	u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
-	sc_apdu_t apdu;
+	unsigned char rbuf[SC_MAX_APDU_BUFFER_SIZE];
+	struct sc_apdu apdu;
 	int i, r;
 
-	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "autodetecting CLA byte\n");
+	LOG_FUNC_CALLED(ctx);
+
 	for (i = 0; i < class_count; i++) {
-		sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "trying with 0x%02X\n", classes[i]);
+		sc_log(ctx, "trying with 0x%02X", classes[i]);
+
 		memset(&apdu, 0, sizeof(apdu));
 		apdu.cla = classes[i];
 		apdu.cse = SC_APDU_CASE_2_SHORT;
@@ -59,56 +66,58 @@ static int autodetect_class(sc_card_t *card)
 		apdu.resp = rbuf;
 		apdu.resplen = sizeof(rbuf);
 		r = sc_transmit_apdu(card, &apdu);
-		SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
+		LOG_TEST_RET(ctx, r, "APDU transmit failed");
+
 		if (apdu.sw1 == 0x6E)
 			continue;
 		if (apdu.sw1 == 0x90 && apdu.sw2 == 0x00)
 			break;
 		if (apdu.sw1 == 0x61)
 			break;
-		sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
-			"got strange SWs: 0x%02X 0x%02X\n", apdu.sw1, apdu.sw2);
+
+		sc_log(ctx, "got strange SWs: 0x%02X 0x%02X", apdu.sw1, apdu.sw2);
 		break;
 	}
+
 	if (i == class_count)
-		return -1;
+		LOG_FUNC_RETURN(ctx, SC_ERROR_CLASS_NOT_SUPPORTED);
+
 	card->cla = classes[i];
-	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
-		"detected CLA byte as 0x%02X\n", card->cla);
+	sc_log(ctx, "detected CLA byte as 0x%02X", card->cla);
 	if (apdu.resplen < 2) {
-		sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
-			"SELECT FILE returned %d bytes\n", apdu.resplen);
-		return SC_SUCCESS;
+		sc_log(ctx, "SELECT FILE returned %d bytes", apdu.resplen);
 	}
-	if (rbuf[0] == 0x6F) {
-		sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
-		    "SELECT FILE seems to behave according to ISO 7816-4\n");
-		return SC_SUCCESS;
+	else if (rbuf[0] == 0x6F) {
+		sc_log(ctx, "SELECT FILE seems to behave according to ISO 7816-4\n");
 	}
-	if (rbuf[0] == 0x00 && rbuf[1] == 0x00) {
+	else if (rbuf[0] == 0x00 && rbuf[1] == 0x00) {
 		struct sc_card_driver *drv;
-		sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
-		    "SELECT FILE seems to return Schlumberger 'flex stuff\n");
+		sc_log(ctx, "SELECT FILE seems to return Schlumberger 'flex stuff");
+
 		drv = sc_get_cryptoflex_driver();
 		card->ops->select_file = drv->ops->select_file;
-		return SC_SUCCESS;
 	}
-	return SC_SUCCESS;
+
+	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
 }
 
-static int default_init(sc_card_t *card)
+
+static int
+default_init(struct sc_card *card)
 {
 	int r;
-
+
+	LOG_FUNC_CALLED(card->ctx);
+
 	card->name = "Unsupported card";
 	card->drv_data = NULL;
 	r = autodetect_class(card);
 	if (r) {
-		sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "unable to determine the right class byte\n");
-		return SC_ERROR_INVALID_CARD;
+		sc_log(card->ctx, "unable to determine the right class byte");
+		LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_CARD);
 	}
 
-	return SC_SUCCESS;
+	LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
 }
 
 static struct sc_card_driver * sc_get_driver(void)

diff --git a/src/libopensc/card.c b/src/libopensc/card.c
@@ -229,15 +229,22 @@ int sc_connect_card(sc_reader_t *reader, sc_card_t **card_out)
 				goto err;
 			}
 		}
-	} else {
-		sc_debug(ctx, SC_LOG_DEBUG_MATCH, "matching built-in ATRs");
+	}
+	else {
+		sc_log(ctx, "matching built-in ATRs");
 		for (i = 0; ctx->card_drivers[i] != NULL; i++) {
 			struct sc_card_driver *drv = ctx->card_drivers[i];
 			const struct sc_card_operations *ops = drv->ops;
 
 			sc_log(ctx, "trying driver '%s'", drv->short_name);
-			if (ops == NULL || ops->match_card == NULL)
+			if (ops == NULL || ops->match_card == NULL)   {
 				continue;
+			}
+			else if (!ctx->enable_default_driver && !strcmp("default", drv->short_name))   {
+				sc_log(ctx , "ignore 'default' card driver");
+				continue;
+			}
+
 			/* Needed if match_card() needs to talk with the card (e.g. card-muscle) */
 			*card->ops = *ops;
 			if (ops->match_card(card) != 1)

diff --git a/src/libopensc/ctx.c b/src/libopensc/ctx.c
@@ -182,6 +182,8 @@ static void set_defaults(sc_context_t *ctx, struct _sc_ctx_options *opts)
 		fclose(ctx->debug_file);
 	ctx->debug_file = stderr;
 	ctx->paranoid_memory = 0;
+	ctx->enable_default_driver = 0;
+
 #ifdef __APPLE__
 	/* Override the default debug log for OpenSC.tokend to be different from PKCS#11.
 	 * TODO: Could be moved to OpenSC.tokend */
@@ -254,6 +256,9 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
 	ctx->paranoid_memory = scconf_get_bool (block, "paranoid-memory",
 		ctx->paranoid_memory);
 
+	ctx->enable_default_driver = scconf_get_bool (block, "enable_default_driver",
+			ctx->enable_default_driver);
+
 	val = scconf_get_str(block, "force_card_driver", NULL);
 	if (val) {
 		if (opts->forced_card_driver)

diff --git a/src/libopensc/opensc.h b/src/libopensc/opensc.h
@@ -693,6 +693,7 @@ typedef struct sc_context {
 	char *app_name;
 	int debug;
 	int paranoid_memory;
+	int enable_default_driver;
 
 	FILE *debug_file;
 	char *debug_filename;

diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
@@ -297,27 +297,40 @@ ambiguous_match(struct command *table, const char *cmd)
 	return last_match;
 }
 
-static void check_ret(int r, int op, const char *err, const sc_file_t *file)
+
+static void
+check_ret(int r, int op, const char *err, const sc_file_t *file)
 {
 	fprintf(stderr, "%s: %s\n", err, sc_strerror(r));
 	if (r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED)
 		fprintf(stderr, "ACL for operation: %s\n", util_acl_to_str(sc_file_get_acl_entry(file, op)));
 }
 
-static int arg_to_fid(const char *arg, u8 *fid)
+
+static int
+arg_to_fid(const char *arg, u8 *fid)
 {
-    if (strlen(arg) != 4) {
-        printf("Wrong ID length.\n");
-        return -1;
-    }
-    if (sscanf(arg, "%02X%02X", &fid[0], &fid[1]) != 2) {
-        printf("Invalid ID.\n");
-        return -1;
-    }
-
-    return 0;
+	unsigned int fid0, fid1;
+
+	if (strlen(arg) != 4) {
+		printf("Wrong ID length.\n");
+		return -1;
+	}
+
+	if (sscanf(arg, "%02X%02X", &fid0, &fid1) != 2) {
+		printf("Invalid ID.\n");
+		return -1;
+	}
+
+	fid[0] = (unsigned char)fid0;
+	fid[1] = (unsigned char)fid1;
+
+	return 0;
 }
-static int arg_to_path(const char *arg, sc_path_t *path, int is_id)
+
+
+static int
+arg_to_path(const char *arg, sc_path_t *path, int is_id)
 {
 	memset(path, 0, sizeof(sc_path_t));
 
@@ -998,14 +1011,15 @@ static int do_verify(int argc, char **argv)
 				printf("No PIN entered - aborting VERIFY.\n");
 				return -1;
 			}
-			if (strlcpy(buf, pin, sizeof(buf)) >= sizeof(buf)) {
+
+			if (strlcpy((char *)buf, pin, sizeof(buf)) >= sizeof(buf)) {
 				free(pin);
 				printf("PIN too long - aborting VERIFY.\n");
 				return -1;
 			}
 			free(pin);
 			data.pin1.data = buf;
-			data.pin1.len = strlen(buf);
+			data.pin1.len = strlen((char *)buf);
 		}
 	} else {
 		r = parse_string_or_hexdata(argv[1], buf, &buflen);
@@ -1772,7 +1786,7 @@ int main(int argc, char * const argv[])
 	char *cargv[260];
 	sc_context_param_t ctx_param;
 	int lcycle = SC_CARDCTRL_LIFECYCLE_ADMIN;
-	FILE *script;
+	FILE *script = stdin;
 
 	printf("OpenSC Explorer version %s\n", sc_get_version());
 
@@ -1811,6 +1825,8 @@ int main(int argc, char * const argv[])
 		return 1;
 	}
 
+	ctx->enable_default_driver = 1;
+
 	if (verbose > 1) {
 		ctx->debug = verbose;
 		ctx->debug_file = stderr;

diff --git a/src/tools/opensc-tool.c b/src/tools/opensc-tool.c
@@ -751,6 +751,8 @@ int main(int argc, char * const argv[])
 		return 1;
 	}
 
+	ctx->enable_default_driver = 1;
+
 	if (verbose > 1) {
 		ctx->debug = verbose;
 		sc_ctx_log_to_file(ctx, "stderr");