summaryrefslogtreecommitdiff
path: root/scd/command.c
diff options
context:
space:
mode:
authorAnas Nashif <anas.nashif@intel.com>2013-03-27 09:15:23 -0700
committerAnas Nashif <anas.nashif@intel.com>2013-03-27 09:15:23 -0700
commit6576640b55777bd811a12a188b9b1f3c63653799 (patch)
tree7dab5ece3a5bf7ed238e8b0824194ce01b61121e /scd/command.c
downloadgpg2-6576640b55777bd811a12a188b9b1f3c63653799.tar.gz
gpg2-6576640b55777bd811a12a188b9b1f3c63653799.tar.bz2
gpg2-6576640b55777bd811a12a188b9b1f3c63653799.zip
Imported Upstream version 2.0.19upstream/2.0.19
Diffstat (limited to 'scd/command.c')
-rw-r--r--scd/command.c2327
1 files changed, 2327 insertions, 0 deletions
diff --git a/scd/command.c b/scd/command.c
new file mode 100644
index 0000000..52b22c6
--- /dev/null
+++ b/scd/command.c
@@ -0,0 +1,2327 @@
+/* command.c - SCdaemon command handler
+ * Copyright (C) 2001, 2002, 2003, 2004, 2005,
+ * 2007, 2008, 2009 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <unistd.h>
+#include <signal.h>
+#ifdef USE_GNU_PTH
+# include <pth.h>
+#endif
+
+#include "scdaemon.h"
+#include <assuan.h>
+#include <ksba.h>
+#include "app-common.h"
+#include "apdu.h" /* Required for apdu_*_reader (). */
+#include "exechelp.h"
+#ifdef HAVE_LIBUSB
+#include "ccid-driver.h"
+#endif
+
+/* Maximum length allowed as a PIN; used for INQUIRE NEEDPIN */
+#define MAXLEN_PIN 100
+
+/* Maximum allowed size of key data as used in inquiries. */
+#define MAXLEN_KEYDATA 4096
+
+/* Maximum allowed size of certificate data as used in inquiries. */
+#define MAXLEN_CERTDATA 16384
+
+
+#define set_error(e,t) assuan_set_error (ctx, gpg_error (e), (t))
+
+
+/* Macro to flag a removed card. ENODEV is also tested to catch teh
+ case of a removed reader. */
+#define TEST_CARD_REMOVAL(c,r) \
+ do { \
+ int _r = (r); \
+ if (gpg_err_code (_r) == GPG_ERR_CARD_NOT_PRESENT \
+ || gpg_err_code (_r) == GPG_ERR_CARD_REMOVED \
+ || gpg_err_code (_r) == GPG_ERR_ENODEV ) \
+ update_card_removed ((c)->reader_slot, 1); \
+ } while (0)
+
+#define IS_LOCKED(c) \
+ (locked_session && locked_session != (c)->server_local \
+ && (c)->reader_slot != -1 && locked_session->ctrl_backlink \
+ && (c)->reader_slot == locked_session->ctrl_backlink->reader_slot)
+
+
+/* Flag indicating that the reader has been disabled. */
+static int reader_disabled;
+
+
+/* This structure is used to keep track of open readers (slots). */
+struct slot_status_s
+{
+ int valid; /* True if the other objects are valid. */
+ int slot; /* Slot number of the reader or -1 if not open. */
+
+ int reset_failed; /* A reset failed. */
+
+ int any; /* Flag indicating whether any status check has been
+ done. This is set once to indicate that the status
+ tracking for the slot has been initialized. */
+ unsigned int status; /* Last status of the slot. */
+ unsigned int changed; /* Last change counter of the slot. */
+};
+
+
+/* Data used to associate an Assuan context with local server data.
+ This object describes the local properties of one session. */
+struct server_local_s
+{
+ /* We keep a list of all active sessions with the anchor at
+ SESSION_LIST (see below). This field is used for linking. */
+ struct server_local_s *next_session;
+
+ /* This object is usually assigned to a CTRL object (which is
+ globally visible). While enumerating all sessions we sometimes
+ need to access data of the CTRL object; thus we keep a
+ backpointer here. */
+ ctrl_t ctrl_backlink;
+
+ /* The Assuan context used by this session/server. */
+ assuan_context_t assuan_ctx;
+
+#ifdef HAVE_W32_SYSTEM
+ unsigned long event_signal; /* Or 0 if not used. */
+#else
+ int event_signal; /* Or 0 if not used. */
+#endif
+
+ /* True if the card has been removed and a reset is required to
+ continue operation. */
+ int card_removed;
+
+ /* Flag indicating that the application context needs to be released
+ at the next opportunity. */
+ int app_ctx_marked_for_release;
+
+ /* A disconnect command has been sent. */
+ int disconnect_allowed;
+
+ /* If set to true we will be terminate ourself at the end of the
+ this session. */
+ int stopme;
+
+};
+
+
+/* The table with information on all used slots. FIXME: This is a
+ different slot number than the one used by the APDU layer, and
+ should be renamed. */
+static struct slot_status_s slot_table[10];
+
+
+/* To keep track of all running sessions, we link all active server
+ contexts and the anchor in this variable. */
+static struct server_local_s *session_list;
+
+/* If a session has been locked we store a link to its server object
+ in this variable. */
+static struct server_local_s *locked_session;
+
+/* While doing a reset we need to make sure that the ticker does not
+ call scd_update_reader_status_file while we are using it. */
+static pth_mutex_t status_file_update_lock;
+
+
+/*-- Local prototypes --*/
+static void update_reader_status_file (int set_card_removed_flag);
+
+
+
+
+/* This function must be called once to initialize this module. This
+ has to be done before a second thread is spawned. We can't do the
+ static initialization because Pth emulation code might not be able
+ to do a static init; in particular, it is not possible for W32. */
+void
+initialize_module_command (void)
+{
+ static int initialized;
+
+ if (!initialized)
+ {
+ if (pth_mutex_init (&status_file_update_lock))
+ initialized = 1;
+ }
+}
+
+
+/* Update the CARD_REMOVED element of all sessions using the reader
+ given by SLOT to VALUE. */
+static void
+update_card_removed (int slot, int value)
+{
+ struct server_local_s *sl;
+
+ for (sl=session_list; sl; sl = sl->next_session)
+ if (sl->ctrl_backlink
+ && sl->ctrl_backlink->reader_slot == slot)
+ {
+ sl->card_removed = value;
+ }
+ /* Let the card application layer know about the removal. */
+ if (value)
+ application_notify_card_reset (slot);
+}
+
+
+
+/* Check whether the option NAME appears in LINE. Returns 1 or 0. */
+static int
+has_option (const char *line, const char *name)
+{
+ const char *s;
+ int n = strlen (name);
+
+ s = strstr (line, name);
+ return (s && (s == line || spacep (s-1)) && (!s[n] || spacep (s+n)));
+}
+
+/* Same as has_option but does only test for the name of the option
+ and ignores an argument, i.e. with NAME being "--hash" it would
+ return a pointer for "--hash" as well as for "--hash=foo". If
+ there is no such option NULL is returned. The pointer returned
+ points right behind the option name, this may be an equal sign, Nul
+ or a space. */
+static const char *
+has_option_name (const char *line, const char *name)
+{
+ const char *s;
+ int n = strlen (name);
+
+ s = strstr (line, name);
+ return (s && (s == line || spacep (s-1))
+ && (!s[n] || spacep (s+n) || s[n] == '=')) ? (s+n) : NULL;
+}
+
+
+/* Skip over options. It is assumed that leading spaces have been
+ removed (this is the case for lines passed to a handler from
+ assuan). Blanks after the options are also removed. */
+static char *
+skip_options (char *line)
+{
+ while ( *line == '-' && line[1] == '-' )
+ {
+ while (*line && !spacep (line))
+ line++;
+ while (spacep (line))
+ line++;
+ }
+ return line;
+}
+
+
+
+/* Convert the STRING into a newly allocated buffer while translating
+ the hex numbers. Stops at the first invalid character. Blanks and
+ colons are allowed to separate the hex digits. Returns NULL on
+ error or a newly malloced buffer and its length in LENGTH. */
+static unsigned char *
+hex_to_buffer (const char *string, size_t *r_length)
+{
+ unsigned char *buffer;
+ const char *s;
+ size_t n;
+
+ buffer = xtrymalloc (strlen (string)+1);
+ if (!buffer)
+ return NULL;
+ for (s=string, n=0; *s; s++)
+ {
+ if (spacep (s) || *s == ':')
+ continue;
+ if (hexdigitp (s) && hexdigitp (s+1))
+ {
+ buffer[n++] = xtoi_2 (s);
+ s++;
+ }
+ else
+ break;
+ }
+ *r_length = n;
+ return buffer;
+}
+
+
+
+/* Reset the card and free the application context. With SEND_RESET
+ set to true actually send a RESET to the reader; this is the normal
+ way of calling the function. */
+static void
+do_reset (ctrl_t ctrl, int send_reset)
+{
+ int slot = ctrl->reader_slot;
+
+ if (!(slot == -1 || (slot >= 0 && slot < DIM(slot_table))))
+ BUG ();
+
+ /* If there is an active application, release it. Tell all other
+ sessions using the same application to release the
+ application. */
+ if (ctrl->app_ctx)
+ {
+ release_application (ctrl->app_ctx);
+ ctrl->app_ctx = NULL;
+ if (send_reset)
+ {
+ struct server_local_s *sl;
+
+ for (sl=session_list; sl; sl = sl->next_session)
+ if (sl->ctrl_backlink
+ && sl->ctrl_backlink->reader_slot == slot)
+ {
+ sl->app_ctx_marked_for_release = 1;
+ }
+ }
+ }
+
+ /* If we want a real reset for the card, send the reset APDU and
+ tell the application layer about it. */
+ if (slot != -1 && send_reset && !IS_LOCKED (ctrl) )
+ {
+ if (apdu_reset (slot))
+ {
+ slot_table[slot].valid = 0;
+ }
+ application_notify_card_reset (slot);
+ }
+
+ /* If we hold a lock, unlock now. */
+ if (locked_session && ctrl->server_local == locked_session)
+ {
+ locked_session = NULL;
+ log_info ("implicitly unlocking due to RESET\n");
+ }
+
+ /* Reset the card removed flag for the current reader. We need to
+ take the lock here so that the ticker thread won't concurrently
+ try to update the file. Calling update_reader_status_file is
+ required to get hold of the new status of the card in the slot
+ table. */
+ if (!pth_mutex_acquire (&status_file_update_lock, 0, NULL))
+ {
+ log_error ("failed to acquire status_fle_update lock\n");
+ ctrl->reader_slot = -1;
+ return;
+ }
+ update_reader_status_file (0); /* Update slot status table. */
+ update_card_removed (slot, 0); /* Clear card_removed flag. */
+ if (!pth_mutex_release (&status_file_update_lock))
+ log_error ("failed to release status_file_update lock\n");
+
+ /* Do this last, so that the update_card_removed above does its job. */
+ ctrl->reader_slot = -1;
+}
+
+
+static gpg_error_t
+reset_notify (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+
+ (void) line;
+
+ do_reset (ctrl, 1);
+ return 0;
+}
+
+
+static gpg_error_t
+option_handler (assuan_context_t ctx, const char *key, const char *value)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+
+ if (!strcmp (key, "event-signal"))
+ {
+ /* A value of 0 is allowed to reset the event signal. */
+#ifdef HAVE_W32_SYSTEM
+ if (!*value)
+ return gpg_error (GPG_ERR_ASS_PARAMETER);
+ ctrl->server_local->event_signal = strtoul (value, NULL, 16);
+#else
+ int i = *value? atoi (value) : -1;
+ if (i < 0)
+ return gpg_error (GPG_ERR_ASS_PARAMETER);
+ ctrl->server_local->event_signal = i;
+#endif
+ }
+
+ return 0;
+}
+
+
+/* Return the slot of the current reader or open the reader if no
+ other sessions are using a reader. Note, that we currently support
+ only one reader but most of the code (except for this function)
+ should be able to cope with several readers. */
+static int
+get_reader_slot (void)
+{
+ struct slot_status_s *ss;
+
+ ss = &slot_table[0]; /* One reader for now. */
+
+ /* Initialize the item if needed. */
+ if (!ss->valid)
+ {
+ ss->slot = -1;
+ ss->valid = 1;
+ }
+
+ /* Try to open the reader. */
+ if (ss->slot == -1)
+ {
+ int no_service_flag;
+ ss->slot = apdu_open_reader (opt.reader_port, &no_service_flag);
+
+ /* If we still don't have a slot, we have no readers.
+ Invalidate for now until a reader is attached. */
+ if(ss->slot == -1)
+ {
+ ss->valid = 0;
+ }
+
+ if (no_service_flag)
+ {
+ log_info ("no card services - disabling scdaemon\n");
+ reader_disabled = 1;
+ }
+ }
+
+ /* Return the slot_table index. */
+ return 0;
+}
+
+/* If the card has not yet been opened, do it. Note that this
+ function returns an Assuan error, so don't map the error a second
+ time. */
+static gpg_error_t
+open_card (ctrl_t ctrl, const char *apptype)
+{
+ gpg_error_t err;
+ int slot;
+
+ if (reader_disabled)
+ return gpg_error (GPG_ERR_NOT_OPERATIONAL);
+
+ /* If we ever got a card not present error code, return that. Only
+ the SERIALNO command and a reset are able to clear from that
+ state. */
+ if (ctrl->server_local->card_removed)
+ return gpg_error (GPG_ERR_CARD_REMOVED);
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ /* If the application has been marked for release do it now. We
+ can't do it immediately in do_reset because the application may
+ still be in use. */
+ if (ctrl->server_local->app_ctx_marked_for_release)
+ {
+ ctrl->server_local->app_ctx_marked_for_release = 0;
+ release_application (ctrl->app_ctx);
+ ctrl->app_ctx = NULL;
+ }
+
+ /* If we are already initialized for one specific application we
+ need to check that the client didn't requested a specific
+ application different from the one in use before we continue. */
+ if (ctrl->app_ctx)
+ return check_application_conflict (ctrl, apptype);
+
+ /* Setup the slot and select the application. */
+ if (ctrl->reader_slot != -1)
+ slot = ctrl->reader_slot;
+ else
+ slot = get_reader_slot ();
+ ctrl->reader_slot = slot;
+ if (slot == -1)
+ err = gpg_error (reader_disabled? GPG_ERR_NOT_OPERATIONAL: GPG_ERR_CARD);
+ else
+ {
+ /* Fixme: We should move the apdu_connect call to
+ select_application. */
+ int sw;
+
+ ctrl->server_local->disconnect_allowed = 0;
+ sw = apdu_connect (slot);
+ if (sw && sw != SW_HOST_ALREADY_CONNECTED)
+ {
+ if (sw == SW_HOST_NO_CARD)
+ err = gpg_error (GPG_ERR_CARD_NOT_PRESENT);
+ else
+ err = gpg_error (GPG_ERR_CARD);
+ }
+ else
+ err = select_application (ctrl, slot, apptype, &ctrl->app_ctx);
+ }
+
+ TEST_CARD_REMOVAL (ctrl, err);
+ return err;
+}
+
+
+static const char hlp_serialno[] =
+ "SERIALNO [<apptype>]\n"
+ "\n"
+ "Return the serial number of the card using a status reponse. This\n"
+ "function should be used to check for the presence of a card.\n"
+ "\n"
+ "If APPTYPE is given, an application of that type is selected and an\n"
+ "error is returned if the application is not supported or available.\n"
+ "The default is to auto-select the application using a hardwired\n"
+ "preference system. Note, that a future extension to this function\n"
+ "may allow to specify a list and order of applications to try.\n"
+ "\n"
+ "This function is special in that it can be used to reset the card.\n"
+ "Most other functions will return an error when a card change has\n"
+ "been detected and the use of this function is therefore required.\n"
+ "\n"
+ "Background: We want to keep the client clear of handling card\n"
+ "changes between operations; i.e. the client can assume that all\n"
+ "operations are done on the same card unless he calls this function.";
+static gpg_error_t
+cmd_serialno (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc = 0;
+ char *serial_and_stamp;
+ char *serial;
+ time_t stamp;
+
+ /* Clear the remove flag so that the open_card is able to reread it. */
+ if (!reader_disabled && ctrl->server_local->card_removed)
+ {
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+ do_reset (ctrl, 1);
+ }
+
+ if ((rc = open_card (ctrl, *line? line:NULL)))
+ return rc;
+
+ rc = app_get_serial_and_stamp (ctrl->app_ctx, &serial, &stamp);
+ if (rc)
+ return rc;
+
+ rc = estream_asprintf (&serial_and_stamp, "%s %lu",
+ serial, (unsigned long)stamp);
+ xfree (serial);
+ if (rc < 0)
+ return out_of_core ();
+ rc = 0;
+ assuan_write_status (ctx, "SERIALNO", serial_and_stamp);
+ xfree (serial_and_stamp);
+ return 0;
+}
+
+
+static const char hlp_learn[] =
+ "LEARN [--force] [--keypairinfo]\n"
+ "\n"
+ "Learn all useful information of the currently inserted card. When\n"
+ "used without the force options, the command might do an INQUIRE\n"
+ "like this:\n"
+ "\n"
+ " INQUIRE KNOWNCARDP <hexstring_with_serialNumber> <timestamp>\n"
+ "\n"
+ "The client should just send an \"END\" if the processing should go on\n"
+ "or a \"CANCEL\" to force the function to terminate with a Cancel\n"
+ "error message.\n"
+ "\n"
+ "With the option --keypairinfo only KEYPARIINFO lstatus lines are\n"
+ "returned.\n"
+ "\n"
+ "The response of this command is a list of status lines formatted as\n"
+ "this:\n"
+ "\n"
+ " S APPTYPE <apptype>\n"
+ "\n"
+ "This returns the type of the application, currently the strings:\n"
+ "\n"
+ " P15 = PKCS-15 structure used\n"
+ " DINSIG = DIN SIG\n"
+ " OPENPGP = OpenPGP card\n"
+ " NKS = NetKey card\n"
+ "\n"
+ "are implemented. These strings are aliases for the AID\n"
+ "\n"
+ " S KEYPAIRINFO <hexstring_with_keygrip> <hexstring_with_id>\n"
+ "\n"
+ "If there is no certificate yet stored on the card a single 'X' is\n"
+ "returned as the keygrip. In addition to the keypair info, information\n"
+ "about all certificates stored on the card is also returned:\n"
+ "\n"
+ " S CERTINFO <certtype> <hexstring_with_id>\n"
+ "\n"
+ "Where CERTTYPE is a number indicating the type of certificate:\n"
+ " 0 := Unknown\n"
+ " 100 := Regular X.509 cert\n"
+ " 101 := Trusted X.509 cert\n"
+ " 102 := Useful X.509 cert\n"
+ " 110 := Root CA cert in a special format (e.g. DINSIG)\n"
+ " 111 := Root CA cert as standard X509 cert.\n"
+ "\n"
+ "For certain cards, more information will be returned:\n"
+ "\n"
+ " S KEY-FPR <no> <hexstring>\n"
+ "\n"
+ "For OpenPGP cards this returns the stored fingerprints of the\n"
+ "keys. This can be used check whether a key is available on the\n"
+ "card. NO may be 1, 2 or 3.\n"
+ "\n"
+ " S CA-FPR <no> <hexstring>\n"
+ "\n"
+ "Similar to above, these are the fingerprints of keys assumed to be\n"
+ "ultimately trusted.\n"
+ "\n"
+ " S DISP-NAME <name_of_card_holder>\n"
+ "\n"
+ "The name of the card holder as stored on the card; percent\n"
+ "escaping takes place, spaces are encoded as '+'\n"
+ "\n"
+ " S PUBKEY-URL <url>\n"
+ "\n"
+ "The URL to be used for locating the entire public key.\n"
+ " \n"
+ "Note, that this function may even be used on a locked card.";
+static gpg_error_t
+cmd_learn (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc = 0;
+ int only_keypairinfo = has_option (line, "--keypairinfo");
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ /* Unless the force option is used we try a shortcut by identifying
+ the card using a serial number and inquiring the client with
+ that. The client may choose to cancel the operation if he already
+ knows about this card */
+ if (!only_keypairinfo)
+ {
+ char *serial_and_stamp;
+ char *serial;
+ time_t stamp;
+
+ rc = app_get_serial_and_stamp (ctrl->app_ctx, &serial, &stamp);
+ if (rc)
+ return rc;
+ rc = estream_asprintf (&serial_and_stamp, "%s %lu",
+ serial, (unsigned long)stamp);
+ xfree (serial);
+ if (rc < 0)
+ return out_of_core ();
+ rc = 0;
+ assuan_write_status (ctx, "SERIALNO", serial_and_stamp);
+
+ if (!has_option (line, "--force"))
+ {
+ char *command;
+
+ rc = estream_asprintf (&command, "KNOWNCARDP %s", serial_and_stamp);
+ if (rc < 0)
+ {
+ xfree (serial_and_stamp);
+ return out_of_core ();
+ }
+ rc = 0;
+ rc = assuan_inquire (ctx, command, NULL, NULL, 0);
+ xfree (command);
+ if (rc)
+ {
+ if (gpg_err_code (rc) != GPG_ERR_ASS_CANCELED)
+ log_error ("inquire KNOWNCARDP failed: %s\n",
+ gpg_strerror (rc));
+ xfree (serial_and_stamp);
+ return rc;
+ }
+ /* Not canceled, so we have to proceeed. */
+ }
+ xfree (serial_and_stamp);
+ }
+
+ /* Let the application print out its collection of useful status
+ information. */
+ if (!rc)
+ rc = app_write_learn_status (ctrl->app_ctx, ctrl, only_keypairinfo);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+
+static const char hlp_readcert[] =
+ "READCERT <hexified_certid>|<keyid>\n"
+ "\n"
+ "Note, that this function may even be used on a locked card.";
+static gpg_error_t
+cmd_readcert (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ unsigned char *cert;
+ size_t ncert;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ line = xstrdup (line); /* Need a copy of the line. */
+ rc = app_readcert (ctrl->app_ctx, line, &cert, &ncert);
+ if (rc)
+ log_error ("app_readcert failed: %s\n", gpg_strerror (rc));
+ xfree (line);
+ line = NULL;
+ if (!rc)
+ {
+ rc = assuan_send_data (ctx, cert, ncert);
+ xfree (cert);
+ if (rc)
+ return rc;
+ }
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_readkey[] =
+ "READKEY <keyid>\n"
+ "\n"
+ "Return the public key for the given cert or key ID as a standard\n"
+ "S-expression.\n"
+ "\n"
+ "Note, that this function may even be used on a locked card.";
+static gpg_error_t
+cmd_readkey (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ unsigned char *cert = NULL;
+ size_t ncert, n;
+ ksba_cert_t kc = NULL;
+ ksba_sexp_t p;
+ unsigned char *pk;
+ size_t pklen;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ line = xstrdup (line); /* Need a copy of the line. */
+ /* If the application supports the READKEY function we use that.
+ Otherwise we use the old way by extracting it from the
+ certificate. */
+ rc = app_readkey (ctrl->app_ctx, line, &pk, &pklen);
+ if (!rc)
+ { /* Yeah, got that key - send it back. */
+ rc = assuan_send_data (ctx, pk, pklen);
+ xfree (pk);
+ xfree (line);
+ line = NULL;
+ goto leave;
+ }
+
+ if (gpg_err_code (rc) != GPG_ERR_UNSUPPORTED_OPERATION)
+ log_error ("app_readkey failed: %s\n", gpg_strerror (rc));
+ else
+ {
+ rc = app_readcert (ctrl->app_ctx, line, &cert, &ncert);
+ if (rc)
+ log_error ("app_readcert failed: %s\n", gpg_strerror (rc));
+ }
+ xfree (line);
+ line = NULL;
+ if (rc)
+ goto leave;
+
+ rc = ksba_cert_new (&kc);
+ if (rc)
+ {
+ xfree (cert);
+ goto leave;
+ }
+ rc = ksba_cert_init_from_mem (kc, cert, ncert);
+ if (rc)
+ {
+ log_error ("failed to parse the certificate: %s\n", gpg_strerror (rc));
+ goto leave;
+ }
+
+ p = ksba_cert_get_public_key (kc);
+ if (!p)
+ {
+ rc = gpg_error (GPG_ERR_NO_PUBKEY);
+ goto leave;
+ }
+
+ n = gcry_sexp_canon_len (p, 0, NULL, NULL);
+ rc = assuan_send_data (ctx, p, n);
+ xfree (p);
+
+
+ leave:
+ ksba_cert_release (kc);
+ xfree (cert);
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+
+static const char hlp_setdata[] =
+ "SETDATA <hexstring> \n"
+ "\n"
+ "The client should use this command to tell us the data he want to sign.";
+static gpg_error_t
+cmd_setdata (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int n;
+ char *p;
+ unsigned char *buf;
+
+ if (locked_session && locked_session != ctrl->server_local)
+ return gpg_error (GPG_ERR_LOCKED);
+
+ /* Parse the hexstring. */
+ for (p=line,n=0; hexdigitp (p); p++, n++)
+ ;
+ if (*p)
+ return set_error (GPG_ERR_ASS_PARAMETER, "invalid hexstring");
+ if (!n)
+ return set_error (GPG_ERR_ASS_PARAMETER, "no data given");
+ if ((n&1))
+ return set_error (GPG_ERR_ASS_PARAMETER, "odd number of digits");
+ n /= 2;
+ buf = xtrymalloc (n);
+ if (!buf)
+ return out_of_core ();
+
+ ctrl->in_data.value = buf;
+ ctrl->in_data.valuelen = n;
+ for (p=line, n=0; n < ctrl->in_data.valuelen; p += 2, n++)
+ buf[n] = xtoi_2 (p);
+ return 0;
+}
+
+
+
+static gpg_error_t
+pin_cb (void *opaque, const char *info, char **retstr)
+{
+ assuan_context_t ctx = opaque;
+ char *command;
+ int rc;
+ unsigned char *value;
+ size_t valuelen;
+
+ if (!retstr)
+ {
+ /* We prompt for keypad entry. To make sure that the popup has
+ been show we use an inquire and not just a status message.
+ We ignore any value returned. */
+ if (info)
+ {
+ log_debug ("prompting for keypad entry '%s'\n", info);
+ rc = estream_asprintf (&command, "POPUPKEYPADPROMPT %s", info);
+ if (rc < 0)
+ return gpg_error (gpg_err_code_from_errno (errno));
+ rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
+ xfree (command);
+ }
+ else
+ {
+ log_debug ("dismiss keypad entry prompt\n");
+ rc = assuan_inquire (ctx, "DISMISSKEYPADPROMPT",
+ &value, &valuelen, MAXLEN_PIN);
+ }
+ if (!rc)
+ xfree (value);
+ return rc;
+ }
+
+ *retstr = NULL;
+ log_debug ("asking for PIN '%s'\n", info);
+
+ rc = estream_asprintf (&command, "NEEDPIN %s", info);
+ if (rc < 0)
+ return gpg_error (gpg_err_code_from_errno (errno));
+
+ /* Fixme: Write an inquire function which returns the result in
+ secure memory and check all further handling of the PIN. */
+ rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
+ xfree (command);
+ if (rc)
+ return rc;
+
+ if (!valuelen || value[valuelen-1])
+ {
+ /* We require that the returned value is an UTF-8 string */
+ xfree (value);
+ return gpg_error (GPG_ERR_INV_RESPONSE);
+ }
+ *retstr = (char*)value;
+ return 0;
+}
+
+
+static const char hlp_pksign[] =
+ "PKSIGN [--hash=[rmd160|sha{1,224,256,384,512}|md5]] <hexified_id>\n"
+ "\n"
+ "The --hash option is optional; the default is SHA1.";
+static gpg_error_t
+cmd_pksign (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ unsigned char *outdata;
+ size_t outdatalen;
+ char *keyidstr;
+ int hash_algo;
+
+ if (has_option (line, "--hash=rmd160"))
+ hash_algo = GCRY_MD_RMD160;
+ else if (has_option (line, "--hash=sha1"))
+ hash_algo = GCRY_MD_SHA1;
+ else if (has_option (line, "--hash=sha224"))
+ hash_algo = GCRY_MD_SHA224;
+ else if (has_option (line, "--hash=sha256"))
+ hash_algo = GCRY_MD_SHA256;
+ else if (has_option (line, "--hash=sha384"))
+ hash_algo = GCRY_MD_SHA384;
+ else if (has_option (line, "--hash=sha512"))
+ hash_algo = GCRY_MD_SHA512;
+ else if (has_option (line, "--hash=md5"))
+ hash_algo = GCRY_MD_MD5;
+ else if (!strstr (line, "--"))
+ hash_algo = GCRY_MD_SHA1;
+ else
+ return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm");
+
+ line = skip_options (line);
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ /* We have to use a copy of the key ID because the function may use
+ the pin_cb which in turn uses the assuan line buffer and thus
+ overwriting the original line with the keyid */
+ keyidstr = xtrystrdup (line);
+ if (!keyidstr)
+ return out_of_core ();
+
+ rc = app_sign (ctrl->app_ctx,
+ keyidstr, hash_algo,
+ pin_cb, ctx,
+ ctrl->in_data.value, ctrl->in_data.valuelen,
+ &outdata, &outdatalen);
+
+ xfree (keyidstr);
+ if (rc)
+ {
+ log_error ("app_sign failed: %s\n", gpg_strerror (rc));
+ }
+ else
+ {
+ rc = assuan_send_data (ctx, outdata, outdatalen);
+ xfree (outdata);
+ if (rc)
+ return rc; /* that is already an assuan error code */
+ }
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_pkauth[] =
+ "PKAUTH <hexified_id>";
+static gpg_error_t
+cmd_pkauth (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ unsigned char *outdata;
+ size_t outdatalen;
+ char *keyidstr;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ /* We have to use a copy of the key ID because the function may use
+ the pin_cb which in turn uses the assuan line buffer and thus
+ overwriting the original line with the keyid */
+ keyidstr = xtrystrdup (line);
+ if (!keyidstr)
+ return out_of_core ();
+
+ rc = app_auth (ctrl->app_ctx,
+ keyidstr,
+ pin_cb, ctx,
+ ctrl->in_data.value, ctrl->in_data.valuelen,
+ &outdata, &outdatalen);
+ xfree (keyidstr);
+ if (rc)
+ {
+ log_error ("app_auth failed: %s\n", gpg_strerror (rc));
+ }
+ else
+ {
+ rc = assuan_send_data (ctx, outdata, outdatalen);
+ xfree (outdata);
+ if (rc)
+ return rc; /* that is already an assuan error code */
+ }
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_pkdecrypt[] =
+ "PKDECRYPT <hexified_id>";
+static gpg_error_t
+cmd_pkdecrypt (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ unsigned char *outdata;
+ size_t outdatalen;
+ char *keyidstr;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ keyidstr = xtrystrdup (line);
+ if (!keyidstr)
+ return out_of_core ();
+ rc = app_decipher (ctrl->app_ctx,
+ keyidstr,
+ pin_cb, ctx,
+ ctrl->in_data.value, ctrl->in_data.valuelen,
+ &outdata, &outdatalen);
+
+ xfree (keyidstr);
+ if (rc)
+ {
+ log_error ("app_decipher failed: %s\n", gpg_strerror (rc));
+ }
+ else
+ {
+ rc = assuan_send_data (ctx, outdata, outdatalen);
+ xfree (outdata);
+ if (rc)
+ return rc; /* that is already an assuan error code */
+ }
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_getattr[] =
+ "GETATTR <name>\n"
+ "\n"
+ "This command is used to retrieve data from a smartcard. The\n"
+ "allowed names depend on the currently selected smartcard\n"
+ "application. NAME must be percent and '+' escaped. The value is\n"
+ "returned through status message, see the LEARN command for details.\n"
+ "\n"
+ "However, the current implementation assumes that Name is not escaped;\n"
+ "this works as long as noone uses arbitrary escaping. \n"
+ "\n"
+ "Note, that this function may even be used on a locked card.";
+static gpg_error_t
+cmd_getattr (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ const char *keyword;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ keyword = line;
+ for (; *line && !spacep (line); line++)
+ ;
+ if (*line)
+ *line++ = 0;
+
+ /* (We ignore any garbage for now.) */
+
+ /* FIXME: Applications should not return sensitive data if the card
+ is locked. */
+ rc = app_getattr (ctrl->app_ctx, ctrl, keyword);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_setattr[] =
+ "SETATTR <name> <value> \n"
+ "\n"
+ "This command is used to store data on a a smartcard. The allowed\n"
+ "names and values are depend on the currently selected smartcard\n"
+ "application. NAME and VALUE must be percent and '+' escaped.\n"
+ "\n"
+ "However, the current implementation assumes that NAME is not\n"
+ "escaped; this works as long as noone uses arbitrary escaping.\n"
+ "\n"
+ "A PIN will be requested for most NAMEs. See the corresponding\n"
+ "setattr function of the actually used application (app-*.c) for\n"
+ "details.";
+static gpg_error_t
+cmd_setattr (assuan_context_t ctx, char *orig_line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ char *keyword;
+ int keywordlen;
+ size_t nbytes;
+ char *line, *linebuf;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ /* We need to use a copy of LINE, because PIN_CB uses the same
+ context and thus reuses the Assuan provided LINE. */
+ line = linebuf = xtrystrdup (orig_line);
+ if (!line)
+ return out_of_core ();
+
+ keyword = line;
+ for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
+ ;
+ if (*line)
+ *line++ = 0;
+ while (spacep (line))
+ line++;
+ nbytes = percent_plus_unescape_inplace (line, 0);
+
+ rc = app_setattr (ctrl->app_ctx, keyword, pin_cb, ctx,
+ (const unsigned char*)line, nbytes);
+ xfree (linebuf);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_writecert[] =
+ "WRITECERT <hexified_certid>\n"
+ "\n"
+ "This command is used to store a certifciate on a smartcard. The\n"
+ "allowed certids depend on the currently selected smartcard\n"
+ "application. The actual certifciate is requested using the inquiry\n"
+ "\"CERTDATA\" and needs to be provided in its raw (e.g. DER) form.\n"
+ "\n"
+ "In almost all cases a a PIN will be requested. See the related\n"
+ "writecert function of the actually used application (app-*.c) for\n"
+ "details.";
+static gpg_error_t
+cmd_writecert (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ char *certid;
+ unsigned char *certdata;
+ size_t certdatalen;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ line = skip_options (line);
+
+ if (!*line)
+ return set_error (GPG_ERR_ASS_PARAMETER, "no certid given");
+ certid = line;
+ while (*line && !spacep (line))
+ line++;
+ *line = 0;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ certid = xtrystrdup (certid);
+ if (!certid)
+ return out_of_core ();
+
+ /* Now get the actual keydata. */
+ rc = assuan_inquire (ctx, "CERTDATA",
+ &certdata, &certdatalen, MAXLEN_CERTDATA);
+ if (rc)
+ {
+ xfree (certid);
+ return rc;
+ }
+
+ /* Write the certificate to the card. */
+ rc = app_writecert (ctrl->app_ctx, ctrl, certid,
+ pin_cb, ctx, certdata, certdatalen);
+ xfree (certid);
+ xfree (certdata);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_writekey[] =
+ "WRITEKEY [--force] <keyid> \n"
+ "\n"
+ "This command is used to store a secret key on a a smartcard. The\n"
+ "allowed keyids depend on the currently selected smartcard\n"
+ "application. The actual keydata is requested using the inquiry\n"
+ "\"KEYDATA\" and need to be provided without any protection. With\n"
+ "--force set an existing key under this KEYID will get overwritten.\n"
+ "The keydata is expected to be the usual canonical encoded\n"
+ "S-expression.\n"
+ "\n"
+ "A PIN will be requested for most NAMEs. See the corresponding\n"
+ "writekey function of the actually used application (app-*.c) for\n"
+ "details.";
+static gpg_error_t
+cmd_writekey (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ char *keyid;
+ int force = has_option (line, "--force");
+ unsigned char *keydata;
+ size_t keydatalen;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ line = skip_options (line);
+
+ if (!*line)
+ return set_error (GPG_ERR_ASS_PARAMETER, "no keyid given");
+ keyid = line;
+ while (*line && !spacep (line))
+ line++;
+ *line = 0;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ keyid = xtrystrdup (keyid);
+ if (!keyid)
+ return out_of_core ();
+
+ /* Now get the actual keydata. */
+ assuan_begin_confidential (ctx);
+ rc = assuan_inquire (ctx, "KEYDATA", &keydata, &keydatalen, MAXLEN_KEYDATA);
+ assuan_end_confidential (ctx);
+ if (rc)
+ {
+ xfree (keyid);
+ return rc;
+ }
+
+ /* Write the key to the card. */
+ rc = app_writekey (ctrl->app_ctx, ctrl, keyid, force? 1:0,
+ pin_cb, ctx, keydata, keydatalen);
+ xfree (keyid);
+ xfree (keydata);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_genkey[] =
+ "GENKEY [--force] [--timestamp=<isodate>] <no>\n"
+ "\n"
+ "Generate a key on-card identified by NO, which is application\n"
+ "specific. Return values are application specific. For OpenPGP\n"
+ "cards 3 status lines are returned:\n"
+ "\n"
+ " S KEY-FPR <hexstring>\n"
+ " S KEY-CREATED-AT <seconds_since_epoch>\n"
+ " S KEY-DATA [-|p|n] <hexdata>\n"
+ "\n"
+ " 'p' and 'n' are the names of the RSA parameters; '-' is used to\n"
+ " indicate that HEXDATA is the first chunk of a parameter given\n"
+ " by the next KEY-DATA.\n"
+ "\n"
+ "--force is required to overwrite an already existing key. The\n"
+ "KEY-CREATED-AT is required for further processing because it is\n"
+ "part of the hashed key material for the fingerprint.\n"
+ "\n"
+ "If --timestamp is given an OpenPGP key will be created using this\n"
+ "value. The value needs to be in ISO Format; e.g.\n"
+ "\"--timestamp=20030316T120000\" and after 1970-01-01 00:00:00.\n"
+ "\n"
+ "The public part of the key can also later be retrieved using the\n"
+ "READKEY command.";
+static gpg_error_t
+cmd_genkey (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ char *keyno;
+ int force;
+ const char *s;
+ time_t timestamp;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ force = has_option (line, "--force");
+
+ if ((s=has_option_name (line, "--timestamp")))
+ {
+ if (*s != '=')
+ return set_error (GPG_ERR_ASS_PARAMETER, "missing value for option");
+ timestamp = isotime2epoch (s+1);
+ if (timestamp < 1)
+ return set_error (GPG_ERR_ASS_PARAMETER, "invalid time value");
+ }
+ else
+ timestamp = 0;
+
+
+ line = skip_options (line);
+ if (!*line)
+ return set_error (GPG_ERR_ASS_PARAMETER, "no key number given");
+ keyno = line;
+ while (*line && !spacep (line))
+ line++;
+ *line = 0;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ keyno = xtrystrdup (keyno);
+ if (!keyno)
+ return out_of_core ();
+ rc = app_genkey (ctrl->app_ctx, ctrl, keyno, force? 1:0,
+ timestamp, pin_cb, ctx);
+ xfree (keyno);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_random[] =
+ "RANDOM <nbytes>\n"
+ "\n"
+ "Get NBYTES of random from the card and send them back as data.\n"
+ "This usually involves EEPROM write on the card and thus excessive\n"
+ "use of this command may destroy the card.\n"
+ "\n"
+ "Note, that this function may be even be used on a locked card.";
+static gpg_error_t
+cmd_random (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ size_t nbytes;
+ unsigned char *buffer;
+
+ if (!*line)
+ return set_error (GPG_ERR_ASS_PARAMETER,
+ "number of requested bytes missing");
+ nbytes = strtoul (line, NULL, 0);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ buffer = xtrymalloc (nbytes);
+ if (!buffer)
+ return out_of_core ();
+
+ rc = app_get_challenge (ctrl->app_ctx, nbytes, buffer);
+ if (!rc)
+ {
+ rc = assuan_send_data (ctx, buffer, nbytes);
+ xfree (buffer);
+ return rc; /* that is already an assuan error code */
+ }
+ xfree (buffer);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+
+static const char hlp_passwd[] =
+ "PASSWD [--reset] [--nullpin] <chvno>\n"
+ "\n"
+ "Change the PIN or, if --reset is given, reset the retry counter of\n"
+ "the card holder verfication vector CHVNO. The option --nullpin is\n"
+ "used for TCOS cards to set the initial PIN. The format of CHVNO\n"
+ "depends on the card application.";
+static gpg_error_t
+cmd_passwd (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ char *chvnostr;
+ unsigned int flags = 0;
+
+ if (has_option (line, "--reset"))
+ flags |= APP_CHANGE_FLAG_RESET;
+ if (has_option (line, "--nullpin"))
+ flags |= APP_CHANGE_FLAG_NULLPIN;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ line = skip_options (line);
+
+ if (!*line)
+ return set_error (GPG_ERR_ASS_PARAMETER, "no CHV number given");
+ chvnostr = line;
+ while (*line && !spacep (line))
+ line++;
+ *line = 0;
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ chvnostr = xtrystrdup (chvnostr);
+ if (!chvnostr)
+ return out_of_core ();
+ rc = app_change_pin (ctrl->app_ctx, ctrl, chvnostr, flags, pin_cb, ctx);
+ if (rc)
+ log_error ("command passwd failed: %s\n", gpg_strerror (rc));
+ xfree (chvnostr);
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_checkpin[] =
+ "CHECKPIN <idstr>\n"
+ "\n"
+ "Perform a VERIFY operation without doing anything else. This may\n"
+ "be used to initialize a the PIN cache earlier to long lasting\n"
+ "operations. Its use is highly application dependent.\n"
+ "\n"
+ "For OpenPGP:\n"
+ "\n"
+ " Perform a simple verify operation for CHV1 and CHV2, so that\n"
+ " further operations won't ask for CHV2 and it is possible to do a\n"
+ " cheap check on the PIN: If there is something wrong with the PIN\n"
+ " entry system, only the regular CHV will get blocked and not the\n"
+ " dangerous CHV3. IDSTR is the usual card's serial number in hex\n"
+ " notation; an optional fingerprint part will get ignored. There\n"
+ " is however a special mode if the IDSTR is sffixed with the\n"
+ " literal string \"[CHV3]\": In this case the Admin PIN is checked\n"
+ " if and only if the retry counter is still at 3.\n"
+ "\n"
+ "For Netkey:\n"
+ "\n"
+ " Any of the valid PIN Ids may be used. These are the strings:\n"
+ "\n"
+ " PW1.CH - Global password 1\n"
+ " PW2.CH - Global password 2\n"
+ " PW1.CH.SIG - SigG password 1\n"
+ " PW2.CH.SIG - SigG password 2\n"
+ "\n"
+ " For a definitive list, see the implementation in app-nks.c.\n"
+ " Note that we call a PW2.* PIN a \"PUK\" despite that since TCOS\n"
+ " 3.0 they are technically alternative PINs used to mutally\n"
+ " unblock each other.";
+static gpg_error_t
+cmd_checkpin (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ char *idstr;
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (!ctrl->app_ctx)
+ return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
+
+ /* We have to use a copy of the key ID because the function may use
+ the pin_cb which in turn uses the assuan line buffer and thus
+ overwriting the original line with the keyid. */
+ idstr = xtrystrdup (line);
+ if (!idstr)
+ return out_of_core ();
+
+ rc = app_check_pin (ctrl->app_ctx, idstr, pin_cb, ctx);
+ xfree (idstr);
+ if (rc)
+ log_error ("app_check_pin failed: %s\n", gpg_strerror (rc));
+
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_lock[] =
+ "LOCK [--wait]\n"
+ "\n"
+ "Grant exclusive card access to this session. Note that there is\n"
+ "no lock counter used and a second lock from the same session will\n"
+ "be ignored. A single unlock (or RESET) unlocks the session.\n"
+ "Return GPG_ERR_LOCKED if another session has locked the reader.\n"
+ "\n"
+ "If the option --wait is given the command will wait until a\n"
+ "lock has been released.";
+static gpg_error_t
+cmd_lock (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc = 0;
+
+ retry:
+ if (locked_session)
+ {
+ if (locked_session != ctrl->server_local)
+ rc = gpg_error (GPG_ERR_LOCKED);
+ }
+ else
+ locked_session = ctrl->server_local;
+
+#ifdef USE_GNU_PTH
+ if (rc && has_option (line, "--wait"))
+ {
+ rc = 0;
+ pth_sleep (1); /* Better implement an event mechanism. However,
+ for card operations this should be
+ sufficient. */
+ /* FIXME: Need to check that the connection is still alive.
+ This can be done by issuing status messages. */
+ goto retry;
+ }
+#endif /*USE_GNU_PTH*/
+
+ if (rc)
+ log_error ("cmd_lock failed: %s\n", gpg_strerror (rc));
+ return rc;
+}
+
+
+static const char hlp_unlock[] =
+ "UNLOCK\n"
+ "\n"
+ "Release exclusive card access.";
+static gpg_error_t
+cmd_unlock (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc = 0;
+
+ (void)line;
+
+ if (locked_session)
+ {
+ if (locked_session != ctrl->server_local)
+ rc = gpg_error (GPG_ERR_LOCKED);
+ else
+ locked_session = NULL;
+ }
+ else
+ rc = gpg_error (GPG_ERR_NOT_LOCKED);
+
+ if (rc)
+ log_error ("cmd_unlock failed: %s\n", gpg_strerror (rc));
+ return rc;
+}
+
+
+static const char hlp_getinfo[] =
+ "GETINFO <what>\n"
+ "\n"
+ "Multi purpose command to return certain information. \n"
+ "Supported values of WHAT are:\n"
+ "\n"
+ "version - Return the version of the program.\n"
+ "pid - Return the process id of the server.\n"
+ "\n"
+ "socket_name - Return the name of the socket.\n"
+ "\n"
+ "status - Return the status of the current slot (in the future, may\n"
+ "also return the status of all slots). The status is a list of\n"
+ "one-character flags. The following flags are currently defined:\n"
+ " 'u' Usable card present. This is the normal state during operation.\n"
+ " 'r' Card removed. A reset is necessary.\n"
+ "These flags are exclusive.\n"
+ "\n"
+ "reader_list - Return a list of detected card readers. Does\n"
+ " currently only work with the internal CCID driver.\n"
+ "\n"
+ "deny_admin - Returns OK if admin commands are not allowed or\n"
+ " GPG_ERR_GENERAL if admin commands are allowed.\n"
+ "\n"
+ "app_list - Return a list of supported applications. One\n"
+ " application per line, fields delimited by colons,\n"
+ " first field is the name.";
+static gpg_error_t
+cmd_getinfo (assuan_context_t ctx, char *line)
+{
+ int rc = 0;
+
+ if (!strcmp (line, "version"))
+ {
+ const char *s = VERSION;
+ rc = assuan_send_data (ctx, s, strlen (s));
+ }
+ else if (!strcmp (line, "pid"))
+ {
+ char numbuf[50];
+
+ snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ());
+ rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
+ }
+ else if (!strcmp (line, "socket_name"))
+ {
+ const char *s = scd_get_socket_name ();
+
+ if (s)
+ rc = assuan_send_data (ctx, s, strlen (s));
+ else
+ rc = gpg_error (GPG_ERR_NO_DATA);
+ }
+ else if (!strcmp (line, "status"))
+ {
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int slot = ctrl->reader_slot;
+ char flag = 'r';
+
+ if (!ctrl->server_local->card_removed && slot != -1)
+ {
+ struct slot_status_s *ss;
+
+ if (!(slot >= 0 && slot < DIM(slot_table)))
+ BUG ();
+
+ ss = &slot_table[slot];
+
+ if (!ss->valid)
+ BUG ();
+
+ if (ss->any && (ss->status & 1))
+ flag = 'u';
+ }
+ rc = assuan_send_data (ctx, &flag, 1);
+ }
+ else if (!strcmp (line, "reader_list"))
+ {
+#ifdef HAVE_LIBUSB
+ char *s = ccid_get_reader_list ();
+#else
+ char *s = NULL;
+#endif
+
+ if (s)
+ rc = assuan_send_data (ctx, s, strlen (s));
+ else
+ rc = gpg_error (GPG_ERR_NO_DATA);
+ xfree (s);
+ }
+ else if (!strcmp (line, "deny_admin"))
+ rc = opt.allow_admin? gpg_error (GPG_ERR_GENERAL) : 0;
+ else if (!strcmp (line, "app_list"))
+ {
+ char *s = get_supported_applications ();
+ if (s)
+ rc = assuan_send_data (ctx, s, strlen (s));
+ else
+ rc = 0;
+ xfree (s);
+ }
+ else
+ rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
+ return rc;
+}
+
+
+static const char hlp_restart[] =
+ "RESTART\n"
+ "\n"
+ "Restart the current connection; this is a kind of warm reset. It\n"
+ "deletes the context used by this connection but does not send a\n"
+ "RESET to the card. Thus the card itself won't get reset. \n"
+ "\n"
+ "This is used by gpg-agent to reuse a primary pipe connection and\n"
+ "may be used by clients to backup from a conflict in the serial\n"
+ "command; i.e. to select another application.";
+static gpg_error_t
+cmd_restart (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+
+ (void)line;
+
+ if (ctrl->app_ctx)
+ {
+ release_application (ctrl->app_ctx);
+ ctrl->app_ctx = NULL;
+ }
+ if (locked_session && ctrl->server_local == locked_session)
+ {
+ locked_session = NULL;
+ log_info ("implicitly unlocking due to RESTART\n");
+ }
+ return 0;
+}
+
+
+static const char hlp_disconnect[] =
+ "DISCONNECT\n"
+ "\n"
+ "Disconnect the card if it is not any longer used by other\n"
+ "connections and the backend supports a disconnect operation.";
+static gpg_error_t
+cmd_disconnect (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+
+ (void)line;
+
+ ctrl->server_local->disconnect_allowed = 1;
+ return 0;
+}
+
+
+
+static const char hlp_apdu[] =
+ "APDU [--atr] [--more] [--exlen[=N]] [hexstring]\n"
+ "\n"
+ "Send an APDU to the current reader. This command bypasses the high\n"
+ "level functions and sends the data directly to the card. HEXSTRING\n"
+ "is expected to be a proper APDU. If HEXSTRING is not given no\n"
+ "commands are set to the card but the command will implictly check\n"
+ "whether the card is ready for use. \n"
+ "\n"
+ "Using the option \"--atr\" returns the ATR of the card as a status\n"
+ "message before any data like this:\n"
+ " S CARD-ATR 3BFA1300FF813180450031C173C00100009000B1\n"
+ "\n"
+ "Using the option --more handles the card status word MORE_DATA\n"
+ "(61xx) and concatenates all reponses to one block.\n"
+ "\n"
+ "Using the option \"--exlen\" the returned APDU may use extended\n"
+ "length up to N bytes. If N is not given a default value is used\n"
+ "(currently 4096).";
+static gpg_error_t
+cmd_apdu (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ int rc;
+ unsigned char *apdu;
+ size_t apdulen;
+ int with_atr;
+ int handle_more;
+ const char *s;
+ size_t exlen;
+
+ with_atr = has_option (line, "--atr");
+ handle_more = has_option (line, "--more");
+
+ if ((s=has_option_name (line, "--exlen")))
+ {
+ if (*s == '=')
+ exlen = strtoul (s+1, NULL, 0);
+ else
+ exlen = 4096;
+ }
+ else
+ exlen = 0;
+
+ line = skip_options (line);
+
+ if ( IS_LOCKED (ctrl) )
+ return gpg_error (GPG_ERR_LOCKED);
+
+ if ((rc = open_card (ctrl, NULL)))
+ return rc;
+
+ if (with_atr)
+ {
+ unsigned char *atr;
+ size_t atrlen;
+ char hexbuf[400];
+
+ atr = apdu_get_atr (ctrl->reader_slot, &atrlen);
+ if (!atr || atrlen > sizeof hexbuf - 2 )
+ {
+ rc = gpg_error (GPG_ERR_INV_CARD);
+ goto leave;
+ }
+ bin2hex (atr, atrlen, hexbuf);
+ xfree (atr);
+ send_status_info (ctrl, "CARD-ATR", hexbuf, strlen (hexbuf), NULL, 0);
+ }
+
+ apdu = hex_to_buffer (line, &apdulen);
+ if (!apdu)
+ {
+ rc = gpg_error_from_syserror ();
+ goto leave;
+ }
+ if (apdulen)
+ {
+ unsigned char *result = NULL;
+ size_t resultlen;
+
+ rc = apdu_send_direct (ctrl->reader_slot, exlen,
+ apdu, apdulen, handle_more,
+ &result, &resultlen);
+ if (rc)
+ log_error ("apdu_send_direct failed: %s\n", gpg_strerror (rc));
+ else
+ {
+ rc = assuan_send_data (ctx, result, resultlen);
+ xfree (result);
+ }
+ }
+ xfree (apdu);
+
+ leave:
+ TEST_CARD_REMOVAL (ctrl, rc);
+ return rc;
+}
+
+
+static const char hlp_killscd[] =
+ "KILLSCD\n"
+ "\n"
+ "Commit suicide.";
+static gpg_error_t
+cmd_killscd (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+
+ (void)line;
+
+ ctrl->server_local->stopme = 1;
+ return gpg_error (GPG_ERR_EOF);
+}
+
+
+
+/* Tell the assuan library about our commands */
+static int
+register_commands (assuan_context_t ctx)
+{
+ static struct {
+ const char *name;
+ assuan_handler_t handler;
+ const char * const help;
+ } table[] = {
+ { "SERIALNO", cmd_serialno, hlp_serialno },
+ { "LEARN", cmd_learn, hlp_learn },
+ { "READCERT", cmd_readcert, hlp_readcert },
+ { "READKEY", cmd_readkey, hlp_readkey },
+ { "SETDATA", cmd_setdata, hlp_setdata },
+ { "PKSIGN", cmd_pksign, hlp_pksign },
+ { "PKAUTH", cmd_pkauth, hlp_pkauth },
+ { "PKDECRYPT", cmd_pkdecrypt,hlp_pkdecrypt },
+ { "INPUT", NULL },
+ { "OUTPUT", NULL },
+ { "GETATTR", cmd_getattr, hlp_getattr },
+ { "SETATTR", cmd_setattr, hlp_setattr },
+ { "WRITECERT", cmd_writecert,hlp_writecert },
+ { "WRITEKEY", cmd_writekey, hlp_writekey },
+ { "GENKEY", cmd_genkey, hlp_genkey },
+ { "RANDOM", cmd_random, hlp_random },
+ { "PASSWD", cmd_passwd, hlp_passwd },
+ { "CHECKPIN", cmd_checkpin, hlp_checkpin },
+ { "LOCK", cmd_lock, hlp_lock },
+ { "UNLOCK", cmd_unlock, hlp_unlock },
+ { "GETINFO", cmd_getinfo, hlp_getinfo },
+ { "RESTART", cmd_restart, hlp_restart },
+ { "DISCONNECT", cmd_disconnect,hlp_disconnect },
+ { "APDU", cmd_apdu, hlp_apdu },
+ { "KILLSCD", cmd_killscd, hlp_killscd },
+ { NULL }
+ };
+ int i, rc;
+
+ for (i=0; table[i].name; i++)
+ {
+ rc = assuan_register_command (ctx, table[i].name, table[i].handler,
+ table[i].help);
+ if (rc)
+ return rc;
+ }
+ assuan_set_hello_line (ctx, "GNU Privacy Guard's Smartcard server ready");
+
+ assuan_register_reset_notify (ctx, reset_notify);
+ assuan_register_option_handler (ctx, option_handler);
+ return 0;
+}
+
+
+/* Startup the server. If FD is given as -1 this is simple pipe
+ server, otherwise it is a regular server. Returns true if there
+ are no more active asessions. */
+int
+scd_command_handler (ctrl_t ctrl, int fd)
+{
+ int rc;
+ assuan_context_t ctx = NULL;
+ int stopme;
+
+ rc = assuan_new (&ctx);
+ if (rc)
+ {
+ log_error ("failed to allocate assuan context: %s\n",
+ gpg_strerror (rc));
+ scd_exit (2);
+ }
+
+ if (fd == -1)
+ {
+ assuan_fd_t filedes[2];
+
+ filedes[0] = assuan_fdopen (0);
+ filedes[1] = assuan_fdopen (1);
+ rc = assuan_init_pipe_server (ctx, filedes);
+ }
+ else
+ {
+ rc = assuan_init_socket_server (ctx, INT2FD(fd),
+ ASSUAN_SOCKET_SERVER_ACCEPTED);
+ }
+ if (rc)
+ {
+ log_error ("failed to initialize the server: %s\n",
+ gpg_strerror(rc));
+ scd_exit (2);
+ }
+ rc = register_commands (ctx);
+ if (rc)
+ {
+ log_error ("failed to register commands with Assuan: %s\n",
+ gpg_strerror(rc));
+ scd_exit (2);
+ }
+ assuan_set_pointer (ctx, ctrl);
+
+ /* Allocate and initialize the server object. Put it into the list
+ of active sessions. */
+ ctrl->server_local = xcalloc (1, sizeof *ctrl->server_local);
+ ctrl->server_local->next_session = session_list;
+ session_list = ctrl->server_local;
+ ctrl->server_local->ctrl_backlink = ctrl;
+ ctrl->server_local->assuan_ctx = ctx;
+
+ if (DBG_ASSUAN)
+ assuan_set_log_stream (ctx, log_get_stream ());
+
+ /* We open the reader right at startup so that the ticker is able to
+ update the status file. */
+ if (ctrl->reader_slot == -1)
+ {
+ ctrl->reader_slot = get_reader_slot ();
+ }
+
+ /* Command processing loop. */
+ for (;;)
+ {
+ rc = assuan_accept (ctx);
+ if (rc == -1)
+ {
+ break;
+ }
+ else if (rc)
+ {
+ log_info ("Assuan accept problem: %s\n", gpg_strerror (rc));
+ break;
+ }
+
+ rc = assuan_process (ctx);
+ if (rc)
+ {
+ log_info ("Assuan processing failed: %s\n", gpg_strerror (rc));
+ continue;
+ }
+ }
+
+ /* Cleanup. We don't send an explicit reset to the card. */
+ do_reset (ctrl, 0);
+
+ /* Release the server object. */
+ if (session_list == ctrl->server_local)
+ session_list = ctrl->server_local->next_session;
+ else
+ {
+ struct server_local_s *sl;
+
+ for (sl=session_list; sl->next_session; sl = sl->next_session)
+ if (sl->next_session == ctrl->server_local)
+ break;
+ if (!sl->next_session)
+ BUG ();
+ sl->next_session = ctrl->server_local->next_session;
+ }
+ stopme = ctrl->server_local->stopme || reader_disabled;
+ xfree (ctrl->server_local);
+ ctrl->server_local = NULL;
+
+ /* Release the Assuan context. */
+ assuan_release (ctx);
+
+ if (stopme)
+ scd_exit (0);
+
+ /* If there are no more sessions return true. */
+ return !session_list;
+}
+
+
+/* Send a line with status information via assuan and escape all given
+ buffers. The variable elements are pairs of (char *, size_t),
+ terminated with a (NULL, 0). */
+void
+send_status_info (ctrl_t ctrl, const char *keyword, ...)
+{
+ va_list arg_ptr;
+ const unsigned char *value;
+ size_t valuelen;
+ char buf[950], *p;
+ size_t n;
+ assuan_context_t ctx = ctrl->server_local->assuan_ctx;
+
+ va_start (arg_ptr, keyword);
+
+ p = buf;
+ n = 0;
+ while ( (value = va_arg (arg_ptr, const unsigned char *)) )
+ {
+ valuelen = va_arg (arg_ptr, size_t);
+ if (!valuelen)
+ continue; /* empty buffer */
+ if (n)
+ {
+ *p++ = ' ';
+ n++;
+ }
+ for ( ; valuelen && n < DIM (buf)-2; n++, valuelen--, value++)
+ {
+ if (*value < ' ' || *value == '+')
+ {
+ sprintf (p, "%%%02X", *value);
+ p += 3;
+ }
+ else if (*value == ' ')
+ *p++ = '+';
+ else
+ *p++ = *value;
+ }
+ }
+ *p = 0;
+ assuan_write_status (ctx, keyword, buf);
+
+ va_end (arg_ptr);
+}
+
+
+/* Send a ready formatted status line via assuan. */
+void
+send_status_direct (ctrl_t ctrl, const char *keyword, const char *args)
+{
+ assuan_context_t ctx = ctrl->server_local->assuan_ctx;
+
+ if (strchr (args, '\n'))
+ log_error ("error: LF detected in status line - not sending\n");
+ else
+ assuan_write_status (ctx, keyword, args);
+}
+
+
+/* Helper to send the clients a status change notification. */
+static void
+send_client_notifications (void)
+{
+ struct {
+ pid_t pid;
+#ifdef HAVE_W32_SYSTEM
+ HANDLE handle;
+#else
+ int signo;
+#endif
+ } killed[50];
+ int killidx = 0;
+ int kidx;
+ struct server_local_s *sl;
+
+ for (sl=session_list; sl; sl = sl->next_session)
+ {
+ if (sl->event_signal && sl->assuan_ctx)
+ {
+ pid_t pid = assuan_get_pid (sl->assuan_ctx);
+#ifdef HAVE_W32_SYSTEM
+ HANDLE handle = (void *)sl->event_signal;
+
+ for (kidx=0; kidx < killidx; kidx++)
+ if (killed[kidx].pid == pid
+ && killed[kidx].handle == handle)
+ break;
+ if (kidx < killidx)
+ log_info ("event %lx (%p) already triggered for client %d\n",
+ sl->event_signal, handle, (int)pid);
+ else
+ {
+ log_info ("triggering event %lx (%p) for client %d\n",
+ sl->event_signal, handle, (int)pid);
+ if (!SetEvent (handle))
+ log_error ("SetEvent(%lx) failed: %s\n",
+ sl->event_signal, w32_strerror (-1));
+ if (killidx < DIM (killed))
+ {
+ killed[killidx].pid = pid;
+ killed[killidx].handle = handle;
+ killidx++;
+ }
+ }
+#else /*!HAVE_W32_SYSTEM*/
+ int signo = sl->event_signal;
+
+ if (pid != (pid_t)(-1) && pid && signo > 0)
+ {
+ for (kidx=0; kidx < killidx; kidx++)
+ if (killed[kidx].pid == pid
+ && killed[kidx].signo == signo)
+ break;
+ if (kidx < killidx)
+ log_info ("signal %d already sent to client %d\n",
+ signo, (int)pid);
+ else
+ {
+ log_info ("sending signal %d to client %d\n",
+ signo, (int)pid);
+ kill (pid, signo);
+ if (killidx < DIM (killed))
+ {
+ killed[killidx].pid = pid;
+ killed[killidx].signo = signo;
+ killidx++;
+ }
+ }
+ }
+#endif /*!HAVE_W32_SYSTEM*/
+ }
+ }
+}
+
+
+
+/* This is the core of scd_update_reader_status_file but the caller
+ needs to take care of the locking. */
+static void
+update_reader_status_file (int set_card_removed_flag)
+{
+ int idx;
+ unsigned int status, changed;
+
+ /* Make sure that the reader has been opened. Like get_reader_slot,
+ this part of the code assumes that there is only one reader. */
+ if (!slot_table[0].valid)
+ (void)get_reader_slot ();
+
+ /* Note, that we only try to get the status, because it does not
+ make sense to wait here for a operation to complete. If we are
+ busy working with a card, delays in the status file update should
+ be acceptable. */
+ for (idx=0; idx < DIM(slot_table); idx++)
+ {
+ struct slot_status_s *ss = slot_table + idx;
+ struct server_local_s *sl;
+ int sw_apdu;
+
+ if (!ss->valid || ss->slot == -1)
+ continue; /* Not valid or reader not yet open. */
+
+ sw_apdu = apdu_get_status (ss->slot, 0, &status, &changed);
+ if (sw_apdu == SW_HOST_NO_READER)
+ {
+ /* Most likely the _reader_ has been unplugged. */
+ apdu_close_reader (ss->slot);
+ ss->valid = 0;
+ status = 0;
+ changed = ss->changed;
+ }
+ else if (sw_apdu)
+ {
+ /* Get status failed. Ignore that. */
+ continue;
+ }
+
+ if (!ss->any || ss->status != status || ss->changed != changed )
+ {
+ char *fname;
+ char templ[50];
+ FILE *fp;
+
+ log_info ("updating slot %d status: 0x%04X->0x%04X (%u->%u)\n",
+ ss->slot, ss->status, status, ss->changed, changed);
+ ss->status = status;
+ ss->changed = changed;
+
+ /* FIXME: Should this be IDX instead of ss->slot? This
+ depends on how client sessions will associate the reader
+ status with their session. */
+ snprintf (templ, sizeof templ, "reader_%d.status", ss->slot);
+ fname = make_filename (opt.homedir, templ, NULL );
+ fp = fopen (fname, "w");
+ if (fp)
+ {
+ fprintf (fp, "%s\n",
+ (status & 1)? "USABLE":
+ (status & 4)? "ACTIVE":
+ (status & 2)? "PRESENT": "NOCARD");
+ fclose (fp);
+ }
+ xfree (fname);
+
+ /* If a status script is executable, run it. */
+ {
+ const char *args[9], *envs[2];
+ char numbuf1[30], numbuf2[30], numbuf3[30];
+ char *homestr, *envstr;
+ gpg_error_t err;
+
+ homestr = make_filename (opt.homedir, NULL);
+ if (estream_asprintf (&envstr, "GNUPGHOME=%s", homestr) < 0)
+ log_error ("out of core while building environment\n");
+ else
+ {
+ envs[0] = envstr;
+ envs[1] = NULL;
+
+ sprintf (numbuf1, "%d", ss->slot);
+ sprintf (numbuf2, "0x%04X", ss->status);
+ sprintf (numbuf3, "0x%04X", status);
+ args[0] = "--reader-port";
+ args[1] = numbuf1;
+ args[2] = "--old-code";
+ args[3] = numbuf2;
+ args[4] = "--new-code";
+ args[5] = numbuf3;
+ args[6] = "--status";
+ args[7] = ((status & 1)? "USABLE":
+ (status & 4)? "ACTIVE":
+ (status & 2)? "PRESENT": "NOCARD");
+ args[8] = NULL;
+
+ fname = make_filename (opt.homedir, "scd-event", NULL);
+ err = gnupg_spawn_process_detached (fname, args, envs);
+ if (err && gpg_err_code (err) != GPG_ERR_ENOENT)
+ log_error ("failed to run event handler `%s': %s\n",
+ fname, gpg_strerror (err));
+ xfree (fname);
+ xfree (envstr);
+ }
+ xfree (homestr);
+ }
+
+ /* Set the card removed flag for all current sessions. We
+ will set this on any card change because a reset or
+ SERIALNO request must be done in any case. */
+ if (ss->any && set_card_removed_flag)
+ update_card_removed (idx, 1);
+
+ ss->any = 1;
+
+ /* Send a signal to all clients who applied for it. */
+ send_client_notifications ();
+ }
+
+ /* Check whether a disconnect is pending. */
+ if (opt.card_timeout)
+ {
+ for (sl=session_list; sl; sl = sl->next_session)
+ if (!sl->disconnect_allowed)
+ break;
+ if (session_list && !sl)
+ {
+ /* FIXME: Use a real timeout. */
+ /* At least one connection and all allow a disconnect. */
+ log_info ("disconnecting card in slot %d\n", ss->slot);
+ apdu_disconnect (ss->slot);
+ }
+ }
+
+ }
+}
+
+/* This function is called by the ticker thread to check for changes
+ of the reader stati. It updates the reader status files and if
+ requested by the caller also send a signal to the caller. */
+void
+scd_update_reader_status_file (void)
+{
+ if (!pth_mutex_acquire (&status_file_update_lock, 1, NULL))
+ return; /* locked - give up. */
+ update_reader_status_file (1);
+ if (!pth_mutex_release (&status_file_update_lock))
+ log_error ("failed to release status_file_update lock\n");
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-02 17:39:52 +0000