@@ -162,10 +162,11 @@ #define GSCIS_TAG_CERT_ISSUE_DATE 0x71 #define GSCIS_TAG_CERT_EXPIRE_DATE 0x72 /** Applet IDs **/ #define GSCIS_AID_CCC 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00 +#define GSCIS_AID_ID0 0xA0, 0x00, 0x00, 0x00, 0x79, 0x01, 0x00 #define NISTSP800_73_3_PIV_AID 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00 /* PIV IDs */ /** Key Identifiers (NIST SP 800-78-3, Table 6-1 **/ #define NISTSP800_78_3_KEY_PIVAUTH 0x9A @@ -215,11 +216,11 @@ buf_user[sizeof(buf_user) - 1] = '\0'; \ fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, buf_user); \ fflush(cackey_debug_fd()); \ } # define CACKEY_DEBUG_PRINTBUF(f, x, y) { \ - static char buf_user[4096] = {0}, *buf_user_p, *buf_user_print; \ + static char buf_user[8192] = {0}, *buf_user_p, *buf_user_print; \ unsigned long buf_user_size; \ unsigned char *TMPBUF; \ unsigned long idx; \ int snprintf_ret; \ TMPBUF = (unsigned char *) (x); \ @@ -2160,11 +2161,13 @@ * This function reselects the "root" applet, after this function is called * the user may be required to login again * */ static cackey_pcsc_id_type cackey_detect_and_select_root_applet(struct cackey_slot *slot, cackey_pcsc_id_type type_hint) { - unsigned char ccc_aid[] = {GSCIS_AID_CCC}, piv_aid[] = {NISTSP800_73_3_PIV_AID}; + unsigned char cac_ccc_aid[] = {GSCIS_AID_CCC}; + unsigned char cac_id0_aid[] = {GSCIS_AID_ID0}; + unsigned char piv_aid[] = {NISTSP800_73_3_PIV_AID}; cackey_pcsc_id_type try_types[2], try_type; int send_ret; int idx; CACKEY_DEBUG_PRINTF("Reselecting the root applet"); @@ -2197,11 +2200,14 @@ switch (try_type) { case CACKEY_ID_TYPE_CAC: CACKEY_DEBUG_PRINTF("Trying to select the CAC CCC applet"); - send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid)); + send_ret = cackey_select_applet(slot, cac_ccc_aid, sizeof(cac_ccc_aid)); + if (send_ret != CACKEY_PCSC_S_OK) { + send_ret = cackey_select_applet(slot, cac_id0_aid, sizeof(cac_id0_aid)); + } break; case CACKEY_ID_TYPE_PIV: CACKEY_DEBUG_PRINTF("Trying to select the PIV root applet");