1 /* app.c - Application selection.
2 * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <https://www.gnu.org/licenses/>.
28 #include "app-common.h"
33 /* This table is used to keep track of locks on a per reader base.
34 The index into the table is the slot number of the reader. The
35 mutex will be initialized on demand (one of the advantages of a
36 userland threading system). */
41 app_t app; /* Application context in use or NULL. */
46 static void deallocate_app (app_t app);
51 print_progress_line (void *opaque, const char *what, int pc, int cur, int tot)
58 snprintf (line, sizeof line, "%s %c %d %d", what, pc, cur, tot);
59 send_status_direct (ctrl, "PROGRESS", line);
64 /* Lock the reader SLOT. This function shall be used right before
65 calling any of the actual application functions to serialize access
66 to the reader. We do this always even if the reader is not
67 actually used. This allows an actual connection to assume that it
68 never shares a reader (while performing one command). Returns 0 on
69 success; only then the unlock_reader function must be called after
70 returning from the handler. */
72 lock_reader (int slot, ctrl_t ctrl)
76 if (slot < 0 || slot >= DIM (lock_table))
77 return gpg_error (slot<0? GPG_ERR_INV_VALUE : GPG_ERR_RESOURCE_LIMIT);
79 if (!lock_table[slot].initialized)
81 res = npth_mutex_init (&lock_table[slot].lock, NULL);
84 log_error ("error initializing mutex: %s\n", strerror (res));
85 return gpg_error_from_errno (res);
87 lock_table[slot].initialized = 1;
88 lock_table[slot].app = NULL;
91 res = npth_mutex_lock (&lock_table[slot].lock);
94 log_error ("failed to acquire APP lock for slot %d: %s\n",
95 slot, strerror (res));
96 return gpg_error_from_errno (res);
99 apdu_set_progress_cb (slot, print_progress_line, ctrl);
104 /* Release a lock on the reader. See lock_reader(). */
106 unlock_reader (int slot)
110 if (slot < 0 || slot >= DIM (lock_table)
111 || !lock_table[slot].initialized)
112 log_bug ("unlock_reader called for invalid slot %d\n", slot);
114 apdu_set_progress_cb (slot, NULL, NULL);
116 res = npth_mutex_unlock (&lock_table[slot].lock);
118 log_error ("failed to release APP lock for slot %d: %s\n",
119 slot, strerror (res));
123 /* This function may be called to print information pertaining to the
124 current state of this module to the log. */
126 app_dump_state (void)
130 for (slot=0; slot < DIM (lock_table); slot++)
131 if (lock_table[slot].initialized)
133 log_info ("app_dump_state: slot=%d", slot);
134 if (lock_table[slot].app)
136 log_printf (" app=%p", lock_table[slot].app);
137 if (lock_table[slot].app->apptype)
138 log_printf (" type='%s'", lock_table[slot].app->apptype);
144 /* Check wether the application NAME is allowed. This does not mean
145 we have support for it though. */
147 is_app_allowed (const char *name)
151 for (l=opt.disabled_applications; l; l = l->next)
152 if (!strcmp (l->d, name))
158 /* This may be called to tell this module about a removed or resetted card. */
160 application_notify_card_reset (int slot)
162 if (slot < 0 || slot >= DIM (lock_table))
165 /* FIXME: We are ignoring any error value here. */
166 lock_reader (slot, NULL);
168 /* Release the APP, as it's not reusable any more. */
169 if (lock_table[slot].app)
171 if (lock_table[slot].app->ref_count)
172 log_bug ("trying to release active context\n");
174 deallocate_app (lock_table[slot].app);
175 lock_table[slot].app = NULL;
176 log_debug ("application has been released\n");
179 unlock_reader (slot);
184 * This function is called with lock held.
187 check_conflict (int slot, const char *name)
189 app_t app = lock_table[slot].app;
191 if (!app || !name || (app->apptype && !ascii_strcasecmp (app->apptype, name)))
196 lock_table[slot].app = NULL;
197 deallocate_app (app);
202 log_info ("application '%s' in use by reader %d - can't switch\n",
203 app->apptype? app->apptype : "<null>", slot);
204 return gpg_error (GPG_ERR_CONFLICT);
208 /* This function is used by the serialno command to check for an
209 application conflict which may appear if the serialno command is
210 used to request a specific application and the connection has
211 already done a select_application. */
213 check_application_conflict (ctrl_t ctrl, int slot, const char *name)
217 if (slot < 0 || slot >= DIM (lock_table))
218 return gpg_error (GPG_ERR_INV_VALUE);
220 err = lock_reader (slot, ctrl);
224 err = check_conflict (slot, name);
225 unlock_reader (slot);
230 /* If called with NAME as NULL, select the best fitting application
231 and return a context; otherwise select the application with NAME
232 and return a context. SLOT identifies the reader device. Returns
233 an error code and stores NULL at R_APP if no application was found
234 or no card is present. */
236 select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app)
240 unsigned char *result = NULL;
248 want_undefined = (name && !strcmp (name, "undefined"));
250 err = lock_reader (slot, ctrl);
254 /* First check whether we already have an application to share. */
255 err = check_conflict (slot, name);
258 unlock_reader (slot);
262 app = lock_table[slot].app;
264 /* If we can reuse an application, bump the reference count and
268 if (app->slot != slot)
269 log_bug ("slot mismatch %d/%d\n", app->slot, slot);
274 unlock_reader (slot);
275 return 0; /* Okay: We share that one. */
278 /* Need to allocate a new one. */
279 app = xtrycalloc (1, sizeof *app);
282 err = gpg_error_from_syserror ();
283 log_info ("error allocating context: %s\n", gpg_strerror (err));
284 unlock_reader (slot);
290 /* Fixme: We should now first check whether a card is at all
293 /* Try to read the GDO file first to get a default serial number.
294 We skip this if the undefined application has been requested. */
297 err = iso7816_select_file (slot, 0x3F00, 1, NULL, NULL);
299 err = iso7816_select_file (slot, 0x2F02, 0, NULL, NULL);
301 err = iso7816_read_binary (slot, 0, 0, &result, &resultlen);
305 const unsigned char *p;
307 p = find_tlv_unchecked (result, resultlen, 0x5A, &n);
309 resultlen -= (p-result);
310 if (p && n > resultlen && n == 0x0d && resultlen+1 == n)
312 /* The object it does not fit into the buffer. This is an
313 invalid encoding (or the buffer is too short. However, I
314 have some test cards with such an invalid encoding and
315 therefore I use this ugly workaround to return something
316 I can further experiment with. */
317 log_info ("enabling BMI testcard workaround\n");
321 if (p && n <= resultlen)
323 /* The GDO file is pretty short, thus we simply reuse it for
324 storing the serial number. */
325 memmove (result, p, n);
326 app->serialno = result;
327 app->serialnolen = n;
328 err = app_munge_serialno (app);
338 /* For certain error codes, there is no need to try more. */
339 if (gpg_err_code (err) == GPG_ERR_CARD_NOT_PRESENT
340 || gpg_err_code (err) == GPG_ERR_ENODEV)
343 /* Figure out the application to use. */
346 /* We switch to the "undefined" application only if explicitly
348 app->apptype = "UNDEFINED";
352 err = gpg_error (GPG_ERR_NOT_FOUND);
354 if (err && is_app_allowed ("openpgp")
355 && (!name || !strcmp (name, "openpgp")))
356 err = app_select_openpgp (app);
357 if (err && is_app_allowed ("nks") && (!name || !strcmp (name, "nks")))
358 err = app_select_nks (app);
359 if (err && is_app_allowed ("p15") && (!name || !strcmp (name, "p15")))
360 err = app_select_p15 (app);
361 if (err && is_app_allowed ("geldkarte")
362 && (!name || !strcmp (name, "geldkarte")))
363 err = app_select_geldkarte (app);
364 if (err && is_app_allowed ("dinsig") && (!name || !strcmp (name, "dinsig")))
365 err = app_select_dinsig (app);
366 if (err && is_app_allowed ("sc-hsm") && (!name || !strcmp (name, "sc-hsm")))
367 err = app_select_sc_hsm (app);
368 if (err && name && gpg_err_code (err) != GPG_ERR_OBJ_TERM_STATE)
369 err = gpg_error (GPG_ERR_NOT_SUPPORTED);
375 log_info ("can't select application '%s': %s\n",
376 name, gpg_strerror (err));
378 log_info ("no supported card application found: %s\n",
381 unlock_reader (slot);
387 lock_table[slot].app = app;
389 unlock_reader (slot);
395 get_supported_applications (void)
397 const char *list[] = {
404 /* Note: "undefined" is not listed here because it needs special
405 treatment by the client. */
412 for (nbytes=1, idx=0; list[idx]; idx++)
413 nbytes += strlen (list[idx]) + 1 + 1;
415 buffer = xtrymalloc (nbytes);
419 for (p=buffer, idx=0; list[idx]; idx++)
420 if (is_app_allowed (list[idx]))
421 p = stpcpy (stpcpy (p, list[idx]), ":\n");
428 /* Deallocate the application. */
430 deallocate_app (app_t app)
434 app->fnc.deinit (app);
435 app->fnc.deinit = NULL;
438 xfree (app->serialno);
442 /* Free the resources associated with the application APP. APP is
443 allowed to be NULL in which case this is a no-op. Note that we are
444 using reference counting to track the users of the application and
445 actually deferring the deallocation to allow for a later reuse by
448 release_application (app_t app)
456 log_bug ("trying to release an already released context\n");
457 if (--app->ref_count)
460 /* Move the reference to the application in the lock table. */
462 /* FIXME: We are ignoring any error value. */
463 lock_reader (slot, NULL);
464 if (lock_table[slot].app != app)
466 unlock_reader (slot);
467 log_bug ("app mismatch %p/%p\n", app, lock_table[slot].app);
468 deallocate_app (app);
472 /* We don't deallocate app here. Instead, we keep it. This is
473 useful so that a card does not get reset even if only one session
474 is using the card - this way the PIN cache and other cached data
476 unlock_reader (slot);
481 /* The serial number may need some cosmetics. Do it here. This
482 function shall only be called once after a new serial number has
483 been put into APP->serialno.
487 FF 00 00 = For serial numbers starting with an FF
488 FF 01 00 = Some german p15 cards return an empty serial number so the
489 serial number from the EF(TokenInfo) is used instead.
490 FF 7F 00 = No serialno.
492 All other serial number not starting with FF are used as they are.
495 app_munge_serialno (app_t app)
497 if (app->serialnolen && app->serialno[0] == 0xff)
499 /* The serial number starts with our special prefix. This
500 requires that we put our default prefix "FF0000" in front. */
501 unsigned char *p = xtrymalloc (app->serialnolen + 3);
503 return gpg_error_from_syserror ();
504 memcpy (p, "\xff\0", 3);
505 memcpy (p+3, app->serialno, app->serialnolen);
506 app->serialnolen += 3;
507 xfree (app->serialno);
510 else if (!app->serialnolen)
512 unsigned char *p = xtrymalloc (3);
514 return gpg_error_from_syserror ();
515 memcpy (p, "\xff\x7f", 3);
516 app->serialnolen = 3;
517 xfree (app->serialno);
525 /* Retrieve the serial number and the time of the last update of the
526 card. The serial number is returned as a malloced string (hex
527 encoded) in SERIAL and the time of update is returned in STAMP. If
528 no update time is available the returned value is 0. Caller must
529 free SERIAL unless the function returns an error. If STAMP is not
530 of interest, NULL may be passed. */
532 app_get_serial_and_stamp (app_t app, char **serial, time_t *stamp)
537 return gpg_error (GPG_ERR_INV_VALUE);
541 *stamp = 0; /* not available */
543 if (!app->serialnolen)
544 buf = xtrystrdup ("FF7F00");
546 buf = bin2hex (app->serialno, app->serialnolen, NULL);
548 return gpg_error_from_syserror ();
555 /* Write out the application specifig status lines for the LEARN
558 app_write_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
563 return gpg_error (GPG_ERR_INV_VALUE);
565 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
566 if (!app->fnc.learn_status)
567 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
569 /* We do not send APPTYPE if only keypairinfo is requested. */
570 if (app->apptype && !(flags & 1))
571 send_status_info (ctrl, "APPTYPE",
572 app->apptype, strlen (app->apptype), NULL, 0);
573 err = lock_reader (app->slot, ctrl);
576 err = app->fnc.learn_status (app, ctrl, flags);
577 unlock_reader (app->slot);
582 /* Read the certificate with id CERTID (as returned by learn_status in
583 the CERTINFO status lines) and return it in the freshly allocated
584 buffer put into CERT and the length of the certificate put into
587 app_readcert (app_t app, const char *certid,
588 unsigned char **cert, size_t *certlen)
593 return gpg_error (GPG_ERR_INV_VALUE);
595 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
596 if (!app->fnc.readcert)
597 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
598 err = lock_reader (app->slot, NULL/* FIXME*/);
601 err = app->fnc.readcert (app, certid, cert, certlen);
602 unlock_reader (app->slot);
607 /* Read the key with ID KEYID. On success a canonical encoded
608 S-expression with the public key will get stored at PK and its
609 length (for assertions) at PKLEN; the caller must release that
610 buffer. On error NULL will be stored at PK and PKLEN and an error
613 This function might not be supported by all applications. */
615 app_readkey (app_t app, int advanced, const char *keyid,
616 unsigned char **pk, size_t *pklen)
625 if (!app || !keyid || !pk || !pklen)
626 return gpg_error (GPG_ERR_INV_VALUE);
628 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
629 if (!app->fnc.readkey)
630 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
631 err = lock_reader (app->slot, NULL /*FIXME*/);
634 err= app->fnc.readkey (app, advanced, keyid, pk, pklen);
635 unlock_reader (app->slot);
640 /* Perform a GETATTR operation. */
642 app_getattr (app_t app, ctrl_t ctrl, const char *name)
646 if (!app || !name || !*name)
647 return gpg_error (GPG_ERR_INV_VALUE);
649 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
651 if (app->apptype && name && !strcmp (name, "APPTYPE"))
653 send_status_info (ctrl, "APPTYPE",
654 app->apptype, strlen (app->apptype), NULL, 0);
657 if (name && !strcmp (name, "SERIALNO"))
663 rc = app_get_serial_and_stamp (app, &serial, &stamp);
666 send_status_info (ctrl, "SERIALNO", serial, strlen (serial), NULL, 0);
671 if (!app->fnc.getattr)
672 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
673 err = lock_reader (app->slot, ctrl);
676 err = app->fnc.getattr (app, ctrl, name);
677 unlock_reader (app->slot);
681 /* Perform a SETATTR operation. */
683 app_setattr (app_t app, const char *name,
684 gpg_error_t (*pincb)(void*, const char *, char **),
686 const unsigned char *value, size_t valuelen)
690 if (!app || !name || !*name || !value)
691 return gpg_error (GPG_ERR_INV_VALUE);
693 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
694 if (!app->fnc.setattr)
695 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
696 err = lock_reader (app->slot, NULL /*FIXME*/);
699 err = app->fnc.setattr (app, name, pincb, pincb_arg, value, valuelen);
700 unlock_reader (app->slot);
704 /* Create the signature and return the allocated result in OUTDATA.
705 If a PIN is required the PINCB will be used to ask for the PIN; it
706 should return the PIN in an allocated buffer and put it into PIN. */
708 app_sign (app_t app, const char *keyidstr, int hashalgo,
709 gpg_error_t (*pincb)(void*, const char *, char **),
711 const void *indata, size_t indatalen,
712 unsigned char **outdata, size_t *outdatalen )
716 if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
717 return gpg_error (GPG_ERR_INV_VALUE);
719 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
721 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
722 err = lock_reader (app->slot, NULL /*FIXME*/);
725 err = app->fnc.sign (app, keyidstr, hashalgo,
728 outdata, outdatalen);
729 unlock_reader (app->slot);
731 log_info ("operation sign result: %s\n", gpg_strerror (err));
735 /* Create the signature using the INTERNAL AUTHENTICATE command and
736 return the allocated result in OUTDATA. If a PIN is required the
737 PINCB will be used to ask for the PIN; it should return the PIN in
738 an allocated buffer and put it into PIN. */
740 app_auth (app_t app, const char *keyidstr,
741 gpg_error_t (*pincb)(void*, const char *, char **),
743 const void *indata, size_t indatalen,
744 unsigned char **outdata, size_t *outdatalen )
748 if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
749 return gpg_error (GPG_ERR_INV_VALUE);
751 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
753 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
754 err = lock_reader (app->slot, NULL /*FIXME*/);
757 err = app->fnc.auth (app, keyidstr,
760 outdata, outdatalen);
761 unlock_reader (app->slot);
763 log_info ("operation auth result: %s\n", gpg_strerror (err));
768 /* Decrypt the data in INDATA and return the allocated result in OUTDATA.
769 If a PIN is required the PINCB will be used to ask for the PIN; it
770 should return the PIN in an allocated buffer and put it into PIN. */
772 app_decipher (app_t app, const char *keyidstr,
773 gpg_error_t (*pincb)(void*, const char *, char **),
775 const void *indata, size_t indatalen,
776 unsigned char **outdata, size_t *outdatalen,
777 unsigned int *r_info)
783 if (!app || !indata || !indatalen || !outdata || !outdatalen || !pincb)
784 return gpg_error (GPG_ERR_INV_VALUE);
786 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
787 if (!app->fnc.decipher)
788 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
789 err = lock_reader (app->slot, NULL /*FIXME*/);
792 err = app->fnc.decipher (app, keyidstr,
797 unlock_reader (app->slot);
799 log_info ("operation decipher result: %s\n", gpg_strerror (err));
804 /* Perform the WRITECERT operation. */
806 app_writecert (app_t app, ctrl_t ctrl,
807 const char *certidstr,
808 gpg_error_t (*pincb)(void*, const char *, char **),
810 const unsigned char *data, size_t datalen)
814 if (!app || !certidstr || !*certidstr || !pincb)
815 return gpg_error (GPG_ERR_INV_VALUE);
817 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
818 if (!app->fnc.writecert)
819 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
820 err = lock_reader (app->slot, ctrl);
823 err = app->fnc.writecert (app, ctrl, certidstr,
824 pincb, pincb_arg, data, datalen);
825 unlock_reader (app->slot);
827 log_info ("operation writecert result: %s\n", gpg_strerror (err));
832 /* Perform the WRITEKEY operation. */
834 app_writekey (app_t app, ctrl_t ctrl,
835 const char *keyidstr, unsigned int flags,
836 gpg_error_t (*pincb)(void*, const char *, char **),
838 const unsigned char *keydata, size_t keydatalen)
842 if (!app || !keyidstr || !*keyidstr || !pincb)
843 return gpg_error (GPG_ERR_INV_VALUE);
845 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
846 if (!app->fnc.writekey)
847 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
848 err = lock_reader (app->slot, ctrl);
851 err = app->fnc.writekey (app, ctrl, keyidstr, flags,
852 pincb, pincb_arg, keydata, keydatalen);
853 unlock_reader (app->slot);
855 log_info ("operation writekey result: %s\n", gpg_strerror (err));
860 /* Perform a SETATTR operation. */
862 app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
864 gpg_error_t (*pincb)(void*, const char *, char **),
869 if (!app || !keynostr || !*keynostr || !pincb)
870 return gpg_error (GPG_ERR_INV_VALUE);
872 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
873 if (!app->fnc.genkey)
874 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
875 err = lock_reader (app->slot, ctrl);
878 err = app->fnc.genkey (app, ctrl, keynostr, flags,
879 createtime, pincb, pincb_arg);
880 unlock_reader (app->slot);
882 log_info ("operation genkey result: %s\n", gpg_strerror (err));
887 /* Perform a GET CHALLENGE operation. This function is special as it
888 directly accesses the card without any application specific
891 app_get_challenge (app_t app, size_t nbytes, unsigned char *buffer)
895 if (!app || !nbytes || !buffer)
896 return gpg_error (GPG_ERR_INV_VALUE);
898 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
899 err = lock_reader (app->slot, NULL /*FIXME*/);
902 err = iso7816_get_challenge (app->slot, nbytes, buffer);
903 unlock_reader (app->slot);
909 /* Perform a CHANGE REFERENCE DATA or RESET RETRY COUNTER operation. */
911 app_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr, int reset_mode,
912 gpg_error_t (*pincb)(void*, const char *, char **),
917 if (!app || !chvnostr || !*chvnostr || !pincb)
918 return gpg_error (GPG_ERR_INV_VALUE);
920 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
921 if (!app->fnc.change_pin)
922 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
923 err = lock_reader (app->slot, ctrl);
926 err = app->fnc.change_pin (app, ctrl, chvnostr, reset_mode,
928 unlock_reader (app->slot);
930 log_info ("operation change_pin result: %s\n", gpg_strerror (err));
935 /* Perform a VERIFY operation without doing anything lese. This may
936 be used to initialze a the PIN cache for long lasting other
937 operations. Its use is highly application dependent. */
939 app_check_pin (app_t app, const char *keyidstr,
940 gpg_error_t (*pincb)(void*, const char *, char **),
945 if (!app || !keyidstr || !*keyidstr || !pincb)
946 return gpg_error (GPG_ERR_INV_VALUE);
948 return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED);
949 if (!app->fnc.check_pin)
950 return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
951 err = lock_reader (app->slot, NULL /*FIXME*/);
954 err = app->fnc.check_pin (app, keyidstr, pincb, pincb_arg);
955 unlock_reader (app->slot);
957 log_info ("operation check_pin result: %s\n", gpg_strerror (err));