Hi!
> As for me,
> the cheap and close to the actual logic would be, inside the sc_enum_apps,
> replace any error of selection of 2F00 by the SC_ERROR_FILE_NOT_FOUND.
> Something like this:
Patching dir.c alone is not enough. The same error (-1216) will come back
at the next stage when pkcs15-tool goes after the pcks15 directory. This
code never calls dir.c (see below).
0xb77d48d0 07:30:54.907 [pkcs15-tool] pkcs15.c:759:sc_pkcs15_bind_internal:
application path '3f005015'
0xb77d48d0 07:30:54.907 [pkcs15-tool] card.c:571:sc_select_file: called;
type=2, path=3f005015
0xb77d48d0 07:30:54.907 [pkcs15-tool] apdu.c:524:sc_transmit_apdu: called
0xb77d48d0 07:30:54.907 [pkcs15-tool] card.c:292:sc_lock: called
0xb77d48d0 07:30:54.907 [pkcs15-tool] reader-pcsc.c:241:pcsc_transmit: reader
'SCM SCR 331 [CCID Interface] (50400A7F) 00 00'
0xb77d48d0 07:30:54.907 [pkcs15-tool] apdu.c:184:sc_apdu_log:
Outgoing APDU data [ 7 bytes] =====================================
00 A4 08 00 02 50 15 .....P.
======================================================================
0xb77d48d0 07:30:54.907 [pkcs15-tool] reader-pcsc.c:174:pcsc_internal_transmit:
called
0xb77d48d0 07:30:54.941 [pkcs15-tool] apdu.c:184:sc_apdu_log:
Incoming APDU data [ 2 bytes] =====================================
6A 88 j.
======================================================================
0xb77d48d0 07:30:54.941 [pkcs15-tool] card.c:330:sc_unlock: called
0xb77d48d0 07:30:54.941 [pkcs15-tool] iso7816.c:103:iso7816_check_sw:
Referenced data not found
0xb77d48d0 07:30:54.941 [pkcs15-tool] iso7816.c:479:iso7816_select_file:
returning with: -1216 (Data object not found)
0xb77d48d0 07:30:54.941 [pkcs15-tool] card.c:597:sc_select_file: returning
with: -1216 (Data object not found)
0xb77d48d0 07:30:54.941 [pkcs15-tool]
pkcs15-syn.c:125:sc_pkcs15_bind_synthetic: called
0xb77d48d0 07:30:54.941 [pkcs15-tool]
pkcs15-syn.c:166:sc_pkcs15_bind_synthetic: no emulator list in config file,
trying all builtin emulators
> As for me the 'most rigorous' solution would be the one proposed by Juan
> Antonio -- card specific SW checking.
I actually did a card specific check_sw() patch last week just like Juan
proposed. I emailed the patch to Martin and CC to the list. The email
never got through to the list tough. Do not know why...
One additional solution would be to patch the card specific select_file()
like this:
--- a/src/libopensc/card-setcos.c 2011-05-17 20:07:00.000000000 +0300
+++ b/src/libopensc/card-setcos.c 2011-07-11 10:46:31.959162683 +0300
@@ -43,6 +43,8 @@
{ "3b:64:00:ff:80:62:00:a2", "ff:ff:00:ff:ff:ff:00:ff", NULL,
SC_CARD_TYPE_SETCOS_FINEID_V2, 0, NULL },
/* FINEID 2064 (EIDApplet/7816-15, VRK) */
{ "3b:7b:00:00:00:80:62:00:51:56:46:69:6e:45:49:44",
"ff:ff:00:ff:ff:ff:ff:f0:ff:ff:ff:ff:ff:ff:ff:ff", NULL,
SC_CARD_TYPE_SETCOS_FINEID_V2, 0, NULL },
+ /* FINEID card for organisations, chip unknown. */
+ { "3b:7b:18:00:00:80:62:01:54:56:46:69:6e:45:49:44", NULL, NULL,
SC_CARD_TYPE_SETCOS_FINEID_V2, 0, NULL },
/* FINEID 2164 (EIDApplet/7816-15, 3rdparty) */
{ "3b:64:00:00:80:62:00:51", "ff:ff:ff:ff:ff:ff:f0:ff", NULL,
SC_CARD_TYPE_SETCOS_FINEID_V2, 0, NULL },
/* FINEID 2264 (EIDApplet/7816-15, OPK/EMV/AVANT) */
@@ -902,6 +904,8 @@
r = iso_ops->select_file(card, in_path, file);
if (r)
+ if (r == SC_ERROR_DATA_OBJECT_NOT_FOUND)
+ r = SC_ERROR_FILE_NOT_FOUND;
return r;
if (file != NULL) {
if (card->type == SC_CARD_TYPE_SETCOS_44 ||
- Thomas
On Sat, 9 Jul 2011, Viktor Tarasov wrote:
> Hello,
>
> Le 08/07/2011 08:56, Martin Paljak a écrit :
>> Viktor, any comments?
>
> As for me the 'most rigorous' solution would be the one proposed by Juan
> Antonio -- card specific SW checking.
>
> Checking for error SC_ERROR_FILE_NOT_FOUND and it's special treatment are
> frequently used in OpenSC, especially in pkcs15init (it do not concerns
> FineID, but nevertheless ...) .
> And so, I would not take the way of completing of FILE_NOT_FOUND by another
> error in these 'if's .
>
> Martin's patch concerns the 'bind_internal' procedure.
> In this procedure the 'FILE_NOT_FOUND' error returned by 'sc_enum_apps' has
> to
> validate the using of 'bind_internal' for the non-pkcs#15 card.
> In this context the SC_SUCCESS is also an error -- 'bind-internal' has not to
> be called for the card that seems to be pkcs#15 compatible.
>
> As for me,
> the cheap and close to the actual logic would be, inside the sc_enum_apps,
> replace any error of selection of 2F00 by the SC_ERROR_FILE_NOT_FOUND.
> Something like this:
>
> --- a/src/libopensc/dir.c
> +++ b/src/libopensc/dir.c
> @@ -148,7 +148,8 @@ int sc_enum_apps(sc_card_t *card)
> card->ef_dir = NULL;
> }
> r = sc_select_file(card, &path, &card->ef_dir);
> - SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, "Cannot select EF.DIR
> file");
> + if (r)
> + SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL,
> SC_ERROR_FILE_NOT_FOUND, "Cannot select EF.DIR file");
>
>
> Kind regards,
> Viktor.
>
>
>
>
>> Does the change make sense ?
>> On Jul 7, 2011, at 09:01 , Thomas Grenman wrote:
>>
>>> Hi
>>>
>>> I just tested [2] and it works. Thanks!
>>>
>>> - Thomas
>>>
>>> On Wed, 6 Jul 2011, Martin Paljak wrote:
>>>
>>>> Hello,
>>>>
>>>>
>>>> Here's an alternative approach [1]: requiring that sc_select_file
>>>> invocations would explicitly be successful for continuing.
>>>>
>>>> Does this work for you? To be honest the binding procedure could be
>>>> improved further, it is somewhat difficult to follow.
>>>>
>>>> Look for builds with commit ID
>>>> 9bcda91808482af595a5f0b63bd4a368ba4aae52 from [2]
>>>>
>>>> [1]
>>>> https://github.com/martinpaljak/OpenSC/commit/588d4f5c844d51eecd3d25a8655b8ca203b55c98
>>>> [2] http://www.opensc-project.org/downloads/nightly/martin/
>>>>
>>>> On Thu, Jun 30, 2011 at 08:11, Thomas Grenman<tgren...@aalto.fi> wrote:
>>>>> Hello
>>>>>
>>>>> Please consider including the patch below into upcoming versions of
>>>>> OpenSC. This patch will make OpenSC work with my fairly new FINEID-card
>>>>> (http://www.opensc-project.org/opensc/wiki/FinnishEid). My particular
>>>>> card
>>>>> is not for private citizens but for organisations.
>>>>> I have only modified 'libopensc/pkcs15.c' but there might be a need to
>>>>> add
>>>>> the ATR somewhere as well. I guess the correct place would be
>>>>> 'libopensc/card-setcos.c'. Please let me know if you need any more
>>>>> information. The ATR is 3b:7b:18:00:00:80:62:01:54:56:46:69:6e:45:49:44.
>>>>>
>>>>> br, Thomas
>>>>>
>>>>>
>>>>> --- opensc-0.12.1/src/libopensc/pkcs15.c 2011-05-17
>>>>> 20:07:00.000000000 +0300
>>>>> +++ opensc-0.12.1/src/libopensc/pkcs15.c.fineid 2011-06-18
>>>>> 23:43:16.519340431 +0300
>>>>> @@ -723,7 +723,7 @@
>>>>> /* Enumerate apps now */
>>>>> if (card->app_count< 0) {
>>>>> err = sc_enum_apps(card);
>>>>> - if (err != SC_ERROR_FILE_NOT_FOUND)
>>>>> + if (err != SC_ERROR_FILE_NOT_FOUND&& err !=
>>>>> SC_ERROR_DATA_OBJECT_NOT_FOUND)
>>>>> LOG_TEST_RET(ctx, err, "unable to enumerate
>>>>> apps");
>>>>> }
>>>>> p15card->file_app = sc_file_new();
>>>>> @@ -764,7 +764,7 @@
>>>>> /* If the above test failed on cards without EF(DIR),
>>>>> * try to continue read ODF from 3F005031. -aet
>>>>> */
>>>>> - if ((err == SC_ERROR_FILE_NOT_FOUND)&& (card->app_count< 1)) {
>>>>> + if ((err == SC_ERROR_FILE_NOT_FOUND || err ==
>>>>> SC_ERROR_DATA_OBJECT_NOT_FOUND)&& (card->app_count< 1)) {
>>>>> sc_format_path("3F00",&p15card->file_app->path);
>>>>> err = SC_SUCCESS;
>>>>> }
>>>>>
>>>>> _______________________________________________
>>>>> opensc-devel mailing list
>>>>> opensc-devel@lists.opensc-project.org
>>>>> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
>
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
