Overview
| Comment: | Updated to try more application IDs for CACs |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | fbed2df8985248e290f0415c94f8e5b406426b0a |
| User & Date: | rkeene on 2017-03-09 02:41:47 |
| Other Links: | manifest | tags |
Context
|
2017-03-09
| ||
| 02:42 | Better linking to zlib for AppFS build check-in: ee07cc40d0 user: rkeene tags: trunk | |
| 02:41 | Updated to try more application IDs for CACs check-in: fbed2df898 user: rkeene tags: trunk | |
| 02:15 | ChromeOS: Fix debug check-in: 1c45a8940d user: rkeene tags: trunk | |
Changes
Modified cackey.c from [3a53605d32] to [de5cf6edd0].
160 161 162 163 164 165 166 167 168 169 170 171 172 173 ... 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 .... 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 .... 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 |
/*** PKI Information - EF 7000 ***/ #define GSCIS_TAG_CERTIFICATE 0x70 #define GSCIS_TAG_CERT_ISSUE_DATE 0x71 #define GSCIS_TAG_CERT_EXPIRE_DATE 0x72 /** Applet IDs **/ #define GSCIS_AID_CCC 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00 #define NISTSP800_73_3_PIV_AID 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00 /* PIV IDs */ /** Key Identifiers (NIST SP 800-78-3, Table 6-1 **/ #define NISTSP800_78_3_KEY_PIVAUTH 0x9A #define NISTSP800_78_3_KEY_SIGNATURE 0x9C #define NISTSP800_78_3_KEY_KEYMGT 0x9D ................................................................................ static char buf_user[4096] = {0}; \ snprintf(buf_user, sizeof(buf_user), x); \ buf_user[sizeof(buf_user) - 1] = '\0'; \ fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, buf_user); \ fflush(cackey_debug_fd()); \ } # define CACKEY_DEBUG_PRINTBUF(f, x, y) { \ static char buf_user[4096] = {0}, *buf_user_p, *buf_user_print; \ unsigned long buf_user_size; \ unsigned char *TMPBUF; \ unsigned long idx; \ int snprintf_ret; \ TMPBUF = (unsigned char *) (x); \ buf_user[0] = 0; \ buf_user[2] = 0; \ ................................................................................ * * NOTES * This function reselects the "root" applet, after this function is called * the user may be required to login again * */ static cackey_pcsc_id_type cackey_detect_and_select_root_applet(struct cackey_slot *slot, cackey_pcsc_id_type type_hint) { unsigned char ccc_aid[] = {GSCIS_AID_CCC}, piv_aid[] = {NISTSP800_73_3_PIV_AID}; cackey_pcsc_id_type try_types[2], try_type; int send_ret; int idx; CACKEY_DEBUG_PRINTF("Reselecting the root applet"); if (type_hint == CACKEY_ID_TYPE_UNKNOWN) { ................................................................................ for (idx = 0; idx < (sizeof(try_types) / sizeof(try_types[0])); idx++) { try_type = try_types[idx]; switch (try_type) { case CACKEY_ID_TYPE_CAC: CACKEY_DEBUG_PRINTF("Trying to select the CAC CCC applet"); send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid)); break; case CACKEY_ID_TYPE_PIV: CACKEY_DEBUG_PRINTF("Trying to select the PIV root applet"); send_ret = cackey_select_applet(slot, piv_aid, sizeof(piv_aid)); |
> | > > | | > > > |
160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 ... 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 .... 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 .... 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214 2215 |
/*** PKI Information - EF 7000 ***/ #define GSCIS_TAG_CERTIFICATE 0x70 #define GSCIS_TAG_CERT_ISSUE_DATE 0x71 #define GSCIS_TAG_CERT_EXPIRE_DATE 0x72 /** Applet IDs **/ #define GSCIS_AID_CCC 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00 #define GSCIS_AID_ID0 0xA0, 0x00, 0x00, 0x00, 0x79, 0x01, 0x00 #define NISTSP800_73_3_PIV_AID 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00 /* PIV IDs */ /** Key Identifiers (NIST SP 800-78-3, Table 6-1 **/ #define NISTSP800_78_3_KEY_PIVAUTH 0x9A #define NISTSP800_78_3_KEY_SIGNATURE 0x9C #define NISTSP800_78_3_KEY_KEYMGT 0x9D ................................................................................ static char buf_user[4096] = {0}; \ snprintf(buf_user, sizeof(buf_user), x); \ buf_user[sizeof(buf_user) - 1] = '\0'; \ fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, buf_user); \ fflush(cackey_debug_fd()); \ } # define CACKEY_DEBUG_PRINTBUF(f, x, y) { \ static char buf_user[8192] = {0}, *buf_user_p, *buf_user_print; \ unsigned long buf_user_size; \ unsigned char *TMPBUF; \ unsigned long idx; \ int snprintf_ret; \ TMPBUF = (unsigned char *) (x); \ buf_user[0] = 0; \ buf_user[2] = 0; \ ................................................................................ * * NOTES * This function reselects the "root" applet, after this function is called * the user may be required to login again * */ static cackey_pcsc_id_type cackey_detect_and_select_root_applet(struct cackey_slot *slot, cackey_pcsc_id_type type_hint) { unsigned char cac_ccc_aid[] = {GSCIS_AID_CCC}; unsigned char cac_id0_aid[] = {GSCIS_AID_ID0}; unsigned char piv_aid[] = {NISTSP800_73_3_PIV_AID}; cackey_pcsc_id_type try_types[2], try_type; int send_ret; int idx; CACKEY_DEBUG_PRINTF("Reselecting the root applet"); if (type_hint == CACKEY_ID_TYPE_UNKNOWN) { ................................................................................ for (idx = 0; idx < (sizeof(try_types) / sizeof(try_types[0])); idx++) { try_type = try_types[idx]; switch (try_type) { case CACKEY_ID_TYPE_CAC: CACKEY_DEBUG_PRINTF("Trying to select the CAC CCC applet"); send_ret = cackey_select_applet(slot, cac_ccc_aid, sizeof(cac_ccc_aid)); if (send_ret != CACKEY_PCSC_S_OK) { send_ret = cackey_select_applet(slot, cac_id0_aid, sizeof(cac_id0_aid)); } break; case CACKEY_ID_TYPE_PIV: CACKEY_DEBUG_PRINTF("Trying to select the PIV root applet"); send_ret = cackey_select_applet(slot, piv_aid, sizeof(piv_aid)); |