APL_Certif *APL_Certifs::getCert(unsigned long ulIndex, bool bOnlyVisible)
{
APL_Certif *cert=NULL;
unsigned long ulCount=0;
std::vector<unsigned long>::const_iterator itrOrder;
std::map<unsigned long, APL_Certif *>::const_iterator itrCert;
for(itrOrder=m_certifsOrder.begin();itrOrder!=m_certifsOrder.end();itrOrder++)
{
itrCert = m_certifs.find(*itrOrder);
if(itrCert==m_certifs.end())
{
//The certif is not in the map
//Should not happend
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
}
cert=itrCert->second;
if(!bOnlyVisible || !cert->isHidden())
{
if(ulCount==ulIndex)
return cert;
else
ulCount++;
}
}
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
}
void CReader::WriteFile(const std::string &csPath, unsigned long ulOffset,
const CByteArray & oData)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
try
{
return m_poCard->WriteFile(csPath, ulOffset, oData);
}
catch (const CNotAuthenticatedException & e)
{
// A PIN is needed to write -> ask the correct PIN and do a verification
unsigned long ulRemaining;
tPin pin = m_oPKCS15.GetPinByRef(e.GetPinRef());
if (pin.bValid)
{
if (m_poCard->PinCmd(PIN_OP_VERIFY, pin, "", "", ulRemaining, NULL))
{
return m_poCard->WriteFile(csPath, ulOffset, oData);
}
else
throw CMWEXCEPTION(ulRemaining == 0 ?
EIDMW_ERR_PIN_BLOCKED : EIDMW_ERR_PIN_BAD);
}
else
throw CMWEXCEPTION(EIDMW_ERR_CMD_NOT_ALLOWED);
}
}
void CByteArray::SetByte(unsigned char ucByte, unsigned long ulIndex)
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
if (ulIndex >= m_ulSize)
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
m_pucData[ulIndex] = ucByte;
}
unsigned char CByteArray::GetByte(unsigned long ulIndex) const
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
if (ulIndex >= m_ulSize)
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
return m_pucData[ulIndex];
}
CByteArray CByteArray::GetBytes(unsigned long ulOffset, unsigned long ulLen) const
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
if (ulOffset >= m_ulSize)
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
if (ulLen == 0xFFFFFFFF || ulOffset + ulLen > m_ulSize)
ulLen = m_ulSize - ulOffset;
return CByteArray(&m_pucData[ulOffset],ulLen);
}
CByteArray CReader::Sign(const tPrivKey & key, unsigned long algo,
const CByteArray & oData)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
unsigned long ulSupportedAlgos = m_poCard->GetSupportedAlgorithms();
CByteArray oAID_Data;
if (algo & SIGN_ALGO_MD5_RSA_PKCS)
oAID_Data.Append(MD5_AID, sizeof(MD5_AID));
else if (algo & SIGN_ALGO_SHA1_RSA_PKCS)
oAID_Data.Append(SHA1_AID, sizeof(SHA1_AID));
else if (m_poCard->GetType() == CARD_PTEID_IAS101 &&
algo & SIGN_ALGO_SHA256_RSA_PKCS)
oAID_Data.Append(SHA256_AID, sizeof(SHA256_AID));
else if (algo & SIGN_ALGO_SHA384_RSA_PKCS)
oAID_Data.Append(SHA384_AID, sizeof(SHA256_AID));
else if (algo & SIGN_ALGO_SHA512_RSA_PKCS)
oAID_Data.Append(SHA512_AID, sizeof(SHA256_AID));
else if (algo & SIGN_ALGO_RIPEMD160_RSA_PKCS)
oAID_Data.Append(RIPEMD160_AID, sizeof(RIPEMD160_AID));
oAID_Data.Append(oData);
if (ulSupportedAlgos & SIGN_ALGO_RSA_PKCS)
{
return m_poCard->Sign(key, GetPinByID(key.ulAuthID),
algo, oAID_Data);
}
else if (ulSupportedAlgos & SIGN_ALGO_RSA_RAW)
{
if (oAID_Data.Size() > key.ulKeyLenBytes - 11)
{
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
}
CByteArray oRawData(NULL, 0, key.ulKeyLenBytes);
oRawData.Append(0x00);
oRawData.Append(0x01);
for (unsigned long i = 2; i < key.ulKeyLenBytes - oAID_Data.Size() - 1; i++)
oRawData.Append(0xFF);
oRawData.Append(0x00);
oRawData.Append(oAID_Data);
return m_poCard->Sign(key, GetPinByID(key.ulID), SIGN_ALGO_RSA_RAW, oData);
}
else
throw CMWEXCEPTION(EIDMW_ERR_CHECK);
}
/** Retrieve from the configuration a parameter of the type STRING in the user settings
\return std::wstring requested parameter
\retval EIMDW_NOT_OK exception; when section is not found
\retval EIDMW_ERR_PARAM_BAD exception; when parameter is not found
\sa SetString(), DelString, SetLong(), GetLong(), DelLong()
*************************************************************************************/
std::wstring CConfig::GetStringInt(
CConfig::tLocation location,
const std::wstring & csName, /**< In: parameter name */
const std::wstring & czSection, /**< In: the configuration-section where you can find above specified parameter */
bool bExpand /**< In: expand $home macro's to the value for this user/PC */
)
{
wchar_t wcsKeyRegName[MAX_PATH];
BYTE abValueDat[512];
DWORD dwValDatLen = 0;
DWORD dwType;
LONG lRes;
HKEY hRegKey;
HKEY hRegKeyRoot;
if(location == CConfig::SYSTEM)
hRegKeyRoot = HKEY_LOCAL_MACHINE;
else
hRegKeyRoot = HKEY_CURRENT_USER ;
//--- Open the KeyInfo entry
swprintf_s(wcsKeyRegName, sizeof(wcsKeyRegName)/sizeof(wchar_t), L"%s\\%s", SC_CONF_REG, czSection.c_str());
lRes = RegOpenKeyEx(hRegKeyRoot, wcsKeyRegName, 0L, KEY_READ , &hRegKey);
if (lRes != ERROR_SUCCESS){
throw CMWEXCEPTION(EIDMW_CONF);
}
//--- get the value
dwValDatLen = sizeof(abValueDat);
dwType = REG_SZ;
lRes = RegQueryValueEx(hRegKey, csName.c_str(), 0L, &dwType, abValueDat, &dwValDatLen);
if ((lRes != ERROR_SUCCESS)){
//try current user if no value found and not yet in current user
RegCloseKey(hRegKey);
throw CMWEXCEPTION(EIDMW_ERR_PARAM_BAD);
}
if (dwValDatLen > 2) //remove ending "00"
dwValDatLen -= 2;
RegCloseKey(hRegKey);
const std::wstring wsResult((const wchar_t*)abValueDat, (size_t) (dwValDatLen/2)); //convert byte to double byte
if(bExpand)
return( ExpandSection(wsResult) );
else
return( wsResult );
}
tFileInfo CPkiCard::SelectFile(const std::string & csPath, bool bReturnFileInfo)
{
CByteArray oResp;
tFileInfo xFileInfo = {0};
unsigned long ulPathLen = (unsigned long) csPath.size();
if (ulPathLen % 4 != 0 || ulPathLen == 0)
throw CMWEXCEPTION(EIDMW_ERR_BAD_PATH);
ulPathLen /= 2;
unsigned char ucP2 = bReturnFileInfo ? 0x00 : 0x0C;
CAutoLock autolock(this);
if (m_selectAppletMode == ALW_SELECT_APPLET)
{
SelectApplet();
oResp = SelectByPath(csPath, bReturnFileInfo);
}
else
{
// First try to select the file by ID, assuming we're in the correct DF
CByteArray oPath(ulPathLen);
oPath.Append(Hex2Byte(csPath, ulPathLen - 2));
oPath.Append(Hex2Byte(csPath, ulPathLen - 1));
// Select File
oResp = SendAPDU(0xA4, 0x02, ucP2, oPath);
unsigned long ulSW12 = getSW12(oResp);
if (ulSW12 == 0x6A82 || ulSW12 == 0x6A86)
{
if (ulPathLen == 2)
throw CMWEXCEPTION(m_poContext->m_oPCSC.SW12ToErr(ulSW12));
// The file wasn't found in this DF, so let's select by full path
oResp = SelectByPath(csPath, bReturnFileInfo);
}
else
{
getSW12(oResp, 0x9000);
}
}
if (bReturnFileInfo)
xFileInfo = ParseFileInfo(oResp);
return xFileInfo;
}
unsigned long CByteArray::GetLong(unsigned long ulIndex) const
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
if (ulIndex + sizeof(unsigned long) > m_ulSize)
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
unsigned long ulLong = 0;
for (unsigned int i = 0; i < sizeof(unsigned long); i++)
ulLong = (ulLong * 256) + m_pucData[ulIndex++];
return ulLong;
}
tCert CPKCS15::GetCert(unsigned long ulIndex)
{
if( ! m_xCDF.isRead) ReadLevel3(CDF);
if(ulIndex >= m_oCertificates.size())
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
return m_oCertificates.at(ulIndex);
}
unsigned long CReader::PinStatus(const tPin & Pin)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->PinStatus(Pin);
}
unsigned long CByteArray::Size() const
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
return m_ulSize;
}
void CReader::Unlock()
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->Unlock();
}
CByteArray CReader::GetInfo()
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->GetInfo();
}
tPrivKey CReader::GetPrivKeyByID(unsigned long ulID)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_oPKCS15.GetPrivKeyByID(ulID);
}
tCert CReader::GetCert(unsigned long ulIndex)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_oPKCS15.GetCert(ulIndex);
}
CByteArray CReader::SendAPDU(const CByteArray & oCmdAPDU)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->SendAPDU(oCmdAPDU);
}
// unsigned char *CByteArray::GetBytes()
unsigned char *CByteArray::GetBytes()
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
return m_pucData;
}
// const unsigned char *CByteArray::GetBytes() const
const unsigned char *CByteArray::GetBytes() const
{
if (m_bMallocError)
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
return m_ulSize == 0 ? NULL : m_pucData;
}
CByteArray CReader::GetRandom(unsigned long ulLen)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->GetRandom(ulLen);
}
tPrivKey CPKCS15::GetPrivKey(unsigned long ulIndex)
{
if(! m_xPrKDF.isRead) ReadLevel3(PRKDF);
if(ulIndex >= m_oPrKeys.size())
throw CMWEXCEPTION(EIDMW_ERR_PARAM_RANGE);
return m_oPrKeys.at(ulIndex);
}
CByteArray CReader::Ctrl(long ctrl, const CByteArray & oCmdData)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->Ctrl(ctrl, oCmdData);
}
CSocket *CSocketServer::Accept(struct sockaddr *outSockAddr, int *ioSockAddrLen) throw(CMWException)
{
socklen_t tSockAddrLen = *ioSockAddrLen;
SOCKET new_socket = accept(m_socket, outSockAddr, &tSockAddrLen);
if (new_socket == INVALID_SOCKET)
{
#ifdef WIN32
bool error = (WSAGetLastError() == WSAEWOULDBLOCK) ;
#else
bool error = (errno == EWOULDBLOCK);
#endif
if (error)
{
return 0;
}
else
{
throw CMWEXCEPTION(EIDMW_ERR_SOCKET_ACCEPT);
}
}
CSocket *result = new CSocket(new_socket);
return result;
}
unsigned long CReader::PrivKeyCount()
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_oPKCS15.PrivKeyCount();
}
tCardType CReader::GetCardType()
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->GetType();
}
void CReader::SelectApplication(const CByteArray & oAID)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->SelectApplication(oAID);
}
void SharedMem::Delete(int iSegmentID)
{
// delete the shared memory area
// once all processes have detached from this segment
int iAttachedProcs = getNAttached(iSegmentID);
if (iAttachedProcs > -1)
{
MWLOG(LEV_DEBUG, MOD_DLG,
L" SharedMem::Delete : request to delete memory segment with ID %d. N proc = %d",
iSegmentID, iAttachedProcs);
// check that no process is attached to this segment
if (iAttachedProcs == 0)
{
if (shmctl(iSegmentID, IPC_RMID, NULL) == 1)
{
MWLOG(LEV_ERROR, MOD_DLG,
L" SharedMem::Delete shmctl: %s",
strerror(errno));
throw CMWEXCEPTION(EIDMW_ERR_MEMORY);
}
MWLOG(LEV_DEBUG, MOD_DLG,
L" SharedMem::Delete : deleted memory segment with ID %d",
iSegmentID);
}
}
}
void CPkiCard::WriteUncachedFile(const std::string & csPath,
unsigned long ulOffset, const CByteArray & oData)
{
CAutoLock autolock(this);
tFileInfo fileInfo = SelectFile(csPath, true);
const unsigned char *pucData = oData.GetBytes();
unsigned long ulDataLen = oData.Size();
for (unsigned long i = 0; i < ulDataLen; i += MAX_APDU_WRITE_LEN)
{
unsigned long ulLen = ulDataLen - i;
if (ulLen > MAX_APDU_WRITE_LEN)
ulLen = MAX_APDU_WRITE_LEN;
CByteArray oResp = UpdateBinary(ulOffset + i, CByteArray(pucData + i, ulLen));
unsigned long ulSW12 = getSW12(oResp);
if (ulSW12 == 0x6982)
throw CNotAuthenticatedException(
EIDMW_ERR_NOT_AUTHENTICATED, fileInfo.lWritePINRef);
else if (ulSW12 != 0x9000)
throw CMWEXCEPTION(m_poContext->m_oPCSC.SW12ToErr(ulSW12));
}
MWLOG(LEV_INFO, MOD_CAL, L"Written file %ls to card", utilStringWiden(csPath).c_str());
}
CReader& CCardLayer::getReader(const std::string & csReaderName)
{
// Do an SCardEstablishContext() if not done yet
m_oPCSC.EstablishContext();
CReader *pRet = NULL;
// If csReaderName == "", take the default (= first found) reader name
const std::string * pcsReaderName = (csReaderName.size() == 0) ? GetDefaultReader() : &csReaderName;
if (pcsReaderName->size() == 0)
{
throw CMWEXCEPTION(EIDMW_ERR_NO_READER);
}
// First check if the reader doesn't exist already
for (unsigned long i = 0; i < MAX_READERS; i++)
{
if (m_tpReaders[i] != NULL)
{
if (m_tpReaders[i]->GetReaderName() == *pcsReaderName)
{
pRet = m_tpReaders[i];
break;
}
}
}
// No CReader object for this readername -> make one
if (pRet == NULL)
{
for (unsigned long i = 0; i < MAX_READERS; i++)
{
if (m_tpReaders[i] == NULL)
{
pRet = new CReader(*pcsReaderName, &m_oPCSC);
m_tpReaders[i] = pRet;
break;
}
}
}
// No room in m_tpReaders -> throw an exception
if (pRet == NULL)
{
throw CMWEXCEPTION(EIDMW_ERR_LIMIT);
}
return *pRet;
}
CByteArray CReader::Decrypt(const tPrivKey & key, unsigned long algo,
const CByteArray & oData)
{
if (m_poCard == NULL)
throw CMWEXCEPTION(EIDMW_ERR_NO_CARD);
return m_poCard->Decrypt(key, algo, oData);
}