On 12/14/2011 2:14 PM, Douglas E. Engert wrote:
I am able to use the: https://www.opensc-project.org/codereview/ and login with the Google account from work. Then find the changes from 12/8, which include Viktor's SM code that has my ECDH code included: git clone -b staging https://myuse...@www.opensc-project.org/codereview/p/OpenSC some_dir and git fetch https://myuse...@www.opensc-project.org/codereview/p/OpenSC refs/changes/10/210/1 Am testing it right now. There are some issues with the sc_app_info being null. Hope to have a patch later today.
Attached is a patch to Viktor's code as found on Gerrit I258bde6a. I added a review to this but being new to Gerrit, I was not sure how to add the patch, of if Viktor should add it, or if this is the right change to start with. I needed this patch to allow the PIV card with RSA to work with this code base. it would not work with PKCS#11 as the framework->bind was not being called. After fixing that, there were a number of places where a NULL appl_info would cause a segfault. There may be other places too. I expect other cards that do not have an application to also fail. I started with this base because it has my ECDH code included, that I still need to test.
-- Douglas E. Engert <deeng...@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444
>From 6013b7e6d375c13bcbfa074c05758fe46c259122 Mon Sep 17 00:00:00 2001 From: Doug Engert <deeng...@anl.gov> Date: Wed, 14 Dec 2011 15:20:17 -0600 Subject: [PATCH] sc_appl_info may be NULL for cards without applications Add additional checks for sc_app_info being NULL as some cards do not have an application, or only one application. In slot.c frameworks[i]->bind was not being called for these cards. --- src/libopensc/pkcs15.c | 5 ++++- src/pkcs11/framework-pkcs15.c | 2 +- src/pkcs11/slot.c | 9 ++++++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c index 643fbd6..33ff71a 100644 --- a/src/libopensc/pkcs15.c +++ b/src/libopensc/pkcs15.c @@ -862,7 +862,10 @@ struct sc_app_info * sc_find_app(struct sc_card *card, struct sc_aid *aid) static struct sc_app_info *sc_dup_app_info(const struct sc_app_info *info) { - struct sc_app_info *out = calloc(1, sizeof(struct sc_app_info)); + struct sc_app_info *out = NULL; + + if (info) + out = calloc(1, sizeof(struct sc_app_info)); if (!out) return NULL; diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c index a2a6c08..d1b6342 100644 --- a/src/pkcs11/framework-pkcs15.c +++ b/src/pkcs11/framework-pkcs15.c @@ -281,7 +281,7 @@ pkcs15_init_token_info(struct sc_pkcs15_card *p15card, CK_TOKEN_INFO_PTR pToken) strcpy_bp(pToken->manufacturerID, p15card->tokeninfo->manufacturer_id, 32); p11_conf_block = sc_get_conf_block(p15card->card->ctx, "pkcs11", NULL, 1); - if (p11_conf_block) { + if (p11_conf_block && p15card->file_app) { scconf_block **blocks = NULL; char str_path[SC_MAX_AID_STRING_SIZE]; diff --git a/src/pkcs11/slot.c b/src/pkcs11/slot.c index 08f15ca..eccae3c 100644 --- a/src/pkcs11/slot.c +++ b/src/pkcs11/slot.c @@ -285,7 +285,14 @@ CK_RV card_detect(sc_reader_t *reader) /* Initialize framework */ sc_log(context, "%s: Detected framework %d. Creating tokens.", reader->name, i); - if (app_generic) { +/* DEE Looks like a bug. Many cards may not have apps, and + * get_generic_application may return NULL + * bind and create_tokens tests for NULL, + * But other locations may not. + * in this case frameworks[i]->bind is never called. + * Will try and see if NULL works... + */ + if (1 /*app_generic*/) { rv = frameworks[i]->bind(p11card, app_generic); sc_log(context, "%s: generic bind result %i", reader->name, rv); if (rv != CKR_OK) -- 1.7.5.4
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel