Check-in [fbed2df898]
Overview
SHA1:fbed2df8985248e290f0415c94f8e5b406426b0a
Date: 2017-03-09 02:41:47
User: rkeene
Comment:Updated to try more application IDs for CACs
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2017-03-09
02:42
[ee07cc40d0] Better linking to zlib for AppFS build (user: rkeene, tags: trunk)
02:41
[fbed2df898] Updated to try more application IDs for CACs (user: rkeene, tags: trunk)
02:15
[1c45a8940d] ChromeOS: Fix debug (user: rkeene, tags: trunk)
Changes

Modified cackey.c from [3a53605d32] to [de5cf6edd0].

   160    160   /*** PKI Information - EF 7000 ***/
   161    161   #define GSCIS_TAG_CERTIFICATE         0x70
   162    162   #define GSCIS_TAG_CERT_ISSUE_DATE     0x71
   163    163   #define GSCIS_TAG_CERT_EXPIRE_DATE    0x72
   164    164   
   165    165   /** Applet IDs **/
   166    166   #define GSCIS_AID_CCC                 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00
          167  +#define GSCIS_AID_ID0                 0xA0, 0x00, 0x00, 0x00, 0x79, 0x01, 0x00
   167    168   #define NISTSP800_73_3_PIV_AID        0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00
   168    169   
   169    170   /* PIV IDs */
   170    171   /** Key Identifiers (NIST SP 800-78-3, Table 6-1 **/
   171    172   #define NISTSP800_78_3_KEY_PIVAUTH   0x9A
   172    173   #define NISTSP800_78_3_KEY_SIGNATURE 0x9C
   173    174   #define NISTSP800_78_3_KEY_KEYMGT    0x9D
................................................................................
   213    214   	static char buf_user[4096] = {0}; \
   214    215   	snprintf(buf_user, sizeof(buf_user), x); \
   215    216   	buf_user[sizeof(buf_user) - 1] = '\0'; \
   216    217   	fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, buf_user); \
   217    218   	fflush(cackey_debug_fd()); \
   218    219   }
   219    220   #  define CACKEY_DEBUG_PRINTBUF(f, x, y) { \
   220         -	static char buf_user[4096] = {0}, *buf_user_p, *buf_user_print; \
          221  +	static char buf_user[8192] = {0}, *buf_user_p, *buf_user_print; \
   221    222   	unsigned long buf_user_size; \
   222    223   	unsigned char *TMPBUF; \
   223    224   	unsigned long idx; \
   224    225   	int snprintf_ret; \
   225    226   	TMPBUF = (unsigned char *) (x); \
   226    227   	buf_user[0] = 0; \
   227    228   	buf_user[2] = 0; \
................................................................................
  2158   2159    *
  2159   2160    * NOTES
  2160   2161    *     This function reselects the "root" applet, after this function is called
  2161   2162    *     the user may be required to login again
  2162   2163    *
  2163   2164    */
  2164   2165   static cackey_pcsc_id_type cackey_detect_and_select_root_applet(struct cackey_slot *slot, cackey_pcsc_id_type type_hint) {
  2165         -	unsigned char ccc_aid[] = {GSCIS_AID_CCC}, piv_aid[] = {NISTSP800_73_3_PIV_AID};
         2166  +	unsigned char cac_ccc_aid[] = {GSCIS_AID_CCC};
         2167  +	unsigned char cac_id0_aid[] = {GSCIS_AID_ID0};
         2168  +	unsigned char piv_aid[] = {NISTSP800_73_3_PIV_AID};
  2166   2169   	cackey_pcsc_id_type try_types[2], try_type;
  2167   2170   	int send_ret;
  2168   2171   	int idx;
  2169   2172   
  2170   2173   	CACKEY_DEBUG_PRINTF("Reselecting the root applet");
  2171   2174   
  2172   2175   	if (type_hint == CACKEY_ID_TYPE_UNKNOWN) {
................................................................................
  2195   2198   	for (idx = 0; idx < (sizeof(try_types) / sizeof(try_types[0])); idx++) {
  2196   2199   		try_type = try_types[idx];
  2197   2200   
  2198   2201   		switch (try_type) {
  2199   2202   			case CACKEY_ID_TYPE_CAC:
  2200   2203   				CACKEY_DEBUG_PRINTF("Trying to select the CAC CCC applet");
  2201   2204   
  2202         -				send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid));
         2205  +				send_ret = cackey_select_applet(slot, cac_ccc_aid, sizeof(cac_ccc_aid));
         2206  +				if (send_ret != CACKEY_PCSC_S_OK) {
         2207  +					send_ret = cackey_select_applet(slot, cac_id0_aid, sizeof(cac_id0_aid));
         2208  +				}
  2203   2209   
  2204   2210   				break;
  2205   2211   			case CACKEY_ID_TYPE_PIV:
  2206   2212   				CACKEY_DEBUG_PRINTF("Trying to select the PIV root applet");
  2207   2213   
  2208   2214   				send_ret = cackey_select_applet(slot, piv_aid, sizeof(piv_aid));
  2209   2215