From 429c6f3d8b7e24b39c3b85170aa3cc5ef66a9e7e Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 17 May 2012 12:15:24 +0900 Subject: [PATCH] fileid change/cleanup --- ChangeLog | 13 +++++++++++++ src/flash.c | 34 ++++++++++++++++------------------ src/gnuk.h | 5 ++--- src/openpgp.c | 27 ++++++++++++++------------- tool/gnuk_put_binary.py | 12 ++++++------ tool/gnuk_put_binary_libusb.py | 18 +++--------------- 6 files changed, 54 insertions(+), 55 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7038335..e23f92f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,16 @@ +2012-05-16 Niibe Yutaka + + * tool/gnuk_put_binary.py (main): Fix fileid. + * tool/gnuk_put_binary_libusb.py: Ditto. + + * src/openpgp.c (FILE_EF_RANDOM): Remove. + (cmd_update_binary, cmds): ifdef CERTDO_SUPPORT. + (cmd_write_binary): Fix fileid. + + * src/flash.c (flash_check_blank): Always enable. + (flash_erase_binary): ifdef CERTDO_SUPPORT. + (flash_write_binary): Call flash_check_blank. + 2012-05-15 Niibe Yutaka * Version 0.18. diff --git a/src/flash.c b/src/flash.c index be47955..f6322c1 100644 --- a/src/flash.c +++ b/src/flash.c @@ -579,25 +579,23 @@ flash_cnt123_clear (const uint8_t **addr_p) } -#if defined(CERTDO_SUPPORT) static int -flash_check_blank (const uint8_t *page, int size) +flash_check_blank (const uint8_t *p_start, int size) { const uint8_t *p; - for (p = page; p < page + size; p++) + for (p = p_start; p < p_start + size; p++) if (*p != 0xff) return 0; return 1; } -#endif +#if defined(CERTDO_SUPPORT) #define FLASH_CH_CERTIFICATE_SIZE 2048 int flash_erase_binary (uint8_t file_id) { -#if defined(CERTDO_SUPPORT) if (file_id == FILEID_CH_CERTIFICATE) { const uint8_t *p = &ch_certificate_start; @@ -611,12 +609,10 @@ flash_erase_binary (uint8_t file_id) return 0; } - else -#else - (void)file_id; -#endif - return -1; + + return -1; } +#endif int @@ -626,19 +622,18 @@ flash_write_binary (uint8_t file_id, const uint8_t *data, uint16_t maxsize; const uint8_t *p; -#if defined(CERTDO_SUPPORT) - if (file_id == FILEID_CH_CERTIFICATE) - { - maxsize = FLASH_CH_CERTIFICATE_SIZE; - p = &ch_certificate_start; - } - else -#endif if (file_id == FILEID_SERIAL_NO) { maxsize = 6; p = &openpgpcard_aid[8]; } +#if defined(CERTDO_SUPPORT) + else if (file_id == FILEID_CH_CERTIFICATE) + { + maxsize = FLASH_CH_CERTIFICATE_SIZE; + p = &ch_certificate_start; + } +#endif else return -1; @@ -650,6 +645,9 @@ flash_write_binary (uint8_t file_id, const uint8_t *data, uint32_t addr; int i; + if (flash_check_blank (p, len) == 0) + return -1; + addr = (uint32_t)p + offset; for (i = 0; i < len/2; i++) { diff --git a/src/gnuk.h b/src/gnuk.h index f5a2f43..1eb923f 100644 --- a/src/gnuk.h +++ b/src/gnuk.h @@ -137,9 +137,8 @@ extern void flash_clear_halfword (uint32_t addr); extern void flash_increment_counter (uint8_t counter_tag_nr); extern void flash_reset_counter (uint8_t counter_tag_nr); -#define FILEID_CH_CERTIFICATE 0 -#define FILEID_RANDOM 1 -#define FILEID_SERIAL_NO 2 +#define FILEID_SERIAL_NO 0 +#define FILEID_CH_CERTIFICATE 1 extern int flash_erase_binary (uint8_t file_id); extern int flash_write_binary (uint8_t file_id, const uint8_t *data, uint16_t len, uint16_t offset); diff --git a/src/openpgp.c b/src/openpgp.c index eec46ee..88c92fc 100644 --- a/src/openpgp.c +++ b/src/openpgp.c @@ -78,7 +78,6 @@ set_res_sw (uint8_t sw1, uint8_t sw2) #define FILE_EF_DIR 3 #define FILE_EF_SERIAL 4 #define FILE_EF_CH_CERTIFICATE 5 -#define FILE_EF_RANDOM 6 static uint8_t file_selection; @@ -701,6 +700,7 @@ cmd_internal_authenticate (void) } +#if defined(CERTDO_SUPPORT) static void cmd_update_binary (void) { @@ -718,10 +718,10 @@ cmd_update_binary (void) } if ((P1 (apdu) & 0x80)) - if ((P1 (apdu) & 0x7f) <= FILEID_RANDOM) + if ((P1 (apdu) & 0x7f) == FILEID_CH_CERTIFICATE) { - file_selection = FILE_EF_CH_CERTIFICATE + (P1 (apdu) & 0x7f); - r = flash_erase_binary (file_selection - FILE_EF_CH_CERTIFICATE); + file_selection = FILE_EF_CH_CERTIFICATE; + r = flash_erase_binary (FILEID_CH_CERTIFICATE); if (r < 0) { DEBUG_INFO ("memory error.\r\n"); @@ -738,8 +738,7 @@ cmd_update_binary (void) } else { - if (file_selection != FILE_EF_CH_CERTIFICATE - && file_selection != FILE_EF_RANDOM) + if (file_selection != FILE_EF_CH_CERTIFICATE) { GPG_COMMAND_NOT_ALLOWED (); return; @@ -751,7 +750,7 @@ cmd_update_binary (void) DEBUG_SHORT (len); DEBUG_SHORT (offset); - r = flash_write_binary (file_selection - FILE_EF_CH_CERTIFICATE, + r = flash_write_binary (FILEID_CH_CERTIFICATE, apdu.cmd_apdu_data, len, offset); if (r < 0) { @@ -763,6 +762,7 @@ cmd_update_binary (void) GPG_SUCCESS (); DEBUG_INFO ("UPDATE BINARY done.\r\n"); } +#endif static void @@ -782,9 +782,9 @@ cmd_write_binary (void) } if ((P1 (apdu) & 0x80)) - if ((P1 (apdu) & 0x7f) <= FILEID_SERIAL_NO) + if ((P1 (apdu) & 0x7f) <= FILEID_CH_CERTIFICATE) { - file_selection = FILE_EF_CH_CERTIFICATE + (P1 (apdu) & 0x7f); + file_selection = FILE_EF_SERIAL + (P1 (apdu) & 0x7f); offset = 0; } else @@ -794,9 +794,8 @@ cmd_write_binary (void) } else { - if (file_selection != FILE_EF_CH_CERTIFICATE - && file_selection != FILE_EF_RANDOM - && file_selection != FILE_EF_SERIAL) + if (file_selection != FILE_EF_SERIAL + && file_selection != FILE_EF_CH_CERTIFICATE) { GPG_COMMAND_NOT_ALLOWED (); return; @@ -808,7 +807,7 @@ cmd_write_binary (void) DEBUG_SHORT (len); DEBUG_SHORT (offset); - r = flash_write_binary (file_selection - FILE_EF_CH_CERTIFICATE, + r = flash_write_binary (file_selection - FILE_EF_SERIAL, apdu.cmd_apdu_data, len, offset); if (r < 0) { @@ -839,7 +838,9 @@ const struct command cmds[] = { { INS_READ_BINARY, cmd_read_binary }, { INS_GET_DATA, cmd_get_data }, { INS_WRITE_BINARY, cmd_write_binary}, /* Not in OpenPGP card protocol */ +#if defined(CERTDO_SUPPORT) { INS_UPDATE_BINARY, cmd_update_binary }, /* Not in OpenPGP card protocol */ +#endif { INS_PUT_DATA, cmd_put_data }, { INS_PUT_DATA_ODD, cmd_put_data }, }; diff --git a/tool/gnuk_put_binary.py b/tool/gnuk_put_binary.py index c4b66f6..217d818 100755 --- a/tool/gnuk_put_binary.py +++ b/tool/gnuk_put_binary.py @@ -125,16 +125,16 @@ def main(fileid, is_update, data, passwd): gnuk.cmd_verify(BY_ADMIN, passwd) gnuk.cmd_write_binary(fileid, data, is_update) if fileid == 0: - gnuk.cmd_select_openpgp() - data_in_device = gnuk.cmd_get_data(0x7f, 0x21) - compare(data[:-2], data_in_device) - elif fileid == 2: gnuk.cmd_select_openpgp() data_in_device = gnuk.cmd_get_data(0x00, 0x4f) for d in data_in_device: print "%02x" % d, print compare(data, data_in_device[8:]) + elif fileid == 1: + gnuk.cmd_select_openpgp() + data_in_device = gnuk.cmd_get_data(0x7f, 0x21) + compare(data[:-2], data_in_device) gnuk.connection.disconnect() return 0 @@ -152,7 +152,7 @@ if __name__ == '__main__': else: is_update = False if sys.argv[1] == '-s': - fileid = 2 # serial number + fileid = 0 # serial number filename = sys.argv[2] f = open(filename) email = os.environ['EMAIL'] @@ -168,7 +168,7 @@ if __name__ == '__main__': print "Writing serial number" data = binascii.unhexlify(serial_data_hex) else: - fileid = 0 # Card holder certificate + fileid = 1 # Card holder certificate filename = sys.argv[1] f = open(filename) data = f.read() diff --git a/tool/gnuk_put_binary_libusb.py b/tool/gnuk_put_binary_libusb.py index ae47ba9..98069c8 100755 --- a/tool/gnuk_put_binary_libusb.py +++ b/tool/gnuk_put_binary_libusb.py @@ -241,7 +241,7 @@ def main(fileid, is_update, data): else: icc.cmd_write_binary(fileid, data) icc.cmd_select_openpgp() - if fileid == 0: + if fileid == 1: data = data[:-2] data_in_device = icc.cmd_get_data(0x7f, 0x21) compare(data, data_in_device) @@ -255,7 +255,7 @@ if __name__ == '__main__': else: is_update = False if sys.argv[1] == '-s': - fileid = 2 # serial number + fileid = 0 # serial number filename = sys.argv[2] f = open(filename) email = os.environ['EMAIL'] @@ -270,20 +270,8 @@ if __name__ == '__main__': exit(1) print "Writing serial number" data = binascii.unhexlify(serial_data_hex) - elif sys.argv[1] == '-r': - fileid = 1 # Random number bits - if len(sys.argv) == 3: - filename = sys.argv[2] - f = open(filename) - else: - filename = stdin - f = sys.stdin - data = f.read() - f.close() - print "%s: %d" % (filename, len(data)) - print "Updating random bits" else: - fileid = 0 # Card holder certificate + fileid = 1 # Card holder certificate filename = sys.argv[1] f = open(filename) data = f.read()