« back to all changes in this revision
Viewing changes to scd/ccid-driver.c
- browse files at revision 1
- compare with another revision
- download diff
- download tarball
- view history from revision 1
- Committer: Bazaar Package Importer
- Author(s): Andreas Mueller
- Date: 2005-03-29 10:30:32 UTC
- Revision ID: james.westby@ubuntu.com-20050329103032-sj42n2ain3ipx310
Tags: upstream-1.9.15
ImportĀ upstreamĀ versionĀ 1.9.15
- files added:
- agent
- am
- artwork
- cipher
- common
- doc
- g10
- include
- intl
- jnlib
- kbx
- keyserver
- m4
- mpi
- po
- scd
- scripts
- sm
- tests
- tests/extrasamples
- tests/pkits
- tests/samplekeys
- tests/samplemsgs
- tools
- util
added
removed
scd/ccid-driver.c
1
/* ccid-driver.c - USB ChipCardInterfaceDevices driver
2
* Copyright (C) 2003, 2004 Free Software Foundation, Inc.
3
* Written by Werner Koch.
4
*
5
* This file is part of GnuPG.
6
*
7
* GnuPG is free software; you can redistribute it and/or modify
8
* it under the terms of the GNU General Public License as published by
9
* the Free Software Foundation; either version 2 of the License, or
10
* (at your option) any later version.
11
*
12
* GnuPG is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
* GNU General Public License for more details.
16
*
17
* You should have received a copy of the GNU General Public License
18
* along with this program; if not, write to the Free Software
19
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
20
*
21
* ALTERNATIVELY, this file may be distributed under the terms of the
22
* following license, in which case the provisions of this license are
23
* required INSTEAD OF the GNU General Public License. If you wish to
24
* allow use of your version of this file only under the terms of the
25
* GNU General Public License, and not to allow others to use your
26
* version of this file under the terms of the following license,
27
* indicate your decision by deleting this paragraph and the license
28
* below.
29
*
30
* Redistribution and use in source and binary forms, with or without
31
* modification, are permitted provided that the following conditions
32
* are met:
33
* 1. Redistributions of source code must retain the above copyright
34
* notice, and the entire permission notice in its entirety,
35
* including the disclaimer of warranties.
36
* 2. Redistributions in binary form must reproduce the above copyright
37
* notice, this list of conditions and the following disclaimer in the
38
* documentation and/or other materials provided with the distribution.
39
* 3. The name of the author may not be used to endorse or promote
40
* products derived from this software without specific prior
41
* written permission.
42
*
43
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
44
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
45
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
46
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
47
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
48
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
49
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
51
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
52
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53
* OF THE POSSIBILITY OF SUCH DAMAGE.
54
*
55
* $Id: ccid-driver.c,v 1.20 2004/12/28 07:30:57 wk Exp $
56
*/
57
58
59
/* CCID (ChipCardInterfaceDevices) is a specification for accessing
60
smartcard via a reader connected to the USB.
61
62
This is a limited driver allowing to use some CCID drivers directly
63
without any other specila drivers. This is a fallback driver to be
64
used when nothing else works or the system should be kept minimal
65
for security reasons. It makes use of the libusb library to gain
66
portable access to USB.
67
68
This driver has been tested with the SCM SCR335 and SPR532
69
smartcard readers and requires that a reader implements the TPDU
70
level exchange and does fully automatic initialization.
71
*/
72
73
#ifdef HAVE_CONFIG_H
74
# include <config.h>
75
#endif
76
77
#if defined(HAVE_LIBUSB) || defined(TEST)
78
79
#include <errno.h>
80
#include <stdio.h>
81
#include <stdlib.h>
82
#include <string.h>
83
#include <assert.h>
84
85
#include <usb.h>
86
87
#include "ccid-driver.h"
88
89
#define DRVNAME "ccid-driver: "
90
91
92
/* Depending on how this source is used we either define our error
93
output to go to stderr or to the jnlib based logging functions. We
94
use the latter when GNUPG_MAJOR_VERSION is defines or when both,
95
GNUPG_SCD_MAIN_HEADER and HAVE_JNLIB_LOGGING are defined.
96
*/
97
#if defined(GNUPG_MAJOR_VERSION) \
98
|| (defined(GNUPG_SCD_MAIN_HEADER) && defined(HAVE_JNLIB_LOGGING))
99
100
#if defined(GNUPG_SCD_MAIN_HEADER)
101
# include GNUPG_SCD_MAIN_HEADER
102
#elif GNUPG_MAJOR_VERSION == 1 /* GnuPG Version is < 1.9. */
103
# include "options.h"
104
# include "util.h"
105
# include "memory.h"
106
# include "cardglue.h"
107
# else /* This is the modularized GnuPG 1.9 or later. */
108
# include "scdaemon.h"
109
#endif
110
111
/* Define to print information pertaining the T=1 protocol. */
112
#undef DEBUG_T1
113
114
115
# define DEBUGOUT(t) do { if (debug_level) \
116
log_debug (DRVNAME t); } while (0)
117
# define DEBUGOUT_1(t,a) do { if (debug_level) \
118
log_debug (DRVNAME t,(a)); } while (0)
119
# define DEBUGOUT_2(t,a,b) do { if (debug_level) \
120
log_debug (DRVNAME t,(a),(b)); } while (0)
121
# define DEBUGOUT_3(t,a,b,c) do { if (debug_level) \
122
log_debug (DRVNAME t,(a),(b),(c));} while (0)
123
# define DEBUGOUT_CONT(t) do { if (debug_level) \
124
log_printf (t); } while (0)
125
# define DEBUGOUT_CONT_1(t,a) do { if (debug_level) \
126
log_printf (t,(a)); } while (0)
127
# define DEBUGOUT_CONT_2(t,a,b) do { if (debug_level) \
128
log_printf (t,(a),(b)); } while (0)
129
# define DEBUGOUT_CONT_3(t,a,b,c) do { if (debug_level) \
130
log_printf (t,(a),(b),(c)); } while (0)
131
# define DEBUGOUT_LF() do { if (debug_level) \
132
log_printf ("\n"); } while (0)
133
134
#else /* Other usage of this source - don't use gnupg specifics. */
135
136
# define DEBUGOUT(t) do { if (debug_level) \
137
fprintf (stderr, DRVNAME t); } while (0)
138
# define DEBUGOUT_1(t,a) do { if (debug_level) \
139
fprintf (stderr, DRVNAME t, (a)); } while (0)
140
# define DEBUGOUT_2(t,a,b) do { if (debug_level) \
141
fprintf (stderr, DRVNAME t, (a), (b)); } while (0)
142
# define DEBUGOUT_3(t,a,b,c) do { if (debug_level) \
143
fprintf (stderr, DRVNAME t, (a), (b), (c)); } while (0)
144
# define DEBUGOUT_CONT(t) do { if (debug_level) \
145
fprintf (stderr, t); } while (0)
146
# define DEBUGOUT_CONT_1(t,a) do { if (debug_level) \
147
fprintf (stderr, t, (a)); } while (0)
148
# define DEBUGOUT_CONT_2(t,a,b) do { if (debug_level) \
149
fprintf (stderr, t, (a), (b)); } while (0)
150
# define DEBUGOUT_CONT_3(t,a,b,c) do { if (debug_level) \
151
fprintf (stderr, t, (a), (b), (c)); } while (0)
152
# define DEBUGOUT_LF() do { if (debug_level) \
153
putc ('\n', stderr); } while (0)
154
155
#endif /* This source not used by scdaemon. */
156
157
158
159
enum {
160
RDR_to_PC_NotifySlotChange= 0x50,
161
RDR_to_PC_HardwareError = 0x51,
162
163
PC_to_RDR_SetParameters = 0x61,
164
PC_to_RDR_IccPowerOn = 0x62,
165
PC_to_RDR_IccPowerOff = 0x63,
166
PC_to_RDR_GetSlotStatus = 0x65,
167
PC_to_RDR_Secure = 0x69,
168
PC_to_RDR_T0APDU = 0x6a,
169
PC_to_RDR_Escape = 0x6b,
170
PC_to_RDR_GetParameters = 0x6c,
171
PC_to_RDR_ResetParameters = 0x6d,
172
PC_to_RDR_IccClock = 0x6e,
173
PC_to_RDR_XfrBlock = 0x6f,
174
PC_to_RDR_Mechanical = 0x71,
175
PC_to_RDR_Abort = 0x72,
176
PC_to_RDR_SetDataRate = 0x73,
177
178
RDR_to_PC_DataBlock = 0x80,
179
RDR_to_PC_SlotStatus = 0x81,
180
RDR_to_PC_Parameters = 0x82,
181
RDR_to_PC_Escape = 0x83,
182
RDR_to_PC_DataRate = 0x84
183
};
184
185
186
/* We need to know the vendor to do some hacks. */
187
enum {
188
VENDOR_SCM = 0x04e6
189
};
190
191
192
/* Store information on the driver's state. A pointer to such a
193
structure is used as handle for most functions. */
194
struct ccid_driver_s
195
{
196
usb_dev_handle *idev;
197
char *rid;
198
unsigned short id_vendor;
199
unsigned short id_product;
200
unsigned short bcd_device;
201
int ifc_no;
202
int ep_bulk_out;
203
int ep_bulk_in;
204
int ep_intr;
205
int seqno;
206
unsigned char t1_ns;
207
unsigned char t1_nr;
208
int nonnull_nad;
209
int auto_ifsd;
210
int max_ifsd;
211
int ifsd;
212
int powered_off;
213
int has_pinpad;
214
int apdu_level; /* Reader supports short APDU level exchange. */
215
};
216
217
218
static int initialized_usb; /* Tracks whether USB has been initialized. */
219
static int debug_level; /* Flag to control the debug output. */
220
221
222
static unsigned int compute_edc (const unsigned char *data, size_t datalen,
223
int use_crc);
224
static int bulk_out (ccid_driver_t handle, unsigned char *msg, size_t msglen);
225
static int bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length,
226
size_t *nread, int expected_type, int seqno);
227
228
/* Convert a little endian stored 4 byte value into an unsigned
229
integer. */
230
static unsigned int
231
convert_le_u32 (const unsigned char *buf)
232
{
233
return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24);
234
}
235
236
static void
237
set_msg_len (unsigned char *msg, unsigned int length)
238
{
239
msg[1] = length;
240
msg[2] = length >> 8;
241
msg[3] = length >> 16;
242
msg[4] = length >> 24;
243
}
244
245
246
247
248
/* Parse a CCID descriptor, optionally print all available features
249
and test whether this reader is usable by this driver. Returns 0
250
if it is usable.
251
252
Note, that this code is based on the one in lsusb.c of the
253
usb-utils package, I wrote on 2003-09-01. -wk. */
254
static int
255
parse_ccid_descriptor (ccid_driver_t handle,
256
const unsigned char *buf, size_t buflen)
257
{
258
unsigned int i;
259
unsigned int us;
260
int have_t1 = 0, have_tpdu=0, have_auto_conf = 0;
261
262
263
handle->nonnull_nad = 0;
264
handle->auto_ifsd = 0;
265
handle->max_ifsd = 32;
266
handle->ifsd = 0;
267
handle->has_pinpad = 0;
268
handle->apdu_level = 0;
269
DEBUGOUT_3 ("idVendor: %04X idProduct: %04X bcdDevice: %04X\n",
270
handle->id_vendor, handle->id_product, handle->bcd_device);
271
if (buflen < 54 || buf[0] < 54)
272
{
273
DEBUGOUT ("CCID device descriptor is too short\n");
274
return -1;
275
}
276
277
DEBUGOUT ("ChipCard Interface Descriptor:\n");
278
DEBUGOUT_1 (" bLength %5u\n", buf[0]);
279
DEBUGOUT_1 (" bDescriptorType %5u\n", buf[1]);
280
DEBUGOUT_2 (" bcdCCID %2x.%02x", buf[3], buf[2]);
281
if (buf[3] != 1 || buf[2] != 0)
282
DEBUGOUT_CONT(" (Warning: Only accurate for version 1.0)");
283
DEBUGOUT_LF ();
284
285
DEBUGOUT_1 (" nMaxSlotIndex %5u\n", buf[4]);
286
DEBUGOUT_2 (" bVoltageSupport %5u %s\n",
287
buf[5], (buf[5] == 1? "5.0V" : buf[5] == 2? "3.0V"
288
: buf[5] == 3? "1.8V":"?"));
289
290
us = convert_le_u32 (buf+6);
291
DEBUGOUT_1 (" dwProtocols %5u ", us);
292
if ((us & 1))
293
DEBUGOUT_CONT (" T=0");
294
if ((us & 2))
295
{
296
DEBUGOUT_CONT (" T=1");
297
have_t1 = 1;
298
}
299
if ((us & ~3))
300
DEBUGOUT_CONT (" (Invalid values detected)");
301
DEBUGOUT_LF ();
302
303
us = convert_le_u32(buf+10);
304
DEBUGOUT_1 (" dwDefaultClock %5u\n", us);
305
us = convert_le_u32(buf+14);
306
DEBUGOUT_1 (" dwMaxiumumClock %5u\n", us);
307
DEBUGOUT_1 (" bNumClockSupported %5u\n", buf[18]);
308
us = convert_le_u32(buf+19);
309
DEBUGOUT_1 (" dwDataRate %7u bps\n", us);
310
us = convert_le_u32(buf+23);
311
DEBUGOUT_1 (" dwMaxDataRate %7u bps\n", us);
312
DEBUGOUT_1 (" bNumDataRatesSupp. %5u\n", buf[27]);
313
314
us = convert_le_u32(buf+28);
315
DEBUGOUT_1 (" dwMaxIFSD %5u\n", us);
316
handle->max_ifsd = us;
317
318
us = convert_le_u32(buf+32);
319
DEBUGOUT_1 (" dwSyncProtocols %08X ", us);
320
if ((us&1))
321
DEBUGOUT_CONT ( " 2-wire");
322
if ((us&2))
323
DEBUGOUT_CONT ( " 3-wire");
324
if ((us&4))
325
DEBUGOUT_CONT ( " I2C");
326
DEBUGOUT_LF ();
327
328
us = convert_le_u32(buf+36);
329
DEBUGOUT_1 (" dwMechanical %08X ", us);
330
if ((us & 1))
331
DEBUGOUT_CONT (" accept");
332
if ((us & 2))
333
DEBUGOUT_CONT (" eject");
334
if ((us & 4))
335
DEBUGOUT_CONT (" capture");
336
if ((us & 8))
337
DEBUGOUT_CONT (" lock");
338
DEBUGOUT_LF ();
339
340
us = convert_le_u32(buf+40);
341
DEBUGOUT_1 (" dwFeatures %08X\n", us);
342
if ((us & 0x0002))
343
{
344
DEBUGOUT (" Auto configuration based on ATR\n");
345
have_auto_conf = 1;
346
}
347
if ((us & 0x0004))
348
DEBUGOUT (" Auto activation on insert\n");
349
if ((us & 0x0008))
350
DEBUGOUT (" Auto voltage selection\n");
351
if ((us & 0x0010))
352
DEBUGOUT (" Auto clock change\n");
353
if ((us & 0x0020))
354
DEBUGOUT (" Auto baud rate change\n");
355
if ((us & 0x0040))
356
DEBUGOUT (" Auto parameter negotation made by CCID\n");
357
else if ((us & 0x0080))
358
DEBUGOUT (" Auto PPS made by CCID\n");
359
else if ((us & (0x0040 | 0x0080)))
360
DEBUGOUT (" WARNING: conflicting negotation features\n");
361
362
if ((us & 0x0100))
363
DEBUGOUT (" CCID can set ICC in clock stop mode\n");
364
if ((us & 0x0200))
365
{
366
DEBUGOUT (" NAD value other than 0x00 accepted\n");
367
handle->nonnull_nad = 1;
368
}
369
if ((us & 0x0400))
370
{
371
DEBUGOUT (" Auto IFSD exchange\n");
372
handle->auto_ifsd = 1;
373
}
374
375
if ((us & 0x00010000))
376
{
377
DEBUGOUT (" TPDU level exchange\n");
378
have_tpdu = 1;
379
}
380
else if ((us & 0x00020000))
381
{
382
DEBUGOUT (" Short APDU level exchange\n");
383
handle->apdu_level = 1;
384
}
385
else if ((us & 0x00040000))
386
{
387
DEBUGOUT (" Short and extended APDU level exchange\n");
388
handle->apdu_level = 1;
389
}
390
else if ((us & 0x00070000))
391
DEBUGOUT (" WARNING: conflicting exchange levels\n");
392
393
us = convert_le_u32(buf+44);
394
DEBUGOUT_1 (" dwMaxCCIDMsgLen %5u\n", us);
395
396
DEBUGOUT ( " bClassGetResponse ");
397
if (buf[48] == 0xff)
398
DEBUGOUT_CONT ("echo\n");
399
else
400
DEBUGOUT_CONT_1 (" %02X\n", buf[48]);
401
402
DEBUGOUT ( " bClassEnvelope ");
403
if (buf[49] == 0xff)
404
DEBUGOUT_CONT ("echo\n");
405
else
406
DEBUGOUT_1 (" %02X\n", buf[48]);
407
408
DEBUGOUT ( " wlcdLayout ");
409
if (!buf[50] && !buf[51])
410
DEBUGOUT_CONT ("none\n");
411
else
412
DEBUGOUT_CONT_2 ("%u cols %u lines\n", buf[50], buf[51]);
413
414
DEBUGOUT_1 (" bPINSupport %5u ", buf[52]);
415
if ((buf[52] & 1))
416
{
417
DEBUGOUT_CONT ( " verification");
418
handle->has_pinpad |= 1;
419
}
420
if ((buf[52] & 2))
421
{
422
DEBUGOUT_CONT ( " modification");
423
handle->has_pinpad |= 2;
424
}
425
DEBUGOUT_LF ();
426
427
DEBUGOUT_1 (" bMaxCCIDBusySlots %5u\n", buf[53]);
428
429
if (buf[0] > 54) {
430
DEBUGOUT (" junk ");
431
for (i=54; i < buf[0]-54; i++)
432
DEBUGOUT_CONT_1 (" %02X", buf[i]);
433
DEBUGOUT_LF ();
434
}
435
436
if (!have_t1 || !(have_tpdu || handle->apdu_level) || !have_auto_conf)
437
{
438
DEBUGOUT ("this drivers requires that the reader supports T=1, "
439
"TPDU or APDU level exchange and auto configuration - "
440
"this is not available\n");
441
return -1;
442
}
443
444
445
/* SCM drivers get stuck in their internal USB stack if they try to
446
send a frame of n*wMaxPacketSize back to us. Given that
447
wMaxPacketSize is 64 for these readers we set the IFSD to a value
448
lower than that:
449
64 - 10 CCID header - 4 T1frame - 2 reserved = 48 */
450
if (handle->id_vendor == VENDOR_SCM
451
/* FIXME: check whether it is the same
452
firmware version for all drivers. */
453
&& handle->bcd_device < 0x0513
454
&& handle->max_ifsd > 48)
455
{
456
DEBUGOUT ("enabling workaround for buggy SCM readers\n");
457
handle->max_ifsd = 48;
458
}
459
460
461
return 0;
462
}
463
464
465
static char *
466
get_escaped_usb_string (usb_dev_handle *idev, int idx,
467
const char *prefix, const char *suffix)
468
{
469
int rc;
470
unsigned char buf[280];
471
unsigned char *s;
472
unsigned int langid;
473
size_t i, n, len;
474
char *result;
475
476
if (!idx)
477
return NULL;
478
479
/* Fixme: The next line is for the current Valgrid without support
480
for USB IOCTLs. */
481
memset (buf, 0, sizeof buf);
482
483
/* First get the list of supported languages and use the first one.
484
If we do don't find it we try to use English. Note that this is
485
all in a 2 bute Unicode encoding using little endian. */
486
rc = usb_control_msg (idev, USB_ENDPOINT_IN, USB_REQ_GET_DESCRIPTOR,
487
(USB_DT_STRING << 8), 0,
488
buf, sizeof buf, 1000 /* ms timeout */);
489
if (rc < 4)
490
langid = 0x0409; /* English. */
491
else
492
langid = (buf[3] << 8) | buf[2];
493
494
rc = usb_control_msg (idev, USB_ENDPOINT_IN, USB_REQ_GET_DESCRIPTOR,
495
(USB_DT_STRING << 8) + idx, langid,
496
buf, sizeof buf, 1000 /* ms timeout */);
497
if (rc < 2 || buf[1] != USB_DT_STRING)
498
return NULL; /* Error or not a string. */
499
len = buf[0];
500
if (len > rc)
501
return NULL; /* Larger than our buffer. */
502
503
for (s=buf+2, i=2, n=0; i+1 < len; i += 2, s += 2)
504
{
505
if (s[1])
506
n++; /* High byte set. */
507
else if (*s <= 0x20 || *s >= 0x7f || *s == '%' || *s == ':')
508
n += 3 ;
509
else
510
n++;
511
}
512
513
result = malloc (strlen (prefix) + n + strlen (suffix) + 1);
514
if (!result)
515
return NULL;
516
517
strcpy (result, prefix);
518
n = strlen (prefix);
519
for (s=buf+2, i=2; i+1 < len; i += 2, s += 2)
520
{
521
if (s[1])
522
result[n++] = '\xff'; /* High byte set. */
523
else if (*s <= 0x20 || *s >= 0x7f || *s == '%' || *s == ':')
524
{
525
sprintf (result+n, "%%%02X", *s);
526
n += 3;
527
}
528
else
529
result[n++] = *s;
530
}
531
strcpy (result+n, suffix);
532
533
return result;
534
}
535
536
/* This function creates an reader id to be used to find the same
537
physical reader after a reset. It returns an allocated and possibly
538
percent escaped string or NULL if not enough memory is available. */
539
static char *
540
make_reader_id (usb_dev_handle *idev,
541
unsigned int vendor, unsigned int product,
542
unsigned char serialno_index)
543
{
544
char *rid;
545
char prefix[20];
546
547
sprintf (prefix, "%04X:%04X:", (vendor & 0xfff), (product & 0xffff));
548
rid = get_escaped_usb_string (idev, serialno_index, prefix, ":0");
549
if (!rid)
550
{
551
rid = malloc (strlen (prefix) + 3 + 1);
552
if (!rid)
553
return NULL;
554
strcpy (rid, prefix);
555
strcat (rid, "X:0");
556
}
557
return rid;
558
}
559
560
561
/* Helper to find the endpoint from an interface descriptor. */
562
static int
563
find_endpoint (struct usb_interface_descriptor *ifcdesc, int mode)
564
{
565
int no;
566
int want_bulk_in = 0;
567
568
if (mode == 1)
569
want_bulk_in = 0x80;
570
for (no=0; no < ifcdesc->bNumEndpoints; no++)
571
{
572
struct usb_endpoint_descriptor *ep = ifcdesc->endpoint + no;
573
if (ep->bDescriptorType != USB_DT_ENDPOINT)
574
;
575
else if (mode == 2
576
&& ((ep->bmAttributes & USB_ENDPOINT_TYPE_MASK)
577
== USB_ENDPOINT_TYPE_INTERRUPT)
578
&& (ep->bEndpointAddress & 0x80))
579
return (ep->bEndpointAddress & 0x0f);
580
else if (((ep->bmAttributes & USB_ENDPOINT_TYPE_MASK)
581
== USB_ENDPOINT_TYPE_BULK)
582
&& (ep->bEndpointAddress & 0x80) == want_bulk_in)
583
return (ep->bEndpointAddress & 0x0f);
584
}
585
/* Should never happen. */
586
return mode == 2? 0x83 : mode == 1? 0x82 :1;
587
}
588
589
590
591
/* Combination function to either scan all CCID devices or to find and
592
open one specific device.
593
594
With READERNO = -1 and READERID is NULL, scan mode is used and
595
R_RID should be the address where to store the list of reader_ids
596
we found. If on return this list is empty, no CCID device has been
597
found; otherwise it points to an allocated linked list of reader
598
IDs. Note that in this mode the function always returns NULL.
599
600
With READERNO >= 0 or READERID is not NULL find mode is used. This
601
uses the same algorithm as the scan mode but stops and returns at
602
the entry number READERNO and return the handle for the the opened
603
USB device. If R_ID is not NULL it will receive the reader ID of
604
that device. If R_DEV is not NULL it will the device pointer of
605
that device. If IFCDESC_EXTRA is NOT NULL it will receive a
606
malloced copy of the interfaces "extra: data filed;
607
IFCDESC_EXTRA_LEN receive the lengtyh of this field. If there is
608
no reader with number READERNO or that reader is not usable by our
609
implementation NULL will be returned. The caller must close a
610
returned USB device handle and free (if not passed as NULL) the
611
returned reader ID info as well as the IFCDESC_EXTRA. On error
612
NULL will get stored at R_RID, R_DEV, IFCDESC_EXTRA and
613
IFCDESC_EXTRA_LEN. With READERID being -1 the function stops if
614
the READERID was found.
615
616
Note that the first entry of the returned reader ID list in scan mode
617
corresponds with a READERNO of 0 in find mode.
618
*/
619
static usb_dev_handle *
620
scan_or_find_devices (int readerno, const char *readerid,
621
char **r_rid,
622
struct usb_device **r_dev,
623
unsigned char **ifcdesc_extra,
624
size_t *ifcdesc_extra_len,
625
int *interface_number,
626
int *ep_bulk_out, int *ep_bulk_in, int *ep_intr)
627
{
628
char *rid_list = NULL;
629
int count = 0;
630
struct usb_bus *busses, *bus;
631
struct usb_device *dev = NULL;
632
usb_dev_handle *idev = NULL;
633
int scan_mode = (readerno == -1 && !readerid);
634
635
/* Set return values to a default. */
636
if (r_rid)
637
*r_rid = NULL;
638
if (r_dev)
639
*r_dev = NULL;
640
if (ifcdesc_extra)
641
*ifcdesc_extra = NULL;
642
if (ifcdesc_extra_len)
643
*ifcdesc_extra_len = 0;
644
if (interface_number)
645
*interface_number = 0;
646
647
/* See whether we want scan or find mode. */
648
if (scan_mode)
649
{
650
assert (r_rid);
651
}
652
653
usb_find_busses();
654
usb_find_devices();
655
656
#ifdef HAVE_USB_GET_BUSSES
657
busses = usb_get_busses();
658
#else
659
busses = usb_busses;
660
#endif
661
662
for (bus = busses; bus; bus = bus->next)
663
{
664
for (dev = bus->devices; dev; dev = dev->next)
665
{
666
int cfg_no;
667
668
for (cfg_no=0; cfg_no < dev->descriptor.bNumConfigurations; cfg_no++)
669
{
670
struct usb_config_descriptor *config = dev->config + cfg_no;
671
int ifc_no;
672
673
if(!config)
674
continue;
675
676
for (ifc_no=0; ifc_no < config->bNumInterfaces; ifc_no++)
677
{
678
struct usb_interface *interface
679
= config->interface + ifc_no;
680
int set_no;
681
682
if (!interface)
683
continue;
684
685
for (set_no=0; set_no < interface->num_altsetting; set_no++)
686
{
687
struct usb_interface_descriptor *ifcdesc
688
= interface->altsetting + set_no;
689
char *rid;
690
691
/* The second condition is for some SCM Micro
692
SPR 532 which does not know about the
693
assigned CCID class. Instead of trying to
694
interpret the strings we simply look at the
695
product ID. */
696
if (ifcdesc && ifcdesc->extra
697
&& ( (ifcdesc->bInterfaceClass == 11
698
&& ifcdesc->bInterfaceSubClass == 0
699
&& ifcdesc->bInterfaceProtocol == 0)
700
|| (ifcdesc->bInterfaceClass == 255
701
&& dev->descriptor.idVendor == 0x04e6
702
&& dev->descriptor.idProduct == 0xe003
703
&& ifcdesc->bInterfaceSubClass == 1
704
&& ifcdesc->bInterfaceProtocol == 1)))
705
{
706
idev = usb_open (dev);
707
if (!idev)
708
{
709
DEBUGOUT_1 ("usb_open failed: %s\n",
710
strerror (errno));
711
continue;
712
}
713
714
rid = make_reader_id (idev,
715
dev->descriptor.idVendor,
716
dev->descriptor.idProduct,
717
dev->descriptor.iSerialNumber);
718
if (rid)
719
{
720
if (scan_mode)
721
{
722
char *p;
723
724
/* We are collecting infos about all
725
available CCID readers. Store
726
them and continue. */
727
DEBUGOUT_2 ("found CCID reader %d "
728
"(ID=%s)\n",
729
count, rid );
730
if ((p = malloc ((rid_list?
731
strlen (rid_list):0)
732
+ 1 + strlen (rid)
733
+ 1)))
734
{
735
*p = 0;
736
if (rid_list)
737
{
738
strcat (p, rid_list);
739
free (rid_list);
740
}
741
strcat (p, rid);
742
strcat (p, "\n");
743
rid_list = p;
744
}
745
else /* Out of memory. */
746
free (rid);
747
rid = NULL;
748
count++;
749
}
750
else if (!readerno
751
|| (readerno < 0
752
&& readerid
753
&& !strcmp (readerid, rid)))
754
{
755
/* We found the requested reader. */
756
if (ifcdesc_extra && ifcdesc_extra_len)
757
{
758
*ifcdesc_extra = malloc (ifcdesc
759
->extralen);
760
if (!*ifcdesc_extra)
761
{
762
usb_close (idev);
763
free (rid);
764
return NULL; /* Out of core. */
765
}
766
memcpy (*ifcdesc_extra, ifcdesc->extra,
767
ifcdesc->extralen);
768
*ifcdesc_extra_len = ifcdesc->extralen;
769
}
770
if (interface_number)
771
*interface_number = (ifcdesc->
772
bInterfaceNumber);
773
if (ep_bulk_out)
774
*ep_bulk_out = find_endpoint (ifcdesc, 0);
775
if (ep_bulk_in)
776
*ep_bulk_in = find_endpoint (ifcdesc, 1);
777
if (ep_intr)
778
*ep_intr = find_endpoint (ifcdesc, 2);
779
780
781
if (r_dev)
782
*r_dev = dev;
783
if (r_rid)
784
{
785
*r_rid = rid;
786
rid = NULL;
787
}
788
else
789
free (rid);
790
return idev; /* READY. */
791
}
792
else
793
{
794
/* This is not yet the reader we
795
want. fixme: We could avoid the
796
extra usb_open in this case. */
797
if (readerno >= 0)
798
readerno--;
799
}
800
free (rid);
801
}
802
803
usb_close (idev);
804
idev = NULL;
805
goto next_device;
806
}
807
}
808
}
809
}
810
next_device:
811
;
812
}
813
}
814
815
if (scan_mode)
816
*r_rid = rid_list;
817
818
return NULL;
819
}
820
821
822
/* Set the level of debugging to to usea dn return the old level. -1
823
just returns the old level. A level of 0 disables debugging, 1
824
enables debugging, other values are not yet defined. */
825
int
826
ccid_set_debug_level (int level)
827
{
828
int old = debug_level;
829
if (level != -1)
830
debug_level = level;
831
return old;
832
}
833
834
835
char *
836
ccid_get_reader_list (void)
837
{
838
char *reader_list;
839
840
if (!initialized_usb)
841
{
842
usb_init ();
843
initialized_usb = 1;
844
}
845
846
scan_or_find_devices (-1, NULL, &reader_list, NULL, NULL, NULL, NULL,
847
NULL, NULL, NULL);
848
return reader_list;
849
}
850
851
852
/* Open the reader with the internal number READERNO and return a
853
pointer to be used as handle in HANDLE. Returns 0 on success. */
854
int
855
ccid_open_reader (ccid_driver_t *handle, const char *readerid)
856
{
857
int rc = 0;
858
struct usb_device *dev = NULL;
859
usb_dev_handle *idev = NULL;
860
char *rid = NULL;
861
unsigned char *ifcdesc_extra = NULL;
862
size_t ifcdesc_extra_len;
863
int readerno;
864
int ifc_no, ep_bulk_out, ep_bulk_in, ep_intr;
865
866
*handle = NULL;
867
868
if (!initialized_usb)
869
{
870
usb_init ();
871
initialized_usb = 1;
872
}
873
874
/* See whether we want to use the reader ID string or a reader
875
number. A readerno of -1 indicates that the reader ID string is
876
to be used. */
877
if (readerid && strchr (readerid, ':'))
878
readerno = -1; /* We want to use the readerid. */
879
else if (readerid)
880
{
881
readerno = atoi (readerid);
882
if (readerno < 0)
883
{
884
DEBUGOUT ("no CCID readers found\n");
885
rc = CCID_DRIVER_ERR_NO_READER;
886
goto leave;
887
}
888
}
889
else
890
readerno = 0; /* Default. */
891
892
idev = scan_or_find_devices (readerno, readerid, &rid, &dev,
893
&ifcdesc_extra, &ifcdesc_extra_len,
894
&ifc_no, &ep_bulk_out, &ep_bulk_in, &ep_intr);
895
if (!idev)
896
{
897
if (readerno == -1)
898
DEBUGOUT_1 ("no CCID reader with ID %s\n", readerid );
899
else
900
DEBUGOUT_1 ("no CCID reader with number %d\n", readerno );
901
rc = CCID_DRIVER_ERR_NO_READER;
902
goto leave;
903
}
904
905
/* Okay, this is a CCID reader. */
906
*handle = calloc (1, sizeof **handle);
907
if (!*handle)
908
{
909
DEBUGOUT ("out of memory\n");
910
rc = CCID_DRIVER_ERR_OUT_OF_CORE;
911
goto leave;
912
}
913
(*handle)->idev = idev;
914
(*handle)->rid = rid;
915
(*handle)->id_vendor = dev->descriptor.idVendor;
916
(*handle)->id_product = dev->descriptor.idProduct;
917
(*handle)->bcd_device = dev->descriptor.bcdDevice;
918
(*handle)->ifc_no = ifc_no;
919
(*handle)->ep_bulk_out = ep_bulk_out;
920
(*handle)->ep_bulk_in = ep_bulk_in;
921
(*handle)->ep_intr = ep_intr;
922
923
DEBUGOUT_2 ("using CCID reader %d (ID=%s)\n", readerno, rid );
924
925
926
if (parse_ccid_descriptor (*handle, ifcdesc_extra, ifcdesc_extra_len))
927
{
928
DEBUGOUT ("device not supported\n");
929
rc = CCID_DRIVER_ERR_NO_READER;
930
goto leave;
931
}
932
933
rc = usb_claim_interface (idev, ifc_no);
934
if (rc)
935
{
936
DEBUGOUT_1 ("usb_claim_interface failed: %d\n", rc);
937
rc = CCID_DRIVER_ERR_CARD_IO_ERROR;
938
goto leave;
939
}
940
941
leave:
942
free (ifcdesc_extra);
943
if (rc)
944
{
945
free (rid);
946
if (idev)
947
usb_close (idev);
948
free (*handle);
949
*handle = NULL;
950
}
951
952
return rc;
953
}
954
955
956
static void
957
do_close_reader (ccid_driver_t handle)
958
{
959
int rc;
960
unsigned char msg[100];
961
size_t msglen;
962
unsigned char seqno;
963
964
if (!handle->powered_off)
965
{
966
msg[0] = PC_to_RDR_IccPowerOff;
967
msg[5] = 0; /* slot */
968
msg[6] = seqno = handle->seqno++;
969
msg[7] = 0; /* RFU */
970
msg[8] = 0; /* RFU */
971
msg[9] = 0; /* RFU */
972
set_msg_len (msg, 0);
973
msglen = 10;
974
975
rc = bulk_out (handle, msg, msglen);
976
if (!rc)
977
bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_SlotStatus,seqno);
978
handle->powered_off = 1;
979
}
980
if (handle->idev)
981
{
982
usb_release_interface (handle->idev, handle->ifc_no);
983
usb_close (handle->idev);
984
handle->idev = NULL;
985
}
986
}
987
988
989
/* Reset a reader on HANDLE. This is useful in case a reader has been
990
plugged of and inserted at a different port. By resetting the
991
handle, the same reader will be get used. Note, that on error the
992
handle won't get released.
993
994
This does not return an ATR, so ccid_get_atr should be called right
995
after this one.
996
*/
997
int
998
ccid_shutdown_reader (ccid_driver_t handle)
999
{
1000
int rc = 0;
1001
struct usb_device *dev = NULL;
1002
usb_dev_handle *idev = NULL;
1003
unsigned char *ifcdesc_extra = NULL;
1004
size_t ifcdesc_extra_len;
1005
int ifc_no, ep_bulk_out, ep_bulk_in, ep_intr;
1006
1007
if (!handle || !handle->rid)
1008
return CCID_DRIVER_ERR_INV_VALUE;
1009
1010
do_close_reader (handle);
1011
1012
idev = scan_or_find_devices (-1, handle->rid, NULL, &dev,
1013
&ifcdesc_extra, &ifcdesc_extra_len,
1014
&ifc_no, &ep_bulk_out, &ep_bulk_in, &ep_intr);
1015
if (!idev)
1016
{
1017
DEBUGOUT_1 ("no CCID reader with ID %s\n", handle->rid);
1018
return CCID_DRIVER_ERR_NO_READER;
1019
}
1020
1021
1022
handle->idev = idev;
1023
handle->ifc_no = ifc_no;
1024
handle->ep_bulk_out = ep_bulk_out;
1025
handle->ep_bulk_in = ep_bulk_in;
1026
handle->ep_intr = ep_intr;
1027
1028
if (parse_ccid_descriptor (handle, ifcdesc_extra, ifcdesc_extra_len))
1029
{
1030
DEBUGOUT ("device not supported\n");
1031
rc = CCID_DRIVER_ERR_NO_READER;
1032
goto leave;
1033
}
1034
1035
rc = usb_claim_interface (idev, ifc_no);
1036
if (rc)
1037
{
1038
DEBUGOUT_1 ("usb_claim_interface failed: %d\n", rc);
1039
rc = CCID_DRIVER_ERR_CARD_IO_ERROR;
1040
goto leave;
1041
}
1042
1043
leave:
1044
free (ifcdesc_extra);
1045
if (rc)
1046
{
1047
usb_close (handle->idev);
1048
handle->idev = NULL;
1049
}
1050
1051
return rc;
1052
1053
}
1054
1055
1056
/* Close the reader HANDLE. */
1057
int
1058
ccid_close_reader (ccid_driver_t handle)
1059
{
1060
if (!handle || !handle->idev)
1061
return 0;
1062
1063
do_close_reader (handle);
1064
free (handle->rid);
1065
free (handle);
1066
return 0;
1067
}
1068
1069
1070
/* Return False if a card is present and powered. */
1071
int
1072
ccid_check_card_presence (ccid_driver_t handle)
1073
{
1074
1075
return -1;
1076
}
1077
1078
1079
/* Write a MSG of length MSGLEN to the designated bulk out endpoint.
1080
Returns 0 on success. */
1081
static int
1082
bulk_out (ccid_driver_t handle, unsigned char *msg, size_t msglen)
1083
{
1084
int rc;
1085
1086
rc = usb_bulk_write (handle->idev,
1087
handle->ep_bulk_out,
1088
msg, msglen,
1089
1000 /* ms timeout */);
1090
if (rc == msglen)
1091
return 0;
1092
1093
if (rc == -1)
1094
DEBUGOUT_1 ("usb_bulk_write error: %s\n", strerror (errno));
1095
else
1096
DEBUGOUT_1 ("usb_bulk_write failed: %d\n", rc);
1097
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1098
}
1099
1100
1101
/* Read a maximum of LENGTH bytes from the bulk in endpoint into
1102
BUFFER and return the actual read number if bytes in NREAD. SEQNO
1103
is the sequence number used to send the request and EXPECTED_TYPE
1104
the type of message we expect. Does checks on the ccid
1105
header. Returns 0 on success. */
1106
static int
1107
bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length,
1108
size_t *nread, int expected_type, int seqno)
1109
{
1110
int i, rc;
1111
size_t msglen;
1112
1113
/* Fixme: The next line for the current Valgrind without support
1114
for USB IOCTLs. */
1115
memset (buffer, 0, length);
1116
retry:
1117
rc = usb_bulk_read (handle->idev,
1118
handle->ep_bulk_in,
1119
buffer, length,
1120
10000 /* ms timeout */ );
1121
/* Fixme: instead of using a 10 second timeout we should better
1122
handle the timeout here and retry if appropriate. */
1123
if (rc < 0)
1124
{
1125
DEBUGOUT_1 ("usb_bulk_read error: %s\n", strerror (errno));
1126
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1127
}
1128
1129
*nread = msglen = rc;
1130
1131
if (msglen < 10)
1132
{
1133
DEBUGOUT_1 ("bulk-in msg too short (%u)\n", (unsigned int)msglen);
1134
return CCID_DRIVER_ERR_INV_VALUE;
1135
}
1136
if (buffer[0] != expected_type)
1137
{
1138
DEBUGOUT_1 ("unexpected bulk-in msg type (%02x)\n", buffer[0]);
1139
return CCID_DRIVER_ERR_INV_VALUE;
1140
}
1141
if (buffer[5] != 0)
1142
{
1143
DEBUGOUT_1 ("unexpected bulk-in slot (%d)\n", buffer[5]);
1144
return CCID_DRIVER_ERR_INV_VALUE;
1145
}
1146
if (buffer[6] != seqno)
1147
{
1148
DEBUGOUT_2 ("bulk-in seqno does not match (%d/%d)\n",
1149
seqno, buffer[6]);
1150
return CCID_DRIVER_ERR_INV_VALUE;
1151
}
1152
1153
if ( !(buffer[7] & 0x03) && (buffer[7] & 0xC0) == 0x80)
1154
{
1155
/* Card present and active, time extension requested. */
1156
DEBUGOUT_2 ("time extension requested (%02X,%02X)\n",
1157
buffer[7], buffer[8]);
1158
goto retry;
1159
}
1160
1161
DEBUGOUT_3 ("status: %02X error: %02X octet[9]: %02X\n"
1162
" data:", buffer[7], buffer[8], buffer[9] );
1163
for (i=10; i < msglen; i++)
1164
DEBUGOUT_CONT_1 (" %02X", buffer[i]);
1165
DEBUGOUT_LF ();
1166
1167
switch ((buffer[7] & 0x03))
1168
{
1169
case 0: /* no error */ break;
1170
case 1: return CCID_DRIVER_ERR_CARD_INACTIVE;
1171
case 2: return CCID_DRIVER_ERR_NO_CARD;
1172
case 3: /* RFU */ break;
1173
}
1174
return 0;
1175
}
1176
1177
1178
/* Note that this fucntion won't return the error codes NO_CARD or
1179
CARD_INACTIVE */
1180
static int
1181
send_escape_cmd (ccid_driver_t handle,
1182
const unsigned char *data, size_t datalen)
1183
{
1184
int i, rc;
1185
unsigned char msg[100];
1186
size_t msglen;
1187
unsigned char seqno;
1188
1189
if (datalen > sizeof msg - 10)
1190
return CCID_DRIVER_ERR_INV_VALUE; /* Escape data too large. */
1191
1192
msg[0] = PC_to_RDR_Escape;
1193
msg[5] = 0; /* slot */
1194
msg[6] = seqno = handle->seqno++;
1195
msg[7] = 0; /* RFU */
1196
msg[8] = 0; /* RFU */
1197
msg[9] = 0; /* RFU */
1198
memcpy (msg+10, data, datalen);
1199
msglen = 10 + datalen;
1200
set_msg_len (msg, datalen);
1201
1202
DEBUGOUT ("sending");
1203
for (i=0; i < msglen; i++)
1204
DEBUGOUT_CONT_1 (" %02X", msg[i]);
1205
DEBUGOUT_LF ();
1206
rc = bulk_out (handle, msg, msglen);
1207
if (rc)
1208
return rc;
1209
rc = bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_Escape, seqno);
1210
1211
return rc;
1212
}
1213
1214
1215
/* experimental */
1216
int
1217
ccid_poll (ccid_driver_t handle)
1218
{
1219
int rc;
1220
unsigned char msg[10];
1221
size_t msglen;
1222
int i, j;
1223
1224
rc = usb_bulk_read (handle->idev,
1225
handle->ep_intr,
1226
msg, sizeof msg,
1227
0 /* ms timeout */ );
1228
if (rc < 0 && errno == ETIMEDOUT)
1229
return 0;
1230
1231
if (rc < 0)
1232
{
1233
DEBUGOUT_1 ("usb_intr_read error: %s\n", strerror (errno));
1234
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1235
}
1236
1237
msglen = rc;
1238
rc = 0;
1239
1240
if (msglen < 1)
1241
{
1242
DEBUGOUT ("intr-in msg too short\n");
1243
return CCID_DRIVER_ERR_INV_VALUE;
1244
}
1245
1246
if (msg[0] == RDR_to_PC_NotifySlotChange)
1247
{
1248
DEBUGOUT ("notify slot change:");
1249
for (i=1; i < msglen; i++)
1250
for (j=0; j < 4; j++)
1251
DEBUGOUT_CONT_3 (" %d:%c%c",
1252
(i-1)*4+j,
1253
(msg[i] & (1<<(j*2)))? 'p':'-',
1254
(msg[i] & (2<<(j*2)))? '*':' ');
1255
DEBUGOUT_LF ();
1256
}
1257
else if (msg[0] == RDR_to_PC_HardwareError)
1258
{
1259
DEBUGOUT ("hardware error occured\n");
1260
}
1261
else
1262
{
1263
DEBUGOUT_1 ("unknown intr-in msg of type %02X\n", msg[0]);
1264
}
1265
1266
return 0;
1267
}
1268
1269
1270
/* Note that this fucntion won't return the error codes NO_CARD or
1271
CARD_INACTIVE */
1272
int
1273
ccid_slot_status (ccid_driver_t handle, int *statusbits)
1274
{
1275
int rc;
1276
unsigned char msg[100];
1277
size_t msglen;
1278
unsigned char seqno;
1279
1280
msg[0] = PC_to_RDR_GetSlotStatus;
1281
msg[5] = 0; /* slot */
1282
msg[6] = seqno = handle->seqno++;
1283
msg[7] = 0; /* RFU */
1284
msg[8] = 0; /* RFU */
1285
msg[9] = 0; /* RFU */
1286
set_msg_len (msg, 0);
1287
1288
rc = bulk_out (handle, msg, 10);
1289
if (rc)
1290
return rc;
1291
rc = bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_SlotStatus, seqno);
1292
if (rc && rc != CCID_DRIVER_ERR_NO_CARD
1293
&& rc != CCID_DRIVER_ERR_CARD_INACTIVE)
1294
return rc;
1295
*statusbits = (msg[7] & 3);
1296
1297
return 0;
1298
}
1299
1300
1301
int
1302
ccid_get_atr (ccid_driver_t handle,
1303
unsigned char *atr, size_t maxatrlen, size_t *atrlen)
1304
{
1305
int rc;
1306
unsigned char msg[100];
1307
unsigned char *tpdu;
1308
size_t msglen, tpdulen;
1309
unsigned char seqno;
1310
int use_crc = 0;
1311
unsigned int edc;
1312
int i;
1313
1314
msg[0] = PC_to_RDR_IccPowerOn;
1315
msg[5] = 0; /* slot */
1316
msg[6] = seqno = handle->seqno++;
1317
msg[7] = 0; /* power select (0=auto, 1=5V, 2=3V, 3=1.8V) */
1318
msg[8] = 0; /* RFU */
1319
msg[9] = 0; /* RFU */
1320
set_msg_len (msg, 0);
1321
msglen = 10;
1322
1323
rc = bulk_out (handle, msg, msglen);
1324
if (rc)
1325
return rc;
1326
rc = bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_DataBlock, seqno);
1327
if (rc)
1328
return rc;
1329
1330
handle->powered_off = 0;
1331
1332
if (atr)
1333
{
1334
size_t n = msglen - 10;
1335
1336
if (n > maxatrlen)
1337
n = maxatrlen;
1338
memcpy (atr, msg+10, n);
1339
*atrlen = n;
1340
}
1341
1342
/* Setup parameters to select T=1. */
1343
msg[0] = PC_to_RDR_SetParameters;
1344
msg[5] = 0; /* slot */
1345
msg[6] = seqno = handle->seqno++;
1346
msg[7] = 1; /* Select T=1. */
1347
msg[8] = 0; /* RFU */
1348
msg[9] = 0; /* RFU */
1349
1350
/* FIXME: Get those values from the ATR. */
1351
msg[10]= 0x01; /* Fi/Di */
1352
msg[11]= 0x10; /* LRC, direct convention. */
1353
msg[12]= 0; /* Extra guardtime. */
1354
msg[13]= 0x41; /* BWI/CWI */
1355
msg[14]= 0; /* No clock stoppping. */
1356
msg[15]= 254; /* IFSC */
1357
msg[16]= 0; /* Does not support non default NAD values. */
1358
set_msg_len (msg, 7);
1359
msglen = 10 + 7;
1360
1361
DEBUGOUT ("sending");
1362
for (i=0; i < msglen; i++)
1363
DEBUGOUT_CONT_1 (" %02X", msg[i]);
1364
DEBUGOUT_LF ();
1365
1366
rc = bulk_out (handle, msg, msglen);
1367
if (rc)
1368
return rc;
1369
/* Note that we ignore the error code on purpose. */
1370
bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_Parameters, seqno);
1371
1372
handle->t1_ns = 0;
1373
handle->t1_nr = 0;
1374
1375
/* Send an S-Block with our maximun IFSD to the CCID. */
1376
if (!handle->auto_ifsd)
1377
{
1378
tpdu = msg+10;
1379
/* NAD: DAD=1, SAD=0 */
1380
tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0;
1381
tpdu[1] = (0xc0 | 0 | 1); /* S-block request: change IFSD */
1382
tpdu[2] = 1;
1383
tpdu[3] = handle->max_ifsd? handle->max_ifsd : 32;
1384
tpdulen = 4;
1385
edc = compute_edc (tpdu, tpdulen, use_crc);
1386
if (use_crc)
1387
tpdu[tpdulen++] = (edc >> 8);
1388
tpdu[tpdulen++] = edc;
1389
1390
msg[0] = PC_to_RDR_XfrBlock;
1391
msg[5] = 0; /* slot */
1392
msg[6] = seqno = handle->seqno++;
1393
msg[7] = 0;
1394
msg[8] = 0; /* RFU */
1395
msg[9] = 0; /* RFU */
1396
set_msg_len (msg, tpdulen);
1397
msglen = 10 + tpdulen;
1398
1399
DEBUGOUT ("sending");
1400
for (i=0; i < msglen; i++)
1401
DEBUGOUT_CONT_1 (" %02X", msg[i]);
1402
DEBUGOUT_LF ();
1403
1404
#ifdef DEBUG_T1
1405
fprintf (stderr, "T1: put %c-block seq=%d\n",
1406
((msg[11] & 0xc0) == 0x80)? 'R' :
1407
(msg[11] & 0x80)? 'S' : 'I',
1408
((msg[11] & 0x80)? !!(msg[11]& 0x10) : !!(msg[11] & 0x40)));
1409
#endif
1410
1411
rc = bulk_out (handle, msg, msglen);
1412
if (rc)
1413
return rc;
1414
1415
1416
rc = bulk_in (handle, msg, sizeof msg, &msglen,
1417
RDR_to_PC_DataBlock, seqno);
1418
if (rc)
1419
return rc;
1420
1421
tpdu = msg + 10;
1422
tpdulen = msglen - 10;
1423
1424
if (tpdulen < 4)
1425
return CCID_DRIVER_ERR_ABORTED;
1426
1427
#ifdef DEBUG_T1
1428
fprintf (stderr, "T1: got %c-block seq=%d err=%d\n",
1429
((msg[11] & 0xc0) == 0x80)? 'R' :
1430
(msg[11] & 0x80)? 'S' : 'I',
1431
((msg[11] & 0x80)? !!(msg[11]& 0x10) : !!(msg[11] & 0x40)),
1432
((msg[11] & 0xc0) == 0x80)? (msg[11] & 0x0f) : 0
1433
);
1434
#endif
1435
if ((tpdu[1] & 0xe0) != 0xe0 || tpdu[2] != 1)
1436
{
1437
DEBUGOUT ("invalid response for S-block (Change-IFSD)\n");
1438
return -1;
1439
}
1440
DEBUGOUT_1 ("IFSD has been set to %d\n", tpdu[3]);
1441
}
1442
1443
return 0;
1444
}
1445
1446
1447
1448
1449
static unsigned int
1450
compute_edc (const unsigned char *data, size_t datalen, int use_crc)
1451
{
1452
if (use_crc)
1453
{
1454
return 0x42; /* Not yet implemented. */
1455
}
1456
else
1457
{
1458
unsigned char crc = 0;
1459
1460
for (; datalen; datalen--)
1461
crc ^= *data++;
1462
return crc;
1463
}
1464
}
1465
1466
1467
/* Helper for ccid_transceive used for APDU level exchanges. */
1468
static int
1469
ccid_transceive_apdu_level (ccid_driver_t handle,
1470
const unsigned char *apdu_buf, size_t apdu_buflen,
1471
unsigned char *resp, size_t maxresplen,
1472
size_t *nresp)
1473
{
1474
int rc;
1475
unsigned char send_buffer[10+259], recv_buffer[10+259];
1476
const unsigned char *apdu;
1477
size_t apdulen;
1478
unsigned char *msg;
1479
size_t msglen;
1480
unsigned char seqno;
1481
int i;
1482
1483
msg = send_buffer;
1484
1485
apdu = apdu_buf;
1486
apdulen = apdu_buflen;
1487
assert (apdulen);
1488
1489
if (apdulen > 254)
1490
return CCID_DRIVER_ERR_INV_VALUE; /* Invalid length. */
1491
1492
msg[0] = PC_to_RDR_XfrBlock;
1493
msg[5] = 0; /* slot */
1494
msg[6] = seqno = handle->seqno++;
1495
msg[7] = 4; /* bBWI */
1496
msg[8] = 0; /* RFU */
1497
msg[9] = 0; /* RFU */
1498
memcpy (msg+10, apdu, apdulen);
1499
set_msg_len (msg, apdulen);
1500
msglen = 10 + apdulen;
1501
1502
DEBUGOUT ("sending");
1503
for (i=0; i < msglen; i++)
1504
DEBUGOUT_CONT_1 (" %02X", msg[i]);
1505
DEBUGOUT_LF ();
1506
1507
rc = bulk_out (handle, msg, msglen);
1508
if (rc)
1509
return rc;
1510
1511
msg = recv_buffer;
1512
rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen,
1513
RDR_to_PC_DataBlock, seqno);
1514
if (rc)
1515
return rc;
1516
1517
apdu = msg + 10;
1518
apdulen = msglen - 10;
1519
1520
if (resp)
1521
{
1522
if (apdulen > maxresplen)
1523
{
1524
DEBUGOUT_2 ("provided buffer too short for received data "
1525
"(%u/%u)\n",
1526
(unsigned int)apdulen, (unsigned int)maxresplen);
1527
return CCID_DRIVER_ERR_INV_VALUE;
1528
}
1529
1530
memcpy (resp, apdu, apdulen);
1531
*nresp = apdulen;
1532
}
1533
1534
return 0;
1535
}
1536
1537
1538
1539
/*
1540
Protocol T=1 overview
1541
1542
Block Structure:
1543
Prologue Field:
1544
1 byte Node Address (NAD)
1545
1 byte Protocol Control Byte (PCB)
1546
1 byte Length (LEN)
1547
Information Field:
1548
0-254 byte APDU or Control Information (INF)
1549
Epilogue Field:
1550
1 byte Error Detection Code (EDC)
1551
1552
NAD:
1553
bit 7 unused
1554
bit 4..6 Destination Node Address (DAD)
1555
bit 3 unused
1556
bit 2..0 Source Node Address (SAD)
1557
1558
If node adresses are not used, SAD and DAD should be set to 0 on
1559
the first block sent to the card. If they are used they should
1560
have different values (0 for one is okay); that first block sets up
1561
the addresses of the nodes.
1562
1563
PCB:
1564
Information Block (I-Block):
1565
bit 7 0
1566
bit 6 Sequence number (yep, that is modulo 2)
1567
bit 5 Chaining flag
1568
bit 4..0 reserved
1569
Received-Ready Block (R-Block):
1570
bit 7 1
1571
bit 6 0
1572
bit 5 0
1573
bit 4 Sequence number
1574
bit 3..0 0 = no error
1575
1 = EDC or parity error
1576
2 = other error
1577
other values are reserved
1578
Supervisory Block (S-Block):
1579
bit 7 1
1580
bit 6 1
1581
bit 5 clear=request,set=response
1582
bit 4..0 0 = resyncronisation request
1583
1 = information field size request
1584
2 = abort request
1585
3 = extension of BWT request
1586
4 = VPP error
1587
other values are reserved
1588
1589
*/
1590
1591
int
1592
ccid_transceive (ccid_driver_t handle,
1593
const unsigned char *apdu_buf, size_t apdu_buflen,
1594
unsigned char *resp, size_t maxresplen, size_t *nresp)
1595
{
1596
int rc;
1597
unsigned char send_buffer[10+259], recv_buffer[10+259];
1598
const unsigned char *apdu;
1599
size_t apdulen;
1600
unsigned char *msg, *tpdu, *p;
1601
size_t msglen, tpdulen, last_tpdulen, n;
1602
unsigned char seqno;
1603
int i;
1604
unsigned int edc;
1605
int use_crc = 0;
1606
size_t dummy_nresp;
1607
int next_chunk = 1;
1608
int sending = 1;
1609
int retries = 0;
1610
1611
if (!nresp)
1612
nresp = &dummy_nresp;
1613
*nresp = 0;
1614
1615
/* Smarter readers allow to send APDUs directly; divert here. */
1616
if (handle->apdu_level)
1617
return ccid_transceive_apdu_level (handle, apdu_buf, apdu_buflen,
1618
resp, maxresplen, nresp);
1619
1620
/* The other readers we support require sending TPDUs. */
1621
1622
tpdulen = 0; /* Avoid compiler warning about no initialization. */
1623
msg = send_buffer;
1624
for (;;)
1625
{
1626
if (next_chunk)
1627
{
1628
next_chunk = 0;
1629
1630
apdu = apdu_buf;
1631
apdulen = apdu_buflen;
1632
assert (apdulen);
1633
1634
/* Construct an I-Block. */
1635
if (apdulen > 254)
1636
return CCID_DRIVER_ERR_INV_VALUE; /* Invalid length. */
1637
1638
tpdu = msg+10;
1639
/* NAD: DAD=1, SAD=0 */
1640
tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0;
1641
tpdu[1] = ((handle->t1_ns & 1) << 6); /* I-block */
1642
if (apdulen > 128 /* fixme: replace by ifsc */)
1643
{
1644
apdulen = 128;
1645
apdu_buf += 128;
1646
apdu_buflen -= 128;
1647
tpdu[1] |= (1 << 5); /* Set more bit. */
1648
}
1649
tpdu[2] = apdulen;
1650
memcpy (tpdu+3, apdu, apdulen);
1651
tpdulen = 3 + apdulen;
1652
edc = compute_edc (tpdu, tpdulen, use_crc);
1653
if (use_crc)
1654
tpdu[tpdulen++] = (edc >> 8);
1655
tpdu[tpdulen++] = edc;
1656
}
1657
1658
msg[0] = PC_to_RDR_XfrBlock;
1659
msg[5] = 0; /* slot */
1660
msg[6] = seqno = handle->seqno++;
1661
msg[7] = 4; /* bBWI */
1662
msg[8] = 0; /* RFU */
1663
msg[9] = 0; /* RFU */
1664
set_msg_len (msg, tpdulen);
1665
msglen = 10 + tpdulen;
1666
last_tpdulen = tpdulen;
1667
1668
DEBUGOUT ("sending");
1669
for (i=0; i < msglen; i++)
1670
DEBUGOUT_CONT_1 (" %02X", msg[i]);
1671
DEBUGOUT_LF ();
1672
1673
#ifdef DEBUG_T1
1674
fprintf (stderr, "T1: put %c-block seq=%d\n",
1675
((msg[11] & 0xc0) == 0x80)? 'R' :
1676
(msg[11] & 0x80)? 'S' : 'I',
1677
((msg[11] & 0x80)? !!(msg[11]& 0x10) : !!(msg[11] & 0x40)));
1678
#endif
1679
1680
rc = bulk_out (handle, msg, msglen);
1681
if (rc)
1682
return rc;
1683
1684
msg = recv_buffer;
1685
rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen,
1686
RDR_to_PC_DataBlock, seqno);
1687
if (rc)
1688
return rc;
1689
1690
tpdu = msg + 10;
1691
tpdulen = msglen - 10;
1692
1693
if (tpdulen < 4)
1694
{
1695
usb_clear_halt (handle->idev, 0x82);
1696
return CCID_DRIVER_ERR_ABORTED;
1697
}
1698
#ifdef DEBUG_T1
1699
fprintf (stderr, "T1: got %c-block seq=%d err=%d\n",
1700
((msg[11] & 0xc0) == 0x80)? 'R' :
1701
(msg[11] & 0x80)? 'S' : 'I',
1702
((msg[11] & 0x80)? !!(msg[11]& 0x10) : !!(msg[11] & 0x40)),
1703
((msg[11] & 0xc0) == 0x80)? (msg[11] & 0x0f) : 0
1704
);
1705
#endif
1706
1707
if (!(tpdu[1] & 0x80))
1708
{ /* This is an I-block. */
1709
retries = 0;
1710
if (sending)
1711
{ /* last block sent was successful. */
1712
handle->t1_ns ^= 1;
1713
sending = 0;
1714
}
1715
1716
if (!!(tpdu[1] & 0x40) != handle->t1_nr)
1717
{ /* Reponse does not match our sequence number. */
1718
msg = send_buffer;
1719
tpdu = msg+10;
1720
/* NAD: DAD=1, SAD=0 */
1721
tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0;
1722
tpdu[1] = (0x80 | (handle->t1_nr & 1) << 4 | 2); /* R-block */
1723
tpdu[2] = 0;
1724
tpdulen = 3;
1725
edc = compute_edc (tpdu, tpdulen, use_crc);
1726
if (use_crc)
1727
tpdu[tpdulen++] = (edc >> 8);
1728
tpdu[tpdulen++] = edc;
1729
1730
continue;
1731
}
1732
1733
handle->t1_nr ^= 1;
1734
1735
p = tpdu + 3; /* Skip the prologue field. */
1736
n = tpdulen - 3 - 1; /* Strip the epilogue field. */
1737
/* fixme: verify the checksum. */
1738
if (resp)
1739
{
1740
if (n > maxresplen)
1741
{
1742
DEBUGOUT_2 ("provided buffer too short for received data "
1743
"(%u/%u)\n",
1744
(unsigned int)n, (unsigned int)maxresplen);
1745
return CCID_DRIVER_ERR_INV_VALUE;
1746
}
1747
1748
memcpy (resp, p, n);
1749
resp += n;
1750
*nresp += n;
1751
maxresplen -= n;
1752
}
1753
1754
if (!(tpdu[1] & 0x20))
1755
return 0; /* No chaining requested - ready. */
1756
1757
msg = send_buffer;
1758
tpdu = msg+10;
1759
/* NAD: DAD=1, SAD=0 */
1760
tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0;
1761
tpdu[1] = (0x80 | (handle->t1_nr & 1) << 4); /* R-block */
1762
tpdu[2] = 0;
1763
tpdulen = 3;
1764
edc = compute_edc (tpdu, tpdulen, use_crc);
1765
if (use_crc)
1766
tpdu[tpdulen++] = (edc >> 8);
1767
tpdu[tpdulen++] = edc;
1768
}
1769
else if ((tpdu[1] & 0xc0) == 0x80)
1770
{ /* This is a R-block. */
1771
if ( (tpdu[1] & 0x0f))
1772
{ /* Error: repeat last block */
1773
if (++retries > 3)
1774
{
1775
DEBUGOUT ("3 failed retries\n");
1776
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1777
}
1778
msg = send_buffer;
1779
tpdulen = last_tpdulen;
1780
}
1781
else if (sending && !!(tpdu[1] & 0x40) == handle->t1_ns)
1782
{ /* Reponse does not match our sequence number. */
1783
DEBUGOUT ("R-block with wrong seqno received on more bit\n");
1784
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1785
}
1786
else if (sending)
1787
{ /* Send next chunk. */
1788
retries = 0;
1789
msg = send_buffer;
1790
next_chunk = 1;
1791
handle->t1_ns ^= 1;
1792
}
1793
else
1794
{
1795
DEBUGOUT ("unexpected ACK R-block received\n");
1796
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1797
}
1798
}
1799
else
1800
{ /* This is a S-block. */
1801
retries = 0;
1802
DEBUGOUT_2 ("T1 S-block %s received cmd=%d\n",
1803
(tpdu[1] & 0x20)? "response": "request",
1804
(tpdu[1] & 0x1f));
1805
if ( !(tpdu[1] & 0x20) && (tpdu[1] & 0x1f) == 3 && tpdu[2])
1806
{ /* Wait time extension request. */
1807
unsigned char bwi = tpdu[3];
1808
msg = send_buffer;
1809
tpdu = msg+10;
1810
/* NAD: DAD=1, SAD=0 */
1811
tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0;
1812
tpdu[1] = (0xc0 | 0x20 | 3); /* S-block response */
1813
tpdu[2] = 1;
1814
tpdu[3] = bwi;
1815
tpdulen = 4;
1816
edc = compute_edc (tpdu, tpdulen, use_crc);
1817
if (use_crc)
1818
tpdu[tpdulen++] = (edc >> 8);
1819
tpdu[tpdulen++] = edc;
1820
DEBUGOUT_1 ("T1 waittime extension of bwi=%d\n", bwi);
1821
}
1822
else
1823
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1824
}
1825
} /* end T=1 protocol loop. */
1826
1827
return 0;
1828
}
1829
1830
1831
/* Send the CCID Secure command to the reader. APDU_BUF should contain the APDU template. PIN_MODE defines now the pin gets formatted:
1832
1833
1 := The PIN is ASCII encoded and of variable length. The
1834
length of the PIN entered will be put into Lc by the reader.
1835
The APDU should me made up of 4 bytes without Lc.
1836
1837
PINLEN_MIN and PINLEN_MAX define the limits for the pin length. 0
1838
may be used t enable usbale defaults. PIN_PADLEN should be 0
1839
1840
When called with RESP and NRESP set to NULL, the function will
1841
merely check whether the reader supports the secure command for the
1842
given APDU and PIN_MODE. */
1843
int
1844
ccid_transceive_secure (ccid_driver_t handle,
1845
const unsigned char *apdu_buf, size_t apdu_buflen,
1846
int pin_mode, int pinlen_min, int pinlen_max,
1847
int pin_padlen,
1848
unsigned char *resp, size_t maxresplen, size_t *nresp)
1849
{
1850
int rc;
1851
unsigned char send_buffer[10+259], recv_buffer[10+259];
1852
unsigned char *msg, *tpdu, *p;
1853
size_t msglen, tpdulen, n;
1854
unsigned char seqno;
1855
int i;
1856
size_t dummy_nresp;
1857
int testmode;
1858
1859
testmode = !resp && !nresp;
1860
1861
if (!nresp)
1862
nresp = &dummy_nresp;
1863
*nresp = 0;
1864
1865
if (apdu_buflen >= 4 && apdu_buf[1] == 0x20 && (handle->has_pinpad & 1))
1866
;
1867
else if (apdu_buflen >= 4 && apdu_buf[1] == 0x24 && (handle->has_pinpad & 2))
1868
return CCID_DRIVER_ERR_NOT_SUPPORTED; /* Not yet by our code. */
1869
else
1870
return CCID_DRIVER_ERR_NOT_SUPPORTED;
1871
1872
if (pin_mode != 1)
1873
return CCID_DRIVER_ERR_NOT_SUPPORTED;
1874
1875
if (pin_padlen != 0)
1876
return CCID_DRIVER_ERR_NOT_SUPPORTED;
1877
1878
if (!pinlen_min)
1879
pinlen_min = 1;
1880
if (!pinlen_max)
1881
pinlen_max = 25;
1882
1883
/* Note that the 25 is the maximum value the SPR532 allows. */
1884
if (pinlen_min < 1 || pinlen_min > 25
1885
|| pinlen_max < 1 || pinlen_max > 25
1886
|| pinlen_min > pinlen_max)
1887
return CCID_DRIVER_ERR_INV_VALUE;
1888
1889
/* We have only tested this with an SCM reader so better don't risk
1890
anything and do not allow the use with other readers. */
1891
if (handle->id_vendor != VENDOR_SCM)
1892
return CCID_DRIVER_ERR_NOT_SUPPORTED;
1893
1894
if (testmode)
1895
return 0; /* Success */
1896
1897
msg = send_buffer;
1898
if (handle->id_vendor == VENDOR_SCM)
1899
{
1900
DEBUGOUT ("sending escape sequence to switch to a case 1 APDU\n");
1901
rc = send_escape_cmd (handle, "\x80\x02\x00", 3);
1902
if (rc)
1903
return rc;
1904
}
1905
1906
msg[0] = PC_to_RDR_Secure;
1907
msg[5] = 0; /* slot */
1908
msg[6] = seqno = handle->seqno++;
1909
msg[7] = 4; /* bBWI */
1910
msg[8] = 0; /* RFU */
1911
msg[9] = 0; /* RFU */
1912
msg[10] = 0; /* Perform PIN verification. */
1913
msg[11] = 0; /* Timeout in seconds. */
1914
msg[12] = 0x82; /* bmFormatString: Byte, pos=0, left, ASCII. */
1915
if (handle->id_vendor == VENDOR_SCM)
1916
{
1917
/* For the SPR532 the next 2 bytes need to be zero. We do this
1918
for all SCM product. Kudos to to Martin Paljak for this
1919
hint. */
1920
msg[13] = msg[14] = 0;
1921
}
1922
else
1923
{
1924
msg[13] = 0x00; /* bmPINBlockString:
1925
0 bits of pin length to insert.
1926
0 bytes of PIN block size. */
1927
msg[14] = 0x00; /* bmPINLengthFormat:
1928
Units are bytes, position is 0. */
1929
}
1930
msg[15] = pinlen_min; /* wPINMaxExtraDigit-Minimum. */
1931
msg[16] = pinlen_max; /* wPINMaxExtraDigit-Maximum. */
1932
msg[17] = 0x02; /* bEntryValidationCondition:
1933
Validation key pressed */
1934
if (pinlen_min && pinlen_max && pinlen_min == pinlen_max)
1935
msg[17] |= 0x01; /* Max size reached. */
1936
msg[18] = 0xff; /* bNumberMessage: Default. */
1937
msg[19] = 0x04; /* wLangId-High. */
1938
msg[20] = 0x09; /* wLangId-Low: English FIXME: use the first entry. */
1939
msg[21] = 0; /* bMsgIndex. */
1940
/* bTeoProlog follows: */
1941
msg[22] = handle->nonnull_nad? ((1 << 4) | 0): 0;
1942
msg[23] = ((handle->t1_ns & 1) << 6); /* I-block */
1943
msg[24] = 4; /* apdulen. */
1944
/* APDU follows: */
1945
msg[25] = apdu_buf[0]; /* CLA */
1946
msg[26] = apdu_buf[1]; /* INS */
1947
msg[27] = apdu_buf[2]; /* P1 */
1948
msg[28] = apdu_buf[3]; /* P2 */
1949
msglen = 29;
1950
set_msg_len (msg, msglen - 10);
1951
1952
DEBUGOUT ("sending");
1953
for (i=0; i < msglen; i++)
1954
DEBUGOUT_CONT_1 (" %02X", msg[i]);
1955
DEBUGOUT_LF ();
1956
1957
rc = bulk_out (handle, msg, msglen);
1958
if (rc)
1959
return rc;
1960
1961
msg = recv_buffer;
1962
rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen,
1963
RDR_to_PC_DataBlock, seqno);
1964
if (rc)
1965
return rc;
1966
1967
tpdu = msg + 10;
1968
tpdulen = msglen - 10;
1969
1970
if (tpdulen < 4)
1971
{
1972
usb_clear_halt (handle->idev, handle->ep_bulk_in);
1973
return CCID_DRIVER_ERR_ABORTED;
1974
}
1975
#ifdef DEBUG_T1
1976
fprintf (stderr, "T1: got %c-block seq=%d err=%d\n",
1977
((msg[11] & 0xc0) == 0x80)? 'R' :
1978
(msg[11] & 0x80)? 'S' : 'I',
1979
((msg[11] & 0x80)? !!(msg[11]& 0x10) : !!(msg[11] & 0x40)),
1980
((msg[11] & 0xc0) == 0x80)? (msg[11] & 0x0f) : 0
1981
);
1982
#endif
1983
1984
if (!(tpdu[1] & 0x80))
1985
{ /* This is an I-block. */
1986
/* Last block sent was successful. */
1987
handle->t1_ns ^= 1;
1988
1989
if (!!(tpdu[1] & 0x40) != handle->t1_nr)
1990
{ /* Reponse does not match our sequence number. */
1991
DEBUGOUT ("I-block with wrong seqno received\n");
1992
return CCID_DRIVER_ERR_CARD_IO_ERROR;
1993
}
1994
1995
handle->t1_nr ^= 1;
1996
1997
p = tpdu + 3; /* Skip the prologue field. */
1998
n = tpdulen - 3 - 1; /* Strip the epilogue field. */
1999
/* fixme: verify the checksum. */
2000
if (resp)
2001
{
2002
if (n > maxresplen)
2003
{
2004
DEBUGOUT_2 ("provided buffer too short for received data "
2005
"(%u/%u)\n",
2006
(unsigned int)n, (unsigned int)maxresplen);
2007
return CCID_DRIVER_ERR_INV_VALUE;
2008
}
2009
2010
memcpy (resp, p, n);
2011
resp += n;
2012
*nresp += n;
2013
maxresplen -= n;
2014
}
2015
2016
if (!(tpdu[1] & 0x20))
2017
return 0; /* No chaining requested - ready. */
2018
2019
DEBUGOUT ("chaining requested but not supported for Secure operation\n");
2020
return CCID_DRIVER_ERR_CARD_IO_ERROR;
2021
}
2022
else if ((tpdu[1] & 0xc0) == 0x80)
2023
{ /* This is a R-block. */
2024
if ( (tpdu[1] & 0x0f))
2025
{ /* Error: repeat last block */
2026
DEBUGOUT ("No retries supported for Secure operation\n");
2027
return CCID_DRIVER_ERR_CARD_IO_ERROR;
2028
}
2029
else if (!!(tpdu[1] & 0x40) == handle->t1_ns)
2030
{ /* Reponse does not match our sequence number. */
2031
DEBUGOUT ("R-block with wrong seqno received on more bit\n");
2032
return CCID_DRIVER_ERR_CARD_IO_ERROR;
2033
}
2034
else
2035
{ /* Send next chunk. */
2036
DEBUGOUT ("chaining not supported on Secure operation\n");
2037
return CCID_DRIVER_ERR_CARD_IO_ERROR;
2038
}
2039
}
2040
else
2041
{ /* This is a S-block. */
2042
DEBUGOUT_2 ("T1 S-block %s received cmd=%d for Secure operation\n",
2043
(tpdu[1] & 0x20)? "response": "request",
2044
(tpdu[1] & 0x1f));
2045
return CCID_DRIVER_ERR_CARD_IO_ERROR;
2046
}
2047
2048
return 0;
2049
}
2050
2051
2052
2053
2054
#ifdef TEST
2055
2056
2057
static void
2058
print_error (int err)
2059
{
2060
const char *p;
2061
char buf[50];
2062
2063
switch (err)
2064
{
2065
case 0: p = "success";
2066
case CCID_DRIVER_ERR_OUT_OF_CORE: p = "out of core"; break;
2067
case CCID_DRIVER_ERR_INV_VALUE: p = "invalid value"; break;
2068
case CCID_DRIVER_ERR_NO_DRIVER: p = "no driver"; break;
2069
case CCID_DRIVER_ERR_NOT_SUPPORTED: p = "not supported"; break;
2070
case CCID_DRIVER_ERR_LOCKING_FAILED: p = "locking failed"; break;
2071
case CCID_DRIVER_ERR_BUSY: p = "busy"; break;
2072
case CCID_DRIVER_ERR_NO_CARD: p = "no card"; break;
2073
case CCID_DRIVER_ERR_CARD_INACTIVE: p = "card inactive"; break;
2074
case CCID_DRIVER_ERR_CARD_IO_ERROR: p = "card I/O error"; break;
2075
case CCID_DRIVER_ERR_GENERAL_ERROR: p = "general error"; break;
2076
case CCID_DRIVER_ERR_NO_READER: p = "no reader"; break;
2077
case CCID_DRIVER_ERR_ABORTED: p = "aborted"; break;
2078
default: sprintf (buf, "0x%05x", err); p = buf; break;
2079
}
2080
fprintf (stderr, "operation failed: %s\n", p);
2081
}
2082
2083
static void
2084
print_data (const unsigned char *data, size_t length)
2085
{
2086
if (length >= 2)
2087
{
2088
fprintf (stderr, "operation status: %02X%02X\n",
2089
data[length-2], data[length-1]);
2090
length -= 2;
2091
}
2092
if (length)
2093
{
2094
fputs (" returned data:", stderr);
2095
for (; length; length--, data++)
2096
fprintf (stderr, " %02X", *data);
2097
putc ('\n', stderr);
2098
}
2099
}
2100
2101
static void
2102
print_result (int rc, const unsigned char *data, size_t length)
2103
{
2104
if (rc)
2105
print_error (rc);
2106
else if (data)
2107
print_data (data, length);
2108
}
2109
2110
int
2111
main (int argc, char **argv)
2112
{
2113
int rc;
2114
ccid_driver_t ccid;
2115
unsigned int slotstat;
2116
unsigned char result[512];
2117
size_t resultlen;
2118
int no_pinpad = 0;
2119
int verify_123456 = 0;
2120
int did_verify = 0;
2121
int no_poll = 0;
2122
2123
if (argc)
2124
{
2125
argc--;
2126
argv++;
2127
}
2128
2129
while (argc)
2130
{
2131
if ( !strcmp (*argv, "--list"))
2132
{
2133
char *p;
2134
p = ccid_get_reader_list ();
2135
if (!p)
2136
return 1;
2137
fputs (p, stderr);
2138
free (p);
2139
return 0;
2140
}
2141
else if ( !strcmp (*argv, "--debug"))
2142
{
2143
ccid_set_debug_level (1);
2144
argc--; argv++;
2145
}
2146
else if ( !strcmp (*argv, "--no-poll"))
2147
{
2148
no_poll = 1;
2149
argc--; argv++;
2150
}
2151
else if ( !strcmp (*argv, "--no-pinpad"))
2152
{
2153
no_pinpad = 1;
2154
argc--; argv++;
2155
}
2156
else if ( !strcmp (*argv, "--verify-123456"))
2157
{
2158
verify_123456 = 1;
2159
argc--; argv++;
2160
}
2161
else
2162
break;
2163
}
2164
2165
rc = ccid_open_reader (&ccid, argc? *argv:NULL);
2166
if (rc)
2167
return 1;
2168
2169
if (!no_poll)
2170
ccid_poll (ccid);
2171
fputs ("getting ATR ...\n", stderr);
2172
rc = ccid_get_atr (ccid, NULL, 0, NULL);
2173
if (rc)
2174
{
2175
print_error (rc);
2176
return 1;
2177
}
2178
2179
if (!no_poll)
2180
ccid_poll (ccid);
2181
fputs ("getting slot status ...\n", stderr);
2182
rc = ccid_slot_status (ccid, &slotstat);
2183
if (rc)
2184
{
2185
print_error (rc);
2186
return 1;
2187
}
2188
2189
if (!no_poll)
2190
ccid_poll (ccid);
2191
2192
fputs ("selecting application OpenPGP ....\n", stderr);
2193
{
2194
static unsigned char apdu[] = {
2195
0, 0xA4, 4, 0, 6, 0xD2, 0x76, 0x00, 0x01, 0x24, 0x01};
2196
rc = ccid_transceive (ccid,
2197
apdu, sizeof apdu,
2198
result, sizeof result, &resultlen);
2199
print_result (rc, result, resultlen);
2200
}
2201
2202
2203
if (!no_poll)
2204
ccid_poll (ccid);
2205
2206
fputs ("getting OpenPGP DO 0x65 ....\n", stderr);
2207
{
2208
static unsigned char apdu[] = { 0, 0xCA, 0, 0x65, 254 };
2209
rc = ccid_transceive (ccid, apdu, sizeof apdu,
2210
result, sizeof result, &resultlen);
2211
print_result (rc, result, resultlen);
2212
}
2213
2214
if (!no_pinpad)
2215
{
2216
}
2217
2218
if (!no_pinpad)
2219
{
2220
static unsigned char apdu[] = { 0, 0x20, 0, 0x81 };
2221
2222
2223
if (ccid_transceive_secure (ccid,
2224
apdu, sizeof apdu,
2225
1, 0, 0, 0,
2226
NULL, 0, NULL))
2227
fputs ("can't verify using a PIN-Pad reader\n", stderr);
2228
else
2229
{
2230
fputs ("verifying CHV1 using the PINPad ....\n", stderr);
2231
2232
rc = ccid_transceive_secure (ccid,
2233
apdu, sizeof apdu,
2234
1, 0, 0, 0,
2235
result, sizeof result, &resultlen);
2236
print_result (rc, result, resultlen);
2237
did_verify = 1;
2238
}
2239
}
2240
2241
if (verify_123456 && !did_verify)
2242
{
2243
fputs ("verifying that CHV1 is 123456....\n", stderr);
2244
{
2245
static unsigned char apdu[] = {0, 0x20, 0, 0x81,
2246
6, '1','2','3','4','5','6'};
2247
rc = ccid_transceive (ccid, apdu, sizeof apdu,
2248
result, sizeof result, &resultlen);
2249
print_result (rc, result, resultlen);
2250
}
2251
}
2252
2253
if (!rc)
2254
{
2255
fputs ("getting OpenPGP DO 0x5E ....\n", stderr);
2256
{
2257
static unsigned char apdu[] = { 0, 0xCA, 0, 0x5E, 254 };
2258
rc = ccid_transceive (ccid, apdu, sizeof apdu,
2259
result, sizeof result, &resultlen);
2260
print_result (rc, result, resultlen);
2261
}
2262
}
2263
2264
ccid_close_reader (ccid);
2265
2266
return 0;
2267
}
2268
2269
/*
2270
* Local Variables:
2271
* compile-command: "gcc -DTEST -Wall -I/usr/local/include -lusb -g ccid-driver.c"
2272
* End:
2273
*/
2274
#endif /*TEST*/
2275
#endif /*HAVE_LIBUSB*/
Loggerhead is a web-based interface for Breezy
Version: 2.0.1