2 * usb-icc.c -- USB CCID protocol handling
4 * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016
5 * Free Software Initiative of Japan
6 * Author: NIIBE Yutaka <gniibe@fsij.org>
8 * This file is a part of Gnuk, a GnuPG USB Token implementation.
10 * Gnuk is free software: you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by
12 * the Free Software Foundation, either version 3 of the License, or
13 * (at your option) any later version.
15 * Gnuk is distributed in the hope that it will be useful, but WITHOUT
16 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
18 * License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include <eventflag.h>
42 * USB buffer size of USB-CCID driver
44 #if MAX_RES_APDU_DATA_SIZE > MAX_CMD_APDU_DATA_SIZE
45 #define USB_BUF_SIZE (MAX_RES_APDU_DATA_SIZE+5)
47 #define USB_BUF_SIZE (MAX_CMD_APDU_DATA_SIZE+5)
53 * There are three layers in USB CCID implementation
55 * +-------------------+
56 * | Application Layer |
57 * +-------------------+
60 * +-------------------+
62 * +-------------------+
63 * ^ CCID PC_to_RDR | CCID RDR_to_PC
65 * +-------------------+
67 * +-------------------+
69 * | Bulk-OUT Packet v Bulk-IN Packet
74 * USB layer data structures
80 void (*notify) (struct ep_in *epi);
85 void (*next_buf) (struct ep_in *epi, size_t len);
88 static void epi_init (struct ep_in *epi, int ep_num,
89 void (*notify) (struct ep_in *epi), void *priv)
104 void (*notify) (struct ep_out *epo);
109 void (*next_buf) (struct ep_out *epo, size_t len);
110 int (*end_rx) (struct ep_out *epo, size_t orig_len);
113 static struct ep_out endpoint_out;
114 static struct ep_in endpoint_in;
116 static void epo_init (struct ep_out *epo, int ep_num,
117 void (*notify) (struct ep_out *epo), void *priv)
119 epo->ep_num = ep_num;
121 epo->notify = notify;
126 epo->next_buf = NULL;
135 * Buffer of USB communication: for both of RX and TX
137 * The buffer will be filled by multiple RX packets (Bulk-OUT)
138 * or will be used for multiple TX packets (Bulk-IN)
140 static uint8_t icc_buffer[USB_BUF_SIZE];
142 #define ICC_SET_PARAMS 0x61 /* non-ICCD command */
143 #define ICC_POWER_ON 0x62
144 #define ICC_POWER_OFF 0x63
145 #define ICC_SLOT_STATUS 0x65 /* non-ICCD command */
146 #define ICC_SECURE 0x69 /* non-ICCD command */
147 #define ICC_GET_PARAMS 0x6C /* non-ICCD command */
148 #define ICC_RESET_PARAMS 0x6D /* non-ICCD command */
149 #define ICC_XFR_BLOCK 0x6F
150 #define ICC_DATA_BLOCK_RET 0x80
151 #define ICC_SLOT_STATUS_RET 0x81 /* non-ICCD result */
152 #define ICC_PARAMS_RET 0x82 /* non-ICCD result */
154 #define ICC_MSG_SEQ_OFFSET 6
155 #define ICC_MSG_STATUS_OFFSET 7
156 #define ICC_MSG_ERROR_OFFSET 8
157 #define ICC_MSG_CHAIN_OFFSET 9
158 #define ICC_MSG_DATA_OFFSET 10 /* == ICC_MSG_HEADER_SIZE */
159 #define ICC_MAX_MSG_DATA_SIZE USB_BUF_SIZE
161 #define ICC_STATUS_RUN 0x00
162 #define ICC_STATUS_PRESENT 0x01
163 #define ICC_STATUS_NOTPRESENT 0x02
164 #define ICC_CMD_STATUS_OK 0x00
165 #define ICC_CMD_STATUS_ERROR 0x40
166 #define ICC_CMD_STATUS_TIMEEXT 0x80
168 #define ICC_ERROR_XFR_OVERRUN 0xFC
171 * Since command-byte is at offset 0,
172 * error with offset 0 means "command not supported".
174 #define ICC_OFFSET_CMD_NOT_SUPPORTED 0
175 #define ICC_OFFSET_DATA_LEN 1
176 #define ICC_OFFSET_PARAM 8
185 } __attribute__((packed));
188 /* Data structure handled by CCID layer */
190 enum icc_state icc_state;
197 struct icc_header icc_header;
200 uint8_t chained_cls_ins_p1_p2[4];
206 /* from both layers */
207 struct eventflag ccid_comm;
210 struct eventflag openpgp_comm;
211 chopstx_t application;
216 * APDU_STATE_WAIT_COMMAND +---------+
219 * | APDU_STATE_COMMAND_CHAINING --+
222 * APDU_STATE_COMMAND_RECEIVED
225 * ===================
226 * | Process COMMAND |
227 * ===================
230 * +-----+----------+ +---------+
233 * APDU_STATE_RESULT <---- APDU_STATE_RESULT_GET_RESPONSE --+
237 * APDU_STATE_WAIT_COMMAND
240 #define APDU_STATE_WAIT_COMMAND 0
241 #define APDU_STATE_COMMAND_CHAINING 1
242 #define APDU_STATE_COMMAND_RECEIVED 2
243 #define APDU_STATE_RESULT 3
244 #define APDU_STATE_RESULT_GET_RESPONSE 4
246 static void ccid_reset (struct ccid *c)
249 c->state = APDU_STATE_WAIT_COMMAND;
250 c->p = c->a->cmd_apdu_data;
251 c->len = MAX_CMD_APDU_DATA_SIZE;
252 c->a->cmd_apdu_data_len = 0;
253 c->a->expected_res_size = 0;
256 static void ccid_init (struct ccid *c, struct ep_in *epi, struct ep_out *epo,
259 icc_state_p = &c->icc_state;
261 c->icc_state = ICC_STATE_NOCARD;
262 c->state = APDU_STATE_WAIT_COMMAND;
263 c->p = a->cmd_apdu_data;
264 c->len = MAX_CMD_APDU_DATA_SIZE;
266 memset (&c->icc_header, 0, sizeof (struct icc_header));
269 eventflag_init (&c->ccid_comm);
271 eventflag_init (&c->openpgp_comm);
282 * USB-CCID communication could be considered "half duplex".
284 * While the device is sending something, there is no possibility for
285 * the device to receive anything.
287 * While the device is receiving something, there is no possibility
288 * for the device to send anything.
290 * Thus, the buffer can be shared for RX and TX.
292 * Exception: When we support ABORT of CCID, it is possible to receive
293 * ABORT Class Specific Request to control pipe while we are
294 * receiving/sending something at OUT/IN endpoint.
298 #define CMD_APDU_HEAD_SIZE 5
300 static void apdu_init (struct apdu *a)
302 a->seq = 0; /* will be set by lower layer */
303 a->cmd_apdu_head = &icc_buffer[0];
304 a->cmd_apdu_data = &icc_buffer[5];
305 a->cmd_apdu_data_len = 0; /* will be set by lower layer */
306 a->expected_res_size = 0; /* will be set by lower layer */
308 a->sw = 0x9000; /* will be set by upper layer */
309 a->res_apdu_data = &icc_buffer[5]; /* will be set by upper layer */
310 a->res_apdu_data_len = 0; /* will be set by upper layer */
314 static void notify_tx (struct ep_in *epi)
316 struct ccid *c = (struct ccid *)epi->priv;
318 /* The sequence of Bulk-IN transactions finished */
319 eventflag_signal (&c->ccid_comm, EV_TX_FINISHED);
322 static void no_buf (struct ep_in *epi, size_t len)
330 static void set_sw1sw2 (struct ccid *c, size_t chunk_len)
332 if (c->a->expected_res_size >= c->len)
340 if (c->len - chunk_len >= 256)
343 c->sw1sw2[1] = (uint8_t)(c->len - chunk_len);
347 static void get_sw1sw2 (struct ep_in *epi, size_t len)
349 struct ccid *c = (struct ccid *)epi->priv;
352 epi->buf = c->sw1sw2;
355 epi->next_buf = no_buf;
363 EP1_IN_Callback (void)
365 struct ep_in *epi = &endpoint_in;
367 if (epi->buf == NULL)
373 usb_lld_tx_enable (epi->ep_num, 0); /* send ZLP */
378 size_t remain = USB_LL_BUF_SIZE;
382 if (epi->buf_len < remain)
384 usb_lld_txcpy (epi->buf, epi->ep_num, offset, epi->buf_len);
385 offset += epi->buf_len;
386 remain -= epi->buf_len;
387 tx_size += epi->buf_len;
388 epi->next_buf (epi, remain); /* Update epi->buf, cnt, buf_len */
392 usb_lld_txcpy (epi->buf, epi->ep_num, offset, remain);
395 epi->buf_len -= remain;
400 if (tx_size < USB_LL_BUF_SIZE)
402 usb_lld_tx_enable (epi->ep_num, tx_size);
407 static void notify_icc (struct ep_out *epo)
409 struct ccid *c = (struct ccid *)epo->priv;
412 eventflag_signal (&c->ccid_comm, EV_RX_DATA_READY);
415 static int end_icc_rx (struct ep_out *epo, size_t orig_len)
418 if (epo->cnt < sizeof (struct icc_header))
419 /* short packet, just ignore */
422 /* icc message with no abdata */
426 static int end_abdata (struct ep_out *epo, size_t orig_len)
428 struct ccid *c = (struct ccid *)epo->priv;
429 size_t len = epo->cnt;
431 if (orig_len == USB_LL_BUF_SIZE && len < c->icc_header.data_len)
432 /* more packet comes */
435 if (len != c->icc_header.data_len)
441 static int end_cmd_apdu_head (struct ep_out *epo, size_t orig_len)
443 struct ccid *c = (struct ccid *)epo->priv;
447 if (epo->cnt < 4 || epo->cnt != c->icc_header.data_len)
453 if ((c->state == APDU_STATE_COMMAND_CHAINING)
454 && (c->chained_cls_ins_p1_p2[0] != (c->a->cmd_apdu_head[0] & ~0x10)
455 || c->chained_cls_ins_p1_p2[1] != c->a->cmd_apdu_head[1]
456 || c->chained_cls_ins_p1_p2[2] != c->a->cmd_apdu_head[2]
457 || c->chained_cls_ins_p1_p2[3] != c->a->cmd_apdu_head[3]))
459 * Handling exceptional request.
461 * Host stops sending command APDU using command chaining,
462 * and start another command APDU.
464 * Discard old one, and start handling new one.
467 c->state = APDU_STATE_WAIT_COMMAND;
468 c->p = c->a->cmd_apdu_data;
469 c->len = MAX_CMD_APDU_DATA_SIZE;
474 c->a->expected_res_size = 0;
475 else if (epo->cnt == 5)
478 c->a->expected_res_size = c->a->cmd_apdu_head[4];
479 if (c->a->expected_res_size == 0)
480 c->a->expected_res_size = 256;
481 c->a->cmd_apdu_head[4] = 0;
484 c->a->cmd_apdu_data_len = 0;
489 static int end_nomore_data (struct ep_out *epo, size_t orig_len)
492 if (orig_len == USB_LL_BUF_SIZE)
499 static int end_cmd_apdu_data (struct ep_out *epo, size_t orig_len)
501 struct ccid *c = (struct ccid *)epo->priv;
502 size_t len = epo->cnt;
504 if (orig_len == USB_LL_BUF_SIZE
505 && CMD_APDU_HEAD_SIZE + len < c->icc_header.data_len)
506 /* more packet comes */
509 if (CMD_APDU_HEAD_SIZE + len != c->icc_header.data_len)
512 if (len == c->a->cmd_apdu_head[4])
514 c->a->expected_res_size = 0;
515 else if (len == (size_t)c->a->cmd_apdu_head[4] + 1)
518 c->a->expected_res_size = epo->buf[-1];
519 if (c->a->expected_res_size == 0)
520 c->a->expected_res_size = 256;
530 c->a->cmd_apdu_data_len += len;
535 static void nomore_data (struct ep_out *epo, size_t len)
539 epo->end_rx = end_nomore_data;
543 epo->next_buf = nomore_data;
546 #define INS_GET_RESPONSE 0xc0
548 static void icc_cmd_apdu_data (struct ep_out *epo, size_t len)
550 struct ccid *c = (struct ccid *)epo->priv;
553 if (c->state == APDU_STATE_RESULT_GET_RESPONSE
554 && c->a->cmd_apdu_head[1] != INS_GET_RESPONSE)
557 * Handling exceptional request.
559 * Host didn't finish receiving the whole response APDU by GET RESPONSE,
560 * but initiates another command.
563 c->state = APDU_STATE_WAIT_COMMAND;
564 c->p = c->a->cmd_apdu_data;
565 c->len = MAX_CMD_APDU_DATA_SIZE;
567 else if (c->state == APDU_STATE_COMMAND_CHAINING)
569 if (c->chained_cls_ins_p1_p2[0] != (c->a->cmd_apdu_head[0] & ~0x10)
570 || c->chained_cls_ins_p1_p2[1] != c->a->cmd_apdu_head[1]
571 || c->chained_cls_ins_p1_p2[2] != c->a->cmd_apdu_head[2]
572 || c->chained_cls_ins_p1_p2[3] != c->a->cmd_apdu_head[3])
574 * Handling exceptional request.
576 * Host stops sending command APDU using command chaining,
577 * and start another command APDU.
579 * Discard old one, and start handling new one.
582 c->state = APDU_STATE_WAIT_COMMAND;
583 c->p = c->a->cmd_apdu_data;
584 c->len = MAX_CMD_APDU_DATA_SIZE;
585 c->a->cmd_apdu_data_len = 0;
589 epo->end_rx = end_cmd_apdu_data;
591 epo->buf_len = c->len;
593 epo->next_buf = nomore_data;
596 static void icc_abdata (struct ep_out *epo, size_t len)
598 struct ccid *c = (struct ccid *)epo->priv;
601 c->a->seq = c->icc_header.seq;
602 if (c->icc_header.msg_type == ICC_XFR_BLOCK)
604 c->a->seq = c->icc_header.seq;
605 epo->end_rx = end_cmd_apdu_head;
606 epo->buf = c->a->cmd_apdu_head;
609 epo->next_buf = icc_cmd_apdu_data;
613 epo->end_rx = end_abdata;
615 epo->buf_len = c->len;
617 epo->next_buf = nomore_data;
623 icc_prepare_receive (struct ccid *c)
626 c->epo->buf = (uint8_t *)&c->icc_header;
627 c->epo->buf_len = sizeof (struct icc_header);
629 c->epo->next_buf = icc_abdata;
630 c->epo->end_rx = end_icc_rx;
631 usb_lld_rx_enable (c->epo->ep_num);
632 DEBUG_INFO ("Rx ready\r\n");
640 EP1_OUT_Callback (void)
642 struct ep_out *epo = &endpoint_out;
643 size_t len = usb_lld_rx_data_len (epo->ep_num);
646 size_t orig_len = len;
648 while (epo->err == 0)
651 else if (len <= epo->buf_len)
653 usb_lld_rxcpy (epo->buf, epo->ep_num, offset, len);
659 else /* len > buf_len */
661 usb_lld_rxcpy (epo->buf, epo->ep_num, offset, epo->buf_len);
663 offset += epo->buf_len;
664 epo->next_buf (epo, len); /* Update epo->buf, cnt, buf_len */
668 * ORIG_LEN to distingush ZLP and the end of transaction
669 * (ORIG_LEN != USB_LL_BUF_SIZE)
671 cont = epo->end_rx (epo, orig_len);
674 usb_lld_rx_enable (epo->ep_num);
680 extern void EP6_IN_Callback (void);
683 usb_cb_rx_ready (uint8_t ep_num)
688 else if (ep_num == ENDP5)
690 chopstx_mutex_lock (&stdout.m_dev);
691 usb_lld_rx_enable (ep_num);
692 chopstx_mutex_unlock (&stdout.m_dev);
698 usb_cb_tx_done (uint8_t ep_num)
702 else if (ep_num == ENDP2)
704 /* INTERRUPT Transfer done */
707 else if (ep_num == ENDP3)
709 chopstx_mutex_lock (&stdout.m_dev);
710 chopstx_cond_signal (&stdout.cond_dev);
711 chopstx_mutex_unlock (&stdout.m_dev);
714 #ifdef PINPAD_SUPPORT
715 else if (ep_num == ENDP6)
721 * ATR (Answer To Reset) string
723 * TS = 0x3b: Direct conversion
724 * T0 = 0xda: TA1, TC1 and TD1 follow, 10 historical bytes
725 * TA1 = 0x11: FI=1, DI=1
727 * TD1 = 0x81: TD2 follows, T=1
728 * TD2 = 0xb1: TA3, TB3 and TD3 follow, T=1
729 * TA3 = 0xFE: IFSC = 254 bytes
730 * TB3 = 0x55: BWI = 5, CWI = 5 (BWT timeout 3.2 sec)
731 * TD3 = 0x1f: TA4 follows, T=15
732 * TA4 = 0x03: 5V or 3.3V
733 * Historical bytes: to be explained...
736 * Minimum: 0x3b, 0x8a, 0x80, 0x01, + historical bytes, xor check
739 static const uint8_t ATR[] = {
740 0x3b, 0xda, 0x11, 0xff, 0x81, 0xb1, 0xfe, 0x55, 0x1f, 0x03,
742 0x31, 0x84, /* full DF name, GET DATA, MF */
744 0x80, /* DF full name */
746 0x80, /* Command chaining, No extended Lc and extended Le */
749 (0xda^0x11^0xff^0x81^0xb1^0xfe^0x55^0x1f^0x03
750 ^0x00^0x31^0x84^0x73^0x80^0x01^0x80^0x00^0x90^0x00)
756 static void icc_error (struct ccid *c, int offset)
758 uint8_t icc_reply[ICC_MSG_HEADER_SIZE];
760 icc_reply[0] = ICC_SLOT_STATUS_RET; /* Any value should be OK */
765 icc_reply[5] = 0x00; /* Slot */
766 icc_reply[ICC_MSG_SEQ_OFFSET] = c->icc_header.seq;
767 if (c->icc_state == ICC_STATE_NOCARD)
768 icc_reply[ICC_MSG_STATUS_OFFSET] = 2; /* 2: No ICC present */
769 else if (c->icc_state == ICC_STATE_START)
770 icc_reply[ICC_MSG_STATUS_OFFSET] = 1; /* 1: ICC present but not activated */
772 icc_reply[ICC_MSG_STATUS_OFFSET] = 0; /* An ICC is present and active */
773 icc_reply[ICC_MSG_STATUS_OFFSET] |= ICC_CMD_STATUS_ERROR; /* Failed */
774 icc_reply[ICC_MSG_ERROR_OFFSET] = offset;
775 icc_reply[ICC_MSG_CHAIN_OFFSET] = 0x00;
777 /* This is a single packet Bulk-IN transaction */
780 usb_lld_write (c->epi->ep_num, icc_reply, ICC_MSG_HEADER_SIZE);
783 extern void *openpgp_card_thread (void *arg);
785 extern uint8_t __process3_stack_base__, __process3_stack_size__;
786 const uint32_t __stackaddr_gpg = (uint32_t)&__process3_stack_base__;
787 const size_t __stacksize_gpg = (size_t)&__process3_stack_size__;
791 /* Send back ATR (Answer To Reset) */
792 static enum icc_state
793 icc_power_on (struct ccid *c)
795 size_t size_atr = sizeof (ATR);
796 uint8_t p[ICC_MSG_HEADER_SIZE];
798 if (c->application == 0)
799 c->application = chopstx_create (PRIO_GPG, __stackaddr_gpg,
800 __stacksize_gpg, openpgp_card_thread,
801 (void *)&c->ccid_comm);
803 p[0] = ICC_DATA_BLOCK_RET;
808 p[5] = 0x00; /* Slot */
809 p[ICC_MSG_SEQ_OFFSET] = c->icc_header.seq;
810 p[ICC_MSG_STATUS_OFFSET] = 0x00;
811 p[ICC_MSG_ERROR_OFFSET] = 0x00;
812 p[ICC_MSG_CHAIN_OFFSET] = 0x00;
814 usb_lld_txcpy (p, c->epi->ep_num, 0, ICC_MSG_HEADER_SIZE);
815 usb_lld_txcpy (ATR, c->epi->ep_num, ICC_MSG_HEADER_SIZE, size_atr);
817 /* This is a single packet Bulk-IN transaction */
820 usb_lld_tx_enable (c->epi->ep_num, ICC_MSG_HEADER_SIZE + size_atr);
821 DEBUG_INFO ("ON\r\n");
823 return ICC_STATE_WAIT;
827 icc_send_status (struct ccid *c)
829 uint8_t icc_reply[ICC_MSG_HEADER_SIZE];
831 icc_reply[0] = ICC_SLOT_STATUS_RET;
836 icc_reply[5] = 0x00; /* Slot */
837 icc_reply[ICC_MSG_SEQ_OFFSET] = c->icc_header.seq;
838 if (c->icc_state == ICC_STATE_NOCARD)
839 icc_reply[ICC_MSG_STATUS_OFFSET] = 2; /* 2: No ICC present */
840 else if (c->icc_state == ICC_STATE_START)
841 icc_reply[ICC_MSG_STATUS_OFFSET] = 1; /* 1: ICC present but not activated */
843 icc_reply[ICC_MSG_STATUS_OFFSET] = 0; /* An ICC is present and active */
844 icc_reply[ICC_MSG_ERROR_OFFSET] = 0x00;
845 icc_reply[ICC_MSG_CHAIN_OFFSET] = 0x00;
847 /* This is a single packet Bulk-IN transaction */
850 usb_lld_write (c->epi->ep_num, icc_reply, ICC_MSG_HEADER_SIZE);
852 led_blink (LED_SHOW_STATUS);
854 DEBUG_INFO ("St\r\n");
858 static enum icc_state
859 icc_power_off (struct ccid *c)
863 eventflag_signal (&c->openpgp_comm, EV_EXIT);
864 chopstx_join (c->application, NULL);
868 c->icc_state = ICC_STATE_START; /* This status change should be here */
870 DEBUG_INFO ("OFF\r\n");
871 return ICC_STATE_START;
875 icc_send_data_block_internal (struct ccid *c, uint8_t status, uint8_t error)
877 int tx_size = USB_LL_BUF_SIZE;
878 uint8_t p[ICC_MSG_HEADER_SIZE];
882 len = c->a->res_apdu_data_len + 2;
886 p[0] = ICC_DATA_BLOCK_RET;
888 p[2] = (len >> 8)& 0xFF;
889 p[3] = (len >> 16)& 0xFF;
890 p[4] = (len >> 24)& 0xFF;
891 p[5] = 0x00; /* Slot */
892 p[ICC_MSG_SEQ_OFFSET] = c->a->seq;
893 p[ICC_MSG_STATUS_OFFSET] = status;
894 p[ICC_MSG_ERROR_OFFSET] = error;
895 p[ICC_MSG_CHAIN_OFFSET] = 0;
897 usb_lld_txcpy (p, c->epi->ep_num, 0, ICC_MSG_HEADER_SIZE);
900 usb_lld_tx_enable (c->epi->ep_num, ICC_MSG_HEADER_SIZE);
904 if (ICC_MSG_HEADER_SIZE + len <= USB_LL_BUF_SIZE)
906 usb_lld_txcpy (c->a->res_apdu_data, c->epi->ep_num,
907 ICC_MSG_HEADER_SIZE, c->a->res_apdu_data_len);
908 usb_lld_txcpy (c->sw1sw2, c->epi->ep_num,
909 ICC_MSG_HEADER_SIZE + c->a->res_apdu_data_len, 2);
911 if (ICC_MSG_HEADER_SIZE + len < USB_LL_BUF_SIZE)
913 tx_size = ICC_MSG_HEADER_SIZE + len;
915 else if (ICC_MSG_HEADER_SIZE + len - 1 == USB_LL_BUF_SIZE)
917 usb_lld_txcpy (c->a->res_apdu_data, c->epi->ep_num,
918 ICC_MSG_HEADER_SIZE, c->a->res_apdu_data_len);
919 usb_lld_txcpy (c->sw1sw2, c->epi->ep_num,
920 ICC_MSG_HEADER_SIZE + c->a->res_apdu_data_len, 1);
921 c->epi->buf = &c->sw1sw2[1];
924 c->epi->next_buf = no_buf;
926 else if (ICC_MSG_HEADER_SIZE + len - 2 == USB_LL_BUF_SIZE)
928 usb_lld_txcpy (c->a->res_apdu_data, c->epi->ep_num,
929 ICC_MSG_HEADER_SIZE, c->a->res_apdu_data_len);
930 c->epi->buf = &c->sw1sw2[0];
933 c->epi->next_buf = no_buf;
937 usb_lld_txcpy (c->a->res_apdu_data, c->epi->ep_num, ICC_MSG_HEADER_SIZE,
938 USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE);
939 c->epi->buf = c->a->res_apdu_data + USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE;
940 c->epi->cnt = USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE;
941 c->epi->buf_len = c->a->res_apdu_data_len
942 - (USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE);
943 c->epi->next_buf = get_sw1sw2;
946 usb_lld_tx_enable (c->epi->ep_num, tx_size);
948 DEBUG_INFO ("DATA\r\n");
953 icc_send_data_block (struct ccid *c)
955 icc_send_data_block_internal (c, 0, 0);
959 icc_send_data_block_time_extension (struct ccid *c)
961 icc_send_data_block_internal (c, ICC_CMD_STATUS_TIMEEXT, 1);
965 icc_send_data_block_0x9000 (struct ccid *c)
967 uint8_t p[ICC_MSG_HEADER_SIZE+2];
970 p[0] = ICC_DATA_BLOCK_RET;
972 p[2] = (len >> 8)& 0xFF;
973 p[3] = (len >> 16)& 0xFF;
974 p[4] = (len >> 24)& 0xFF;
975 p[5] = 0x00; /* Slot */
976 p[ICC_MSG_SEQ_OFFSET] = c->a->seq;
977 p[ICC_MSG_STATUS_OFFSET] = 0;
978 p[ICC_MSG_ERROR_OFFSET] = 0;
979 p[ICC_MSG_CHAIN_OFFSET] = 0;
980 p[ICC_MSG_CHAIN_OFFSET+1] = 0x90;
981 p[ICC_MSG_CHAIN_OFFSET+2] = 0x00;
983 usb_lld_txcpy (p, c->epi->ep_num, 0, ICC_MSG_HEADER_SIZE + len);
987 usb_lld_tx_enable (c->epi->ep_num, ICC_MSG_HEADER_SIZE + len);
989 DEBUG_INFO ("DATA\r\n");
994 * Reply to the host for "GET RESPONSE".
997 icc_send_data_block_gr (struct ccid *c, size_t chunk_len)
999 int tx_size = USB_LL_BUF_SIZE;
1000 uint8_t p[ICC_MSG_HEADER_SIZE];
1001 size_t len = chunk_len + 2;
1003 p[0] = ICC_DATA_BLOCK_RET;
1005 p[2] = (len >> 8)& 0xFF;
1006 p[3] = (len >> 16)& 0xFF;
1007 p[4] = (len >> 24)& 0xFF;
1008 p[5] = 0x00; /* Slot */
1009 p[ICC_MSG_SEQ_OFFSET] = c->a->seq;
1010 p[ICC_MSG_STATUS_OFFSET] = 0;
1011 p[ICC_MSG_ERROR_OFFSET] = 0;
1012 p[ICC_MSG_CHAIN_OFFSET] = 0;
1014 usb_lld_txcpy (p, c->epi->ep_num, 0, ICC_MSG_HEADER_SIZE);
1016 set_sw1sw2 (c, chunk_len);
1018 if (chunk_len <= USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE)
1022 if (chunk_len <= USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE - 2)
1024 else if (chunk_len == USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE - 1)
1029 usb_lld_txcpy (c->p, c->epi->ep_num, ICC_MSG_HEADER_SIZE, chunk_len);
1031 usb_lld_txcpy (c->sw1sw2, c->epi->ep_num,
1032 ICC_MSG_HEADER_SIZE + chunk_len, size_for_sw);
1033 tx_size = ICC_MSG_HEADER_SIZE + chunk_len + size_for_sw;
1034 if (size_for_sw == 2)
1037 if (tx_size < USB_LL_BUF_SIZE)
1038 c->epi->tx_done = 1;
1039 /* Don't set epi->tx_done = 1, when it requires ZLP */
1043 c->epi->buf = c->sw1sw2 + size_for_sw;
1044 c->epi->cnt = size_for_sw;
1045 c->epi->buf_len = 2 - size_for_sw;
1046 c->epi->next_buf = no_buf;
1051 usb_lld_txcpy (c->p, c->epi->ep_num, ICC_MSG_HEADER_SIZE,
1052 USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE);
1053 c->epi->buf = c->p + USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE;
1055 c->epi->buf_len = chunk_len - (USB_LL_BUF_SIZE - ICC_MSG_HEADER_SIZE);
1056 c->epi->next_buf = get_sw1sw2;
1060 c->len -= chunk_len;
1061 usb_lld_tx_enable (c->epi->ep_num, tx_size);
1063 DEBUG_INFO ("DATA\r\n");
1069 icc_send_params (struct ccid *c)
1071 uint8_t p[ICC_MSG_HEADER_SIZE];
1072 const uint8_t params[] = {
1073 0x11, /* bmFindexDindex */
1074 0x11, /* bmTCCKST1 */
1075 0xFE, /* bGuardTimeT1 */
1076 0x55, /* bmWaitingIntegersT1 */
1077 0x03, /* bClockStop */
1082 p[0] = ICC_PARAMS_RET;
1083 p[1] = 0x07; /* Length = 0x00000007 */
1087 p[5] = 0x00; /* Slot */
1088 p[ICC_MSG_SEQ_OFFSET] = c->icc_header.seq;
1089 p[ICC_MSG_STATUS_OFFSET] = 0;
1090 p[ICC_MSG_ERROR_OFFSET] = 0;
1091 p[ICC_MSG_CHAIN_OFFSET] = 0x01; /* ProtocolNum: T=1 */
1093 usb_lld_txcpy (p, c->epi->ep_num, 0, ICC_MSG_HEADER_SIZE);
1094 usb_lld_txcpy (params, c->epi->ep_num, ICC_MSG_HEADER_SIZE, sizeof params);
1096 /* This is a single packet Bulk-IN transaction */
1098 c->epi->tx_done = 1;
1099 usb_lld_tx_enable (c->epi->ep_num, ICC_MSG_HEADER_SIZE + sizeof params);
1101 DEBUG_INFO ("PARAMS\r\n");
1106 static enum icc_state
1107 icc_handle_data (struct ccid *c)
1109 enum icc_state next_state = c->icc_state;
1114 icc_error (c, ICC_OFFSET_DATA_LEN);
1118 switch (c->icc_state)
1120 case ICC_STATE_NOCARD:
1121 if (c->icc_header.msg_type == ICC_SLOT_STATUS)
1122 icc_send_status (c);
1125 DEBUG_INFO ("ERR00\r\n");
1126 icc_error (c, ICC_OFFSET_CMD_NOT_SUPPORTED);
1129 case ICC_STATE_START:
1130 if (c->icc_header.msg_type == ICC_POWER_ON)
1133 next_state = icc_power_on (c);
1135 else if (c->icc_header.msg_type == ICC_POWER_OFF)
1138 next_state = icc_power_off (c);
1140 else if (c->icc_header.msg_type == ICC_SLOT_STATUS)
1141 icc_send_status (c);
1144 DEBUG_INFO ("ERR01\r\n");
1145 icc_error (c, ICC_OFFSET_CMD_NOT_SUPPORTED);
1148 case ICC_STATE_WAIT:
1149 if (c->icc_header.msg_type == ICC_POWER_ON)
1151 /* Not in the spec., but pcscd/libccid */
1153 next_state = icc_power_on (c);
1155 else if (c->icc_header.msg_type == ICC_POWER_OFF)
1158 next_state = icc_power_off (c);
1160 else if (c->icc_header.msg_type == ICC_SLOT_STATUS)
1161 icc_send_status (c);
1162 else if (c->icc_header.msg_type == ICC_XFR_BLOCK)
1164 if (c->icc_header.param == 0)
1166 if ((c->a->cmd_apdu_head[0] & 0x10) == 0)
1168 if (c->state == APDU_STATE_COMMAND_CHAINING)
1169 { /* command chaining finished */
1170 c->p += c->a->cmd_apdu_head[4];
1171 c->a->cmd_apdu_head[4] = 0;
1172 DEBUG_INFO ("CMD chaning finished.\r\n");
1175 if (c->a->cmd_apdu_head[1] == INS_GET_RESPONSE
1176 && c->state == APDU_STATE_RESULT_GET_RESPONSE)
1178 size_t len = c->a->expected_res_size;
1180 if (c->len <= c->a->expected_res_size)
1183 icc_send_data_block_gr (c, len);
1185 c->state = APDU_STATE_RESULT;
1186 c->icc_state = ICC_STATE_WAIT;
1187 DEBUG_INFO ("GET Response.\r\n");
1190 { /* Give this message to GPG thread */
1191 c->state = APDU_STATE_COMMAND_RECEIVED;
1194 c->a->res_apdu_data_len = 0;
1195 c->a->res_apdu_data = &icc_buffer[5];
1197 eventflag_signal (&c->openpgp_comm, EV_CMD_AVAILABLE);
1198 next_state = ICC_STATE_EXECUTE;
1203 if (c->state == APDU_STATE_WAIT_COMMAND)
1204 { /* command chaining is started */
1205 c->a->cmd_apdu_head[0] &= ~0x10;
1206 memcpy (c->chained_cls_ins_p1_p2, c->a->cmd_apdu_head, 4);
1207 c->state = APDU_STATE_COMMAND_CHAINING;
1210 c->p += c->a->cmd_apdu_head[4];
1211 c->len -= c->a->cmd_apdu_head[4];
1212 icc_send_data_block_0x9000 (c);
1213 DEBUG_INFO ("CMD chaning...\r\n");
1217 { /* ICC block chaining is not supported. */
1218 DEBUG_INFO ("ERR02\r\n");
1219 icc_error (c, ICC_OFFSET_PARAM);
1222 else if (c->icc_header.msg_type == ICC_SET_PARAMS
1223 || c->icc_header.msg_type == ICC_GET_PARAMS
1224 || c->icc_header.msg_type == ICC_RESET_PARAMS)
1225 icc_send_params (c);
1226 else if (c->icc_header.msg_type == ICC_SECURE)
1228 if (c->p != c->a->cmd_apdu_data)
1230 /* SECURE received in the middle of command chaining */
1232 icc_error (c, ICC_OFFSET_DATA_LEN);
1236 if (c->p[10-10] == 0x00) /* PIN verification */
1238 c->a->cmd_apdu_head[0] = c->p[25-10];
1239 c->a->cmd_apdu_head[1] = c->p[26-10];
1240 c->a->cmd_apdu_head[2] = c->p[27-10];
1241 c->a->cmd_apdu_head[3] = c->p[28-10];
1243 c->a->cmd_apdu_data[0] = 0; /* bConfirmPIN */
1244 c->a->cmd_apdu_data[1] = c->p[17-10]; /* bEntryValidationCondition */
1245 c->a->cmd_apdu_data[2] = c->p[18-10]; /* bNumberMessage */
1246 c->a->cmd_apdu_data[3] = c->p[19-10]; /* wLangId L */
1247 c->a->cmd_apdu_data[4] = c->p[20-10]; /* wLangId H */
1248 c->a->cmd_apdu_data[5] = c->p[21-10]; /* bMsgIndex */
1250 c->a->cmd_apdu_data_len = 6;
1251 c->a->expected_res_size = 0;
1254 c->a->res_apdu_data_len = 0;
1255 c->a->res_apdu_data = &c->p[5];
1257 eventflag_signal (&c->openpgp_comm, EV_VERIFY_CMD_AVAILABLE);
1258 next_state = ICC_STATE_EXECUTE;
1260 else if (c->p[10-10] == 0x01) /* PIN Modification */
1262 uint8_t num_msgs = c->p[21-10];
1264 if (num_msgs == 0x00)
1266 else if (num_msgs == 0xff)
1268 c->a->cmd_apdu_head[0] = c->p[27 + num_msgs-10];
1269 c->a->cmd_apdu_head[1] = c->p[28 + num_msgs-10];
1270 c->a->cmd_apdu_head[2] = c->p[29 + num_msgs-10];
1271 c->a->cmd_apdu_head[3] = c->p[30 + num_msgs-10];
1273 c->a->cmd_apdu_data[0] = c->p[19-10]; /* bConfirmPIN */
1274 c->a->cmd_apdu_data[1] = c->p[20-10]; /* bEntryValidationCondition */
1275 c->a->cmd_apdu_data[2] = c->p[21-10]; /* bNumberMessage */
1276 c->a->cmd_apdu_data[3] = c->p[22-10]; /* wLangId L */
1277 c->a->cmd_apdu_data[4] = c->p[23-10]; /* wLangId H */
1278 c->a->cmd_apdu_data[5] = c->p[24-10]; /* bMsgIndex, bMsgIndex1 */
1280 c->a->cmd_apdu_data[6] = c->p[25-10]; /* bMsgIndex2 */
1282 c->a->cmd_apdu_data[7] = c->p[26-10]; /* bMsgIndex3 */
1284 c->a->cmd_apdu_data_len = 5 + num_msgs;
1285 c->a->expected_res_size = 0;
1288 c->a->res_apdu_data_len = 0;
1289 c->a->res_apdu_data = &icc_buffer[5];
1291 eventflag_signal (&c->openpgp_comm, EV_MODIFY_CMD_AVAILABLE);
1292 next_state = ICC_STATE_EXECUTE;
1295 icc_error (c, ICC_MSG_DATA_OFFSET);
1299 DEBUG_INFO ("ERR03\r\n");
1300 DEBUG_BYTE (c->icc_header.msg_type);
1301 icc_error (c, ICC_OFFSET_CMD_NOT_SUPPORTED);
1304 case ICC_STATE_EXECUTE:
1305 if (c->icc_header.msg_type == ICC_POWER_OFF)
1306 next_state = icc_power_off (c);
1307 else if (c->icc_header.msg_type == ICC_SLOT_STATUS)
1308 icc_send_status (c);
1311 DEBUG_INFO ("ERR04\r\n");
1312 DEBUG_BYTE (c->icc_header.msg_type);
1313 icc_error (c, ICC_OFFSET_CMD_NOT_SUPPORTED);
1317 next_state = ICC_STATE_START;
1318 DEBUG_INFO ("ERR10\r\n");
1325 static enum icc_state
1326 icc_handle_timeout (struct ccid *c)
1328 enum icc_state next_state = c->icc_state;
1330 switch (c->icc_state)
1332 case ICC_STATE_EXECUTE:
1333 icc_send_data_block_time_extension (c);
1334 led_blink (LED_ONESHOT);
1343 static struct ccid ccid;
1344 enum icc_state *icc_state_p = &ccid.icc_state;
1347 ccid_card_change_signal (int how)
1349 struct ccid *c = &ccid;
1351 if (how == CARD_CHANGE_TOGGLE
1352 || (c->icc_state == ICC_STATE_NOCARD && how == CARD_CHANGE_INSERT)
1353 || (c->icc_state != ICC_STATE_NOCARD && how == CARD_CHANGE_REMOVE))
1354 eventflag_signal (&c->ccid_comm, EV_CARD_CHANGE);
1358 ccid_usb_reset (void)
1360 struct ccid *c = &ccid;
1361 eventflag_signal (&c->ccid_comm, EV_USB_RESET);
1365 #define USB_ICC_TIMEOUT (1950*1000)
1367 #define GPG_THREAD_TERMINATED 0xffff
1369 #define NOTIFY_SLOT_CHANGE 0x50
1371 #define INTR_REQ_USB 20
1374 ccid_thread (void *arg)
1376 chopstx_intr_t interrupt;
1378 struct ep_in *epi = &endpoint_in;
1379 struct ep_out *epo = &endpoint_out;
1380 struct ccid *c = &ccid;
1381 struct apdu *a = &apdu;
1384 usb_lld_init (USB_INITIAL_FEATURE);
1385 chopstx_claim_irq (&interrupt, INTR_REQ_USB);
1386 usb_interrupt_handler ();
1389 epi_init (epi, ENDP1, notify_tx, c);
1390 epo_init (epo, ENDP1, notify_icc, c);
1392 ccid_init (c, epi, epo, a);
1394 icc_prepare_receive (c);
1398 uint32_t timeout = USB_ICC_TIMEOUT;
1399 chopstx_poll_cond_t poll_desc;
1401 eventflag_set_poll_desc (&c->ccid_comm, &poll_desc);
1402 chopstx_poll (&timeout, 2, &interrupt, &poll_desc);
1403 if (interrupt.ready)
1404 usb_interrupt_handler ();
1406 if (poll_desc.ready)
1407 m = eventflag_wait (&c->ccid_comm);
1409 if (m == EV_USB_RESET)
1413 chopstx_cancel (c->application);
1414 chopstx_join (c->application, NULL);
1419 else if (m == EV_CARD_CHANGE)
1423 int_msg[0] = NOTIFY_SLOT_CHANGE;
1424 if (c->icc_state == ICC_STATE_NOCARD)
1426 c->icc_state = ICC_STATE_START;
1433 eventflag_signal (&c->openpgp_comm, EV_EXIT);
1434 chopstx_join (c->application, NULL);
1438 c->icc_state = ICC_STATE_NOCARD;
1442 usb_lld_write (ENDP2, int_msg, sizeof int_msg);
1443 led_blink (LED_TWOSHOTS);
1445 else if (m == EV_RX_DATA_READY)
1446 c->icc_state = icc_handle_data (c);
1447 else if (m == EV_EXEC_FINISHED)
1448 if (c->icc_state == ICC_STATE_EXECUTE)
1450 if (c->a->sw == GPG_THREAD_TERMINATED)
1452 c->sw1sw2[0] = 0x90;
1453 c->sw1sw2[1] = 0x00;
1454 c->state = APDU_STATE_RESULT;
1455 icc_send_data_block (c);
1456 c->icc_state = ICC_STATE_EXITED;
1460 c->a->cmd_apdu_data_len = 0;
1461 c->sw1sw2[0] = c->a->sw >> 8;
1462 c->sw1sw2[1] = c->a->sw & 0xff;
1464 if (c->a->res_apdu_data_len <= c->a->expected_res_size)
1466 c->state = APDU_STATE_RESULT;
1467 icc_send_data_block (c);
1468 c->icc_state = ICC_STATE_WAIT;
1472 c->state = APDU_STATE_RESULT_GET_RESPONSE;
1473 c->p = c->a->res_apdu_data;
1474 c->len = c->a->res_apdu_data_len;
1475 icc_send_data_block_gr (c, c->a->expected_res_size);
1476 c->icc_state = ICC_STATE_WAIT;
1481 DEBUG_INFO ("ERR07\r\n");
1483 else if (m == EV_TX_FINISHED)
1485 if (c->state == APDU_STATE_RESULT)
1487 c->state = APDU_STATE_WAIT_COMMAND;
1488 c->p = c->a->cmd_apdu_data;
1489 c->len = MAX_CMD_APDU_DATA_SIZE;
1491 c->a->cmd_apdu_data_len = 0;
1492 c->a->expected_res_size = 0;
1495 if (c->state == APDU_STATE_WAIT_COMMAND
1496 || c->state == APDU_STATE_COMMAND_CHAINING
1497 || c->state == APDU_STATE_RESULT_GET_RESPONSE)
1498 icc_prepare_receive (c);
1501 c->icc_state = icc_handle_timeout (c);
1506 chopstx_join (c->application, NULL);
1518 chopstx_mutex_init (&stdout.m);
1519 chopstx_mutex_init (&stdout.m_dev);
1520 chopstx_cond_init (&stdout.cond_dev);
1521 stdout.connected = 0;
1525 _write (const char *s, int len)
1532 chopstx_mutex_lock (&stdout.m);
1534 chopstx_mutex_lock (&stdout.m_dev);
1535 if (!stdout.connected)
1536 chopstx_cond_wait (&stdout.cond_dev, &stdout.m_dev);
1537 chopstx_mutex_unlock (&stdout.m_dev);
1542 (len < VIRTUAL_COM_PORT_DATA_SIZE) ? len : VIRTUAL_COM_PORT_DATA_SIZE;
1544 chopstx_mutex_lock (&stdout.m_dev);
1545 usb_lld_write (ENDP3, s, packet_len);
1546 chopstx_cond_wait (&stdout.cond_dev, &stdout.m_dev);
1547 chopstx_mutex_unlock (&stdout.m_dev);
1552 /* Send a Zero-Length-Packet if the last packet is full size. */
1553 while (len != 0 || packet_len == VIRTUAL_COM_PORT_DATA_SIZE);
1555 chopstx_mutex_unlock (&stdout.m);
1560 _write (const char *s, int size)
projects / gnuk / gnuk.git / blob