CertDO bug fixes
authorNIIBE Yutaka <gniibe@fsij.org>
Mon, 4 Jun 2012 09:13:35 +0000 (18:13 +0900)
committerNIIBE Yutaka <gniibe@fsij.org>
Mon, 4 Jun 2012 09:13:35 +0000 (18:13 +0900)
ChangeLog
src/flash.c
src/gnuk.h
tool/gnuk_put_binary_libusb.py

index 5043cfa..3147a15 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
 2012-06-04  Niibe Yutaka  <gniibe@fsij.org>
 
+       Card holder certificate data object bug fixes.
+       * tool/gnuk_put_binary_libusb.py (gnuk_token.cmd_get_response):
+       Handle larger data such as card holder certificate.
+       * src/flash.c (flash_write_binary): Bug fix.  Call
+       flash_check_blank with p + offset.
+       * src/gnuk.h (FLASH_CH_CERTIFICATE_SIZE): Define here (was: flash.c).
+
        Implement CRC32 check for firmware update.
        * src/usb_ctrl.c (download_check_crc32): New.
        * regnual/regnual.c (calc_crc32): New.
index b12fcfb..f9aa02c 100644 (file)
@@ -476,7 +476,6 @@ flash_cnt123_clear (const uint8_t **addr_p)
 
 
 #if defined(CERTDO_SUPPORT)
-#define FLASH_CH_CERTIFICATE_SIZE 2048
 int
 flash_erase_binary (uint8_t file_id)
 {
@@ -534,7 +533,7 @@ flash_write_binary (uint8_t file_id, const uint8_t *data,
       uint32_t addr;
       int i;
 
-      if (flash_check_blank (p, len)  == 0)
+      if (flash_check_blank (p + offset, len)  == 0)
        return -1;
 
       addr = (uint32_t)p + offset;
index 0220595..1488bd0 100644 (file)
@@ -149,6 +149,8 @@ extern void flash_reset_counter (uint8_t counter_tag_nr);
 extern int flash_erase_binary (uint8_t file_id);
 extern int flash_write_binary (uint8_t file_id, const uint8_t *data, uint16_t len, uint16_t offset);
 
+#define FLASH_CH_CERTIFICATE_SIZE 2048
+
 /* Linker set these two symbols */
 extern uint8_t ch_certificate_start;
 extern uint8_t random_bits_start;
index 86de1e4..6115ca7 100755 (executable)
@@ -150,9 +150,18 @@ class gnuk_token:
             raise ValueError, "icc_send_cmd"
 
     def cmd_get_response(self, expected_len):
-        cmd_data = iso7816_compose(0xc0, 0x00, 0x00, '') + pack('>B', expected_len)
-        response = self.icc_send_cmd(cmd_data)
-        return response[:-2]
+        result = []
+        while True:
+            cmd_data = iso7816_compose(0xc0, 0x00, 0x00, '') + pack('>B', expected_len)
+            response = self.icc_send_cmd(cmd_data)
+            result += response[:-2]
+            sw = response[-2:]
+            if sw[0] == 0x90 and sw[1] == 0x00:
+                return result
+            elif sw[0] != 0x61:
+                raise ValueError, ("%02x%02x" % (sw[0], sw[1]))
+            else:
+                expected_len = sw[1]
 
     def cmd_verify(self, who, passwd):
         cmd_data = iso7816_compose(0x20, 0x00, 0x80+who, passwd)
@@ -188,7 +197,7 @@ class gnuk_token:
                     cmd_data1 = None
                 else:
                     cmd_data0 = iso7816_compose(0xd0, count, 0x00, data[256*count:256*count+128], 0x10)
-                    cmd_data1 = iso7816_compose(0xd0, count, 0x00, data[256*count:256*(count+1)])
+                    cmd_data1 = iso7816_compose(0xd0, count, 0x00, data[256*count+128:256*(count+1)])
             sw = self.icc_send_cmd(cmd_data0)
             if len(sw) != 2:
                 raise ValueError, "cmd_write_binary 0"
@@ -219,18 +228,18 @@ class gnuk_token:
                     cmd_data1 = None
                 else:
                     cmd_data0 = iso7816_compose(0xd6, count, 0x00, data[256*count:256*count+128], 0x10)
-                    cmd_data1 = iso7816_compose(0xd6, count, 0x00, data[256*count:256*(count+1)])
+                    cmd_data1 = iso7816_compose(0xd6, count, 0x00, data[256*count+128:256*(count+1)])
             sw = self.icc_send_cmd(cmd_data0)
             if len(sw) != 2:
-                raise ValueError, "cmd_write_binary 0"
+                raise ValueError, "cmd_update_binary 0"
             if not (sw[0] == 0x90 and sw[1] == 0x00):
-                raise ValueError, "cmd_write_binary 0"
+                raise ValueError, "cmd_update_binary 0"
             if cmd_data1:
                 sw = self.icc_send_cmd(cmd_data1)
                 if len(sw) != 2:
-                    raise ValueError, "cmd_write_binary 1"
+                    raise ValueError, "cmd_update_binary 1"
                 if not (sw[0] == 0x90 and sw[1] == 0x00):
-                    raise ValueError, "cmd_write_binary 1"
+                    raise ValueError, "cmd_update_binary 1"
             count += 1
 
     def cmd_select_openpgp(self):