Overview
| Comment: | Updated to try more application IDs for CACs |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | fbed2df8985248e290f0415c94f8e5b406426b0a |
| User & Date: | rkeene on 2017-03-09 02:41:47 |
| Other Links: | manifest | tags |
Context
|
2017-03-09
| ||
| 02:42 | Better linking to zlib for AppFS build check-in: ee07cc40d0 user: rkeene tags: trunk | |
| 02:41 | Updated to try more application IDs for CACs check-in: fbed2df898 user: rkeene tags: trunk | |
| 02:15 | ChromeOS: Fix debug check-in: 1c45a8940d user: rkeene tags: trunk | |
Changes
Modified cackey.c from [3a53605d32] to [de5cf6edd0].
160 160 /*** PKI Information - EF 7000 ***/ 161 161 #define GSCIS_TAG_CERTIFICATE 0x70 162 162 #define GSCIS_TAG_CERT_ISSUE_DATE 0x71 163 163 #define GSCIS_TAG_CERT_EXPIRE_DATE 0x72 164 164 165 165 /** Applet IDs **/ 166 166 #define GSCIS_AID_CCC 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00 167 +#define GSCIS_AID_ID0 0xA0, 0x00, 0x00, 0x00, 0x79, 0x01, 0x00 167 168 #define NISTSP800_73_3_PIV_AID 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00 168 169 169 170 /* PIV IDs */ 170 171 /** Key Identifiers (NIST SP 800-78-3, Table 6-1 **/ 171 172 #define NISTSP800_78_3_KEY_PIVAUTH 0x9A 172 173 #define NISTSP800_78_3_KEY_SIGNATURE 0x9C 173 174 #define NISTSP800_78_3_KEY_KEYMGT 0x9D ................................................................................ 213 214 static char buf_user[4096] = {0}; \ 214 215 snprintf(buf_user, sizeof(buf_user), x); \ 215 216 buf_user[sizeof(buf_user) - 1] = '\0'; \ 216 217 fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, buf_user); \ 217 218 fflush(cackey_debug_fd()); \ 218 219 } 219 220 # define CACKEY_DEBUG_PRINTBUF(f, x, y) { \ 220 - static char buf_user[4096] = {0}, *buf_user_p, *buf_user_print; \ 221 + static char buf_user[8192] = {0}, *buf_user_p, *buf_user_print; \ 221 222 unsigned long buf_user_size; \ 222 223 unsigned char *TMPBUF; \ 223 224 unsigned long idx; \ 224 225 int snprintf_ret; \ 225 226 TMPBUF = (unsigned char *) (x); \ 226 227 buf_user[0] = 0; \ 227 228 buf_user[2] = 0; \ ................................................................................ 2158 2159 * 2159 2160 * NOTES 2160 2161 * This function reselects the "root" applet, after this function is called 2161 2162 * the user may be required to login again 2162 2163 * 2163 2164 */ 2164 2165 static cackey_pcsc_id_type cackey_detect_and_select_root_applet(struct cackey_slot *slot, cackey_pcsc_id_type type_hint) { 2165 - unsigned char ccc_aid[] = {GSCIS_AID_CCC}, piv_aid[] = {NISTSP800_73_3_PIV_AID}; 2166 + unsigned char cac_ccc_aid[] = {GSCIS_AID_CCC}; 2167 + unsigned char cac_id0_aid[] = {GSCIS_AID_ID0}; 2168 + unsigned char piv_aid[] = {NISTSP800_73_3_PIV_AID}; 2166 2169 cackey_pcsc_id_type try_types[2], try_type; 2167 2170 int send_ret; 2168 2171 int idx; 2169 2172 2170 2173 CACKEY_DEBUG_PRINTF("Reselecting the root applet"); 2171 2174 2172 2175 if (type_hint == CACKEY_ID_TYPE_UNKNOWN) { ................................................................................ 2195 2198 for (idx = 0; idx < (sizeof(try_types) / sizeof(try_types[0])); idx++) { 2196 2199 try_type = try_types[idx]; 2197 2200 2198 2201 switch (try_type) { 2199 2202 case CACKEY_ID_TYPE_CAC: 2200 2203 CACKEY_DEBUG_PRINTF("Trying to select the CAC CCC applet"); 2201 2204 2202 - send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid)); 2205 + send_ret = cackey_select_applet(slot, cac_ccc_aid, sizeof(cac_ccc_aid)); 2206 + if (send_ret != CACKEY_PCSC_S_OK) { 2207 + send_ret = cackey_select_applet(slot, cac_id0_aid, sizeof(cac_id0_aid)); 2208 + } 2203 2209 2204 2210 break; 2205 2211 case CACKEY_ID_TYPE_PIV: 2206 2212 CACKEY_DEBUG_PRINTF("Trying to select the PIV root applet"); 2207 2213 2208 2214 send_ret = cackey_select_applet(slot, piv_aid, sizeof(piv_aid)); 2209 2215