static long TestPteidSendApdu(CReader & oReader) { long lErrors = 0; printf("\nTesting SendAPDU()\n"); // Send a Get Card Data APDU unsigned char tucGetCardData[] = {0x80, 0xE4, 0x00, 0x00, 0x1C}; CByteArray oGetCardData(tucGetCardData, sizeof(tucGetCardData)); CByteArray oData = oReader.SendAPDU(oGetCardData); // Serial nr. are the first 16 bytes of the Get Card Data APDU std::string csSerialNr = oReader.GetSerialNr(); if (csSerialNr != oData.ToString(false, true, 0, 16)) ERR_LOG("SendAPDU(GetCardData) returns wrong data (bad serial nr.)\n", lErrors); // Send a Select MF APDU unsigned char tucSelectMF[] = {0x00, 0xa4, 0x02, 0x0C, 0x02, 0x3f, 0x00}; CByteArray oSelectMF(tucSelectMF, sizeof(tucSelectMF)); oData = oReader.SendAPDU(oSelectMF); // Result should be 90 00 if (oData.Size() != 2 || oData.GetByte(0) != 0x90 || oData.GetByte(1) != 0x00) { ERR_LOG("SendAPDU(GetCardData) returns wrong data (bad serial nr.)\n", lErrors); printf(" (result = %s\n", oData.ToString().c_str()); } return lErrors; }
static long TestPteidPinStatus(CReader & oReader, unsigned char ucVersion) { long lErrors = 0; printf("\nTesting PinStatus()\n"); tPin pin = oReader.GetPin(0); unsigned long ulTriesLeft = oReader.PinStatus(pin); if (ucVersion < 0x20) { if (ulTriesLeft != PIN_STATUS_UNKNOWN) { ERR_LOG("PinStatus() for a V1 card doesn't return PIN_STATUS_UNKNOWN\n", lErrors); printf(" (remaining attempts = %ld)\n", ulTriesLeft); } } else { if (ulTriesLeft > 3) { ERR_LOG("PinStatus() for a V2 card doesn't return 0, 1, 2 or 3\n", lErrors); printf(" (remaining attempts = %ld)\n", ulTriesLeft); } else if (ulTriesLeft != 3) printf(" (warning: remaining tries for the \"%s\" PIN: %ld)\n", pin.csLabel.c_str(), ulTriesLeft); } return lErrors; }
static long TestReadLongFile(CReader & oReader, const std::string & csPath) { long lErrors = 0; printf("\nTesting CReader::ReadFile() for long files\n"); try { CByteArray oFullData = oReader.ReadFile(csPath, 0, FULL_FILE); CByteArray oData1 = oReader.ReadFile(csPath, 0, 252); if (oData1.Size() != 252 || memcmp(oFullData.GetBytes(), oData1.GetBytes(), 252) != 0) ERR_LOG("ERR: CReader::ReadFile(length != 252) failed\n", lErrors); CByteArray oData2 = oReader.ReadFile(csPath, 0, 253); if (oData2.Size() != 253 || memcmp(oFullData.GetBytes(), oData2.GetBytes(), 253) != 0) ERR_LOG("ERR: CReader::ReadFile(length != 253) failed\n", lErrors); CByteArray oData3 = oReader.ReadFile(csPath, 100, 400); if (oData3.Size() != 400 || memcmp(oFullData.GetBytes() + 100, oData3.GetBytes(), 400) != 0) ERR_LOG("ERR: CReader::ReadFile(offs=100, len = 400) failed\n", lErrors); } catch(const CMWException &e) { ERR_LOG("ERR: CReader::ReadFile() threw an MWException\n", lErrors); printf(" MWException code: 0x%0x\n", (unsigned)e.GetError()); } catch (...) { ERR_LOG("ERR: CReader::ReadFile() threw an MWException\n", lErrors); } return lErrors; }
static long TestPteidCtrl(CReader & oReader, unsigned char ucVersion) { long lErrors = 0; printf("\nTesting Ctrl()\n"); // CTRL_PTEID_GETCARDDATA CByteArray oCardInfo = oReader.GetInfo(); CByteArray oUnsignedCardData = oReader.Ctrl(CTRL_PTEID_GETCARDDATA, CByteArray()); if (!oCardInfo.Equals(oUnsignedCardData)) ERR_LOG("ERR: Ctrl(CTRL_PTEID_GETCARDDATA) != GetInfo()\n", lErrors); // CTRL_PTEID_GETSIGNEDCARDDATA if (ucVersion >= 0x20) { CByteArray oSignedCardData = oReader.Ctrl(CTRL_PTEID_GETSIGNEDCARDDATA, CByteArray()); if (oSignedCardData.Size() != oUnsignedCardData.Size() + 128) ERR_LOG("ERR: signed and unsigned card data should differ in size by 128 bytes\n", lErrors); oSignedCardData.Chop(128); if (!oUnsignedCardData.Equals(oSignedCardData)) ERR_LOG("ERR: start of unsigned card data should be the same as for unsigned card data\n", lErrors); } // CTRL_PTEID_GETSIGNEDPINSTATUS if (ucVersion >= 0x20) { tPin pin = oReader.GetPin(0); CByteArray oData(1); oData.Append((unsigned char) pin.ulPinRef); CByteArray oSignedPinStatus = oReader.Ctrl(CTRL_PTEID_GETSIGNEDPINSTATUS, oData); if (oSignedPinStatus.Size() != 129) ERR_LOG("ERR: signed pin status response should be (1 + 128) bytes\n", lErrors); else if (oSignedPinStatus.GetByte(0) != oReader.PinStatus(pin)) ERR_LOG("ERR: signed pin status differs from unsigned PIN status\n", lErrors); } // CTRL_PTEID_INTERNAL_AUTH CByteArray oData(21); // Key ref (1 byte) + challenge(20 bytes) oData.Append(0x81); for (int i = 0; i < 20; i++) oData.Append((unsigned char) rand()); CByteArray oResp1 = oReader.Ctrl(CTRL_PTEID_INTERNAL_AUTH, oData); if (oResp1.Size() != 128) ERR_LOG("ERR: Internal Auth. didn't return 128 bytes\n", lErrors); CByteArray oResp2 = oReader.Ctrl(CTRL_PTEID_INTERNAL_AUTH, oData); if (!oResp1.Equals(oResp2)) ERR_LOG("ERR: Internal Auth. on the same data returns a different result\n", lErrors); oData.SetByte(oData.GetByte(5) + 0x01, 5); CByteArray oResp3 = oReader.Ctrl(CTRL_PTEID_INTERNAL_AUTH, oData); if (oResp1.Equals(oResp3)) ERR_LOG("ERR: Internal Auth. on the different data returns the same result\n", lErrors); return lErrors; }
static long TestSignaturesWithKey(CReader & oReader, tPrivKey & key, bool bFullTest) { // Note tested for now: SIGN_ALGO_RSA_RAW unsigned long tulSignAlgos[] = {SIGN_ALGO_SHA1_RSA_PKCS, SIGN_ALGO_MD5_RSA_PKCS, #if (OPENSSL_VERSION_NUMBER > 0x009070ffL) SIGN_ALGO_SHA256_RSA_PKCS, SIGN_ALGO_SHA384_RSA_PKCS, SIGN_ALGO_SHA512_RSA_PKCS, SIGN_ALGO_RIPEMD160_RSA_PKCS, #endif SIGN_ALGO_SHA1_RSA_PSS, SIGN_ALGO_RSA_PKCS}; long lErrors = 0; CByteArray oCertData; tCert cert = oReader.GetCertByID(key.ulID); if (cert.bValid) oCertData = oReader.ReadFile(cert.csPath); else printf(" warning: no cert found for key \"%s\", can't verify the signatures!\n", key.csLabel.c_str() ); unsigned long ulSupportedAlgos = oReader.GetSupportedAlgorithms(); std::string csAlgos; int iAlgoCount = 0; // For each of the supported algos for (int i = 0; i < sizeof(tulSignAlgos) / sizeof(unsigned long); i++) { if (tulSignAlgos[i] & ulSupportedAlgos) { lErrors += SignVerify(oReader, key, oCertData, tulSignAlgos[i]); csAlgos += std::string(SignAlgo2String(tulSignAlgos[i])); iAlgoCount++; if (!bFullTest) break; } } if (iAlgoCount != 0) { printf(" used %d algo(s): %s\n", iAlgoCount, csAlgos.c_str()); if (key.ulUserConsent != 0) printf(" (not all algos were used because each signature requires a PIN entry for this key)\n"); } else printf(" ERR/warning: no signature algorithms are supported!\n"); return lErrors; }
static long TestPteid(CReader & oReader, const std::string & csPin) { long lErrors = 0; CByteArray oCardData = oReader.GetInfo(); unsigned char ucVersion = oCardData.GetByte(21); printf("Card: Belgian eID V%d.%d\n", ucVersion / 16, ucVersion % 16); lErrors += TestPteidSendApdu(oReader); lErrors += TestPteidCtrl(oReader, ucVersion); lErrors += TestCache(oReader, "3F00DF014035"); lErrors += TestReadShortFile(oReader, "3F002F00"); lErrors += TestReadLongFile(oReader, "3F00DF005038"); std::vector <CByteArray> vAIDs; vAIDs.push_back(CByteArray("A000000177504B43532D3135", true)); if (ucVersion >= 0x20) vAIDs.push_back(CByteArray("A000000177496446696C6573", true)); lErrors += TestSelectApplication(oReader, vAIDs); lErrors += TestRandom(oReader); lErrors += TestPteidP15(oReader, ucVersion); lErrors += TestPteidPinStatus(oReader, ucVersion); lErrors += TestSignatures(oReader, csPin); return lErrors; }
BOOL WINAPI eidmwGenRandom( IN HCRYPTPROV hProv, //!< Handle to provider previously obtained through a call to CPAcquireContext IN DWORD cbLen, //!< Number of bytes of random data requested OUT LPBYTE pbBuffer) //!< Buffer to store the random data { BOOL bReturnVal = FALSE; DWORD dwLastError = 0; __CSP_TRY__ MWLOG(LEV_INFO, MOD_CSP, L"CPGenRandom(hProv = %d) called", hProv); MWLOG(LEV_INFO, MOD_CSP, L" - IN: cbLen = %d", cbLen); CProviderContext *poProvCtx = g_oProviderContextPool.GetProviderContext(hProv); std::string csContainerName = poProvCtx->GetContainerName(); if (csContainerName == "") { dwLastError = NTE_NO_KEY; } else { CAutoMutex oAutoMutex(&g_oCalMutex); CReader *poReader = FindCard(poProvCtx); if (poReader == NULL) { dwLastError = NTE_FAIL; } else { CByteArray oRandom = poReader->GetRandom(cbLen); memcpy(pbBuffer, oRandom.GetBytes(), oRandom.Size()); bReturnVal = TRUE; } } __STORE_LASTERROR__ MWLOG(LEV_INFO, MOD_CSP, L" Returning CPGenRandom(hProv = %d) with code 0x%0x", hProv, bReturnVal ? 0 : dwLastError); __CSP_CATCH_SETLASTERROR__ return (bReturnVal); }
static long VerifyPIN(CReader &oReader, unsigned long ulAuthID) { long lRet = 0; // If no PIN specified, do nothing if (g_csPin != "") { if (g_ulPinIdx >= oReader.PinCount()) { printf("ERR: PIN index (%d) too big\n", g_ulPinIdx); lRet = -4; } else { tPin pin = oReader.GetPin(g_ulPinIdx); if (ulAuthID != 0) { tPin pin2 = oReader.GetPinByID(ulAuthID); if (memcmp(&pin, &pin2, sizeof(tPin)) != 0) { printf("ERR, PIN corresponding to AuthID (%0x) differs from the\n", ulAuthID); printf(" specified PIN (ID = %0x), exiting\n", pin.ulID); lRet = -3; } } if (lRet == 0) { unsigned long ulRemaining; if (!oReader.PinCmd(PIN_OP_VERIFY, pin, g_csPin, "", ulRemaining)) { printf("ERR: wrong PIN specified on the command line, %d remaining tries\n", ulRemaining); lRet = -2; } else printf("\nPIN verification succeeded\n"); } } } return lRet; }
void CStringTableReader::ReadFromMemory( CReader &Reader, const uint8* pData, uint32 dataSize, const SFileHeader::SStringTable &headerInfo, uint32 &outReadLoc ) { assert( m_stringAddrs.empty()); m_stringAddrs.resize( headerInfo.m_numStrings ); FlatAddr* pstringAddrsTable = &(m_stringAddrs[0]); Reader.ReadDataFromMemory( pData, dataSize, pstringAddrsTable, sizeof(FlatAddr) * headerInfo.m_numStrings, outReadLoc ); m_buffer.ReadFromMemory( Reader, pData, dataSize, headerInfo.m_sizeStringData, outReadLoc ); }
static long SignVerify(CReader & oReader, tPrivKey & key, const CByteArray & oCertData, unsigned long ulSignAlgo) { CByteArray oData(1000); for (int i = 0; i < 300; i++) oData.Append((unsigned char) rand()); long lHashAlgo = sign2hashAlgo(ulSignAlgo); if (lHashAlgo != -1) { CByteArray oSignature; CHash oHash; oHash.Init((tHashAlgo) lHashAlgo); oHash.Update(oData); if (ulSignAlgo == SIGN_ALGO_RSA_PKCS) { // To test SIGN_ALGO_RSA_PKCS, we take as input the SHA1 AID // plus the SHA1 hash of oData. This way, we can use OpenSSL's // SHA1 signature verification in VerifySignature(). const unsigned char SHA1_AID[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00,0x04, 0x14}; CByteArray oTobeSigned(SHA1_AID, sizeof(SHA1_AID)); oTobeSigned.Append(oHash.GetHash()); oSignature = oReader.Sign(key, ulSignAlgo, oTobeSigned); } else oSignature = oReader.Sign(key, ulSignAlgo, oHash); bool bVerified = VerifySignature(oData, oSignature, oCertData, ulSignAlgo); return bVerified ? 0 : 1; } else { printf(" Signature algo %s can't be tested yet\n", SignAlgo2String(ulSignAlgo)); return 0; } }
BOOL CSelectReaderDlg::OnInitDialog() { CDialog::OnInitDialog(); CReader* pReader; CString strTitle; HTREEITEM hCurrentItem; m_treeDevices.SetImageList(&m_ilDevice, TVSIL_NORMAL); m_treeDevices.SetBkColor(GetSysColor(COLOR_3DFACE)); for (POSITION pos = m_pListReader->GetHeadPosition(); pos != NULL; ) { pReader = m_pListReader->GetNext(pos); strTitle.Format(_T("%s, %s"), pReader->GetModel(), pReader->GetSerialNumber()); hCurrentItem = m_treeDevices.InsertItem(strTitle, pReader->m_nState, pReader->m_nState); m_treeDevices.SetItemData(hCurrentItem, (DWORD_PTR)pReader); } hCurrentItem = m_treeDevices.GetFirstVisibleItem(); if (hCurrentItem != NULL) m_treeDevices.SelectItem(hCurrentItem); m_treeDevices.SetFocus(); return TRUE; }
void CStringTableReader::ReadFromFile( CReader &Reader, IPlatformOS::ISaveReaderPtr pOSSaveReader, const SFileHeader::SStringTable &headerInfo ) { assert( m_stringAddrs.empty()); m_stringAddrs.resize( headerInfo.m_numStrings ); FlatAddr* pstringAddrsTable = &(m_stringAddrs[0]); Reader.ReadDataFromFile( pOSSaveReader, pstringAddrsTable, sizeof(FlatAddr) * headerInfo.m_numStrings ); for (uint32 i = 0; i < m_stringAddrs.size(); ++i) { SwapIntegerValue( m_stringAddrs[i] ); } m_buffer.ReadFromFile( Reader, pOSSaveReader, headerInfo.m_sizeStringData ); }
static long TestSignatures(CReader & oReader, const std::string & csPin) { long lErrors = 0; printf("\nTesting CReader::Sign()\n"); if (g_bVerifyFailed) { printf("PIN verification has failed, skipping signature tests\n"); return lErrors; } // For all keys unsigned long ulPrivKeys = oReader.PrivKeyCount(); for (unsigned long i = 0; i < ulPrivKeys && !g_bVerifyFailed; i++) { tPrivKey key = oReader.GetPrivKey(i); printf(" - for key \"%s\"\n", key.csLabel.c_str()); // Verify if PIN is specified and needed tPin pin = oReader.GetPinByID(key.ulAuthID); if (csPin != "" && pin.bValid && key.ulUserConsent == 0) { unsigned long ulRemaining; if (!oReader.PinCmd(PIN_OP_VERIFY, pin, csPin, "", ulRemaining)) { printf("ERR: PIN verification failed, quiting signature tests\n"); g_bVerifyFailed = true; } } if (!g_bVerifyFailed) lErrors += TestSignaturesWithKey(oReader, key, i == 0); } return lErrors; }
static long TestReadShortFile(CReader & oReader, const std::string & csPath) { long lErrors = 0; printf("\nTesting CReader::ReadFile() for short files\n"); try { CByteArray oFullData = oReader.ReadFile(csPath, 0, FULL_FILE); CByteArray oData1 = oReader.ReadFile(csPath, 2, FULL_FILE); if (oData1.Size() + 2 != oFullData.Size() || memcmp(oData1.GetBytes(), oFullData.GetBytes() + 2, oData1.Size()) != 0) { ERR_LOG("ERR: CReader::ReadFile(offset != 0) failed\n", lErrors); } CByteArray oData2 = oReader.ReadFile(csPath, 2, oFullData.Size() - 3); if (oData2.Size() + 3 != oFullData.Size() || memcmp(oData2.GetBytes(), oFullData.GetBytes() + 2, oData2.Size()) != 0) { ERR_LOG("ERR: CReader::ReadFile(length != FULL_FILE) failed\n", lErrors); } CByteArray oData3 = oReader.ReadFile(csPath, 0, oFullData.Size() + 1); if (!oData3.Equals(oFullData)) ERR_LOG("ERR: CReader::ReadFile(length = too long) returned a wrong data\n", lErrors); bool bExceptionCaught = false; try { CByteArray oData4 = oReader.ReadFile(csPath, oFullData.Size() + 1, 1); } catch(CMWException & e) { bExceptionCaught = true; if ( (unsigned) e.GetError() != EIDMW_ERR_PARAM_RANGE) ERR_LOG("ERR: CReader::ReadFile(offset = too long) has thrown the wrong exception\n", lErrors); } if (!bExceptionCaught) ERR_LOG("ERR: CReader::ReadFile(offset = too long) didn't throw an exception\n", lErrors); CByteArray oData5 = oReader.ReadFile(csPath, 0, oFullData.Size()); if (!oData5.Equals(oFullData)) ERR_LOG("ERR: CReader::ReadFile(length = file size) failed\n", lErrors); } catch(const CMWException &e) { ERR_LOG("ERR: CReader::ReadFile() threw an MWException\n", lErrors); printf(" MWException code: 0x%0x\n", (unsigned) e.GetError()); } catch (...) { ERR_LOG("ERR: CReader::ReadFile() threw an Exception\n", lErrors); } return lErrors; }
static long TestRandom(CReader & oReader) { long lErrors = 0; printf("\nTesting CReader::GetRandom()\n"); try { for (unsigned long i = 0; i < 4; i++) CByteArray oData4 = oReader.GetRandom(5 * i); } catch(CMWException & e) { ERR_LOG("ERR: CReader::GetRandom() returned an exception\n", lErrors); e; } for (unsigned long i = 6; i < 10; i++) { if (oReader.GetRandom(i).Equals(oReader.GetRandom(i))) ERR_LOG("ERR: CReader::GetRandom() returned twice the same value\n", lErrors); } return lErrors; }
static long TestSelectApplication(CReader & oReader, const std::vector <CByteArray> & vAIDs) { long lErrors = 0; printf("\nTesting CReader::SelectApplication()\n"); for (size_t i = 0; i < vAIDs.size(); i++) { try { oReader.SelectApplication(vAIDs[i]); } catch(const CMWException & e) { ERR_LOG("ERR: CReader::SelectApplication() failed\n", lErrors); printf(" AID = %s, err = 0x%0x\n", vAIDs[i].ToString().c_str(), (unsigned) e.GetError()); } } return lErrors; }
static CByteArray HashAndSign(CReader & oReader, const tPrivKey & key, unsigned long signAlgo, const CByteArray & oData) { tHashAlgo hashAlgo; if (signAlgo == SIGN_ALGO_MD5_RSA_PKCS) hashAlgo = ALGO_MD5; else if (signAlgo == SIGN_ALGO_SHA1_RSA_PKCS) hashAlgo = ALGO_SHA1; else if (signAlgo == SIGN_ALGO_SHA256_RSA_PKCS) hashAlgo = ALGO_SHA256; else { printf("Unsupport signature algorithm %d, can't sign\n", signAlgo); return CByteArray(); } CHash oHash; oHash.Init(hashAlgo); oHash.Update(oData); return oReader.Sign(key, signAlgo, oHash); }
/** * csPath should be the path to a big file that can be cached * Best do this test first, because anything is cached. */ static long TestCache(CReader & oReader, const std::string & csPath) { long lErrors = 0; printf("\nTesting caching functionality (using file %s)\n", csPath.c_str()); CByteArray oMaybeFromDisk = oReader.ReadFile(csPath); bool bDeleted = g_oCardLayer.DeleteFromCache(oReader.GetSerialNr()); if (!bDeleted) { ERR_LOG("ERR: CCardLayer::DeleteFromCache() seems to fail\n", lErrors); printf(" (File %s should have been cached, but isn't deleted)\n", csPath.c_str()); } CByteArray oFromCard = oReader.ReadFile(csPath); //diffFromCard = fromCard2 - fromCard1; CByteArray oFromMem = oReader.ReadFile(csPath); //diffFromMem = fromMem2 - fromMem1; /* if (2 * diffFromMem > diffFromCard) { printf("WARNING: reading %d bytes from the card (%d msec) isn't much\n", oFromCard.Size(), diffFromCard); printf(" faster then reading it from cach (%d msec)\n", diffFromMem); } */ if (!oFromCard.Equals(oFromMem)) ERR_LOG("ERR: cached file contents (from memory) differ from those on the card\n", lErrors); else if (!oFromCard.Equals(oMaybeFromDisk)) ERR_LOG("ERR: cached file contents (from disk) differ from those on the card\n", lErrors); oFromCard = oReader.ReadFile(csPath, 10, 20); oFromMem = oReader.ReadFile(csPath, 10, 20); if (!oFromCard.Equals(oFromMem)) ERR_LOG("ERR: reading part of the cached contents fails\n", lErrors); return lErrors; }
BOOL WINAPI eidmwSignHash( IN HCRYPTPROV hProv, //!< Handle to provider previously obtained through a call to CPAcquireContext IN HCRYPTHASH hHash, //!< Handle to the hash object to be signed IN DWORD dwKeySpec, //!< Key specifier of the key with which to sign IN LPCWSTR szDescription, //!< Discription of the signature (this parameter should no longer be used) IN DWORD dwFlags, //!<Currently no flags defined, should be 0 OUT LPBYTE pbSignature, //!< Pointer to an output buffer that will contain the resulting signature IN OUT LPDWORD pcbSigLen) //!< Length of the resulting signature { BOOL bReturnVal = FALSE; DWORD dwLastError = 0; __CSP_TRY__ MWLOG(LEV_INFO, MOD_CSP, L"CPSignHash(hProv = %d) called", hProv); MWLOG(LEV_INFO, MOD_CSP, L" - IN: hHash = %d", hHash); MWLOG(LEV_INFO, MOD_CSP, L" - IN: dwKeySpec = %d", dwKeySpec); MWLOG(LEV_INFO, MOD_CSP, L" - IN: pbSignature = %p", pbSignature); CProviderContext *poProvCtx = g_oProviderContextPool.GetProviderContext(hProv); CProviderHash *poProvHash = poProvCtx->GetHash(hHash, false); std::string csContainerName = poProvCtx->GetContainerName(); if (csContainerName == "") { dwLastError = NTE_NO_KEY; } else if (poProvHash == NULL) { dwLastError = NTE_BAD_HASH; } else { CAutoMutex oAutoMutex(&g_oCalMutex); CReader *poReader = FindCard(poProvCtx); if (poReader == NULL) { dwLastError = NTE_NO_KEY; } else { tPrivKey privKey = FindKey(poReader, csContainerName); if (pbSignature == NULL) { *pcbSigLen = privKey.ulKeyLenBytes; if (*pcbSigLen == 0) *pcbSigLen = 128; // Default, just in case bReturnVal = TRUE; } else { unsigned long ulSignAlgo = GetSignAlgo(poProvHash->GetAlgid()); CByteArray oSignature; // If the hash has already been calculated (or given via CPSetHashParam()) // then we present this value. Otherwise we present the hash object itself CByteArray & oHashValue = poProvHash->GetHashValue(); if (oHashValue.Size() == 0) oSignature = poReader->Sign(privKey, ulSignAlgo, poProvHash->GetHashObject()); else oSignature = poReader->Sign(privKey, ulSignAlgo, oHashValue); bReturnVal = FillProvParam(pbSignature, pcbSigLen, oSignature.GetBytes(), oSignature.Size()); if (bReturnVal) ReverseByteOrder(pbSignature, *pcbSigLen); } } } __STORE_LASTERROR__ MWLOG(LEV_INFO, MOD_CSP, L" Returning CPSignHash(hProv = %d) with code 0x%0x", hProv, bReturnVal ? 0 : dwLastError); if (bReturnVal) MWLOG(LEV_INFO, MOD_CSP, L" - OUT: *pcbSigLen = %d", *pcbSigLen); __CSP_CATCH_SETLASTERROR__ return (bReturnVal); }
/** * Find the reader containing the card that corresponds to the serial number in * the container name. * If the card couldn't be found then ask for it (at least, if a reader is present) * If a reader has been found previously, then check if the card is still present; * otherwise look for the card again. */ static CReader * FindCard(CProviderContext *poProvCtx) { std::string csSerialNr = poProvCtx->GetSerialNr(); if (csSerialNr == "") return NULL; // Get the Reader that (perhaps) we used earlier CReader *poReader = poProvCtx->GetReader(); if (poReader == NULL) { MWLOG(LEV_INFO, MOD_CSP, L" Searching for the card with serial number \"%ls\"", utilStringWiden(csSerialNr).c_str()); try_again: // Loop over all readers present, look for a card with this serial nr CReadersInfo oReadersInfo = g_oCardLayer.ListReaders(); CReader *poTmpReader = NULL; for (unsigned long i = 0; i < oReadersInfo.ReaderCount(); i++) { try { poTmpReader = &g_oCardLayer.getReader(oReadersInfo.ReaderName(i)); /*We gave up on depending on the correct card serial number to be present in the param */ if (poTmpReader->Connect()) { poReader = poTmpReader; break; } } catch(CMWException &e) { MWLOG(LEV_ERROR, MOD_CSP, L"CReader::Connect(%d) return error code 0x%0x\n", i, e.GetError()); } } // If the card couldn't be found, ask the user for it if (poReader == NULL && oReadersInfo.ReaderCount() != 0) { DlgRet ret = DlgDisplayModal(DLG_ICON_INFO, DLG_MESSAGE_ENTER_CORRECT_CARD, L"", DLG_BUTTON_OK | DLG_BUTTON_CANCEL,DLG_BUTTON_OK, DLG_BUTTON_CANCEL); if (ret == DLG_OK) goto try_again; else if (ret != DLG_CANCEL) MWLOG(LEV_ERROR, MOD_CSP, L"CSP dialog returned error code %d\n", ret); } // Log if (poReader == NULL) { MWLOG(LEV_INFO, MOD_CSP, L" The card couldn't be found in the %d reader(s) present", oReadersInfo.ReaderCount()); } else { MWLOG(LEV_INFO, MOD_CSP, L" The card was found in reader \"%ls\"", utilStringWiden(poReader->GetReaderName()).c_str()); } } else { // If we already found the reader, check if the same // card is still inserted poReader->Status(true); if (poReader->GetSerialNr() != csSerialNr) { MWLOG(LEV_INFO, MOD_CSP, L" Card no longer present in reader \"%ls\"", utilStringWiden(poReader->GetReaderName()).c_str()); poProvCtx->SetReader(NULL); poReader = FindCard(poProvCtx); } } // Keep this Reader for the next time this function is called poProvCtx->SetReader(poReader); return poReader; }
int main(int argc, char **argv) { CReader *r; int idx; char *devName; const char *fname1; const char *fname2; const char *fname3; uint8_t buffer1[64*1024]; uint8_t buffer2[64*1024]; uint8_t buffer3[64*1024]; int len1; int len2; int len3; int rv; uint32_t result; cj_ModuleInfo ModuleInfo; uint32_t EstimatedUpdateTime; if (argc<5) { fprintf(stderr, "Usage:\n %s READERNR IMAGEFILE SIGNATUREFILE KEYFILE\n", argv[0]); return 1; } idx=atoi(argv[1]); fname1=argv[2]; fname2=argv[3]; fname3=argv[4]; fprintf(stderr, "Reading image file\n"); len1=readFile(fname1, buffer1); if (len1<1) { fprintf(stderr, "Error reading file \"%s\"\n", fname1); return 2; } fprintf(stderr, "Reading signature file\n"); len2=readFile(fname2, buffer2); if (len2<1) { fprintf(stderr, "Error reading file \"%s\"\n", fname2); return 2; } fprintf(stderr, "Reading key file\n"); len3=readFile(fname3, buffer3); if (len3<1) { fprintf(stderr, "Error reading file \"%s\"\n", fname3); return 2; } fprintf(stderr, "Opening reader\n"); devName=CUSBUnix::createDeviceName(idx); if (devName==NULL) { fprintf(stderr, "Device %d not found\n", idx); return 2; } if (getenv("CJFLASH_DEBUG")) Debug.setLevelMask(0xffffffff); r=new CReader(devName); rv=r->Connect(); if (rv!=CJ_SUCCESS) { fprintf(stderr, "Could not connect to reader (%d)\n", rv); return 2; } fprintf(stderr, "Updating the keys\n"); rv=r->CtKeyUpdate(buffer3, len3,&result); if (rv!=CJ_SUCCESS) { fprintf(stderr, "Unable to update the keys (%d / %d)\n", rv,result); return 2; } ModuleInfo.SizeOfStruct=sizeof(ModuleInfo); rv=r->CtGetModuleInfoFromFile(buffer1, len1, &ModuleInfo, &EstimatedUpdateTime); if (rv!=CJ_SUCCESS) { fprintf(stderr, "Unable to get module info (%d)\n", rv); return 2; } if(ModuleInfo.ID==MODULE_ID_KERNEL){ /* for kernel updates we need the entire flash */ fprintf(stderr, "Updating the kernel module requires there is no " "other module on the reader.\n" "(please look at the display of " "the reader and press \"OK\")\n"); rv=r->CtDeleteALLModules(&result); if (rv!=CJ_SUCCESS) { fprintf(stderr, "Unable to flash reader (%d / %d)\n", rv,result); return 2; } } fprintf(stderr, "Flashing image (please look at the " "display of the reader and press \"OK\")\n"); rv=r->CtLoadModule(buffer1, len1, buffer2, len2, &result); if (rv!=CJ_SUCCESS) { fprintf(stderr, "Unable to flash reader (%d / %d)\n", rv,result); return 2; } fprintf(stderr, "Now the reader authentication is running.\n" "Please look at the reader for checking all " "versions and variants off the active modules\n"); rv=r->CtShowAuth(); if (rv!=CJ_SUCCESS) { fprintf(stderr, "Unable to show reader authentication (%d)\n", rv); return 2; } fprintf(stderr, "==========================================\n" "Reader sucessfully flashed!\n" "\n" "You might need to unplug and replug the reader.\n" "==========================================\n"); r->Disonnect(); delete r; free(devName); return 0; }
BOOL CPlayer::WavIsValidFile(LPCTSTR pszFile) { CReader reader; DWORD dwBuf = 0, dwRead = 0; WAVEFORMATEX *pwfxSrc, wfxDst; pwfxSrc = NULL; if (!reader.Open(pszFile)) return FALSE; // "RIFF" if (!reader.Read((LPBYTE)&dwBuf, sizeof(dwBuf), &dwRead) || dwBuf != MAKEFOURCC('R', 'I', 'F', 'F')) goto error; // "WAVE" reader.SetPointer(4, FILE_CURRENT); if (!reader.Read((LPBYTE)&dwBuf, sizeof(dwBuf), &dwRead) || dwBuf != MAKEFOURCC('W', 'A', 'V', 'E')) goto error; // "fmt " while (TRUE) { if (!reader.Read((LPBYTE)&dwBuf, sizeof(dwBuf), &dwRead)) goto error; if (dwBuf = MAKEFOURCC('f', 'm', 't', ' ')) break; if (!reader.Read((LPBYTE)&dwBuf, sizeof(dwBuf), &dwRead)) goto error; if (reader.SetPointer(dwBuf, FILE_CURRENT) == MAXLONGLONG) goto error; } if (!reader.Read((LPBYTE)&dwBuf, sizeof(dwBuf), &dwRead)) goto error; pwfxSrc = (WAVEFORMATEX*)new BYTE[dwBuf]; if (!reader.Read((LPBYTE)pwfxSrc, dwBuf, &dwRead)) goto error; #if 1 memset(&wfxDst, 0, sizeof(wfxDst)); wfxDst.wFormatTag = WAVE_FORMAT_PCM; if (acmFormatSuggest(NULL, pwfxSrc, &wfxDst, sizeof(WAVEFORMATEX), ACM_FORMATSUGGESTF_WFORMATTAG) != 0) goto error; #endif delete pwfxSrc; reader.Close(); return TRUE; error: if (pwfxSrc) delete pwfxSrc; reader.Close(); return FALSE; }
static long TestPteidP15(CReader & oReader, unsigned char ucVersion) { long lErrors = 0; printf("\nTesting PKCS15 functions\n"); unsigned long ulPinCount = ucVersion < 0x20 ? 1 : 2; if (oReader.PinCount() != ulPinCount) { ERR_LOG("ERR: CReader::PinCount() didn't return a wrong value\n", lErrors); } else { if (ucVersion < 0x20) { const tPin PinPteidV1 = {true, "Basic PIN",3,0,0,1,48,NO_ID, 4, 8, 12, 1, 0xFF,PIN_ENC_GP,"","3F00"}; if (!ComparePins(oReader.GetPin(0), PinPteidV1)) ERR_LOG("ERR: CReader::GetPin(0) returned incorrect PIN info\n", lErrors); if (!ComparePins(oReader.GetPinByID(1), PinPteidV1)) ERR_LOG("ERR: CReader::GetPinByID(1) returned incorrect PIN info\n", lErrors); } else { const tPin pinPteidAuthV2 = {true, "Authentication",0x3,0,0,1,0x30,0, 4, 8, 12, 0x85, 0xFF,PIN_ENC_GP,"","3F00DF00"}; const tPin pinPteidSignV2 = {true, "Signature", 0x3,0,0,2,0x30,0, 4, 8, 12, 0x86, 0xFF,PIN_ENC_GP,"","3F00DF00"}; if (!ComparePins(oReader.GetPin(0), pinPteidAuthV2)) ERR_LOG("ERR: CReader::GetPin(0) returned incorrect PIN info\n", lErrors); if (!ComparePins(oReader.GetPin(1), pinPteidSignV2)) ERR_LOG("ERR: CReader::GetPin(1) returned incorrect PIN info\n", lErrors); if (!ComparePins(oReader.GetPinByID(1), pinPteidAuthV2)) ERR_LOG("ERR: CReader::GetPinByID(1) returned incorrect PIN info\n", lErrors); if (!ComparePins(oReader.GetPinByID(2), pinPteidSignV2)) ERR_LOG("ERR: CReader::GetPinByID(2) returned incorrect PIN info\n", lErrors); } } if (oReader.PrivKeyCount() != 2) { ERR_LOG("ERR: CReader::PrivKeyCount() didn't return 2\n", lErrors); } else { if (ucVersion < 0x20) { const tPrivKey KeyAuthPteidV1 = {true, "Authentication", 0x3,1,0,2,4,0x1D,0x82,"3F00DF00", 128,true}; const tPrivKey KeySignPteidV1 = {true, "Signature", 0x3,1,1,3,0x200,0x1D,0x83,"3F00DF00", 128,true}; if (!ComparePrivKeys(oReader.GetPrivKey(0), KeyAuthPteidV1)) ERR_LOG("ERR: CReader::GetPrivKey(0) returned incorrect key info\n", lErrors); if (!ComparePrivKeys(oReader.GetPrivKey(1), KeySignPteidV1)) ERR_LOG("ERR: CReader::GetPrivKey(1) returned incorrect key info\n", lErrors); if (!ComparePrivKeys(oReader.GetPrivKeyByID(2), KeyAuthPteidV1)) ERR_LOG("ERR: CReader::GetPrivKeyByID(2) returned incorrect key info\n", lErrors); if (!ComparePrivKeys(oReader.GetPrivKeyByID(3), KeySignPteidV1)) ERR_LOG("ERR: CReader::GetPrivKeyByID(3) returned incorrect key info\n", lErrors); } else { const tPrivKey KeyAuthPteidV2 = {true, "Authentication", 0x3,1,0,2,4,0x1D,0x8A,"3F00DF00", 128,true}; const tPrivKey KeySignPteidV2 = {true, "Signature", 0x3,2,1,3,0x200,0x1D,0x89,"3F00DF00", 128,true}; if (!ComparePrivKeys(oReader.GetPrivKey(0), KeyAuthPteidV2)) ERR_LOG("ERR: CReader::GetPrivKey(0) returned incorrect key info\n", lErrors); if (!ComparePrivKeys(oReader.GetPrivKey(1), KeySignPteidV2)) ERR_LOG("ERR: CReader::GetPrivKey(1) returned incorrect key info\n", lErrors); if (!ComparePrivKeys(oReader.GetPrivKeyByID(2), KeyAuthPteidV2)) ERR_LOG("ERR: CReader::GetPrivKeyByID(2) returned incorrect key info\n", lErrors); if (!ComparePrivKeys(oReader.GetPrivKeyByID(3), KeySignPteidV2)) ERR_LOG("ERR: CReader::GetPrivKeyByID(3) returned incorrect key info\n", lErrors); } } if (oReader.CertCount() != 4) { ERR_LOG("ERR: CReader::CertCount() didn't return 4\n", lErrors); } else { const tCert CertAuthPteid = {true,"Authentication",3,1,0,2,false,false,"3F00DF005038"}; const tCert CertSignPteid = {true,"Signature",3,1,0,3,false,false,"3F00DF005039"}; const tCert CertCaPteid = {true,"CA",3,1,0,4,true,false,"3F00DF00503A"}; const tCert CertRootPteid = {true,"Root",3,1,0,6,true,false,"3F00DF00503B"}; if (!CompareCerts(oReader.GetCert(0), CertAuthPteid)) ERR_LOG("ERR: CReader::GetCert(0) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCert(1), CertSignPteid)) ERR_LOG("ERR: CReader::GetCert(1) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCert(2), CertCaPteid)) ERR_LOG("ERR: CReader::GetCert(2) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCert(3), CertRootPteid)) ERR_LOG("ERR: CReader::GetCert(3) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCertByID(2), CertAuthPteid)) ERR_LOG("ERR: CReader::GetCertByID(2) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCertByID(3), CertSignPteid)) ERR_LOG("ERR: CReader::GetCertByID(3) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCertByID(4), CertCaPteid)) ERR_LOG("ERR: CReader::GetCertByID(4) returned incorrect cert info\n", lErrors); if (!CompareCerts(oReader.GetCertByID(6), CertRootPteid)) ERR_LOG("ERR: CReader::GetCertByID(6) returned incorrect cert info\n", lErrors); } return lErrors; }