/src/opensc/src/libopensc/ctx.c
Line | Count | Source |
1 | | /* |
2 | | * ctx.c: Context related functions |
3 | | * |
4 | | * Copyright (C) 2002 Juha Yrjölä <juha.yrjola@iki.fi> |
5 | | * |
6 | | * This library is free software; you can redistribute it and/or |
7 | | * modify it under the terms of the GNU Lesser General Public |
8 | | * License as published by the Free Software Foundation; either |
9 | | * version 2.1 of the License, or (at your option) any later version. |
10 | | * |
11 | | * This library is distributed in the hope that it will be useful, |
12 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
14 | | * Lesser General Public License for more details. |
15 | | * |
16 | | * You should have received a copy of the GNU Lesser General Public |
17 | | * License along with this library; if not, write to the Free Software |
18 | | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
19 | | */ |
20 | | |
21 | | #ifdef HAVE_CONFIG_H |
22 | | #include "config.h" |
23 | | #endif |
24 | | |
25 | | #include <stdio.h> |
26 | | #include <stdlib.h> |
27 | | #include <string.h> |
28 | | #include <assert.h> |
29 | | #include <errno.h> |
30 | | #include <sys/stat.h> |
31 | | #include <limits.h> |
32 | | |
33 | | #ifdef _WIN32 |
34 | | #include <windows.h> |
35 | | #include <winreg.h> |
36 | | #include <direct.h> |
37 | | #include <io.h> |
38 | | #endif |
39 | | |
40 | | #ifdef __APPLE__ |
41 | | #include <libproc.h> |
42 | | #endif |
43 | | |
44 | | #include "common/libscdl.h" |
45 | | #include "common/compat_strlcpy.h" |
46 | | #include "internal.h" |
47 | | #ifdef ENABLE_OPENSSL |
48 | | #include <openssl/crypto.h> |
49 | | #include "sc-ossl-compat.h" |
50 | | #endif |
51 | | |
52 | | |
53 | | static int ignored_reader(sc_context_t *ctx, sc_reader_t *reader) |
54 | 0 | { |
55 | 0 | if (ctx != NULL && reader != NULL && reader->name != NULL) { |
56 | 0 | size_t i; |
57 | 0 | const scconf_list *list; |
58 | |
|
59 | 0 | for (i = 0; ctx->conf_blocks[i]; i++) { |
60 | 0 | list = scconf_find_list(ctx->conf_blocks[i], "ignored_readers"); |
61 | 0 | while (list != NULL) { |
62 | 0 | if (strstr(reader->name, list->data) != NULL) { |
63 | 0 | sc_log(ctx, "Ignoring reader \'%s\' because of \'%s\'\n", |
64 | 0 | reader->name, list->data); |
65 | 0 | return 1; |
66 | 0 | } |
67 | 0 | list = list->next; |
68 | 0 | } |
69 | 0 | } |
70 | 0 | } |
71 | | |
72 | 0 | return 0; |
73 | 0 | } |
74 | | |
75 | | int _sc_add_reader(sc_context_t *ctx, sc_reader_t *reader) |
76 | 0 | { |
77 | 0 | if (reader == NULL || ignored_reader(ctx, reader)) { |
78 | 0 | return SC_ERROR_INVALID_ARGUMENTS; |
79 | 0 | } |
80 | 0 | reader->ctx = ctx; |
81 | 0 | list_append(&ctx->readers, reader); |
82 | 0 | return SC_SUCCESS; |
83 | 0 | } |
84 | | |
85 | | int _sc_delete_reader(sc_context_t *ctx, sc_reader_t *reader) |
86 | 111k | { |
87 | 111k | if (reader == NULL) { |
88 | 0 | return SC_ERROR_INVALID_ARGUMENTS; |
89 | 0 | } |
90 | 111k | if (reader->ops->release) |
91 | 111k | reader->ops->release(reader); |
92 | 111k | free(reader->name); |
93 | 111k | free(reader->vendor); |
94 | 111k | list_delete(&ctx->readers, reader); |
95 | 111k | free(reader); |
96 | 111k | return SC_SUCCESS; |
97 | 111k | } |
98 | | |
99 | | struct _sc_driver_entry { |
100 | | const char *name; |
101 | | void *(*func)(void); |
102 | | }; |
103 | | |
104 | | // clang-format off |
105 | | static const struct _sc_driver_entry internal_card_drivers[] = { |
106 | | /* The card handled by skeid shares the ATR with other cards running CardOS 5.4. |
107 | | * In order to prevent the cardos driver from matching skeid cards, skeid driver |
108 | | * precedes cardos and matches no other CardOS 5.4 card. */ |
109 | | { "skeid", (void *(*)(void)) sc_get_skeid_driver }, |
110 | | /* The card handled by dtrust shares the ATR with other cards running CardOS 5.4. |
111 | | * In order to prevent the cardos driver from matching dtrust cards, dtrust driver |
112 | | * precedes cardos and matches no other CardOS 5.4 card. */ |
113 | | { "dtrust", (void *(*)(void)) sc_get_dtrust_driver }, |
114 | | { "cardos", (void *(*)(void)) sc_get_cardos_driver }, |
115 | | { "gemsafeV1", (void *(*)(void)) sc_get_gemsafeV1_driver }, |
116 | | { "starcos", (void *(*)(void)) sc_get_starcos_driver }, |
117 | | { "tcos", (void *(*)(void)) sc_get_tcos_driver }, |
118 | | #ifdef ENABLE_OPENSSL |
119 | | { "oberthur", (void *(*)(void)) sc_get_oberthur_driver }, |
120 | | { "authentic", (void *(*)(void)) sc_get_authentic_driver }, |
121 | | { "iasecc", (void *(*)(void)) sc_get_iasecc_driver }, |
122 | | #endif |
123 | | { "belpic", (void *(*)(void)) sc_get_belpic_driver }, |
124 | | #ifdef ENABLE_OPENSSL |
125 | | { "entersafe",(void *(*)(void)) sc_get_entersafe_driver }, |
126 | | #ifdef ENABLE_SM |
127 | | { "epass2003",(void *(*)(void)) sc_get_epass2003_driver }, |
128 | | #endif |
129 | | #endif |
130 | | { "rutoken", (void *(*)(void)) sc_get_rutoken_driver }, |
131 | | { "rutoken_ecp",(void *(*)(void)) sc_get_rtecp_driver }, |
132 | | { "myeid", (void *(*)(void)) sc_get_myeid_driver }, |
133 | | #if defined(ENABLE_OPENSSL) && defined(ENABLE_SM) |
134 | | { "dnie", (void *(*)(void)) sc_get_dnie_driver }, |
135 | | #endif |
136 | | { "masktech", (void *(*)(void)) sc_get_masktech_driver }, |
137 | | { "idprime", (void *(*)(void)) sc_get_idprime_driver }, |
138 | | #if defined(ENABLE_SM) && defined(ENABLE_OPENPACE) |
139 | | { "edo", (void *(*)(void)) sc_get_edo_driver }, |
140 | | #endif |
141 | | |
142 | | /* Here should be placed drivers that need some APDU transactions in the |
143 | | * driver's `match_card()` function. */ |
144 | | { "esteid2018", (void *(*)(void)) sc_get_esteid2018_driver }, |
145 | | { "esteid2025", (void *(*)(void)) sc_get_esteid2025_driver }, |
146 | | { "coolkey", (void *(*)(void)) sc_get_coolkey_driver }, |
147 | | /* MUSCLE card applet returns 9000 on whatever AID is selected, see |
148 | | * https://github.com/JavaCardOS/MuscleCard-Applet/blob/master/musclecard/src/com/musclecard/CardEdge/CardEdge.java#L326 |
149 | | * put the muscle driver first to cope with this bug. */ |
150 | | { "muscle", (void *(*)(void)) sc_get_muscle_driver }, |
151 | | { "sc-hsm", (void *(*)(void)) sc_get_sc_hsm_driver }, |
152 | | { "setcos", (void *(*)(void)) sc_get_setcos_driver }, |
153 | | { "PIV-II", (void *(*)(void)) sc_get_piv_driver }, |
154 | | { "cac", (void *(*)(void)) sc_get_cac_driver }, |
155 | | { "itacns", (void *(*)(void)) sc_get_itacns_driver }, |
156 | | { "isoApplet", (void *(*)(void)) sc_get_isoApplet_driver }, |
157 | | #ifdef ENABLE_ZLIB |
158 | | { "gids", (void *(*)(void)) sc_get_gids_driver }, |
159 | | #endif |
160 | | { "openpgp", (void *(*)(void)) sc_get_openpgp_driver }, |
161 | | { "jpki", (void *(*)(void)) sc_get_jpki_driver }, |
162 | | { "npa", (void *(*)(void)) sc_get_npa_driver }, |
163 | | { "cac1", (void *(*)(void)) sc_get_cac1_driver }, |
164 | | { "nqapplet", (void *(*)(void)) sc_get_nqApplet_driver }, |
165 | | #if defined(ENABLE_SM) && defined(ENABLE_OPENPACE) |
166 | | { "eOI", (void *(*)(void)) sc_get_eoi_driver }, |
167 | | #endif |
168 | | /* The default driver should be last, as it handles all the |
169 | | * unrecognized cards. */ |
170 | | { "default", (void *(*)(void)) sc_get_default_driver }, |
171 | | { NULL, NULL } |
172 | | }; |
173 | | |
174 | | static const struct _sc_driver_entry old_card_drivers[] = { |
175 | | { "asepcos", (void *(*)(void)) sc_get_asepcos_driver }, |
176 | | { "atrust-acos",(void *(*)(void)) sc_get_atrust_acos_driver }, |
177 | | { "cyberflex", (void *(*)(void)) sc_get_cyberflex_driver }, |
178 | | { "flex", (void *(*)(void)) sc_get_cryptoflex_driver }, |
179 | | { "mcrd", (void *(*)(void)) sc_get_mcrd_driver }, |
180 | | { NULL, NULL } |
181 | | }; |
182 | | // clang-format on |
183 | | |
184 | | struct _sc_ctx_options { |
185 | | struct _sc_driver_entry cdrv[SC_MAX_CARD_DRIVERS]; |
186 | | int ccount; |
187 | | }; |
188 | | |
189 | | |
190 | | int |
191 | | sc_ctx_win32_get_config_value(const char *name_env, |
192 | | const char *name_reg, const char *name_key, |
193 | | void *out, size_t *out_len) |
194 | 0 | { |
195 | | #ifdef _WIN32 |
196 | | long rc; |
197 | | HKEY hKey; |
198 | | |
199 | | if (!out || !out_len) |
200 | | return SC_ERROR_INVALID_ARGUMENTS; |
201 | | |
202 | | if (name_env) { |
203 | | char *value = getenv(name_env); |
204 | | if (value) { |
205 | | if (strlen(value) > *out_len) |
206 | | return SC_ERROR_NOT_ENOUGH_MEMORY; |
207 | | memcpy(out, value, strlen(value)); |
208 | | *out_len = strlen(value); |
209 | | return SC_SUCCESS; |
210 | | } |
211 | | } |
212 | | |
213 | | if (!name_reg) |
214 | | return SC_ERROR_INVALID_ARGUMENTS; |
215 | | |
216 | | if (!name_key) |
217 | | name_key = "Software\\" OPENSC_VS_FF_COMPANY_NAME "\\OpenSC" OPENSC_ARCH_SUFFIX; |
218 | | |
219 | | rc = RegOpenKeyExA(HKEY_CURRENT_USER, name_key, 0, KEY_QUERY_VALUE, &hKey); |
220 | | if (rc == ERROR_SUCCESS) { |
221 | | DWORD len = *out_len; |
222 | | rc = RegQueryValueEx(hKey, name_reg, NULL, NULL, out, &len); |
223 | | RegCloseKey(hKey); |
224 | | if (rc == ERROR_SUCCESS) { |
225 | | *out_len = len; |
226 | | return SC_SUCCESS; |
227 | | } |
228 | | } |
229 | | |
230 | | rc = RegOpenKeyExA(HKEY_LOCAL_MACHINE, name_key, 0, KEY_QUERY_VALUE, &hKey); |
231 | | if (rc == ERROR_SUCCESS) { |
232 | | DWORD len = *out_len; |
233 | | rc = RegQueryValueEx(hKey, name_reg, NULL, NULL, out, &len); |
234 | | RegCloseKey(hKey); |
235 | | if (rc == ERROR_SUCCESS) { |
236 | | *out_len = len; |
237 | | return SC_SUCCESS; |
238 | | } |
239 | | } |
240 | | |
241 | | return SC_ERROR_OBJECT_NOT_FOUND; |
242 | | #else |
243 | 0 | return SC_ERROR_NOT_SUPPORTED; |
244 | 0 | #endif |
245 | 0 | } |
246 | | |
247 | | |
248 | | /* Simclist helper to locate readers by name */ |
249 | 0 | static int reader_list_seeker(const void *el, const void *key) { |
250 | 0 | const struct sc_reader *reader = (struct sc_reader *)el; |
251 | 0 | if ((el == NULL) || (key == NULL)) |
252 | 0 | return 0; |
253 | 0 | if (strcmp(reader->name, (char*)key) == 0) |
254 | 0 | return 1; |
255 | 0 | return 0; |
256 | 0 | } |
257 | | |
258 | | static void del_drvs(struct _sc_ctx_options *opts) |
259 | 224k | { |
260 | 224k | struct _sc_driver_entry *lst; |
261 | 224k | int *cp, i; |
262 | | |
263 | 224k | lst = opts->cdrv; |
264 | 224k | cp = &opts->ccount; |
265 | | |
266 | 9.08M | for (i = 0; i < *cp; i++) { |
267 | 8.85M | free((void *)lst[i].name); |
268 | 8.85M | } |
269 | 224k | *cp = 0; |
270 | 224k | } |
271 | | |
272 | | static void add_drv(struct _sc_ctx_options *opts, const char *name) |
273 | 8.85M | { |
274 | 8.85M | struct _sc_driver_entry *lst; |
275 | 8.85M | int *cp, max, i; |
276 | | |
277 | 8.85M | lst = opts->cdrv; |
278 | 8.85M | cp = &opts->ccount; |
279 | 8.85M | max = SC_MAX_CARD_DRIVERS; |
280 | 8.85M | if (*cp == max) /* No space for more drivers... */ |
281 | 0 | return; |
282 | 180M | for (i = 0; i < *cp; i++) |
283 | 171M | if (strcmp(name, lst[i].name) == 0) |
284 | 0 | return; |
285 | 8.85M | lst[*cp].name = strdup(name); |
286 | | |
287 | 8.85M | *cp = *cp + 1; |
288 | 8.85M | } |
289 | | |
290 | | static void add_internal_drvs(struct _sc_ctx_options *opts) |
291 | 224k | { |
292 | 224k | const struct _sc_driver_entry *lst; |
293 | 224k | int i; |
294 | | |
295 | 224k | lst = internal_card_drivers; |
296 | 224k | i = 0; |
297 | 8.52M | while (lst[i].name != NULL) { |
298 | 8.29M | add_drv(opts, lst[i].name); |
299 | 8.29M | i++; |
300 | 8.29M | } |
301 | 224k | } |
302 | | |
303 | | static void add_old_drvs(struct _sc_ctx_options *opts) |
304 | 112k | { |
305 | 112k | const struct _sc_driver_entry *lst; |
306 | 112k | int i; |
307 | | |
308 | 112k | lst = old_card_drivers; |
309 | 112k | i = 0; |
310 | 672k | while (lst[i].name != NULL) { |
311 | 560k | add_drv(opts, lst[i].name); |
312 | 560k | i++; |
313 | 560k | } |
314 | 112k | } |
315 | | |
316 | | static void set_defaults(sc_context_t *ctx, struct _sc_ctx_options *opts) |
317 | 112k | { |
318 | 112k | ctx->debug = 0; |
319 | 112k | if (ctx->debug_file && (ctx->debug_file != stderr && ctx->debug_file != stdout)) |
320 | 0 | fclose(ctx->debug_file); |
321 | 112k | ctx->debug_file = stderr; |
322 | 112k | ctx->flags = 0; |
323 | 112k | ctx->forced_driver = NULL; |
324 | 112k | add_internal_drvs(opts); |
325 | 112k | } |
326 | | |
327 | | /* In Windows, file handles can not be shared between DLL-s, |
328 | | * each DLL has a separate file handle table. Thus tools and utilities |
329 | | * can not set the file handle themselves when -v is specified on command line. |
330 | | */ |
331 | | int sc_ctx_log_to_file(sc_context_t *ctx, const char* filename) |
332 | 0 | { |
333 | | /* Close any existing handles */ |
334 | 0 | if (ctx->debug_file && (ctx->debug_file != stderr && ctx->debug_file != stdout)) { |
335 | 0 | fclose(ctx->debug_file); |
336 | 0 | ctx->debug_file = NULL; |
337 | 0 | } |
338 | |
|
339 | 0 | if (!ctx->debug_filename) { |
340 | 0 | if (!filename) |
341 | 0 | filename = "stderr"; |
342 | 0 | ctx->debug_filename = strdup(filename); |
343 | 0 | } |
344 | |
|
345 | 0 | if (!filename) |
346 | 0 | return SC_SUCCESS; |
347 | | |
348 | | /* Handle special names */ |
349 | 0 | if (!strcmp(filename, "stdout")) |
350 | 0 | ctx->debug_file = stdout; |
351 | 0 | else if (!strcmp(filename, "stderr")) |
352 | 0 | ctx->debug_file = stderr; |
353 | 0 | else { |
354 | 0 | ctx->debug_file = fopen(filename, "a"); |
355 | 0 | if (ctx->debug_file == NULL) |
356 | 0 | return SC_ERROR_INTERNAL; |
357 | 0 | } |
358 | 0 | return SC_SUCCESS; |
359 | 0 | } |
360 | | |
361 | | static void |
362 | | set_drivers(struct _sc_ctx_options *opts, const scconf_list *list) |
363 | 112k | { |
364 | 112k | const char *s_internal = "internal", *s_old = "old"; |
365 | 112k | if (list != NULL) |
366 | 112k | del_drvs(opts); |
367 | 336k | while (list != NULL) { |
368 | 224k | if (strcmp(list->data, s_internal) == 0) |
369 | 112k | add_internal_drvs(opts); |
370 | 112k | else if (strcmp(list->data, s_old) == 0) |
371 | 112k | add_old_drvs(opts); |
372 | 0 | else |
373 | 0 | add_drv(opts, list->data); |
374 | 224k | list = list->next; |
375 | 224k | } |
376 | 112k | } |
377 | | |
378 | | static int |
379 | | load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *opts) |
380 | 112k | { |
381 | 112k | int err = 0; |
382 | 112k | const scconf_list *list; |
383 | 112k | const char *val; |
384 | 112k | int debug; |
385 | 112k | const char *disable_hw_pkcs1_padding; |
386 | | #ifdef _WIN32 |
387 | | char expanded_val[PATH_MAX]; |
388 | | DWORD expanded_len; |
389 | | #endif |
390 | | |
391 | 112k | debug = scconf_get_int(block, "debug", ctx->debug); |
392 | 112k | if (debug > ctx->debug) |
393 | 0 | ctx->debug = debug; |
394 | | |
395 | 112k | val = scconf_get_str(block, "debug_file", NULL); |
396 | 112k | if (val) { |
397 | | #ifdef _WIN32 |
398 | | expanded_len = PATH_MAX; |
399 | | expanded_len = ExpandEnvironmentStringsA(val, expanded_val, expanded_len); |
400 | | if (0 < expanded_len && expanded_len < sizeof expanded_val) |
401 | | val = expanded_val; |
402 | | #endif |
403 | 0 | sc_ctx_log_to_file(ctx, val); |
404 | 0 | } |
405 | 112k | else if (ctx->debug) { |
406 | 0 | sc_ctx_log_to_file(ctx, NULL); |
407 | 0 | } |
408 | | |
409 | 112k | if (scconf_get_bool (block, "disable_popups", |
410 | 112k | ctx->flags & SC_CTX_FLAG_DISABLE_POPUPS)) |
411 | 0 | ctx->flags |= SC_CTX_FLAG_DISABLE_POPUPS; |
412 | | |
413 | 112k | if (scconf_get_bool (block, "disable_colors", |
414 | 112k | ctx->flags & SC_CTX_FLAG_DISABLE_COLORS)) |
415 | 0 | ctx->flags |= SC_CTX_FLAG_DISABLE_COLORS; |
416 | | |
417 | 112k | if (scconf_get_bool (block, "enable_default_driver", |
418 | 112k | ctx->flags & SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER)) |
419 | 0 | ctx->flags |= SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER; |
420 | | |
421 | 112k | list = scconf_find_list(block, "card_drivers"); |
422 | 112k | set_drivers(opts, list); |
423 | | |
424 | | /* Disable PKCS#1 v1.5 type 2 (for decryption) depadding on card by default */ |
425 | 112k | disable_hw_pkcs1_padding = "decipher"; |
426 | 112k | ctx->disable_hw_pkcs1_padding = SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_02; |
427 | 112k | disable_hw_pkcs1_padding = scconf_get_str(block, "disable_hw_pkcs1_padding", disable_hw_pkcs1_padding); |
428 | 112k | if (0 == strcmp(disable_hw_pkcs1_padding, "no")) { |
429 | 0 | ctx->disable_hw_pkcs1_padding = 0; |
430 | 112k | } else if (0 == strcmp(disable_hw_pkcs1_padding, "sign")) { |
431 | 0 | ctx->disable_hw_pkcs1_padding = SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_01; |
432 | 112k | } else if (0 == strcmp(disable_hw_pkcs1_padding, "decipher")) { |
433 | 112k | ctx->disable_hw_pkcs1_padding = SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_02; |
434 | 112k | } else if (0 == strcmp(disable_hw_pkcs1_padding, "both")) { |
435 | 0 | ctx->disable_hw_pkcs1_padding = SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_01 | SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_02; |
436 | 0 | } |
437 | | |
438 | | #ifdef USE_OPENSSL3_LIBCTX |
439 | | val = scconf_get_str(block, "openssl_config", NULL); |
440 | | if (val != NULL) { |
441 | | ctx->openssl_config = strdup(val); |
442 | | } |
443 | | #endif |
444 | | |
445 | 112k | return err; |
446 | 112k | } |
447 | | |
448 | | |
449 | | /** |
450 | | * find library module for provided driver in configuration file |
451 | | * if not found assume library name equals to module name |
452 | | */ |
453 | | static const char *find_library(sc_context_t *ctx, const char *name) |
454 | 0 | { |
455 | 0 | int i, log_warning; |
456 | 0 | const char *libname = NULL; |
457 | 0 | scconf_block **blocks, *blk; |
458 | |
|
459 | 0 | for (i = 0; ctx->conf_blocks[i]; i++) { |
460 | 0 | blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], "card_driver", name); |
461 | 0 | if (!blocks) |
462 | 0 | continue; |
463 | 0 | blk = blocks[0]; |
464 | 0 | free(blocks); |
465 | 0 | if (blk == NULL) |
466 | 0 | continue; |
467 | 0 | libname = scconf_get_str(blk, "module", name); |
468 | | #ifdef _WIN32 |
469 | | log_warning = libname && libname[0] != '\\'; |
470 | | #else |
471 | 0 | log_warning = libname && libname[0] != '/'; |
472 | 0 | #endif |
473 | 0 | if (log_warning) |
474 | 0 | sc_log(ctx, "warning: relative path to driver '%s' used", libname); |
475 | 0 | break; |
476 | 0 | } |
477 | |
|
478 | 0 | return libname; |
479 | 0 | } |
480 | | |
481 | | /** |
482 | | * load card/reader driver modules |
483 | | * Every module should contain a function " void * sc_module_init(char *) " |
484 | | * that returns a pointer to the function _sc_get_xxxx_driver() |
485 | | * used to initialize static modules |
486 | | * Also, an exported "char *sc_module_version" variable should exist in module |
487 | | */ |
488 | | static void *load_dynamic_driver(sc_context_t *ctx, void **dll, const char *name) |
489 | 0 | { |
490 | 0 | const char *version, *libname; |
491 | 0 | void *handle; |
492 | 0 | void *(*modinit)(const char *) = NULL; |
493 | 0 | void *(**tmodi)(const char *) = &modinit; |
494 | 0 | const char *(*modversion)(void) = NULL; |
495 | 0 | const char *(**tmodv)(void) = &modversion; |
496 | |
|
497 | 0 | if (dll == NULL) { |
498 | 0 | sc_log(ctx, "No dll parameter specified"); |
499 | 0 | return NULL; |
500 | 0 | } |
501 | 0 | if (name == NULL) { /* should not occur, but... */ |
502 | 0 | sc_log(ctx, "No module specified"); |
503 | 0 | return NULL; |
504 | 0 | } |
505 | 0 | libname = find_library(ctx, name); |
506 | 0 | if (libname == NULL) |
507 | 0 | return NULL; |
508 | 0 | handle = sc_dlopen(libname); |
509 | 0 | if (handle == NULL) { |
510 | 0 | sc_log(ctx, "Module %s: cannot load %s library: %s", name, libname, sc_dlerror()); |
511 | 0 | return NULL; |
512 | 0 | } |
513 | | |
514 | | /* verify correctness of module */ |
515 | 0 | *(void **)tmodi = sc_dlsym(handle, "sc_module_init"); |
516 | 0 | *(void **)tmodv = sc_dlsym(handle, "sc_driver_version"); |
517 | 0 | if (modinit == NULL || modversion == NULL) { |
518 | 0 | sc_log(ctx, "dynamic library '%s' is not a OpenSC module",libname); |
519 | 0 | sc_dlclose(handle); |
520 | 0 | return NULL; |
521 | 0 | } |
522 | | /* verify module version */ |
523 | 0 | version = modversion(); |
524 | | /* XXX: We really need to have ABI version for each interface */ |
525 | 0 | if (version == NULL || strncmp(version, PACKAGE_VERSION, strlen(PACKAGE_VERSION)) != 0) { |
526 | 0 | sc_log(ctx, "dynamic library '%s': invalid module version", libname); |
527 | 0 | sc_dlclose(handle); |
528 | 0 | return NULL; |
529 | 0 | } |
530 | | |
531 | 0 | *dll = handle; |
532 | 0 | sc_log(ctx, "successfully loaded card driver '%s'", name); |
533 | 0 | return modinit(name); |
534 | 0 | } |
535 | | |
536 | | static int load_card_driver_options(sc_context_t *ctx, |
537 | | struct sc_card_driver *driver) |
538 | 4.71M | { |
539 | 4.71M | scconf_block **blocks, *blk; |
540 | 4.71M | int i; |
541 | | |
542 | 9.42M | for (i = 0; ctx->conf_blocks[i]; i++) { |
543 | 4.71M | blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], |
544 | 4.71M | "card_driver", driver->short_name); |
545 | 4.71M | if (!blocks) |
546 | 0 | continue; |
547 | 4.71M | blk = blocks[0]; |
548 | 4.71M | free(blocks); |
549 | | |
550 | 4.71M | if (blk == NULL) |
551 | 4.71M | continue; |
552 | | |
553 | | /* no options at the moment */ |
554 | 4.71M | } |
555 | 4.71M | return SC_SUCCESS; |
556 | 4.71M | } |
557 | | |
558 | | static int load_card_drivers(sc_context_t *ctx, struct _sc_ctx_options *opts) |
559 | 112k | { |
560 | 112k | const struct _sc_driver_entry *ent; |
561 | 112k | int drv_count; |
562 | 112k | int i; |
563 | | |
564 | 112k | for (drv_count = 0; ctx->card_drivers[drv_count] != NULL; drv_count++) |
565 | 0 | ; |
566 | | |
567 | 4.82M | for (i = 0; i < opts->ccount; i++) { |
568 | 4.71M | struct sc_card_driver *(*func)(void) = NULL; |
569 | 4.71M | struct sc_card_driver *(**tfunc)(void) = &func; |
570 | 4.71M | void *dll = NULL; |
571 | 4.71M | int j; |
572 | | |
573 | 4.71M | if (drv_count >= SC_MAX_CARD_DRIVERS - 1) { |
574 | 0 | sc_log(ctx, "Not more then %i card drivers allowed.", SC_MAX_CARD_DRIVERS); |
575 | 0 | break; |
576 | 0 | } |
577 | | |
578 | 4.71M | ent = &opts->cdrv[i]; |
579 | 100M | for (j = 0; internal_card_drivers[j].name != NULL; j++) { |
580 | 99.5M | if (strcmp(ent->name, internal_card_drivers[j].name) == 0) { |
581 | 4.14M | func = (struct sc_card_driver *(*)(void)) internal_card_drivers[j].func; |
582 | 4.14M | break; |
583 | 4.14M | } |
584 | 99.5M | } |
585 | 4.71M | if (func == NULL) { |
586 | 1.68M | for (j = 0; old_card_drivers[j].name != NULL; j++) { |
587 | 1.68M | if (strcmp(ent->name, old_card_drivers[j].name) == 0) { |
588 | 560k | func = (struct sc_card_driver *(*)(void)) old_card_drivers[j].func; |
589 | 560k | break; |
590 | 560k | } |
591 | 1.68M | } |
592 | 560k | } |
593 | | /* if not initialized assume external module */ |
594 | 4.71M | if (func == NULL) |
595 | 0 | *(void **)(tfunc) = load_dynamic_driver(ctx, &dll, ent->name); |
596 | | /* if still null, assume driver not found */ |
597 | 4.71M | if (func == NULL) { |
598 | 0 | sc_log(ctx, "Unable to load '%s'.", ent->name); |
599 | 0 | if (dll) |
600 | 0 | sc_dlclose(dll); |
601 | 0 | continue; |
602 | 0 | } |
603 | | |
604 | 4.71M | ctx->card_drivers[drv_count] = func(); |
605 | 4.71M | if (ctx->card_drivers[drv_count] == NULL) { |
606 | 0 | sc_log(ctx, "Driver '%s' not available.", ent->name); |
607 | 0 | continue; |
608 | 0 | } |
609 | | |
610 | 4.71M | ctx->card_drivers[drv_count]->dll = dll; |
611 | 4.71M | ctx->card_drivers[drv_count]->atr_map = NULL; |
612 | 4.71M | ctx->card_drivers[drv_count]->natrs = 0; |
613 | | |
614 | 4.71M | load_card_driver_options(ctx, ctx->card_drivers[drv_count]); |
615 | | |
616 | | /* Ensure that the list is always terminated by NULL */ |
617 | 4.71M | ctx->card_drivers[drv_count + 1] = NULL; |
618 | | |
619 | 4.71M | drv_count++; |
620 | 4.71M | } |
621 | 112k | return SC_SUCCESS; |
622 | 112k | } |
623 | | |
624 | | static int load_card_atrs(sc_context_t *ctx) |
625 | 112k | { |
626 | 112k | struct sc_card_driver *driver; |
627 | 112k | scconf_block **blocks; |
628 | 112k | int i, j, k; |
629 | | |
630 | 224k | for (i = 0; ctx->conf_blocks[i] != NULL; i++) { |
631 | 112k | blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], "card_atr", NULL); |
632 | 112k | if (!blocks) |
633 | 0 | continue; |
634 | 112k | for (j = 0; blocks[j] != NULL; j++) { |
635 | 0 | scconf_block *b = blocks[j]; |
636 | 0 | char *atr = b->name->data; |
637 | 0 | const scconf_list *list; |
638 | 0 | struct sc_atr_table t; |
639 | 0 | const char *dname; |
640 | |
|
641 | 0 | driver = NULL; |
642 | |
|
643 | 0 | if (strlen(atr) < 4) |
644 | 0 | continue; |
645 | | |
646 | | /* The interesting part. If there's no card |
647 | | * driver assigned for the ATR, add it to |
648 | | * the default driver. This will reduce the |
649 | | * amount of code required to process things |
650 | | * related to card_atr blocks in situations, |
651 | | * where the code is not exactly related to |
652 | | * card driver settings, but for example |
653 | | * forcing a protocol at the reader driver. |
654 | | */ |
655 | 0 | dname = scconf_get_str(b, "driver", "default"); |
656 | | |
657 | | /* Find the card driver structure according to dname */ |
658 | 0 | for (k = 0; ctx->card_drivers[k] != NULL; k++) { |
659 | 0 | driver = ctx->card_drivers[k]; |
660 | 0 | if (!strcmp(dname, driver->short_name)) |
661 | 0 | break; |
662 | 0 | driver = NULL; |
663 | 0 | } |
664 | |
|
665 | 0 | if (!driver) |
666 | 0 | continue; |
667 | | |
668 | 0 | memset(&t, 0, sizeof(struct sc_atr_table)); |
669 | 0 | t.atr = atr; |
670 | 0 | t.atrmask = (char *) scconf_get_str(b, "atrmask", NULL); |
671 | 0 | t.name = (char *) scconf_get_str(b, "name", NULL); |
672 | 0 | t.type = scconf_get_int(b, "type", SC_CARD_TYPE_UNKNOWN); |
673 | 0 | list = scconf_find_list(b, "flags"); |
674 | 0 | while (list != NULL) { |
675 | 0 | unsigned int flags = 0; |
676 | |
|
677 | 0 | if (!list->data) { |
678 | 0 | list = list->next; |
679 | 0 | continue; |
680 | 0 | } |
681 | | |
682 | 0 | if (!strcmp(list->data, "rng")) |
683 | 0 | flags = SC_CARD_FLAG_RNG; |
684 | 0 | else if (!strcmp(list->data, "keep_alive")) |
685 | 0 | flags = SC_CARD_FLAG_KEEP_ALIVE; |
686 | 0 | else if (sscanf(list->data, "%x", &flags) != 1) |
687 | 0 | flags = 0; |
688 | |
|
689 | 0 | t.flags |= flags; |
690 | 0 | list = list->next; |
691 | 0 | } |
692 | 0 | t.card_atr = b; |
693 | 0 | _sc_add_atr(ctx, driver, &t); |
694 | 0 | } |
695 | 112k | free(blocks); |
696 | 112k | } |
697 | 112k | return SC_SUCCESS; |
698 | 112k | } |
699 | | |
700 | | static void process_config_file(sc_context_t *ctx, struct _sc_ctx_options *opts) |
701 | 112k | { |
702 | 112k | int i, r, count = 0; |
703 | 112k | scconf_block **blocks; |
704 | 112k | const char *conf_path = NULL; |
705 | 112k | const char *debug = NULL; |
706 | | #ifdef _WIN32 |
707 | | char temp_path[PATH_MAX]; |
708 | | size_t temp_len; |
709 | | #endif |
710 | | |
711 | | /* Takes effect even when no config around */ |
712 | 112k | debug = getenv("OPENSC_DEBUG"); |
713 | 112k | if (debug) |
714 | 0 | ctx->debug = atoi(debug); |
715 | | |
716 | 112k | memset(ctx->conf_blocks, 0, sizeof(ctx->conf_blocks)); |
717 | | #ifdef _WIN32 |
718 | | temp_len = PATH_MAX-1; |
719 | | r = sc_ctx_win32_get_config_value("OPENSC_CONF", "ConfigFile", "Software\\" OPENSC_VS_FF_COMPANY_NAME "\\OpenSC" OPENSC_ARCH_SUFFIX, |
720 | | temp_path, &temp_len); |
721 | | if (r) { |
722 | | sc_log(ctx, "process_config_file doesn't find opensc config file. Please set the registry key."); |
723 | | return; |
724 | | } |
725 | | temp_path[temp_len] = '\0'; |
726 | | conf_path = temp_path; |
727 | | #else |
728 | 112k | conf_path = getenv("OPENSC_CONF"); |
729 | 112k | if (!conf_path) |
730 | 112k | conf_path = OPENSC_CONF_PATH; |
731 | 112k | #endif |
732 | 112k | ctx->conf = scconf_new(conf_path); |
733 | 112k | if (ctx->conf == NULL) |
734 | 0 | return; |
735 | 112k | r = scconf_parse(ctx->conf); |
736 | 112k | #define OPENSC_CONFIG_STRING "app default { card_drivers = old, internal; }" |
737 | 112k | #ifdef OPENSC_CONFIG_STRING |
738 | | /* Parse the string if config file didn't exist */ |
739 | 112k | if (r < 0) |
740 | 112k | r = scconf_parse_string(ctx->conf, OPENSC_CONFIG_STRING); |
741 | 112k | #endif |
742 | 112k | if (r < 1) { |
743 | | /* A negative return value means the config file isn't |
744 | | * there, which is not an error. Nevertheless log this |
745 | | * fact. */ |
746 | 0 | if (r < 0) |
747 | 0 | sc_log(ctx, "scconf_parse failed: %s", ctx->conf->errmsg); |
748 | 0 | else |
749 | 0 | sc_log(ctx, "scconf_parse failed: %s", ctx->conf->errmsg); |
750 | 0 | scconf_free(ctx->conf); |
751 | 0 | ctx->conf = NULL; |
752 | 0 | return; |
753 | 0 | } |
754 | | /* needs to be after the log file is known */ |
755 | 112k | sc_log(ctx, "Used configuration file '%s'", conf_path); |
756 | 112k | blocks = scconf_find_blocks(ctx->conf, NULL, "app", ctx->exe_path); |
757 | 112k | if (blocks && blocks[0]) |
758 | 0 | ctx->conf_blocks[count++] = blocks[0]; |
759 | 112k | free(blocks); |
760 | 112k | blocks = scconf_find_blocks(ctx->conf, NULL, "app", ctx->app_name); |
761 | 112k | if (blocks && blocks[0]) |
762 | 0 | ctx->conf_blocks[count++] = blocks[0]; |
763 | 112k | free(blocks); |
764 | 112k | if (strcmp(ctx->app_name, "default") != 0) { |
765 | 112k | blocks = scconf_find_blocks(ctx->conf, NULL, "app", "default"); |
766 | 112k | if (blocks && blocks[0]) |
767 | 112k | ctx->conf_blocks[count] = blocks[0]; |
768 | 112k | free(blocks); |
769 | 112k | } |
770 | | /* Above we add 3 blocks at most, but conf_blocks has 4 elements, |
771 | | * so at least one is NULL */ |
772 | 224k | for (i = 0; ctx->conf_blocks[i]; i++) |
773 | 112k | load_parameters(ctx, ctx->conf_blocks[i], opts); |
774 | 112k | } |
775 | | |
776 | | int sc_ctx_detect_readers(sc_context_t *ctx) |
777 | 112k | { |
778 | 112k | int r = 0; |
779 | 112k | const struct sc_reader_driver *drv = ctx->reader_driver; |
780 | | |
781 | 112k | sc_mutex_lock(ctx, ctx->mutex); |
782 | | |
783 | 112k | if (drv->ops->detect_readers != NULL) |
784 | 0 | r = drv->ops->detect_readers(ctx); |
785 | | |
786 | 112k | sc_mutex_unlock(ctx, ctx->mutex); |
787 | | |
788 | 112k | return r; |
789 | 112k | } |
790 | | |
791 | | sc_reader_t *sc_ctx_get_reader(sc_context_t *ctx, unsigned int i) |
792 | 127k | { |
793 | 127k | return list_get_at(&ctx->readers, i); |
794 | 127k | } |
795 | | |
796 | | sc_reader_t *sc_ctx_get_reader_by_id(sc_context_t *ctx, unsigned int id) |
797 | 0 | { |
798 | 0 | return list_get_at(&ctx->readers, id); |
799 | 0 | } |
800 | | |
801 | | sc_reader_t *sc_ctx_get_reader_by_name(sc_context_t *ctx, const char * name) |
802 | 0 | { |
803 | 0 | return list_seek(&ctx->readers, name); |
804 | 0 | } |
805 | | |
806 | | unsigned int sc_ctx_get_reader_count(sc_context_t *ctx) |
807 | 48.2k | { |
808 | 48.2k | return list_size(&ctx->readers); |
809 | 48.2k | } |
810 | | |
811 | | int sc_establish_context(sc_context_t **ctx_out, const char *app_name) |
812 | 76.8k | { |
813 | 76.8k | sc_context_param_t ctx_param; |
814 | | |
815 | 76.8k | memset(&ctx_param, 0, sizeof(sc_context_param_t)); |
816 | 76.8k | ctx_param.ver = 0; |
817 | 76.8k | ctx_param.app_name = app_name; |
818 | 76.8k | return sc_context_create(ctx_out, &ctx_param); |
819 | 76.8k | } |
820 | | |
821 | | /* For multithreaded issues */ |
822 | | int sc_context_repair(sc_context_t **ctx_out) |
823 | 0 | { |
824 | | /* Must already exist */ |
825 | 0 | if ((ctx_out == NULL) || (*ctx_out == NULL) || |
826 | 0 | ((*ctx_out)->app_name == NULL)) |
827 | 0 | return SC_ERROR_INVALID_ARGUMENTS; |
828 | | |
829 | | /* The only thing that should be shared across different contexts are the |
830 | | * card drivers - so rebuild the ATR's |
831 | | */ |
832 | 0 | load_card_atrs(*ctx_out); |
833 | | |
834 | | /* TODO: May need to re-open any card driver DLL's */ |
835 | |
|
836 | 0 | return SC_SUCCESS; |
837 | 0 | } |
838 | | |
839 | | #ifdef USE_OPENSSL3_LIBCTX |
840 | | static int sc_openssl3_init(sc_context_t *ctx) |
841 | | { |
842 | | ctx->ossl3ctx = calloc(1, sizeof(ossl3ctx_t)); |
843 | | if (ctx->ossl3ctx == NULL) { |
844 | | return SC_ERROR_OUT_OF_MEMORY; |
845 | | } |
846 | | |
847 | | ctx->ossl3ctx->libctx = OSSL_LIB_CTX_new(); |
848 | | if (ctx->ossl3ctx->libctx == NULL) { |
849 | | return SC_ERROR_INTERNAL; |
850 | | } |
851 | | |
852 | | if (ctx->openssl_config != NULL) { |
853 | | if (access(ctx->openssl_config, R_OK) != 0) { |
854 | | sc_log(ctx, "Warning: provided OpenSSL configuration file '%s' is not readable", |
855 | | ctx->openssl_config); |
856 | | } else { |
857 | | /* |
858 | | * Load OpenSC specific openssl config file to configure FIPS module |
859 | | * (or whatever else the user needs). |
860 | | * We assume that this config file will automatically activate the FIPS |
861 | | * and base providers so we don't need to explicitly load them here. |
862 | | */ |
863 | | if (!OSSL_LIB_CTX_load_config(ctx->ossl3ctx->libctx, ctx->openssl_config)) { |
864 | | return SC_ERROR_INTERNAL; |
865 | | } |
866 | | } |
867 | | } else { |
868 | | /* We do not have configuration file specified: load the default |
869 | | * and legacy providers */ |
870 | | ctx->ossl3ctx->defprov = OSSL_PROVIDER_load(ctx->ossl3ctx->libctx, "default"); |
871 | | if (ctx->ossl3ctx->defprov == NULL) { |
872 | | OSSL_LIB_CTX_free(ctx->ossl3ctx->libctx); |
873 | | free(ctx->ossl3ctx); |
874 | | ctx->ossl3ctx = NULL; |
875 | | return SC_ERROR_INTERNAL; |
876 | | } |
877 | | /* yes, legacy -- smart cards depend on several legacy algorithms */ |
878 | | ctx->ossl3ctx->legacyprov = OSSL_PROVIDER_load(ctx->ossl3ctx->libctx, "legacy"); |
879 | | if (ctx->ossl3ctx->legacyprov == NULL) { |
880 | | sc_log(ctx, "Failed to load OpenSSL Legacy provider"); |
881 | | } |
882 | | } |
883 | | return SC_SUCCESS; |
884 | | } |
885 | | |
886 | | static void sc_openssl3_deinit(sc_context_t *ctx) |
887 | | { |
888 | | if (ctx->ossl3ctx == NULL) |
889 | | return; |
890 | | if (ctx->ossl3ctx->legacyprov) |
891 | | OSSL_PROVIDER_unload(ctx->ossl3ctx->legacyprov); |
892 | | if (ctx->ossl3ctx->defprov) |
893 | | OSSL_PROVIDER_unload(ctx->ossl3ctx->defprov); |
894 | | if (ctx->ossl3ctx->libctx) |
895 | | OSSL_LIB_CTX_free(ctx->ossl3ctx->libctx); |
896 | | free(ctx->ossl3ctx); |
897 | | ctx->ossl3ctx = NULL; |
898 | | } |
899 | | #endif |
900 | | |
901 | | static char *get_exe_path() |
902 | 112k | { |
903 | | /* Find the executable's path which runs this code. |
904 | | * See https://github.com/gpakosz/whereami/ for |
905 | | * potentially more platforms */ |
906 | 112k | char exe_path[PATH_MAX] = "unknown executable path"; |
907 | 112k | int path_found = 0; |
908 | | |
909 | | #if defined(_WIN32) |
910 | | if (0 < GetModuleFileNameA(NULL, exe_path, sizeof exe_path)) |
911 | | path_found = 1; |
912 | | #elif defined(__APPLE__) |
913 | | if (0 < proc_pidpath(getpid(), exe_path, sizeof exe_path)) |
914 | | path_found = 1; |
915 | | #elif defined(__linux__) || defined(__CYGWIN__) |
916 | 112k | if (NULL != realpath("/proc/self/exe", exe_path)) |
917 | 112k | path_found = 1; |
918 | 112k | #endif |
919 | | |
920 | | #if defined(HAVE_GETPROGNAME) |
921 | | if (!path_found) { |
922 | | /* getprogname is unreliable and typically only returns the basename. |
923 | | * However, this should be enough for our purposes */ |
924 | | const char *prog = getprogname(); |
925 | | if (prog) |
926 | | strlcpy(exe_path, prog, sizeof exe_path); |
927 | | } |
928 | | #else |
929 | | /* avoid warning "set but not used" */ |
930 | 112k | (void) path_found; |
931 | 112k | #endif |
932 | | |
933 | 112k | return strdup(exe_path); |
934 | 112k | } |
935 | | |
936 | | int sc_context_create(sc_context_t **ctx_out, const sc_context_param_t *parm) |
937 | 112k | { |
938 | 112k | sc_context_t *ctx; |
939 | 112k | struct _sc_ctx_options opts; |
940 | 112k | int r; |
941 | 112k | char *driver; |
942 | | |
943 | 112k | if (ctx_out == NULL || parm == NULL) |
944 | 0 | return SC_ERROR_INVALID_ARGUMENTS; |
945 | | |
946 | 112k | ctx = calloc(1, sizeof(sc_context_t)); |
947 | 112k | if (ctx == NULL) |
948 | 0 | return SC_ERROR_OUT_OF_MEMORY; |
949 | 112k | memset(&opts, 0, sizeof(opts)); |
950 | | |
951 | | /* set the application name if set in the parameter options */ |
952 | 112k | if (parm->app_name != NULL) |
953 | 112k | ctx->app_name = strdup(parm->app_name); |
954 | 0 | else |
955 | 0 | ctx->app_name = strdup("default"); |
956 | 112k | if (ctx->app_name == NULL) { |
957 | 0 | sc_release_context(ctx); |
958 | 0 | return SC_ERROR_OUT_OF_MEMORY; |
959 | 0 | } |
960 | | |
961 | 112k | ctx->exe_path = get_exe_path(); |
962 | 112k | if (ctx->exe_path == NULL) { |
963 | 0 | sc_release_context(ctx); |
964 | 0 | return SC_ERROR_OUT_OF_MEMORY; |
965 | 0 | } |
966 | | |
967 | 112k | ctx->flags = parm->flags; |
968 | 112k | set_defaults(ctx, &opts); |
969 | | |
970 | 112k | if (0 != list_init(&ctx->readers)) { |
971 | 0 | del_drvs(&opts); |
972 | 0 | sc_release_context(ctx); |
973 | 0 | return SC_ERROR_OUT_OF_MEMORY; |
974 | 0 | } |
975 | 112k | list_attributes_seeker(&ctx->readers, reader_list_seeker); |
976 | | /* set thread context and create mutex object (if specified) */ |
977 | 112k | if (parm->thread_ctx != NULL) |
978 | 16.0k | ctx->thread_ctx = parm->thread_ctx; |
979 | 112k | r = sc_mutex_create(ctx, &ctx->mutex); |
980 | 112k | if (r != SC_SUCCESS) { |
981 | 0 | del_drvs(&opts); |
982 | 0 | sc_release_context(ctx); |
983 | 0 | return r; |
984 | 0 | } |
985 | | |
986 | | #if defined(ENABLE_OPENSSL) && defined(OPENSSL_SECURE_MALLOC_SIZE) && !defined(LIBRESSL_VERSION_NUMBER) |
987 | | if (!CRYPTO_secure_malloc_initialized()) { |
988 | | CRYPTO_secure_malloc_init(OPENSSL_SECURE_MALLOC_SIZE, OPENSSL_SECURE_MALLOC_SIZE/8); |
989 | | } |
990 | | #endif |
991 | | |
992 | 112k | process_config_file(ctx, &opts); |
993 | | |
994 | | /* overwrite with caller's parameters if explicitly given */ |
995 | 112k | if (parm->debug) { |
996 | 3.59k | ctx->debug = parm->debug; |
997 | 3.59k | } |
998 | 112k | if (parm->debug_file) { |
999 | 3.59k | if (ctx->debug_file && (ctx->debug_file != stderr && ctx->debug_file != stdout)) |
1000 | 0 | fclose(ctx->debug_file); |
1001 | 3.59k | ctx->debug_file = parm->debug_file; |
1002 | 3.59k | } |
1003 | | |
1004 | 112k | sc_log(ctx, "==================================="); /* first thing in the log */ |
1005 | 112k | sc_log(ctx, "OpenSC version: %s", sc_get_version()); |
1006 | 112k | sc_log(ctx, "Configured for %s (%s)", ctx->app_name, ctx->exe_path); |
1007 | | |
1008 | | #ifdef USE_OPENSSL3_LIBCTX |
1009 | | r = sc_openssl3_init(ctx); |
1010 | | if (r != SC_SUCCESS) { |
1011 | | del_drvs(&opts); |
1012 | | sc_release_context(ctx); |
1013 | | return r; |
1014 | | } |
1015 | | #endif |
1016 | | |
1017 | | #ifdef ENABLE_PCSC |
1018 | | ctx->reader_driver = sc_get_pcsc_driver(); |
1019 | | #elif defined(ENABLE_CRYPTOTOKENKIT) |
1020 | | ctx->reader_driver = sc_get_cryptotokenkit_driver(); |
1021 | | #elif defined(ENABLE_CTAPI) |
1022 | | ctx->reader_driver = sc_get_ctapi_driver(); |
1023 | | #elif defined(ENABLE_OPENCT) |
1024 | | ctx->reader_driver = sc_get_openct_driver(); |
1025 | | #endif |
1026 | | |
1027 | 112k | r = ctx->reader_driver->ops->init(ctx); |
1028 | 112k | if (r != SC_SUCCESS) { |
1029 | 0 | del_drvs(&opts); |
1030 | 0 | sc_release_context(ctx); |
1031 | 0 | return r; |
1032 | 0 | } |
1033 | | |
1034 | 112k | driver = getenv("OPENSC_DRIVER"); |
1035 | 112k | if (driver) { |
1036 | 0 | scconf_list *list = NULL; |
1037 | 0 | scconf_list_add(&list, driver); |
1038 | 0 | set_drivers(&opts, list); |
1039 | 0 | scconf_list_destroy(list); |
1040 | 0 | } |
1041 | | |
1042 | 112k | load_card_drivers(ctx, &opts); |
1043 | 112k | load_card_atrs(ctx); |
1044 | | |
1045 | 112k | del_drvs(&opts); |
1046 | 112k | sc_ctx_detect_readers(ctx); |
1047 | 112k | *ctx_out = ctx; |
1048 | | |
1049 | 112k | return SC_SUCCESS; |
1050 | 112k | } |
1051 | | |
1052 | | /* Used by minidriver to pass in provided handles to reader-pcsc */ |
1053 | | int sc_ctx_use_reader(sc_context_t *ctx, void *pcsc_context_handle, void *pcsc_card_handle) |
1054 | 0 | { |
1055 | 0 | LOG_FUNC_CALLED(ctx); |
1056 | 0 | if (ctx->reader_driver->ops->use_reader != NULL) |
1057 | 0 | return ctx->reader_driver->ops->use_reader(ctx, pcsc_context_handle, pcsc_card_handle); |
1058 | | |
1059 | 0 | return SC_ERROR_NOT_SUPPORTED; |
1060 | 0 | } |
1061 | | |
1062 | | /* Following two are only implemented with internal PC/SC and don't consume a reader object */ |
1063 | | int sc_cancel(sc_context_t *ctx) |
1064 | 16.0k | { |
1065 | 16.0k | LOG_FUNC_CALLED(ctx); |
1066 | 16.0k | if (ctx->reader_driver->ops->cancel != NULL) |
1067 | 0 | return ctx->reader_driver->ops->cancel(ctx); |
1068 | | |
1069 | 16.0k | return SC_ERROR_NOT_SUPPORTED; |
1070 | 16.0k | } |
1071 | | |
1072 | | |
1073 | | int sc_wait_for_event(sc_context_t *ctx, unsigned int event_mask, sc_reader_t **event_reader, unsigned int *event, int timeout, void **reader_states) |
1074 | 0 | { |
1075 | 0 | LOG_FUNC_CALLED(ctx); |
1076 | 0 | if (ctx->reader_driver->ops->wait_for_event != NULL) |
1077 | 0 | return ctx->reader_driver->ops->wait_for_event(ctx, event_mask, event_reader, event, timeout, reader_states); |
1078 | | |
1079 | 0 | return SC_ERROR_NOT_SUPPORTED; |
1080 | 0 | } |
1081 | | |
1082 | | int sc_release_context(sc_context_t *ctx) |
1083 | 112k | { |
1084 | 112k | unsigned int i; |
1085 | | |
1086 | 112k | if (ctx == NULL) { |
1087 | 5 | return SC_ERROR_INVALID_ARGUMENTS; |
1088 | 5 | } |
1089 | 112k | SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); |
1090 | 224k | while (list_size(&ctx->readers)) { |
1091 | 111k | sc_reader_t *rdr = (sc_reader_t *) list_get_at(&ctx->readers, 0); |
1092 | 111k | _sc_delete_reader(ctx, rdr); |
1093 | 111k | } |
1094 | | |
1095 | 112k | if (ctx->reader_driver != NULL && ctx->reader_driver->ops->finish != NULL) |
1096 | 263 | ctx->reader_driver->ops->finish(ctx); |
1097 | | |
1098 | 4.82M | for (i = 0; ctx->card_drivers[i]; i++) { |
1099 | 4.71M | struct sc_card_driver *drv = ctx->card_drivers[i]; |
1100 | | |
1101 | 4.71M | if (drv->atr_map) |
1102 | 0 | _sc_free_atr(ctx, drv); |
1103 | 4.71M | if (drv->dll) |
1104 | 0 | sc_dlclose(drv->dll); |
1105 | 4.71M | } |
1106 | | #ifdef USE_OPENSSL3_LIBCTX |
1107 | | sc_openssl3_deinit(ctx); |
1108 | | #endif |
1109 | 112k | if (ctx->preferred_language != NULL) |
1110 | 0 | free(ctx->preferred_language); |
1111 | 112k | if (ctx->mutex != NULL) { |
1112 | 0 | int r = sc_mutex_destroy(ctx, ctx->mutex); |
1113 | 0 | if (r != SC_SUCCESS) { |
1114 | 0 | sc_log(ctx, "unable to destroy mutex"); |
1115 | 0 | return r; |
1116 | 0 | } |
1117 | 0 | } |
1118 | 112k | if (ctx->conf != NULL) |
1119 | 112k | scconf_free(ctx->conf); |
1120 | 112k | if (ctx->debug_file && (ctx->debug_file != stdout && ctx->debug_file != stderr)) |
1121 | 0 | fclose(ctx->debug_file); |
1122 | 112k | free(ctx->debug_filename); |
1123 | 112k | free(ctx->app_name); |
1124 | 112k | free(ctx->exe_path); |
1125 | 112k | list_destroy(&ctx->readers); |
1126 | 112k | sc_mem_clear(ctx, sizeof(*ctx)); |
1127 | 112k | free(ctx); |
1128 | 112k | return SC_SUCCESS; |
1129 | 112k | } |
1130 | | |
1131 | | int sc_set_card_driver(sc_context_t *ctx, const char *short_name) |
1132 | 3.21k | { |
1133 | 3.21k | int i = 0, match = 0; |
1134 | | |
1135 | 3.21k | sc_mutex_lock(ctx, ctx->mutex); |
1136 | 3.21k | if (short_name == NULL) { |
1137 | 0 | ctx->forced_driver = NULL; |
1138 | 0 | match = 1; |
1139 | 99.5k | } else while (i < SC_MAX_CARD_DRIVERS && ctx->card_drivers[i] != NULL) { |
1140 | 99.5k | struct sc_card_driver *drv = ctx->card_drivers[i]; |
1141 | | |
1142 | 99.5k | if (strcmp(short_name, drv->short_name) == 0) { |
1143 | 3.21k | ctx->forced_driver = drv; |
1144 | 3.21k | match = 1; |
1145 | 3.21k | break; |
1146 | 3.21k | } |
1147 | 96.3k | i++; |
1148 | 96.3k | } |
1149 | 3.21k | sc_mutex_unlock(ctx, ctx->mutex); |
1150 | 3.21k | if (match == 0) |
1151 | 0 | return SC_ERROR_OBJECT_NOT_FOUND; /* FIXME: invent error */ |
1152 | 3.21k | return SC_SUCCESS; |
1153 | 3.21k | } |
1154 | | |
1155 | | int sc_get_cache_dir(sc_context_t *ctx, char *buf, size_t bufsize) |
1156 | 77.6k | { |
1157 | 77.6k | char *homedir; |
1158 | 77.6k | const char *cache_dir; |
1159 | 77.6k | scconf_block *conf_block = NULL; |
1160 | | #ifdef _WIN32 |
1161 | | char temp_path[PATH_MAX]; |
1162 | | #endif |
1163 | 77.6k | conf_block = sc_get_conf_block(ctx, "framework", "pkcs15", 1); |
1164 | 77.6k | cache_dir = scconf_get_str(conf_block, "file_cache_dir", NULL); |
1165 | 77.6k | if (cache_dir != NULL) { |
1166 | 0 | strlcpy(buf, cache_dir, bufsize); |
1167 | 0 | return SC_SUCCESS; |
1168 | 0 | } |
1169 | | |
1170 | 77.6k | #ifndef _WIN32 |
1171 | | #ifdef __APPLE__ |
1172 | | cache_dir = getenv("Caches"); |
1173 | | #else |
1174 | 77.6k | cache_dir = getenv("XDG_CACHE_HOME"); |
1175 | 77.6k | #endif |
1176 | 77.6k | if (cache_dir != NULL && cache_dir[0] != '\0') { |
1177 | 0 | snprintf(buf, bufsize, "%s/%s", cache_dir, "opensc"); |
1178 | 0 | return SC_SUCCESS; |
1179 | 0 | } |
1180 | 77.6k | cache_dir = ".cache/opensc"; |
1181 | 77.6k | homedir = getenv("HOME"); |
1182 | | #else |
1183 | | cache_dir = "eid-cache"; |
1184 | | homedir = getenv("USERPROFILE"); |
1185 | | /* If USERPROFILE isn't defined, assume it's a single-user OS |
1186 | | * and put the cache dir in the Windows dir (usually C:\\WINDOWS) */ |
1187 | | if (homedir == NULL || homedir[0] == '\0') { |
1188 | | GetWindowsDirectoryA(temp_path, sizeof(temp_path)); |
1189 | | homedir = temp_path; |
1190 | | } |
1191 | | #endif |
1192 | 77.6k | if (homedir == NULL || homedir[0] == '\0') |
1193 | 0 | return SC_ERROR_INTERNAL; |
1194 | 77.6k | if (snprintf(buf, bufsize, "%s/%s", homedir, cache_dir) < 0) |
1195 | 0 | return SC_ERROR_BUFFER_TOO_SMALL; |
1196 | 77.6k | return SC_SUCCESS; |
1197 | 77.6k | } |
1198 | | |
1199 | | int sc_make_cache_dir(sc_context_t *ctx) |
1200 | 267 | { |
1201 | 267 | char dirname[PATH_MAX], *sp; |
1202 | 267 | int r, mkdir_checker; |
1203 | 267 | size_t j, namelen; |
1204 | | |
1205 | 267 | if ((r = sc_get_cache_dir(ctx, dirname, sizeof(dirname))) < 0) |
1206 | 0 | return r; |
1207 | 267 | namelen = strlen(dirname); |
1208 | | |
1209 | 267 | while (1) { |
1210 | | #ifdef _WIN32 |
1211 | | mkdir_checker = mkdir(dirname) >= 0; |
1212 | | #else |
1213 | 267 | mkdir_checker = mkdir(dirname, 0700) >= 0; |
1214 | 267 | #endif |
1215 | 267 | if (mkdir_checker) |
1216 | 1 | break; |
1217 | | |
1218 | 266 | if (errno != ENOENT || (sp = strrchr(dirname, '/')) == NULL |
1219 | 0 | || sp == dirname) |
1220 | 266 | goto failed; |
1221 | 0 | *sp = '\0'; |
1222 | 0 | } |
1223 | | |
1224 | | /* We may have stripped one or more path components from |
1225 | | * the directory name. Restore them */ |
1226 | 1 | while (1) { |
1227 | 1 | j = strlen(dirname); |
1228 | 1 | if (j >= namelen) |
1229 | 1 | break; |
1230 | 0 | dirname[j] = '/'; |
1231 | | #ifdef _WIN32 |
1232 | | mkdir_checker = mkdir(dirname) < 0; |
1233 | | #else |
1234 | 0 | mkdir_checker = mkdir(dirname, 0700) < 0; |
1235 | 0 | #endif |
1236 | 0 | if (mkdir_checker) |
1237 | 0 | goto failed; |
1238 | 0 | } |
1239 | 1 | return SC_SUCCESS; |
1240 | | |
1241 | | /* for lack of a better return code */ |
1242 | 266 | failed: |
1243 | 266 | sc_log(ctx, "failed to create cache directory"); |
1244 | 266 | return SC_ERROR_INTERNAL; |
1245 | 1 | } |