Author: jmagne
Update of /cvs/dirsec/coolkey/src/libckyapplet
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29025
Modified Files:
cky_applet.c cky_applet.h cky_factory.c cky_factory.h
Log Message:
Add support for 2048 bit keys, #485829.
Index: cky_applet.c
===================================================================
RCS file: /cvs/dirsec/coolkey/src/libckyapplet/cky_applet.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- cky_applet.c 9 Jun 2006 18:44:17 -0000 1.1
+++ cky_applet.c 19 Feb 2009 02:03:08 -0000 1.2
@@ -134,6 +134,13 @@
/* Future add WriteObject */
CKYStatus
+CKYAppletFactory_WriteObject(CKYAPDU *apdu, const void *param)
+{
+ const CKYAppletArgWriteObject *wos = (const CKYAppletArgWriteObject *)param;
+ return CKYAPDUFactory_WriteObject(apdu,wos->objectID,wos->offset,wos->size,wos->data);
+}
+
+CKYStatus
CKYAppletFactory_CreateObject(CKYAPDU *apdu, const void *param)
{
const CKYAppletArgCreateObject *cos=(const CKYAppletArgCreateObject *)param;
@@ -192,7 +199,6 @@
{
return CKYAPDUFactory_GetLifeCycleV2(apdu);
}
-
CKYStatus
CKYAppletFactory_GetRandom(CKYAPDU *apdu, const void *param)
{
@@ -725,24 +731,48 @@
CKYAppletArgComputeCrypt ccd;
CKYBuffer empty;
CKYISOStatus status;
+ short dataSize = 0;
int use2APDUs = 0;
+ int use_dl_object = CKYBuffer_Size(data) > 200 ;
CKYBuffer_InitEmpty(&empty);
ccd.keyNumber = keyNumber;
ccd.mode = mode;
ccd.direction = direction;
- ccd.location = CKY_DL_APDU;
+ ccd.location = use_dl_object ? CKY_DL_OBJECT : CKY_DL_APDU;
if (!apduRC)
apduRC = &status;
+ if (use_dl_object) {
+ CKYBuffer sizeBuf;
+
+ CKYBuffer_InitEmpty(&sizeBuf);
+ CKYBuffer_AppendShort(&sizeBuf, CKYBuffer_Size(data));
+
+ ret = CKYApplet_WriteObjectFull(conn, 0xffffffff,
+ 0, CKYBuffer_Size(&sizeBuf), nonce,
+ &sizeBuf, apduRC);
+
+ CKYBuffer_FreeData(&sizeBuf);
+ if( ret != CKYSUCCESS)
+ goto fail;
+
+ ret = CKYApplet_WriteObjectFull(conn, 0xffffffff,
+ 2, CKYBuffer_Size(data), nonce,
+ data, apduRC);
+
+ if(ret != CKYSUCCESS)
+ goto fail;
+ }
+
if (mode == CKY_RSA_NO_PAD) {
- ccd.data = data;
+ ccd.data = use_dl_object ? &empty : data;
ccd.sig = sig;
ret = CKYApplet_HandleAPDU(conn,
CKYAppletFactory_ComputeCryptOneStep, &ccd, nonce,
CKY_SIZE_UNKNOWN, ckyAppletFill_ComputeCryptFinal,
- result, apduRC);
+ use_dl_object ? NULL : result, apduRC);
if (ret == CKYAPDUFAIL && *apduRC == CKYISO_INCORRECT_P2) {
use2APDUs = 1; /* maybe it's an old applet */
}
@@ -759,13 +789,38 @@
CKYAppletFactory_ComputeCryptInit, &ccd, nonce,
0, CKYAppletFill_Null, NULL, apduRC);
if (ret == CKYSUCCESS) {
- ccd.data = data;
+ ccd.data = use_dl_object ? &empty : data;
ret = CKYApplet_HandleAPDU(conn,
CKYAppletFactory_ComputeCryptFinal, &ccd, nonce,
CKY_SIZE_UNKNOWN, ckyAppletFill_ComputeCryptFinal,
- result, apduRC);
+ use_dl_object ? NULL : result, apduRC);
}
}
+
+ if (use_dl_object && ret == CKYSUCCESS) {
+ CKYBuffer sizeOutBuf;
+ CKYBuffer_InitEmpty(&sizeOutBuf);
+
+ ret = CKYApplet_ReadObjectFull(conn,0xffffffff,
+ 0, 2,
+ nonce,&sizeOutBuf,apduRC);
+
+ if(ret != CKYSUCCESS) {
+ CKYBuffer_FreeData(&sizeOutBuf);
+ goto fail;
+ }
+
+ dataSize = CKYBuffer_GetShort(&sizeOutBuf, 0);
+
+ CKYBuffer_FreeData(&sizeOutBuf);
+
+ ret = CKYApplet_ReadObjectFull(conn,0xffffffff,
+ 2, dataSize,
+ nonce,result,apduRC);
+ }
+
+fail:
+
return ret;
}
@@ -1036,6 +1091,44 @@
}
/*
+ * Write Object
+ * This makes multiple APDU calls to write the entire object.
+ *
+ */
+
+CKYStatus
+CKYApplet_WriteObjectFull(CKYCardConnection *conn, unsigned long objectID,
+ CKYOffset offset, CKYSize size, const CKYBuffer *nonce,
+ const CKYBuffer *data, CKYISOStatus *apduRC)
+{
+
+ CKYBuffer chunk;
+ CKYOffset srcOffset = 0;
+ CKYAppletArgWriteObject wod;
+ CKYStatus ret = CKYSUCCESS;
+
+ wod.objectID = objectID;
+ wod.offset = offset;
+ do {
+ wod.size = (CKYByte) MIN(size, 220);
+ ret = CKYBuffer_InitFromBuffer(&chunk, data,
+ srcOffset, wod.size);
+ if(ret == CKYSUCCESS) {
+ wod.data = &chunk;
+ ret = CKYApplet_HandleAPDU(conn, CKYAppletFactory_WriteObject, &wod,
+ nonce, 0, CKYAppletFill_Null, NULL, apduRC);
+ size -= wod.size;
+ wod.offset += wod.size;
+ srcOffset += wod.size;
+ CKYBuffer_FreeData(&chunk);
+ }
+
+ } while ((size > 0) && (ret == CKYSUCCESS));
+
+ return ret;
+}
+
+/*
* List Object cluster
*/
static CKYStatus
Index: cky_applet.h
===================================================================
RCS file: /cvs/dirsec/coolkey/src/libckyapplet/cky_applet.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- cky_applet.h 9 Jun 2006 18:44:17 -0000 1.1
+++ cky_applet.h 19 Feb 2009 02:03:08 -0000 1.2
@@ -192,6 +192,14 @@
CKYByte size;
} CKYAppletArgReadObject;
+typedef struct _CKYAppletArgWriteObject {
+ unsigned long objectID;
+ CKYOffset offset;
+ CKYByte size;
+ CKYBuffer *data;
+
+} CKYAppletArgWriteObject;
+
typedef struct _CKYAppletArgComputeCrypt {
CKYByte keyNumber;
CKYByte mode;
@@ -250,6 +258,8 @@
/* param == CKYByte * (pointer to pinNumber) */
CKYStatus CKYAppletFactory_Logout(CKYAPDU *apdu, const void *param);
/* Future add WriteObject */
+/* parm == CKYAppletArgWriteObject */
+CKYStatus CKYAppletFactory_WriteObject(CKYAPDU *apdu, const void *param);
/* param == CKYAppletArgCreateObject */
CKYStatus CKYAppletFactory_CreateObject(CKYAPDU *apdu, const void *param);
/* param == CKYAppletArgDeleteObject */
@@ -482,6 +492,17 @@
CKYStatus CKYApplet_ReadObjectFull(CKYCardConnection *conn,
unsigned long objectID, CKYOffset offset, CKYSize size,
const CKYBuffer *nonce, CKYBuffer *data, CKYISOStatus *apduRC);
+/*
+ * There is 1 write command:
+ * CKYApplet_WriteObjectFull can write an entire data object. It makes multiple
+ * apdu calls in order to write the full amount into the buffer. The buffer is
+ * overwritten.
+*/
+
+CKYStatus CKYApplet_WriteObjectFull(CKYCardConnection *conn,
+ unsigned long objectID, CKYOffset offset, CKYSize size,
+ const CKYBuffer *nonce, const CKYBuffer *data, CKYISOStatus *apduRC);
+
CKYStatus CKYApplet_ListObjects(CKYCardConnection *conn, CKYByte seq,
CKYAppletRespListObjects *lop, CKYISOStatus *apduRC);
CKYStatus CKYApplet_GetStatus(CKYCardConnection *conn,
Index: cky_factory.c
===================================================================
RCS file: /cvs/dirsec/coolkey/src/libckyapplet/cky_factory.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- cky_factory.c 9 Jun 2006 18:44:17 -0000 1.1
+++ cky_factory.c 19 Feb 2009 02:03:08 -0000 1.2
@@ -190,8 +190,11 @@
CKYSize len;
CKYBuffer buf;
- if (!idata || !(len = CKYBuffer_Size(idata)) || location != CKY_DL_APDU)
- return ret;
+ if (!idata)
+ return ret;
+
+ if (!(len = CKYBuffer_Size(idata)) && location != CKY_DL_OBJECT)
+ return ret;
CKYAPDU_SetCLA(apdu, CKY_CLASS_COOLKEY);
CKYAPDU_SetINS(apdu, CKY_INS_COMPUTE_CRYPT);
@@ -314,8 +317,6 @@
return CKYSUCCESS;
}
-/* Future add WriteObject */
-
CKYStatus
CKYAPDUFactory_CreateObject(CKYAPDU *apdu, unsigned long objectID, CKYSize size,
unsigned short readACL, unsigned short writeACL, unsigned short deleteACL)
@@ -419,6 +420,58 @@
}
CKYStatus
+CKYAPDUFactory_WriteObject(CKYAPDU *apdu, unsigned long objectID,
+ CKYOffset offset,CKYSize size,CKYBuffer *data)
+{
+ CKYBuffer buf;
+ CKYStatus ret = CKYSUCCESS;
+ unsigned short dataSize = 0;
+
+ CKYAPDU_SetCLA(apdu, CKY_CLASS_COOLKEY);
+ CKYAPDU_SetINS(apdu, CKY_INS_WRITE_OBJ);
+ CKYAPDU_SetP1(apdu, 0x00);
+ CKYAPDU_SetP2(apdu, 0x00);
+ CKYBuffer_InitEmpty(&buf);
+
+ dataSize = (unsigned short) CKYBuffer_Size(data);
+
+ if(!dataSize) {
+ ret = CKYINVALIDARGS;
+ goto fail;
+ }
+
+ ret = CKYBuffer_AppendLong(&buf,objectID);
+ if (ret != CKYSUCCESS) {
+ goto fail;
+ }
+ ret = CKYBuffer_AppendLong(&buf,offset);
+ if (ret != CKYSUCCESS) {
+ goto fail;
+ }
+ ret = CKYBuffer_AppendChar(&buf, size);
+ if (ret != CKYSUCCESS) {
+ goto fail;
+ }
+
+ ret = CKYAPDU_SetSendDataBuffer(apdu,&buf);
+
+ if (ret != CKYSUCCESS) {
+ goto fail;
+ }
+
+ ret = CKYAPDU_AppendSendDataBuffer(apdu, data);
+
+ if (ret != CKYSUCCESS) {
+ goto fail;
+ }
+
+fail:
+ CKYBuffer_FreeData(&buf);
+ return ret;
+
+}
+
+CKYStatus
CKYAPDUFactory_ListObjects(CKYAPDU *apdu, CKYByte sequence)
{
CKYAPDU_SetCLA(apdu, CKY_CLASS_COOLKEY);
Index: cky_factory.h
===================================================================
RCS file: /cvs/dirsec/coolkey/src/libckyapplet/cky_factory.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- cky_factory.h 9 Jun 2006 18:44:17 -0000 1.1
+++ cky_factory.h 19 Feb 2009 02:03:08 -0000 1.2
@@ -190,7 +190,8 @@
const char *oldPin, const char *newPin);
CKYStatus CKYAPDUFactory_ListPINs(CKYAPDU *apdu);
CKYStatus CKYAPDUFactory_Logout(CKYAPDU *apdu, CKYByte pinNumber);
-
+CKYStatus CKYAPDUFactory_WriteObject(CKYAPDU *apdu, unsigned long objectID,
+ CKYOffset offset,CKYSize size,CKYBuffer *data);
/* Future add WriteObject */
CKYStatus CKYAPDUFactory_CreateObject(CKYAPDU *apdu, unsigned long objectID,
CKYSize size, unsigned short readACL, unsigned short writeACL,