diff --git a/ChangeLog b/ChangeLog index 3b8f425..21aa2ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2017-10-02 NIIBE Yutaka + * src/openpgp.c, src/flash.c: Distinguish FLASH_UPGRADE_SUPPORT. + * src/main.c [GNU_LINUX_EMULATION]: Use emulated_main. (MEMORY_SIZE, MEMORY_END): Fix for GNU/Linux. diff --git a/src/flash.c b/src/flash.c index 255a94b..2586dc4 100644 --- a/src/flash.c +++ b/src/flash.c @@ -694,6 +694,7 @@ flash_write_binary (uint8_t file_id, const uint8_t *data, maxsize = 6; p = &openpgpcard_aid[8]; } +#ifdef FLASH_UPGRADE_SUPPORT else if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3) { maxsize = FIRMWARE_UPDATE_KEY_CONTENT_LEN; @@ -705,6 +706,7 @@ flash_write_binary (uint8_t file_id, const uint8_t *data, return 0; } } +#endif #if defined(CERTDO_SUPPORT) else if (file_id == FILEID_CH_CERTIFICATE) { diff --git a/src/openpgp.c b/src/openpgp.c index a59b751..9ffd76b 100644 --- a/src/openpgp.c +++ b/src/openpgp.c @@ -648,6 +648,7 @@ cmd_pgp_gakp (void) } } +#ifdef FLASH_UPGRADE_SUPPORT const uint8_t * gpg_get_firmware_update_key (uint8_t keyno) { @@ -657,6 +658,7 @@ gpg_get_firmware_update_key (uint8_t keyno) p = &_updatekey_store + keyno * FIRMWARE_UPDATE_KEY_CONTENT_LEN; return p; } +#endif #ifdef CERTDO_SUPPORT #define FILEID_CH_CERTIFICATE_IS_VALID 1 @@ -669,7 +671,6 @@ cmd_read_binary (void) { int is_short_EF = (P1 (apdu) & 0x80) != 0; uint8_t file_id; - const uint8_t *p; uint16_t offset; DEBUG_INFO (" - Read binary\r\n"); @@ -679,13 +680,6 @@ cmd_read_binary (void) else file_id = file_selection - FILE_EF_SERIAL_NO + FILEID_SERIAL_NO; - if ((!FILEID_CH_CERTIFICATE_IS_VALID && file_id == FILEID_CH_CERTIFICATE) - || file_id > FILEID_CH_CERTIFICATE) - { - GPG_NO_FILE (); - return; - } - if (is_short_EF) { file_selection = file_id - FILEID_SERIAL_NO + FILE_EF_SERIAL_NO; @@ -705,22 +699,26 @@ cmd_read_binary (void) } return; } - - if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3) +#ifdef FLASH_UPGRADE_SUPPORT + else if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3) { if (offset != 0) GPG_MEMORY_FAILURE (); else { + const uint8_t *p; + p = gpg_get_firmware_update_key (file_id - FILEID_UPDATE_KEY_0); res_APDU_size = FIRMWARE_UPDATE_KEY_CONTENT_LEN; memcpy (res_APDU, p, FIRMWARE_UPDATE_KEY_CONTENT_LEN); GPG_SUCCESS (); } } +#endif #if defined(CERTDO_SUPPORT) - else /* file_id == FILEID_CH_CERTIFICATE */ + else if (file_id == FILEID_CH_CERTIFICATE) { + const uint8_t *p; uint16_t len = 256; p = &ch_certificate_start; @@ -737,6 +735,11 @@ cmd_read_binary (void) } } #endif + else + { + GPG_NO_FILE (); + return; + } } static void @@ -1200,6 +1203,7 @@ modify_binary (uint8_t op, uint8_t p1, uint8_t p2, int len) return; } +#ifdef FLASH_UPGRADE_SUPPORT if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3 && len == 0 && offset == 0) { @@ -1219,6 +1223,7 @@ modify_binary (uint8_t op, uint8_t p1, uint8_t p2, int len) flash_erase_page ((uintptr_t)p); } } +#endif GPG_SUCCESS (); } @@ -1248,6 +1253,7 @@ cmd_write_binary (void) } +#ifdef FLASH_UPGRADE_SUPPORT static void cmd_external_authenticate (void) { @@ -1289,6 +1295,7 @@ cmd_external_authenticate (void) set_res_sw (0xff, 0xff); DEBUG_INFO ("EXTERNAL AUTHENTICATE done.\r\n"); } +#endif static void cmd_get_challenge (void) @@ -1395,8 +1402,10 @@ const struct command cmds[] = { { INS_ACTIVATE_FILE, cmd_activate_file }, #endif { INS_PGP_GENERATE_ASYMMETRIC_KEY_PAIR, cmd_pgp_gakp }, +#ifdef FLASH_UPGRADE_SUPPORT { INS_EXTERNAL_AUTHENTICATE, /* Not in OpenPGP card protocol */ cmd_external_authenticate }, +#endif { INS_GET_CHALLENGE, cmd_get_challenge }, /* Not in OpenPGP card protocol */ { INS_INTERNAL_AUTHENTICATE, cmd_internal_authenticate }, { INS_SELECT_FILE, cmd_select_file },